On 11/30/2012 01:26 PM, Daniel P. Berrange wrote: s/assinging/assigning/ Missing documentation in an appropriate docs/*.html.in. I haven't checked if you add it later in the series, or completely forgot. But at least you added tests. I see where you added <hostdev mode='capabilities' type='storage'> but not where you added <hostdev mode='capabilities' type='misc'>. Did you mean to have a <choice>storage|misc</choice> for the type attribute in hostdevcapsstorage? Are you also missing 'misc' handling in this section of C code? I see places where it appears, but it seems incomplete (maybe I missed something, though). s/cndoing/encoding/ Why the added ';'... ...especially when it's already optional? For example, here you do handle both types. -- -- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org

On Fri, Dec 14, 2012 at 06:37:41PM +0800, Osier Yang wrote: Correct, but the caller gets that value from the XML which may result in NULL being passed So this check is correct. Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|

Yep, that was what I complained about in v1. You are deleting an anchor name; this will invalidate any URLs that were previously pointing to that name. Not necessarily the end of the world; such URLs will still be to the right page, just wrong area of the page. Oops, you used the anchor name #elementsHostDevSubsys twice. How did that validate? I think you want this anchor to be #elementsHostDevCapabilities s/characgter/character/ No choice for hostdevcapsmisc yet... ...which makes this <define> unused. I don't know if that was intentional, or just an accidental omission, but trust that you'll get it sorted out before the end of the series. How did this validate? Shouldn't it be type='misc'? ACK with those issues fixed. -- Eric Blake eblake(a)redhat.com +1-919-301-3266 Libvirt virtualization library http://libvirt.org

From: "Daniel P. Berrange" <berrange(a)redhat.com&gt; The code for creating veth/macvlan devices is part of the LXC process startup code. Refactor this a little and export the methods to the rest of the LXC driver. This allows them to be reused for NIC hotplug code Signed-off-by: Daniel P. Berrange <berrange(a)redhat.com&gt; --- src/lxc/lxc_process.c | 102 +++++++++++++++++++++----------------------------- src/lxc/lxc_process.h | 8 ++++ 2 files changed, 50 insertions(+), 60 deletions(-) diff --git a/src/lxc/lxc_process.c b/src/lxc/lxc_process.c index 8b9d02f..72e1be3 100644 --- a/src/lxc/lxc_process.c +++ b/src/lxc/lxc_process.c @@ -293,14 +293,12 @@ static void virLXCProcessCleanup(virLXCDriverPtr driver, } -static int virLXCProcessSetupInterfaceBridged(virConnectPtr conn, - virDomainDefPtr vm, - virDomainNetDefPtr net, - const char *brname, - unsigned int *nveths, - char ***veths) +char *virLXCProcessSetupInterfaceBridged(virConnectPtr conn, + virDomainDefPtr vm, + virDomainNetDefPtr net, + const char *brname) { - int ret = -1; + char *ret = NULL; char *parentVeth; char *containerVeth = NULL; const virNetDevVPortProfilePtr vport = virDomainNetGetActualVirtPortProfile(net); @@ -314,24 +312,17 @@ static int virLXCProcessSetupInterfaceBridged(virConnectPtr conn, if (net->ifname == NULL) net->ifname = parentVeth; - if (VIR_REALLOC_N(*veths, (*nveths)+1) < 0) { - virReportOOMError(); - VIR_FREE(containerVeth); - goto cleanup; - } - (*veths)[(*nveths)] = containerVeth; - (*nveths)++; - if (virNetDevSetMAC(containerVeth, &net->mac) < 0) goto cleanup; - if (vport && vport->virtPortType == VIR_NETDEV_VPORT_PROFILE_OPENVSWITCH) - ret = virNetDevOpenvswitchAddPort(brname, parentVeth, &net->mac, - vm->uuid, vport, virDomainNetGetActualVlan(net)); - else - ret = virNetDevBridgeAddPort(brname, parentVeth); - if (ret < 0) - goto cleanup; + if (vport && vport->virtPortType == VIR_NETDEV_VPORT_PROFILE_OPENVSWITCH) { + if (virNetDevOpenvswitchAddPort(brname, parentVeth, &net->mac, + vm->uuid, vport, virDomainNetGetActualVlan(net)) < 0) + goto cleanup; + } else { + if (virNetDevBridgeAddPort(brname, parentVeth) < 0) + goto cleanup; + } if (virNetDevSetOnline(parentVeth, true) < 0) goto cleanup; @@ -348,20 +339,18 @@ static int virLXCProcessSetupInterfaceBridged(virConnectPtr conn, virDomainConfNWFilterInstantiate(conn, vm->uuid, net) < 0) goto cleanup; - ret = 0; + ret = containerVeth; cleanup: return ret; } -static int virLXCProcessSetupInterfaceDirect(virConnectPtr conn, - virDomainDefPtr def, - virDomainNetDefPtr net, - unsigned int *nveths, - char ***veths) +char *virLXCProcessSetupInterfaceDirect(virConnectPtr conn, + virDomainDefPtr def, + virDomainNetDefPtr net) { - int ret = -1; + char *ret = NULL; char *res_ifname = NULL; virLXCDriverPtr driver = conn->privateData; virNetDevBandwidthPtr bw; @@ -376,7 +365,7 @@ static int virLXCProcessSetupInterfaceDirect(virConnectPtr conn, if (bw) { virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", _("Unable to set network bandwidth on direct interfaces")); - return -1; + return NULL; } /* XXX how todo port profiles ? @@ -390,15 +379,9 @@ static int virLXCProcessSetupInterfaceDirect(virConnectPtr conn, if (prof) { virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", _("Unable to set port profile on direct interfaces")); - return -1; + return NULL; } - if (VIR_REALLOC_N(*veths, (*nveths)+1) < 0) { - virReportOOMError(); - return -1; - } - (*veths)[(*nveths)] = NULL; - if (virNetDevMacVLanCreateWithVPortProfile( net->ifname, &net->mac, virDomainNetGetActualDirectDev(net), @@ -411,10 +394,7 @@ static int virLXCProcessSetupInterfaceDirect(virConnectPtr conn, virDomainNetGetActualBandwidth(net)) < 0) goto cleanup; - (*veths)[(*nveths)] = res_ifname; - (*nveths)++; - - ret = 0; + ret = res_ifname; cleanup: return ret; @@ -436,13 +416,14 @@ cleanup: */ static int virLXCProcessSetupInterfaces(virConnectPtr conn, virDomainDefPtr def, - unsigned int *nveths, + size_t *nveths, char ***veths) { int ret = -1; size_t i; for (i = 0 ; i < def->nnets ; i++) { + char *veth = NULL; /* If appropriate, grab a physical device from the configured * network's pool of devices, or resolve bridge device name * to the one defined in the network definition. @@ -450,6 +431,11 @@ static int virLXCProcessSetupInterfaces(virConnectPtr conn, if (networkAllocateActualDevice(def->nets[i]) < 0) goto cleanup; + if (VIR_EXPAND_N(*veths, *nveths, 1) < 0) { + virReportOOMError(); + goto cleanup; + } + switch (virDomainNetGetActualType(def->nets[i])) { case VIR_DOMAIN_NET_TYPE_NETWORK: { virNetworkPtr network; @@ -486,12 +472,10 @@ static int virLXCProcessSetupInterfaces(virConnectPtr conn, if (fail) goto cleanup; - if (virLXCProcessSetupInterfaceBridged(conn, - def, - def->nets[i], - brname, - nveths, - veths) < 0) { + if (!(veth = virLXCProcessSetupInterfaceBridged(conn, + def, + def->nets[i], + brname))) { VIR_FREE(brname); goto cleanup; } @@ -505,21 +489,17 @@ static int virLXCProcessSetupInterfaces(virConnectPtr conn, _("No bridge name specified")); goto cleanup; } - if (virLXCProcessSetupInterfaceBridged(conn, - def, - def->nets[i], - brname, - nveths, - veths) < 0) + if (!(veth = virLXCProcessSetupInterfaceBridged(conn, + def, + def->nets[i], + brname))) goto cleanup; } break; case VIR_DOMAIN_NET_TYPE_DIRECT: - if (virLXCProcessSetupInterfaceDirect(conn, - def, - def->nets[i], - nveths, - veths) < 0) + if (!(veth = virLXCProcessSetupInterfaceDirect(conn, + def, + def->nets[i]))) goto cleanup; break; @@ -537,6 +517,8 @@ static int virLXCProcessSetupInterfaces(virConnectPtr conn, )); goto cleanup; } + + (*veths)[(*nveths)-1] = veth; } ret = 0; @@ -918,7 +900,7 @@ int virLXCProcessStart(virConnectPtr conn, size_t i; char *logfile = NULL; int logfd = -1; - unsigned int nveths = 0; + size_t nveths = 0; char **veths = NULL; int handshakefds[2] = { -1, -1 }; off_t pos = -1; diff --git a/src/lxc/lxc_process.h b/src/lxc/lxc_process.h index bac2c6c..779cc5f 100644 --- a/src/lxc/lxc_process.h +++ b/src/lxc/lxc_process.h @@ -47,4 +47,12 @@ void virLXCProcessAutostartAll(virLXCDriverPtr driver); int virLXCProcessReconnectAll(virLXCDriverPtr driver, virDomainObjListPtr doms); +char *virLXCProcessSetupInterfaceBridged(virConnectPtr conn, + virDomainDefPtr vm, + virDomainNetDefPtr net, + const char *brname); +char *virLXCProcessSetupInterfaceDirect(virConnectPtr conn, + virDomainDefPtr def, + virDomainNetDefPtr net); + #endif /* __LXC_PROCESS_H__ */ -- 1.8.0.1

