[libvirt] [PATCH 5/5] qemu: Properly label and create evdev on input device hotplug

Tuesday, 21 November 2017

Utilize all the newly introduced function to create the evdev node
and label it on hotplug and destroy it on hotunplug.

This was forgotten in commits bc9ffaf and 67486bb.

https://bugzilla.redhat.com/show_bug.cgi?id=1509866
---
 src/qemu/qemu_hotplug.c | 40 +++++++++++++++++++++++++++++++++++++---
 1 file changed, 37 insertions(+), 3 deletions(-)

diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c
index 72a57d89e..fe69d42e8 100644
--- a/src/qemu/qemu_hotplug.c
+++ b/src/qemu/qemu_hotplug.c
@@ -2746,7 +2746,11 @@ qemuDomainAttachInputDevice(virQEMUDriverPtr driver,
     qemuDomainObjPrivatePtr priv = vm->privateData;
     virDomainDeviceDef dev = { VIR_DOMAIN_DEVICE_INPUT,
                                { .input = input } };
+    virErrorPtr originalError = NULL;
     bool releaseaddr = false;
+    bool teardowndevice = false;
+    bool teardownlabel = false;
+    bool teardowncgroup = false;
 
     if (input->bus != VIR_DOMAIN_INPUT_BUS_USB &&
         input->bus != VIR_DOMAIN_INPUT_BUS_VIRTIO) {
@@ -2773,6 +2777,18 @@ qemuDomainAttachInputDevice(virQEMUDriverPtr driver,
     if (qemuBuildInputDevStr(&devstr, vm->def, input, priv->qemuCaps) < 0)
         goto cleanup;
 
+    if (qemuDomainNamespaceSetupInput(vm, input) < 0)
+        goto cleanup;
+    teardowndevice = true;
+
+    if (qemuSetupInputCgroup(vm, input) < 0)
+        goto cleanup;
+    teardowncgroup = true;
+
+    if (qemuSecuritySetInputLabel(vm, input) < 0)
+        goto cleanup;
+    teardownlabel = true;
+
     if (VIR_REALLOC_N(vm->def->inputs, vm->def->ninputs + 1) < 0)
         goto cleanup;
 
@@ -2788,14 +2804,23 @@ qemuDomainAttachInputDevice(virQEMUDriverPtr driver,
     VIR_APPEND_ELEMENT_COPY_INPLACE(vm->def->inputs, vm->def->ninputs,
input);
 
     ret = 0;
-    releaseaddr = false;
 
  audit:
     virDomainAuditInput(vm, input, "attach", ret == 0);
 
  cleanup:
-    if (releaseaddr)
-        qemuDomainReleaseDeviceAddress(vm, &input->info, NULL);
+    if (ret < 0) {
+        virErrorPreserveLast(&originalError);
+        if (teardownlabel)
+            qemuSecurityRestoreInputLabel(vm, input);
+        if (teardowncgroup)
+            qemuTeardownInputCgroup(vm, input);
+        if (teardowndevice)
+            qemuDomainNamespaceTeardownInput(vm, input);
+        if (releaseaddr)
+            qemuDomainReleaseDeviceAddress(vm, &input->info, NULL);
+        virErrorRestore(&originalError);
+    }
 
     VIR_FREE(devstr);
     return ret;
@@ -4283,6 +4308,15 @@ qemuDomainRemoveInputDevice(virDomainObjPtr vm,
             break;
     }
     qemuDomainReleaseDeviceAddress(vm, &dev->info, NULL);
+    if (qemuSecurityRestoreInputLabel(vm, dev) < 0)
+        VIR_WARN("Unable to restore security label on input device");
+
+    if (qemuTeardownInputCgroup(vm, dev) < 0)
+        VIR_WARN("Unable to remove input device cgroup ACL");
+
+    if (qemuDomainNamespaceTeardownInput(vm, dev) < 0)
+        VIR_WARN("Unable to remove input device from /dev");
+
     virDomainInputDefFree(vm->def->inputs[i]);
     VIR_DELETE_ELEMENT(vm->def->inputs, i, vm->def->ninputs);
     return 0;
-- 
2.13.6


    

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

[libvirt] [PATCH 5/5] qemu: Properly label and create evdev on input device hotplug