From f29612fd353db074a0b963ed53ef9c29c562bb36 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=A1n=20Tomko?= <jtomko@redhat.com>
Date: Tue, 21 Nov 2017 13:33:07 +0100
Subject: [PATCH] qemu: Introduce functions for input device cgroup
 manipulation

Export qemuSetupInputCgroup and introduce qemuTeardownInputCgroup
for hotunplug.
---
 src/qemu/qemu_cgroup.c | 25 ++++++++++++++++++++++++-
 src/qemu/qemu_cgroup.h |  4 ++++
 2 files changed, 28 insertions(+), 1 deletion(-)

diff --git a/src/qemu/qemu_cgroup.c b/src/qemu/qemu_cgroup.c
index 0f75e22f98..19252ea239 100644
--- a/src/qemu/qemu_cgroup.c
+++ b/src/qemu/qemu_cgroup.c
@@ -246,7 +246,7 @@ qemuSetupTPMCgroup(virDomainObjPtr vm)
 }
 
 
-static int
+int
 qemuSetupInputCgroup(virDomainObjPtr vm,
                      virDomainInputDefPtr dev)
 {
@@ -269,6 +269,29 @@ qemuSetupInputCgroup(virDomainObjPtr vm,
 }
 
 
+int
+qemuTeardownInputCgroup(virDomainObjPtr vm,
+                        virDomainInputDefPtr dev)
+{
+    qemuDomainObjPrivatePtr priv = vm->privateData;
+    int ret = 0;
+
+    if (!virCgroupHasController(priv->cgroup, VIR_CGROUP_CONTROLLER_DEVICES))
+        return 0;
+
+    switch (dev->type) {
+    case VIR_DOMAIN_INPUT_TYPE_PASSTHROUGH:
+        VIR_DEBUG("Process path '%s' for input device", dev->source.evdev);
+        ret = virCgroupDenyDevicePath(priv->cgroup, dev->source.evdev,
+                                      VIR_CGROUP_DEVICE_RWM, false);
+        virDomainAuditCgroupPath(vm, priv->cgroup, "deny", dev->source.evdev, "rwm", ret == 0);
+        break;
+    }
+
+    return ret;
+}
+
+
 int
 qemuSetupHostdevCgroup(virDomainObjPtr vm,
                        virDomainHostdevDefPtr dev)
diff --git a/src/qemu/qemu_cgroup.h b/src/qemu/qemu_cgroup.h
index 3fc1583612..3b8ff6055d 100644
--- a/src/qemu/qemu_cgroup.h
+++ b/src/qemu/qemu_cgroup.h
@@ -37,6 +37,10 @@ int qemuSetupDiskCgroup(virDomainObjPtr vm,
                         virDomainDiskDefPtr disk);
 int qemuTeardownDiskCgroup(virDomainObjPtr vm,
                            virDomainDiskDefPtr disk);
+int qemuSetupInputCgroup(virDomainObjPtr vm,
+                         virDomainInputDefPtr dev);
+int qemuTeardownInputCgroup(virDomainObjPtr vm,
+                            virDomainInputDefPtr dev);
 int qemuSetupHostdevCgroup(virDomainObjPtr vm,
                            virDomainHostdevDefPtr dev)
    ATTRIBUTE_RETURN_CHECK;
-- 
GitLab