From: "Daniel P. Berrange" <berrange(a)redhat.com&gt; The virSecurityManager{Set,Restore}AllLabel methods are invoked at domain startup/shutdown to relabel resources associated with a domain. This works fine with QEMU, but with LXC they are in fact both currently no-ops since LXC does not support disks, hostdevs, or kernel/initrd files. Worse, when LXC gains support for disks/hostdevs, they will do the wrong thing, since they run in host context, not container context. Thus this patch turns then into a formal no-op when used with LXC. The LXC controller will call out to specific security manager labelling APIs as required during startup. Signed-off-by: Daniel P. Berrange <berrange(a)redhat.com&gt; --- src/security/security_selinux.c | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c index 5409e32..ddf3da3 100644 --- a/src/security/security_selinux.c +++ b/src/security/security_selinux.c @@ -61,6 +61,7 @@ struct _virSecuritySELinuxData { char *file_context; char *content_context; virHashTablePtr mcs; + bool skipAllLabel; }; struct _virSecuritySELinuxCallbackData { @@ -363,6 +364,8 @@ virSecuritySELinuxLXCInitialize(virSecurityManagerPtr mgr) virConfPtr selinux_conf; virSecuritySELinuxDataPtr data = virSecurityManagerGetPrivateData(mgr); + data->skipAllLabel = true; + selinux_conf = virConfReadFile(selinux_lxc_contexts_path(), 0); if (!selinux_conf) { virReportSystemError(errno, @@ -438,6 +441,8 @@ virSecuritySELinuxQEMUInitialize(virSecurityManagerPtr mgr) char *ptr; virSecuritySELinuxDataPtr data = virSecurityManagerGetPrivateData(mgr); + data->skipAllLabel = false; + if (virFileReadAll(selinux_virtual_domain_context_path(), MAX_CONTEXT, &(data->domain_context)) < 0) { virReportSystemError(errno, _("cannot read SELinux virtual domain context file '%s'"), @@ -1438,11 +1443,12 @@ virSecuritySELinuxRestoreSecuritySmartcardCallback(virDomainDefPtr def, static int -virSecuritySELinuxRestoreSecurityAllLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED, +virSecuritySELinuxRestoreSecurityAllLabel(virSecurityManagerPtr mgr, virDomainDefPtr def, int migrated ATTRIBUTE_UNUSED) { virSecurityLabelDefPtr secdef; + virSecuritySELinuxDataPtr data = virSecurityManagerGetPrivateData(mgr); int i; int rc = 0; @@ -1452,7 +1458,7 @@ virSecuritySELinuxRestoreSecurityAllLabel(virSecurityManagerPtr mgr ATTRIBUTE_UN if (secdef == NULL) return -1; - if (secdef->norelabel) + if (secdef->norelabel || data->skipAllLabel) return 0; for (i = 0 ; i < def->nhostdevs ; i++) { @@ -1810,7 +1816,7 @@ virSecuritySELinuxSetSecurityAllLabel(virSecurityManagerPtr mgr, if (secdef == NULL) return -1; - if (secdef->norelabel) + if (secdef->norelabel || data->skipAllLabel) return 0; for (i = 0 ; i < def->ndisks ; i++) { -- 1.8.0.1

From: "Daniel P. Berrange" <berrange(a)redhat.com&gt; When LXC labels USB devices during hotplug, it is running in host context, so it needs to pass in a vroot path to the container root. Signed-off-by: Daniel P. Berrange <berrange(a)redhat.com&gt; --- src/qemu/qemu_cgroup.c | 3 ++- src/qemu/qemu_hostdev.c | 11 +++++++---- src/qemu/qemu_hotplug.c | 11 ++++++----- src/security/security_apparmor.c | 10 ++++++---- src/security/security_dac.c | 20 +++++++++++++------- src/security/security_driver.h | 6 ++++-- src/security/security_manager.c | 10 ++++++---- src/security/security_manager.h | 6 ++++-- src/security/security_nop.c | 6 ++++-- src/security/security_selinux.c | 20 +++++++++++++------- src/security/security_stack.c | 16 ++++++++++++---- src/util/hostusb.c | 17 +++++++++++++---- src/util/hostusb.h | 6 +++++- 13 files changed, 95 insertions(+), 47 deletions(-) diff --git a/src/qemu/qemu_cgroup.c b/src/qemu/qemu_cgroup.c index 30cd1d6..084d89d 100644 --- a/src/qemu/qemu_cgroup.c +++ b/src/qemu/qemu_cgroup.c @@ -290,7 +290,8 @@ int qemuSetupCgroup(virQEMUDriverPtr driver, continue; if ((usb = usbGetDevice(hostdev->source.subsys.u.usb.bus, - hostdev->source.subsys.u.usb.device)) == NULL) + hostdev->source.subsys.u.usb.device, + NULL)) == NULL) goto cleanup; if (usbDeviceFileIterate(usb, qemuSetupHostUsbDeviceCgroup, diff --git a/src/qemu/qemu_hostdev.c b/src/qemu/qemu_hostdev.c index ab0f173..6d706a6 100644 --- a/src/qemu/qemu_hostdev.c +++ b/src/qemu/qemu_hostdev.c @@ -179,7 +179,8 @@ qemuUpdateActiveUsbHostdevs(virQEMUDriverPtr driver, continue; usb = usbGetDevice(hostdev->source.subsys.u.usb.bus, - hostdev->source.subsys.u.usb.device); + hostdev->source.subsys.u.usb.device, + NULL); if (!usb) { VIR_WARN("Unable to reattach USB device %03d.%03d on domain %s", hostdev->source.subsys.u.usb.bus, @@ -657,6 +658,7 @@ qemuFindHostdevUSBDevice(virDomainHostdevDefPtr hostdev, if (vendor && bus) { rc = usbFindDevice(vendor, product, bus, device, + NULL, autoAddress ? false : mandatory, usb); if (rc < 0) { @@ -677,7 +679,7 @@ qemuFindHostdevUSBDevice(virDomainHostdevDefPtr hostdev, if (vendor) { usbDeviceList *devs; - rc = usbFindDeviceByVendor(vendor, product, mandatory, &devs); + rc = usbFindDeviceByVendor(vendor, product, NULL, mandatory, &devs); if (rc < 0) return -1; @@ -717,7 +719,7 @@ qemuFindHostdevUSBDevice(virDomainHostdevDefPtr hostdev, bus, device); } } else if (!vendor && bus) { - if (usbFindDeviceByBus(bus, device, mandatory, usb) < 0) + if (usbFindDeviceByBus(bus, device, NULL, mandatory, usb) < 0) return -1; } @@ -936,7 +938,8 @@ qemuDomainReAttachHostUsbDevices(virQEMUDriverPtr driver, continue; usb = usbGetDevice(hostdev->source.subsys.u.usb.bus, - hostdev->source.subsys.u.usb.device); + hostdev->source.subsys.u.usb.device, + NULL); if (!usb) { VIR_WARN("Unable to reattach USB device %03d.%03d on domain %s", diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c index cfeae68..36022e4 100644 --- a/src/qemu/qemu_hotplug.c +++ b/src/qemu/qemu_hotplug.c @@ -1105,7 +1105,8 @@ int qemuDomainAttachHostUsbDevice(virQEMUDriverPtr driver, } if ((usb = usbGetDevice(hostdev->source.subsys.u.usb.bus, - hostdev->source.subsys.u.usb.device)) == NULL) + hostdev->source.subsys.u.usb.device, + NULL)) == NULL) goto error; data.vm = vm; @@ -1173,7 +1174,7 @@ int qemuDomainAttachHostDevice(virQEMUDriverPtr driver, } if (virSecurityManagerSetHostdevLabel(driver->securityManager, - vm->def, hostdev) < 0) + vm->def, hostdev, NULL) < 0) goto cleanup; switch (hostdev->source.subsys.type) { @@ -1201,7 +1202,7 @@ int qemuDomainAttachHostDevice(virQEMUDriverPtr driver, error: if (virSecurityManagerRestoreHostdevLabel(driver->securityManager, - vm->def, hostdev) < 0) + vm->def, hostdev, NULL) < 0) VIR_WARN("Unable to restore host device labelling on hotplug fail"); cleanup: @@ -2337,7 +2338,7 @@ qemuDomainDetachHostUsbDevice(virQEMUDriverPtr driver, if (ret < 0) return -1; - usb = usbGetDevice(subsys->u.usb.bus, subsys->u.usb.device); + usb = usbGetDevice(subsys->u.usb.bus, subsys->u.usb.device, NULL); if (usb) { usbDeviceListDel(driver->activeUsbHostdevs, usb); usbFreeDevice(usb); @@ -2388,7 +2389,7 @@ int qemuDomainDetachThisHostDevice(virQEMUDriverPtr driver, if (!ret) { if (virSecurityManagerRestoreHostdevLabel(driver->securityManager, - vm->def, detach) < 0) { + vm->def, detach, NULL) < 0) { VIR_WARN("Failed to restore host device labelling"); } virDomainHostdevRemove(vm->def, idx); diff --git a/src/security/security_apparmor.c b/src/security/security_apparmor.c index b0cdb65..f57b81f 100644 --- a/src/security/security_apparmor.c +++ b/src/security/security_apparmor.c @@ -742,8 +742,8 @@ AppArmorReserveSecurityLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED, static int AppArmorSetSecurityHostdevLabel(virSecurityManagerPtr mgr, virDomainDefPtr def, - virDomainHostdevDefPtr dev) - + virDomainHostdevDefPtr dev, + const char *vroot) { struct SDPDOP *ptr; int ret = -1; @@ -770,7 +770,8 @@ AppArmorSetSecurityHostdevLabel(virSecurityManagerPtr mgr, switch (dev->source.subsys.type) { case VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_USB: { usbDevice *usb = usbGetDevice(dev->source.subsys.u.usb.bus, - dev->source.subsys.u.usb.device); + dev->source.subsys.u.usb.device, + vroot); if (!usb) goto done; @@ -808,7 +809,8 @@ done: static int AppArmorRestoreSecurityHostdevLabel(virSecurityManagerPtr mgr, virDomainDefPtr def, - virDomainHostdevDefPtr dev ATTRIBUTE_UNUSED) + virDomainHostdevDefPtr dev ATTRIBUTE_UNUSED, + const char *vroot ATTRIBUTE_UNUSED) { const virSecurityLabelDefPtr secdef = diff --git a/src/security/security_dac.c b/src/security/security_dac.c index b07c132..2861725 100644 --- a/src/security/security_dac.c +++ b/src/security/security_dac.c @@ -474,7 +474,8 @@ virSecurityDACSetSecurityUSBLabel(usbDevice *dev ATTRIBUTE_UNUSED, static int virSecurityDACSetSecurityHostdevLabel(virSecurityManagerPtr mgr, virDomainDefPtr def, - virDomainHostdevDefPtr dev) + virDomainHostdevDefPtr dev, + const char *vroot) { void *params[] = {mgr, def}; virSecurityDACDataPtr priv = virSecurityManagerGetPrivateData(mgr); @@ -494,7 +495,8 @@ virSecurityDACSetSecurityHostdevLabel(virSecurityManagerPtr mgr, return 0; usb = usbGetDevice(dev->source.subsys.u.usb.bus, - dev->source.subsys.u.usb.device); + dev->source.subsys.u.usb.device, + vroot); if (!usb) goto done; @@ -550,8 +552,9 @@ virSecurityDACRestoreSecurityUSBLabel(usbDevice *dev ATTRIBUTE_UNUSED, static int virSecurityDACRestoreSecurityHostdevLabel(virSecurityManagerPtr mgr, - virDomainDefPtr def ATTRIBUTE_UNUSED, - virDomainHostdevDefPtr dev) + virDomainDefPtr def ATTRIBUTE_UNUSED, + virDomainHostdevDefPtr dev, + const char *vroot) { virSecurityDACDataPtr priv = virSecurityManagerGetPrivateData(mgr); @@ -571,7 +574,8 @@ virSecurityDACRestoreSecurityHostdevLabel(virSecurityManagerPtr mgr, return 0; usb = usbGetDevice(dev->source.subsys.u.usb.bus, - dev->source.subsys.u.usb.device); + dev->source.subsys.u.usb.device, + vroot); if (!usb) goto done; @@ -728,7 +732,8 @@ virSecurityDACRestoreSecurityAllLabel(virSecurityManagerPtr mgr, for (i = 0 ; i < def->nhostdevs ; i++) { if (virSecurityDACRestoreSecurityHostdevLabel(mgr, def, - def->hostdevs[i]) < 0) + def->hostdevs[i], + NULL) < 0) rc = -1; } for (i = 0 ; i < def->ndisks ; i++) { @@ -793,7 +798,8 @@ virSecurityDACSetSecurityAllLabel(virSecurityManagerPtr mgr, for (i = 0 ; i < def->nhostdevs ; i++) { if (virSecurityDACSetSecurityHostdevLabel(mgr, def, - def->hostdevs[i]) < 0) + def->hostdevs[i], + NULL) < 0) return -1; } diff --git a/src/security/security_driver.h b/src/security/security_driver.h index d49b401..d4ddb45 100644 --- a/src/security/security_driver.h +++ b/src/security/security_driver.h @@ -61,10 +61,12 @@ typedef int (*virSecurityDomainSetImageLabel) (virSecurityManagerPtr mgr, virDomainDiskDefPtr disk); typedef int (*virSecurityDomainRestoreHostdevLabel) (virSecurityManagerPtr mgr, virDomainDefPtr def, - virDomainHostdevDefPtr dev); + virDomainHostdevDefPtr dev, + const char *vroot); typedef int (*virSecurityDomainSetHostdevLabel) (virSecurityManagerPtr mgr, virDomainDefPtr def, - virDomainHostdevDefPtr dev); + virDomainHostdevDefPtr dev, + const char *vroot); typedef int (*virSecurityDomainSetSavedStateLabel) (virSecurityManagerPtr mgr, virDomainDefPtr def, const char *savefile); diff --git a/src/security/security_manager.c b/src/security/security_manager.c index 0ebd53b..567f86c 100644 --- a/src/security/security_manager.c +++ b/src/security/security_manager.c @@ -275,10 +275,11 @@ int virSecurityManagerSetImageLabel(virSecurityManagerPtr mgr, int virSecurityManagerRestoreHostdevLabel(virSecurityManagerPtr mgr, virDomainDefPtr vm, - virDomainHostdevDefPtr dev) + virDomainHostdevDefPtr dev, + const char *vroot) { if (mgr->drv->domainRestoreSecurityHostdevLabel) - return mgr->drv->domainRestoreSecurityHostdevLabel(mgr, vm, dev); + return mgr->drv->domainRestoreSecurityHostdevLabel(mgr, vm, dev, vroot); virReportError(VIR_ERR_NO_SUPPORT, __FUNCTION__); return -1; @@ -286,10 +287,11 @@ int virSecurityManagerRestoreHostdevLabel(virSecurityManagerPtr mgr, int virSecurityManagerSetHostdevLabel(virSecurityManagerPtr mgr, virDomainDefPtr vm, - virDomainHostdevDefPtr dev) + virDomainHostdevDefPtr dev, + const char *vroot) { if (mgr->drv->domainSetSecurityHostdevLabel) - return mgr->drv->domainSetSecurityHostdevLabel(mgr, vm, dev); + return mgr->drv->domainSetSecurityHostdevLabel(mgr, vm, dev, vroot); virReportError(VIR_ERR_NO_SUPPORT, __FUNCTION__); return -1; diff --git a/src/security/security_manager.h b/src/security/security_manager.h index 1fdaf8e..e49cce7 100644 --- a/src/security/security_manager.h +++ b/src/security/security_manager.h @@ -71,10 +71,12 @@ int virSecurityManagerSetImageLabel(virSecurityManagerPtr mgr, virDomainDiskDefPtr disk); int virSecurityManagerRestoreHostdevLabel(virSecurityManagerPtr mgr, virDomainDefPtr def, - virDomainHostdevDefPtr dev); + virDomainHostdevDefPtr dev, + const char *vroot); int virSecurityManagerSetHostdevLabel(virSecurityManagerPtr mgr, virDomainDefPtr def, - virDomainHostdevDefPtr dev); + virDomainHostdevDefPtr dev, + const char *vroot); int virSecurityManagerSetSavedStateLabel(virSecurityManagerPtr mgr, virDomainDefPtr def, const char *savefile); diff --git a/src/security/security_nop.c b/src/security/security_nop.c index 5f3270a..7bc8bba 100644 --- a/src/security/security_nop.c +++ b/src/security/security_nop.c @@ -84,14 +84,16 @@ static int virSecurityDomainSetImageLabelNop(virSecurityManagerPtr mgr ATTRIBUTE static int virSecurityDomainRestoreHostdevLabelNop(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED, virDomainDefPtr vm ATTRIBUTE_UNUSED, - virDomainHostdevDefPtr dev ATTRIBUTE_UNUSED) + virDomainHostdevDefPtr dev ATTRIBUTE_UNUSED, + const char *vroot ATTRIBUTE_UNUSED) { return 0; } static int virSecurityDomainSetHostdevLabelNop(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED, virDomainDefPtr vm ATTRIBUTE_UNUSED, - virDomainHostdevDefPtr dev ATTRIBUTE_UNUSED) + virDomainHostdevDefPtr dev ATTRIBUTE_UNUSED, + const char *vroot ATTRIBUTE_UNUSED) { return 0; } diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c index ddf3da3..9070ff9 100644 --- a/src/security/security_selinux.c +++ b/src/security/security_selinux.c @@ -1121,7 +1121,8 @@ virSecuritySELinuxSetSecurityUSBLabel(usbDevice *dev ATTRIBUTE_UNUSED, static int virSecuritySELinuxSetSecurityHostdevLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED, virDomainDefPtr def, - virDomainHostdevDefPtr dev) + virDomainHostdevDefPtr dev, + const char *vroot) { virSecurityLabelDefPtr secdef; @@ -1145,7 +1146,8 @@ virSecuritySELinuxSetSecurityHostdevLabel(virSecurityManagerPtr mgr ATTRIBUTE_UN return 0; usb = usbGetDevice(dev->source.subsys.u.usb.bus, - dev->source.subsys.u.usb.device); + dev->source.subsys.u.usb.device, + vroot); if (!usb) goto done; @@ -1198,7 +1200,8 @@ virSecuritySELinuxRestoreSecurityUSBLabel(usbDevice *dev ATTRIBUTE_UNUSED, static int virSecuritySELinuxRestoreSecurityHostdevLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED, virDomainDefPtr def, - virDomainHostdevDefPtr dev) + virDomainHostdevDefPtr dev, + const char *vroot) { virSecurityLabelDefPtr secdef; @@ -1222,7 +1225,8 @@ virSecuritySELinuxRestoreSecurityHostdevLabel(virSecurityManagerPtr mgr ATTRIBUT return 0; usb = usbGetDevice(dev->source.subsys.u.usb.bus, - dev->source.subsys.u.usb.device); + dev->source.subsys.u.usb.device, + vroot); if (!usb) goto done; @@ -1464,7 +1468,8 @@ virSecuritySELinuxRestoreSecurityAllLabel(virSecurityManagerPtr mgr, for (i = 0 ; i < def->nhostdevs ; i++) { if (virSecuritySELinuxRestoreSecurityHostdevLabel(mgr, def, - def->hostdevs[i]) < 0) + def->hostdevs[i], + NULL) < 0) rc = -1; } for (i = 0 ; i < def->ndisks ; i++) { @@ -1834,8 +1839,9 @@ virSecuritySELinuxSetSecurityAllLabel(virSecurityManagerPtr mgr, for (i = 0 ; i < def->nhostdevs ; i++) { if (virSecuritySELinuxSetSecurityHostdevLabel(mgr, - def, - def->hostdevs[i]) < 0) + def, + def->hostdevs[i], + NULL) < 0) return -1; } diff --git a/src/security/security_stack.c b/src/security/security_stack.c index 1094cbe..51510e5 100644 --- a/src/security/security_stack.c +++ b/src/security/security_stack.c @@ -236,7 +236,8 @@ virSecurityStackRestoreSecurityImageLabel(virSecurityManagerPtr mgr, static int virSecurityStackSetSecurityHostdevLabel(virSecurityManagerPtr mgr, virDomainDefPtr vm, - virDomainHostdevDefPtr dev) + virDomainHostdevDefPtr dev, + const char *vroot) { virSecurityStackDataPtr priv = virSecurityManagerGetPrivateData(mgr); @@ -244,7 +245,10 @@ virSecurityStackSetSecurityHostdevLabel(virSecurityManagerPtr mgr, int rc = 0; for (; item; item = item->next) { - if (virSecurityManagerSetHostdevLabel(item->securityManager, vm, dev) < 0) + if (virSecurityManagerSetHostdevLabel(item->securityManager, + vm, + dev, + vroot) < 0) rc = -1; } @@ -255,14 +259,18 @@ virSecurityStackSetSecurityHostdevLabel(virSecurityManagerPtr mgr, static int virSecurityStackRestoreSecurityHostdevLabel(virSecurityManagerPtr mgr, virDomainDefPtr vm, - virDomainHostdevDefPtr dev) + virDomainHostdevDefPtr dev, + const char *vroot) { virSecurityStackDataPtr priv = virSecurityManagerGetPrivateData(mgr); virSecurityStackItemPtr item = priv->itemsHead; int rc = 0; for (; item; item = item->next) { - if (virSecurityManagerRestoreHostdevLabel(item->securityManager, vm, dev) < 0) + if (virSecurityManagerRestoreHostdevLabel(item->securityManager, + vm, + dev, + vroot) < 0) rc = -1; } diff --git a/src/util/hostusb.c b/src/util/hostusb.c index 81a9f5a..24f925b 100644 --- a/src/util/hostusb.c +++ b/src/util/hostusb.c @@ -101,6 +101,7 @@ usbDeviceSearch(unsigned int vendor, unsigned int product, unsigned int bus, unsigned int devno, + const char *vroot, unsigned int flags) { DIR *dir = NULL; @@ -160,7 +161,7 @@ usbDeviceSearch(unsigned int vendor, found = true; } - usb = usbGetDevice(found_bus, found_devno); + usb = usbGetDevice(found_bus, found_devno, vroot); if (!usb) goto cleanup; @@ -189,6 +190,7 @@ cleanup: int usbFindDeviceByVendor(unsigned int vendor, unsigned product, + const char *vroot, bool mandatory, usbDeviceList **devices) { @@ -196,6 +198,7 @@ usbFindDeviceByVendor(unsigned int vendor, int count; if (!(list = usbDeviceSearch(vendor, product, 0 , 0, + vroot, USB_DEVICE_FIND_BY_VENDOR))) return -1; @@ -226,12 +229,14 @@ usbFindDeviceByVendor(unsigned int vendor, int usbFindDeviceByBus(unsigned int bus, unsigned devno, + const char *vroot, bool mandatory, usbDevice **usb) { usbDeviceList *list; if (!(list = usbDeviceSearch(0, 0, bus, devno, + vroot, USB_DEVICE_FIND_BY_BUS))) return -1; @@ -265,13 +270,15 @@ usbFindDevice(unsigned int vendor, unsigned int product, unsigned int bus, unsigned int devno, + const char *vroot, bool mandatory, usbDevice **usb) { usbDeviceList *list; unsigned int flags = USB_DEVICE_FIND_BY_VENDOR|USB_DEVICE_FIND_BY_BUS; - if (!(list = usbDeviceSearch(vendor, product, bus, devno, flags))) + if (!(list = usbDeviceSearch(vendor, product, bus, devno, + vroot, flags))) return -1; if (list->count == 0) { @@ -301,7 +308,8 @@ usbFindDevice(unsigned int vendor, usbDevice * usbGetDevice(unsigned int bus, - unsigned int devno) + unsigned int devno, + const char *vroot) { usbDevice *dev; @@ -321,7 +329,8 @@ usbGetDevice(unsigned int bus, usbFreeDevice(dev); return NULL; } - if (virAsprintf(&dev->path, USB_DEVFS "%03d/%03d", + if (virAsprintf(&dev->path, "%s" USB_DEVFS "%03d/%03d", + vroot ? vroot : "", dev->bus, dev->dev) < 0) { virReportOOMError(); usbFreeDevice(dev); diff --git a/src/util/hostusb.h b/src/util/hostusb.h index 4f55fdc..aee1526 100644 --- a/src/util/hostusb.h +++ b/src/util/hostusb.h @@ -29,15 +29,18 @@ typedef struct _usbDevice usbDevice; typedef struct _usbDeviceList usbDeviceList; usbDevice *usbGetDevice(unsigned int bus, - unsigned int devno); + unsigned int devno, + const char *vroot); int usbFindDeviceByBus(unsigned int bus, unsigned int devno, + const char *vroot, bool mandatory, usbDevice **usb); int usbFindDeviceByVendor(unsigned int vendor, unsigned int product, + const char *vroot, bool mandatory, usbDeviceList **devices); @@ -45,6 +48,7 @@ int usbFindDevice(unsigned int vendor, unsigned int product, unsigned int bus, unsigned int devno, + const char *vroot, bool mandatory, usbDevice **usb); -- 1.8.0.1

From: "Daniel P. Berrange" <berrange(a)redhat.com&gt; Prepare to support different types of hostdevs by refactoring the current SELinux security driver code Signed-off-by: Daniel P. Berrange <berrange(a)redhat.com&gt; --- src/security/security_selinux.c | 89 +++++++++++++++++++++++++++-------------- 1 file changed, 59 insertions(+), 30 deletions(-) diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c index 9070ff9..ad13490 100644 --- a/src/security/security_selinux.c +++ b/src/security/security_selinux.c @@ -1118,26 +1118,15 @@ virSecuritySELinuxSetSecurityUSBLabel(usbDevice *dev ATTRIBUTE_UNUSED, return virSecuritySELinuxSetFilecon(file, secdef->imagelabel); } + static int -virSecuritySELinuxSetSecurityHostdevLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED, - virDomainDefPtr def, - virDomainHostdevDefPtr dev, - const char *vroot) +virSecuritySELinuxSetSecurityHostdevSubsysLabel(virDomainDefPtr def, + virDomainHostdevDefPtr dev, + const char *vroot) { - virSecurityLabelDefPtr secdef; int ret = -1; - secdef = virDomainDefGetSecurityLabelDef(def, SECURITY_SELINUX_NAME); - if (secdef == NULL) - return -1; - - if (secdef->norelabel) - return 0; - - if (dev->mode != VIR_DOMAIN_HOSTDEV_MODE_SUBSYS) - return 0; - switch (dev->source.subsys.type) { case VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_USB: { usbDevice *usb; @@ -1182,6 +1171,32 @@ done: static int +virSecuritySELinuxSetSecurityHostdevLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED, + virDomainDefPtr def, + virDomainHostdevDefPtr dev, + const char *vroot) + +{ + virSecurityLabelDefPtr secdef; + + secdef = virDomainDefGetSecurityLabelDef(def, SECURITY_SELINUX_NAME); + if (secdef == NULL) + return -1; + + if (secdef->norelabel) + return 0; + + switch (dev->mode) { + case VIR_DOMAIN_HOSTDEV_MODE_SUBSYS: + return virSecuritySELinuxSetSecurityHostdevSubsysLabel(def, dev, vroot); + + default: + return 0; + } +} + + +static int virSecuritySELinuxRestoreSecurityPCILabel(pciDevice *dev ATTRIBUTE_UNUSED, const char *file, void *opaque ATTRIBUTE_UNUSED) @@ -1197,26 +1212,14 @@ virSecuritySELinuxRestoreSecurityUSBLabel(usbDevice *dev ATTRIBUTE_UNUSED, return virSecuritySELinuxRestoreSecurityFileLabel(file); } + static int -virSecuritySELinuxRestoreSecurityHostdevLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED, - virDomainDefPtr def, - virDomainHostdevDefPtr dev, - const char *vroot) +virSecuritySELinuxRestoreSecurityHostdevSubsysLabel(virDomainHostdevDefPtr dev, + const char *vroot) { - virSecurityLabelDefPtr secdef; int ret = -1; - secdef = virDomainDefGetSecurityLabelDef(def, SECURITY_SELINUX_NAME); - if (secdef == NULL) - return -1; - - if (secdef->norelabel) - return 0; - - if (dev->mode != VIR_DOMAIN_HOSTDEV_MODE_SUBSYS) - return 0; - switch (dev->source.subsys.type) { case VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_USB: { usbDevice *usb; @@ -1262,6 +1265,32 @@ done: static int +virSecuritySELinuxRestoreSecurityHostdevLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED, + virDomainDefPtr def, + virDomainHostdevDefPtr dev, + const char *vroot) + +{ + virSecurityLabelDefPtr secdef; + + secdef = virDomainDefGetSecurityLabelDef(def, SECURITY_SELINUX_NAME); + if (secdef == NULL) + return -1; + + if (secdef->norelabel) + return 0; + + switch (dev->mode) { + case VIR_DOMAIN_HOSTDEV_MODE_SUBSYS: + return virSecuritySELinuxRestoreSecurityHostdevSubsysLabel(dev, vroot); + + default: + return 0; + } +} + + +static int virSecuritySELinuxSetSecurityChardevLabel(virDomainDefPtr def, virDomainChrDefPtr dev, virDomainChrSourceDefPtr dev_source) -- 1.8.0.1

From: "Daniel P. Berrange" <berrange(a)redhat.com&gt; The SELinux security driver needs to learn to label storage/misc hostdev devices for LXC Signed-off-by: Daniel P. Berrange <berrange(a)redhat.com&gt; --- src/security/security_selinux.c | 118 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 118 insertions(+) diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c index ad13490..6f0cd4d 100644 --- a/src/security/security_selinux.c +++ b/src/security/security_selinux.c @@ -1171,6 +1171,65 @@ done: static int +virSecuritySELinuxSetSecurityHostdevCapsLabel(virDomainDefPtr def, + virDomainHostdevDefPtr dev, + const char *vroot) +{ + int ret = -1; + virSecurityLabelDefPtr secdef; + char *path; + + secdef = virDomainDefGetSecurityLabelDef(def, SECURITY_SELINUX_NAME); + if (secdef == NULL) + return -1; + + switch (dev->source.caps.type) { + case VIR_DOMAIN_HOSTDEV_CAPS_TYPE_STORAGE: { + if (vroot) { + if (virAsprintf(&path, "%s/%s", vroot, + dev->source.caps.u.storage.block) < 0) { + virReportOOMError(); + return -1; + } + } else { + if (!(path = strdup(dev->source.caps.u.storage.block))) { + virReportOOMError(); + return -1; + } + } + ret = virSecuritySELinuxSetFilecon(path, secdef->imagelabel); + VIR_FREE(path); + break; + } + + case VIR_DOMAIN_HOSTDEV_CAPS_TYPE_MISC: { + if (vroot) { + if (virAsprintf(&path, "%s/%s", vroot, + dev->source.caps.u.misc.chardev) < 0) { + virReportOOMError(); + return -1; + } + } else { + if (!(path = strdup(dev->source.caps.u.misc.chardev))) { + virReportOOMError(); + return -1; + } + } + ret = virSecuritySELinuxSetFilecon(path, secdef->imagelabel); + VIR_FREE(path); + break; + } + + default: + ret = 0; + break; + } + + return ret; +} + + +static int virSecuritySELinuxSetSecurityHostdevLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED, virDomainDefPtr def, virDomainHostdevDefPtr dev, @@ -1190,6 +1249,9 @@ virSecuritySELinuxSetSecurityHostdevLabel(virSecurityManagerPtr mgr ATTRIBUTE_UN case VIR_DOMAIN_HOSTDEV_MODE_SUBSYS: return virSecuritySELinuxSetSecurityHostdevSubsysLabel(def, dev, vroot); + case VIR_DOMAIN_HOSTDEV_MODE_CAPABILITIES: + return virSecuritySELinuxSetSecurityHostdevCapsLabel(def, dev, vroot); + default: return 0; } @@ -1265,6 +1327,59 @@ done: static int +virSecuritySELinuxRestoreSecurityHostdevCapsLabel(virDomainHostdevDefPtr dev, + const char *vroot) +{ + int ret = -1; + char *path; + + switch (dev->source.caps.type) { + case VIR_DOMAIN_HOSTDEV_CAPS_TYPE_STORAGE: { + if (vroot) { + if (virAsprintf(&path, "%s/%s", vroot, + dev->source.caps.u.storage.block) < 0) { + virReportOOMError(); + return -1; + } + } else { + if (!(path = strdup(dev->source.caps.u.storage.block))) { + virReportOOMError(); + return -1; + } + } + ret = virSecuritySELinuxRestoreSecurityFileLabel(path); + VIR_FREE(path); + break; + } + + case VIR_DOMAIN_HOSTDEV_CAPS_TYPE_MISC: { + if (vroot) { + if (virAsprintf(&path, "%s/%s", vroot, + dev->source.caps.u.misc.chardev) < 0) { + virReportOOMError(); + return -1; + } + } else { + if (!(path = strdup(dev->source.caps.u.misc.chardev))) { + virReportOOMError(); + return -1; + } + } + ret = virSecuritySELinuxRestoreSecurityFileLabel(path); + VIR_FREE(path); + break; + } + + default: + ret = 0; + break; + } + + return ret; +} + + +static int virSecuritySELinuxRestoreSecurityHostdevLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED, virDomainDefPtr def, virDomainHostdevDefPtr dev, @@ -1284,6 +1399,9 @@ virSecuritySELinuxRestoreSecurityHostdevLabel(virSecurityManagerPtr mgr ATTRIBUT case VIR_DOMAIN_HOSTDEV_MODE_SUBSYS: return virSecuritySELinuxRestoreSecurityHostdevSubsysLabel(dev, vroot); + case VIR_DOMAIN_HOSTDEV_MODE_CAPABILITIES: + return virSecuritySELinuxRestoreSecurityHostdevCapsLabel(dev, vroot); + default: return 0; } -- 1.8.0.1

From: "Daniel P. Berrange" <berrange(a)redhat.com&gt; Currently LXC guests can be given arbitrary pre-mounted filesystems, however, for some usecases it is more appropriate to provide block devices which the container can mount itself. This first impl only allows for <disk type='block'>, in other words exposing a host disk device to a container. Since LXC does not have device namespace virtualization, we are cheating a little bit. If the XML specifies /dev/sdc4 to be given to the container as /dev/sda1, when we do the mknod /dev/sda1 in the container's /dev, we actually use the major:minor number of /dev/sdc4, not /dev/sda1. Signed-off-by: Daniel P. Berrange <berrange(a)redhat.com&gt; --- src/lxc/lxc_cgroup.c | 18 +++++++++ src/lxc/lxc_container.c | 104 ++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 122 insertions(+) diff --git a/src/lxc/lxc_cgroup.c b/src/lxc/lxc_cgroup.c index 767ef26..0636869 100644 --- a/src/lxc/lxc_cgroup.c +++ b/src/lxc/lxc_cgroup.c @@ -332,6 +332,24 @@ static int virLXCCgroupSetupDeviceACL(virDomainDefPtr def, } } + for (i = 0 ; i < def->ndisks ; i++) { + if (def->disks[i]->type != VIR_DOMAIN_DISK_TYPE_BLOCK) + continue; + + rc = virCgroupAllowDevicePath(cgroup, + def->disks[i]->src, + (def->disks[i]->readonly ? + VIR_CGROUP_DEVICE_READ : + VIR_CGROUP_DEVICE_RW) | + VIR_CGROUP_DEVICE_MKNOD); + if (rc != 0) { + virReportSystemError(-rc, + _("Unable to allow device %s for domain %s"), + def->disks[i]->src, def->name); + goto cleanup; + } + } + for (i = 0 ; i < def->nfss ; i++) { if (def->fss[i]->type != VIR_DOMAIN_FS_TYPE_BLOCK) continue; diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c index 3014564..be26de9 100644 --- a/src/lxc/lxc_container.c +++ b/src/lxc/lxc_container.c @@ -1211,6 +1211,106 @@ static int lxcContainerMountAllFS(virDomainDefPtr vmDef, } +static int lxcContainerSetupDisk(virDomainDefPtr vmDef, + virDomainDiskDefPtr def, + const char *dstprefix, + virSecurityManagerPtr securityDriver) +{ + char *src = NULL; + char *dst = NULL; + int ret = -1; + struct stat sb; + mode_t mode; + char *tmpsrc = def->src; + + if (def->type != VIR_DOMAIN_DISK_TYPE_BLOCK) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("Can't setup disk for non-block device")); + goto cleanup; + } + if (def->src == NULL) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("Can't setup disk without media")); + goto cleanup; + } + + if (virAsprintf(&src, "%s/%s", dstprefix, def->src) < 0) { + virReportOOMError(); + goto cleanup; + } + + if (virAsprintf(&dst, "/dev/%s", def->dst) < 0) { + virReportOOMError(); + goto cleanup; + } + + if (stat(src, &sb) < 0) { + virReportSystemError(errno, + _("Unable to access %s"), def->src); + goto cleanup; + } + + if (!S_ISCHR(sb.st_mode) && !S_ISBLK(sb.st_mode)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("Disk source %s must be a character/block device"), + def->src); + goto cleanup; + } + + mode = 0700; + if (S_ISCHR(sb.st_mode)) + mode |= S_IFCHR; + else + mode |= S_IFBLK; + + /* Yes, the device name we're creating may not + * actually correspond to the major:minor number + * we're using, but we've no other option at this + * time. Just have to hope that containerized apps + * don't get upset that the major:minor is different + * to that normally implied by the device name + */ + VIR_DEBUG("Creating dev %s (%d,%d) from %s", + dst, major(sb.st_rdev), minor(sb.st_rdev), src); + if (mknod(dst, mode, sb.st_rdev) < 0) { + virReportSystemError(errno, + _("Unable to create device %s"), + dst); + goto cleanup; + } + /* Labelling normally operates on src, but we need + * to actally label the dst here, so hack the config */ + def->src = dst; + if (virSecurityManagerSetImageLabel(securityDriver, vmDef, def) < 0) + goto cleanup; + + ret = 0; + +cleanup: + def->src = tmpsrc; + VIR_FREE(src); + VIR_FREE(dst); + return ret; +} + +static int lxcContainerSetupAllDisks(virDomainDefPtr vmDef, + const char *dstprefix, + virSecurityManagerPtr securityDriver) +{ + size_t i; + VIR_DEBUG("Setting up disks %s", dstprefix); + + for (i = 0 ; i < vmDef->ndisks ; i++) { + if (lxcContainerSetupDisk(vmDef, vmDef->disks[i], + dstprefix, securityDriver) < 0) + return -1; + } + + VIR_DEBUG("Setup all disks"); + return 0; +} + + static int lxcContainerGetSubtree(const char *prefix, char ***mountsret, size_t *nmountsret) @@ -1606,6 +1706,10 @@ static int lxcContainerSetupPivotRoot(virDomainDefPtr vmDef, if (lxcContainerMountAllFS(vmDef, "/.oldroot", true, sec_mount_options) < 0) goto cleanup; + /* Sets up any extra disks from guest config */ + if (lxcContainerSetupAllDisks(vmDef, "/.oldroot", securityDriver) < 0) + goto cleanup; + /* Gets rid of all remaining mounts from host OS, including /.oldroot itself */ if (lxcContainerUnmountSubtree("/.oldroot", true) < 0) goto cleanup; -- 1.8.0.1

From: "Daniel P. Berrange" <berrange(a)redhat.com&gt; This adds support for host device passthrough with the LXC driver. Since there is only a single kernel image, it doesn't make sense to pass through PCI devices, but USB devices are fine. For the latter we merely need to make the /dev/bus/usb/NNN/MMM character device exist in the container's /dev Signed-off-by: Daniel P. Berrange <berrange(a)redhat.com&gt; --- src/Makefile.am | 1 + src/lxc/lxc_cgroup.c | 64 ++++++++ src/lxc/lxc_cgroup.h | 12 ++ src/lxc/lxc_conf.h | 3 + src/lxc/lxc_container.c | 124 ++++++++++++++- src/lxc/lxc_driver.c | 6 + src/lxc/lxc_hostdev.c | 390 ++++++++++++++++++++++++++++++++++++++++++++++++ src/lxc/lxc_hostdev.h | 43 ++++++ src/lxc/lxc_process.c | 11 ++ 9 files changed, 653 insertions(+), 1 deletion(-) create mode 100644 src/lxc/lxc_hostdev.c create mode 100644 src/lxc/lxc_hostdev.h diff --git a/src/Makefile.am b/src/Makefile.am index 627dbb5..c3459a5 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -411,6 +411,7 @@ LXC_DRIVER_SOURCES = \ lxc/lxc_container.c lxc/lxc_container.h \ lxc/lxc_cgroup.c lxc/lxc_cgroup.h \ lxc/lxc_domain.c lxc/lxc_domain.h \ + lxc/lxc_hostdev.c lxc/lxc_hostdev.h \ lxc/lxc_monitor.c lxc/lxc_monitor.h \ lxc/lxc_process.c lxc/lxc_process.h \ lxc/lxc_fuse.c lxc/lxc_fuse.h \ diff --git a/src/lxc/lxc_cgroup.c b/src/lxc/lxc_cgroup.c index 0636869..14c840a 100644 --- a/src/lxc/lxc_cgroup.c +++ b/src/lxc/lxc_cgroup.c @@ -291,6 +291,49 @@ struct _virLXCCgroupDevicePolicy { }; +int +virLXCSetupHostUsbDeviceCgroup(usbDevice *dev ATTRIBUTE_UNUSED, + const char *path, + void *opaque) +{ + virCgroupPtr cgroup = opaque; + int rc; + + VIR_DEBUG("Process path '%s' for USB device", path); + rc = virCgroupAllowDevicePath(cgroup, path, + VIR_CGROUP_DEVICE_RW); + if (rc < 0) { + virReportSystemError(-rc, + _("Unable to allow device %s"), + path); + return -1; + } + + return 0; +} + + +int +virLXCTeardownHostUsbDeviceCgroup(usbDevice *dev ATTRIBUTE_UNUSED, + const char *path, + void *opaque) +{ + virCgroupPtr cgroup = opaque; + int rc; + + VIR_DEBUG("Process path '%s' for USB device", path); + rc = virCgroupDenyDevicePath(cgroup, path, + VIR_CGROUP_DEVICE_RW); + if (rc < 0) { + virReportSystemError(-rc, + _("Unable to deny device %s"), + path); + return -1; + } + + return 0; +} + static int virLXCCgroupSetupDeviceACL(virDomainDefPtr def, virCgroupPtr cgroup) @@ -367,6 +410,27 @@ static int virLXCCgroupSetupDeviceACL(virDomainDefPtr def, } } + for (i = 0; i < def->nhostdevs; i++) { + virDomainHostdevDefPtr hostdev = def->hostdevs[i]; + usbDevice *usb; + + if (hostdev->mode != VIR_DOMAIN_HOSTDEV_MODE_SUBSYS) + continue; + if (hostdev->source.subsys.type != VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_USB) + continue; + if (hostdev->missing) + continue; + + if ((usb = usbGetDevice(hostdev->source.subsys.u.usb.bus, + hostdev->source.subsys.u.usb.device, + NULL)) == NULL) + goto cleanup; + + if (usbDeviceFileIterate(usb, virLXCSetupHostUsbDeviceCgroup, + cgroup) < 0) + goto cleanup; + } + rc = virCgroupAllowDeviceMajor(cgroup, 'c', LXC_DEV_MAJ_PTY, VIR_CGROUP_DEVICE_RWM); if (rc != 0) { diff --git a/src/lxc/lxc_cgroup.h b/src/lxc/lxc_cgroup.h index 6961943..c1d4551 100644 --- a/src/lxc/lxc_cgroup.h +++ b/src/lxc/lxc_cgroup.h @@ -24,7 +24,19 @@ # include "domain_conf.h" # include "lxc_fuse.h" +# include "hostusb.h" int virLXCCgroupSetup(virDomainDefPtr def); int virLXCCgroupGetMeminfo(virLXCMeminfoPtr meminfo); + +int +virLXCSetupHostUsbDeviceCgroup(usbDevice *dev, + const char *path, + void *opaque); + +int +virLXCTeardownHostUsbDeviceCgroup(usbDevice *dev, + const char *path, + void *opaque); + #endif /* __VIR_LXC_CGROUP_H__ */ diff --git a/src/lxc/lxc_conf.h b/src/lxc/lxc_conf.h index 4ae0c5e..a6872ea 100644 --- a/src/lxc/lxc_conf.h +++ b/src/lxc/lxc_conf.h @@ -35,6 +35,7 @@ # include "cgroup.h" # include "security/security_manager.h" # include "configmake.h" +# include "hostusb.h" # define LXC_DRIVER_NAME "LXC" @@ -60,6 +61,8 @@ struct _virLXCDriver { int log_libvirtd; int have_netns; + usbDeviceList *activeUsbHostdevs; + virDomainEventStatePtr domainEventState; char *securityDriverName; diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c index be26de9..0a407bf 100644 --- a/src/lxc/lxc_container.c +++ b/src/lxc/lxc_container.c @@ -1311,6 +1311,124 @@ static int lxcContainerSetupAllDisks(virDomainDefPtr vmDef, } +static int lxcContainerSetupHostdevSubsysUSB(virDomainDefPtr vmDef ATTRIBUTE_UNUSED, + virDomainHostdevDefPtr def ATTRIBUTE_UNUSED, + const char *dstprefix ATTRIBUTE_UNUSED, + virSecurityManagerPtr securityDriver ATTRIBUTE_UNUSED) +{ + int ret = -1; + char *src = NULL; + char *dstdir = NULL; + char *dstfile = NULL; + struct stat sb; + mode_t mode; + + if (virAsprintf(&dstdir, "/dev/bus/usb/%03d", + def->source.subsys.u.usb.bus) < 0) { + virReportOOMError(); + goto cleanup; + } + + if (virAsprintf(&dstfile, "%s/%03d", + dstdir, + def->source.subsys.u.usb.device) < 0) { + virReportOOMError(); + goto cleanup; + } + + if (virAsprintf(&src, "%s/%s", dstprefix, dstfile) < 0) { + virReportOOMError(); + goto cleanup; + } + + if (stat(src, &sb) < 0) { + virReportSystemError(errno, + _("Unable to access %s"), src); + goto cleanup; + } + + if (!S_ISCHR(sb.st_mode)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("USB source %s was not a character device"), + src); + goto cleanup; + } + + mode = 0700 | S_IFCHR; + + if (virFileMakePath(dstdir) < 0) { + virReportSystemError(errno, + _("Unable to create %s"), dstdir); + goto cleanup; + } + + VIR_DEBUG("Creating dev %s (%d,%d)", + dstfile, major(sb.st_rdev), minor(sb.st_rdev)); + if (mknod(dstfile, mode, sb.st_rdev) < 0) { + virReportSystemError(errno, + _("Unable to create device %s"), + dstfile); + goto cleanup; + } + + if (virSecurityManagerSetHostdevLabel(securityDriver, vmDef, def, NULL) < 0) + goto cleanup; + + ret = 0; + +cleanup: + VIR_FREE(src); + VIR_FREE(dstfile); + VIR_FREE(dstdir); + return ret; +} + + +static int lxcContainerSetupHostdevSubsys(virDomainDefPtr vmDef, + virDomainHostdevDefPtr def, + const char *dstprefix, + virSecurityManagerPtr securityDriver) +{ + switch (def->source.subsys.type) { + case VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_USB: + return lxcContainerSetupHostdevSubsysUSB(vmDef, def, dstprefix, securityDriver); + + default: + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("Unsupported host device mode %s"), + virDomainHostdevSubsysTypeToString(def->source.subsys.type)); + return -1; + } +} + + +static int lxcContainerSetupAllHostdevs(virDomainDefPtr vmDef, + const char *dstprefix, + virSecurityManagerPtr securityDriver) +{ + size_t i; + VIR_DEBUG("Setting up hostdevs %s", dstprefix); + + for (i = 0 ; i < vmDef->nhostdevs ; i++) { + virDomainHostdevDefPtr def = vmDef->hostdevs[i]; + switch (def->mode) { + case VIR_DOMAIN_HOSTDEV_MODE_SUBSYS: + if (lxcContainerSetupHostdevSubsys(vmDef, def, dstprefix, securityDriver) < 0) + return -1; + break; + default: + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("Unsupported host device mode %s"), + virDomainHostdevModeTypeToString(def->mode)); + return -1; + } + } + + VIR_DEBUG("Setup all hostdevs"); + return 0; +} + + static int lxcContainerGetSubtree(const char *prefix, char ***mountsret, size_t *nmountsret) @@ -1710,7 +1828,11 @@ static int lxcContainerSetupPivotRoot(virDomainDefPtr vmDef, if (lxcContainerSetupAllDisks(vmDef, "/.oldroot", securityDriver) < 0) goto cleanup; - /* Gets rid of all remaining mounts from host OS, including /.oldroot itself */ + /* Sets up any extra host devices from guest config */ + if (lxcContainerSetupAllHostdevs(vmDef, "/.oldroot", securityDriver) < 0) + goto cleanup; + + /* Gets rid of all remaining mounts from host OS, including /.oldroot itself */ if (lxcContainerUnmountSubtree("/.oldroot", true) < 0) goto cleanup; diff --git a/src/lxc/lxc_driver.c b/src/lxc/lxc_driver.c index 2e9cfe4..1c6ec8c 100644 --- a/src/lxc/lxc_driver.c +++ b/src/lxc/lxc_driver.c @@ -42,6 +42,7 @@ #include "lxc_container.h" #include "lxc_domain.h" #include "lxc_driver.h" +#include "lxc_hostdev.h" #include "lxc_process.h" #include "memory.h" #include "util.h" @@ -1463,6 +1464,9 @@ static int lxcStartup(int privileged) if ((lxc_driver->caps = lxcCapsInit(lxc_driver)) == NULL) goto cleanup; + if ((lxc_driver->activeUsbHostdevs = usbDeviceListNew()) == NULL) + goto cleanup; + virLXCDomainSetPrivateDataHooks(lxc_driver->caps); if (virLXCProcessAutoDestroyInit(lxc_driver) < 0) @@ -1548,6 +1552,8 @@ static int lxcShutdown(void) virDomainObjListDeinit(&lxc_driver->domains); virDomainEventStateFree(lxc_driver->domainEventState); + usbDeviceListFree(lxc_driver->activeUsbHostdevs); + virLXCProcessAutoDestroyShutdown(lxc_driver); virCapabilitiesFree(lxc_driver->caps); diff --git a/src/lxc/lxc_hostdev.c b/src/lxc/lxc_hostdev.c new file mode 100644 index 0000000..c063aa0 --- /dev/null +++ b/src/lxc/lxc_hostdev.c @@ -0,0 +1,390 @@ +/* + * virLXC_hostdev.c: VIRLXC hostdev management + * + * Copyright (C) 2006-2007, 2009-2012 Red Hat, Inc. + * Copyright (C) 2006 Daniel P. Berrange + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library. If not, see + * <http://www.gnu.org/licenses/>;. + * + * Author: Daniel P. Berrange <berrange(a)redhat.com&gt; + */ + +#include <config.h> + +#include "lxc_hostdev.h" +#include "logging.h" +#include "virterror_internal.h" +#include "memory.h" + +#define VIR_FROM_THIS VIR_FROM_LXC + +int +virLXCUpdateActiveUsbHostdevs(virLXCDriverPtr driver, + virDomainDefPtr def) +{ + virDomainHostdevDefPtr hostdev = NULL; + size_t i; + + if (!def->nhostdevs) + return 0; + + for (i = 0; i < def->nhostdevs; i++) { + usbDevice *usb = NULL; + hostdev = def->hostdevs[i]; + + if (hostdev->mode != VIR_DOMAIN_HOSTDEV_MODE_SUBSYS) + continue; + if (hostdev->source.subsys.type != VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_USB) + continue; + + usb = usbGetDevice(hostdev->source.subsys.u.usb.bus, + hostdev->source.subsys.u.usb.device, + NULL); + if (!usb) { + VIR_WARN("Unable to reattach USB device %03d.%03d on domain %s", + hostdev->source.subsys.u.usb.bus, + hostdev->source.subsys.u.usb.device, + def->name); + continue; + } + + usbDeviceSetUsedBy(usb, def->name); + + if (usbDeviceListAdd(driver->activeUsbHostdevs, usb) < 0) { + usbFreeDevice(usb); + return -1; + } + } + + return 0; +} + + +int +virLXCPrepareHostdevUSBDevices(virLXCDriverPtr driver, + const char *name, + usbDeviceList *list) +{ + size_t i, j; + unsigned int count; + usbDevice *tmp; + + count = usbDeviceListCount(list); + + for (i = 0; i < count; i++) { + usbDevice *usb = usbDeviceListGet(list, i); + if ((tmp = usbDeviceListFind(driver->activeUsbHostdevs, usb))) { + const char *other_name = usbDeviceGetUsedBy(tmp); + + if (other_name) + virReportError(VIR_ERR_OPERATION_INVALID, + _("USB device %s is in use by domain %s"), + usbDeviceGetName(tmp), other_name); + else + virReportError(VIR_ERR_OPERATION_INVALID, + _("USB device %s is already in use"), + usbDeviceGetName(tmp)); + goto error; + } + + usbDeviceSetUsedBy(usb, name); + VIR_DEBUG("Adding %03d.%03d dom=%s to activeUsbHostdevs", + usbDeviceGetBus(usb), usbDeviceGetDevno(usb), name); + /* + * The caller is responsible to steal these usb devices + * from the usbDeviceList that passed in on success, + * perform rollback on failure. + */ + if (usbDeviceListAdd(driver->activeUsbHostdevs, usb) < 0) + goto error; + } + return 0; + +error: + for (j = 0; j < i; j++) { + tmp = usbDeviceListGet(list, i); + usbDeviceListSteal(driver->activeUsbHostdevs, tmp); + } + return -1; +} + +int +virLXCFindHostdevUSBDevice(virDomainHostdevDefPtr hostdev, + bool mandatory, + usbDevice **usb) +{ + unsigned vendor = hostdev->source.subsys.u.usb.vendor; + unsigned product = hostdev->source.subsys.u.usb.product; + unsigned bus = hostdev->source.subsys.u.usb.bus; + unsigned device = hostdev->source.subsys.u.usb.device; + bool autoAddress = hostdev->source.subsys.u.usb.autoAddress; + int rc; + + *usb = NULL; + + if (vendor && bus) { + rc = usbFindDevice(vendor, product, bus, device, + NULL, + autoAddress ? false : mandatory, + usb); + if (rc < 0) { + return -1; + } else if (!autoAddress) { + goto out; + } else { + VIR_INFO("USB device %x:%x could not be found at previous" + " address (bus:%u device:%u)", + vendor, product, bus, device); + } + } + + /* When vendor is specified, its USB address is either unspecified or the + * device could not be found at the USB device where it had been + * automatically found before. + */ + if (vendor) { + usbDeviceList *devs; + + rc = usbFindDeviceByVendor(vendor, product, + NULL, + mandatory, &devs); + if (rc < 0) + return -1; + + if (rc == 1) { + *usb = usbDeviceListGet(devs, 0); + usbDeviceListSteal(devs, *usb); + } + usbDeviceListFree(devs); + + if (rc == 0) { + goto out; + } else if (rc > 1) { + if (autoAddress) { + virReportError(VIR_ERR_OPERATION_FAILED, + _("Multiple USB devices for %x:%x were found," + " but none of them is at bus:%u device:%u"), + vendor, product, bus, device); + } else { + virReportError(VIR_ERR_OPERATION_FAILED, + _("Multiple USB devices for %x:%x, " + "use <address> to specify one"), + vendor, product); + } + return -1; + } + + hostdev->source.subsys.u.usb.bus = usbDeviceGetBus(*usb); + hostdev->source.subsys.u.usb.device = usbDeviceGetDevno(*usb); + hostdev->source.subsys.u.usb.autoAddress = true; + + if (autoAddress) { + VIR_INFO("USB device %x:%x found at bus:%u device:%u (moved" + " from bus:%u device:%u)", + vendor, product, + hostdev->source.subsys.u.usb.bus, + hostdev->source.subsys.u.usb.device, + bus, device); + } + } else if (!vendor && bus) { + if (usbFindDeviceByBus(bus, device, + NULL, + mandatory, usb) < 0) + return -1; + } + +out: + if (!*usb) + hostdev->missing = 1; + return 0; +} + +static int +virLXCPrepareHostUSBDevices(virLXCDriverPtr driver, + virDomainDefPtr def) +{ + size_t i; + int ret = -1; + usbDeviceList *list; + usbDevice *tmp; + virDomainHostdevDefPtr *hostdevs = def->hostdevs; + int nhostdevs = def->nhostdevs; + + /* To prevent situation where USB device is assigned to two domains + * we need to keep a list of currently assigned USB devices. + * This is done in several loops which cannot be joined into one big + * loop. See virLXCPrepareHostdevPCIDevices() + */ + if (!(list = usbDeviceListNew())) + goto cleanup; + + /* Loop 1: build temporary list + */ + for (i = 0 ; i < nhostdevs ; i++) { + virDomainHostdevDefPtr hostdev = hostdevs[i]; + bool required = true; + usbDevice *usb; + + if (hostdev->mode != VIR_DOMAIN_HOSTDEV_MODE_SUBSYS) + continue; + if (hostdev->source.subsys.type != VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_USB) + continue; + + if (hostdev->startupPolicy == VIR_DOMAIN_STARTUP_POLICY_OPTIONAL) + required = false; + + if (virLXCFindHostdevUSBDevice(hostdev, required, &usb) < 0) + goto cleanup; + + if (usb && usbDeviceListAdd(list, usb) < 0) { + usbFreeDevice(usb); + goto cleanup; + } + } + + /* Mark devices in temporary list as used by @name + * and add them do driver list. However, if something goes + * wrong, perform rollback. + */ + if (virLXCPrepareHostdevUSBDevices(driver, def->name, list) < 0) + goto cleanup; + + /* Loop 2: Temporary list was successfully merged with + * driver list, so steal all items to avoid freeing them + * in cleanup label. + */ + while (usbDeviceListCount(list) > 0) { + tmp = usbDeviceListGet(list, 0); + usbDeviceListSteal(list, tmp); + } + + ret = 0; + +cleanup: + usbDeviceListFree(list); + return ret; +} + + +int virLXCPrepareHostDevices(virLXCDriverPtr driver, + virDomainDefPtr def) +{ + size_t i; + + if (!def->nhostdevs) + return 0; + + /* Sanity check for supported configurations only */ + for (i = 0 ; i < def->nhostdevs ; i++) { + virDomainHostdevDefPtr dev = def->hostdevs[i]; + + switch (dev->mode) { + case VIR_DOMAIN_HOSTDEV_MODE_SUBSYS: + switch (dev->source.subsys.type) { + case VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_USB: + break; + default: + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("Unsupported hostdev type %s"), + virDomainHostdevSubsysTypeToString(dev->source.subsys.type)); + break; + } + break; + + default: + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("Unsupported hostdev mode %s"), + virDomainHostdevModeTypeToString(dev->mode)); + break; + } + } + + if (virLXCPrepareHostUSBDevices(driver, def) < 0) + return -1; + + return 0; +} + + +static void +virLXCDomainReAttachHostUsbDevices(virLXCDriverPtr driver, + const char *name, + virDomainHostdevDefPtr *hostdevs, + int nhostdevs) +{ + size_t i; + + for (i = 0; i < nhostdevs; i++) { + virDomainHostdevDefPtr hostdev = hostdevs[i]; + usbDevice *usb, *tmp; + const char *used_by = NULL; + + if (hostdev->mode != VIR_DOMAIN_HOSTDEV_MODE_SUBSYS) + continue; + if (hostdev->source.subsys.type != VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_USB) + continue; + if (hostdev->missing) + continue; + + usb = usbGetDevice(hostdev->source.subsys.u.usb.bus, + hostdev->source.subsys.u.usb.device, + NULL); + + if (!usb) { + VIR_WARN("Unable to reattach USB device %03d.%03d on domain %s", + hostdev->source.subsys.u.usb.bus, + hostdev->source.subsys.u.usb.device, + name); + continue; + } + + /* Delete only those USB devices which belongs + * to domain @name because virLXCProcessStart() might + * have failed because USB device is already taken. + * Therefore we want to steal only those devices from + * the list which were taken by @name */ + + tmp = usbDeviceListFind(driver->activeUsbHostdevs, usb); + usbFreeDevice(usb); + + if (!tmp) { + VIR_WARN("Unable to find device %03d.%03d " + "in list of active USB devices", + hostdev->source.subsys.u.usb.bus, + hostdev->source.subsys.u.usb.device); + continue; + } + + used_by = usbDeviceGetUsedBy(tmp); + if (STREQ_NULLABLE(used_by, name)) { + VIR_DEBUG("Removing %03d.%03d dom=%s from activeUsbHostdevs", + hostdev->source.subsys.u.usb.bus, + hostdev->source.subsys.u.usb.device, + name); + + usbDeviceListDel(driver->activeUsbHostdevs, tmp); + } + } +} + +void virLXCDomainReAttachHostDevices(virLXCDriverPtr driver, + virDomainDefPtr def) +{ + if (!def->nhostdevs) + return; + + virLXCDomainReAttachHostUsbDevices(driver, def->name, def->hostdevs, + def->nhostdevs); +} diff --git a/src/lxc/lxc_hostdev.h b/src/lxc/lxc_hostdev.h new file mode 100644 index 0000000..dd98112 --- /dev/null +++ b/src/lxc/lxc_hostdev.h @@ -0,0 +1,43 @@ +/* + * virLXC_hostdev.h: VIRLXC hostdev management + * + * Copyright (C) 2006-2007, 2009-2010 Red Hat, Inc. + * Copyright (C) 2006 Daniel P. Berrange + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library. If not, see + * <http://www.gnu.org/licenses/>;. + * + * Author: Daniel P. Berrange <berrange(a)redhat.com&gt; + */ + +#ifndef __LXC_HOSTDEV_H__ +# define __LXC_HOSTDEV_H__ + +# include "lxc_conf.h" +# include "domain_conf.h" + +int virLXCUpdateActiveUsbHostdevs(virLXCDriverPtr driver, + virDomainDefPtr def); +int virLXCFindHostdevUSBDevice(virDomainHostdevDefPtr hostdev, + bool mandatory, + usbDevice **usb); +int virLXCPrepareHostdevUSBDevices(virLXCDriverPtr driver, + const char *name, + usbDeviceList *list); +int virLXCPrepareHostDevices(virLXCDriverPtr driver, + virDomainDefPtr def); +void virLXCDomainReAttachHostDevices(virLXCDriverPtr driver, + virDomainDefPtr def); + +#endif /* __LXC_HOSTDEV_H__ */ diff --git a/src/lxc/lxc_process.c b/src/lxc/lxc_process.c index 72e1be3..607e826 100644 --- a/src/lxc/lxc_process.c +++ b/src/lxc/lxc_process.c @@ -44,6 +44,7 @@ #include "logging.h" #include "command.h" #include "hooks.h" +#include "lxc_hostdev.h" #define VIR_FROM_THIS VIR_FROM_LXC @@ -252,6 +253,8 @@ static void virLXCProcessCleanup(virLXCDriverPtr driver, vm->pid = -1; vm->def->id = -1; + virLXCDomainReAttachHostDevices(driver, vm->def); + for (i = 0 ; i < vm->def->nnets ; i++) { virDomainNetDefPtr iface = vm->def->nets[i]; vport = virDomainNetGetActualVirtPortProfile(iface); @@ -973,6 +976,11 @@ int virLXCProcessStart(virConnectPtr conn, goto cleanup; } + /* Must be run before security labelling */ + VIR_DEBUG("Preparing host devices"); + if (virLXCPrepareHostDevices(driver, vm->def) < 0) + goto cleanup; + /* Here we open all the PTYs we need on the host OS side. * The LXC controller will open the guest OS side PTYs * and forward I/O between them. @@ -1298,6 +1306,9 @@ virLXCProcessReconnectDomain(void *payload, const void *name ATTRIBUTE_UNUSED, v if (!(priv->monitor = virLXCProcessConnectMonitor(driver, vm))) goto error; + if (virLXCUpdateActiveUsbHostdevs(driver, vm->def) < 0) + goto error; + if (virSecurityManagerReserveLabel(driver->securityManager, vm->def, vm->pid) < 0) goto error; -- 1.8.0.1

From: "Daniel P. Berrange" <berrange(a)redhat.com&gt; This extends support for host device passthrough with LXC to cover storage devices. In this case all we need todo is a mknod in the container's /dev and whitelist the device in cgroups Signed-off-by: Daniel P. Berrange <berrange(a)redhat.com&gt; --- src/lxc/lxc_cgroup.c | 46 ++++++++++++++++++---------- src/lxc/lxc_container.c | 80 +++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 111 insertions(+), 15 deletions(-) diff --git a/src/lxc/lxc_cgroup.c b/src/lxc/lxc_cgroup.c index 14c840a..0c3d5dd 100644 --- a/src/lxc/lxc_cgroup.c +++ b/src/lxc/lxc_cgroup.c @@ -414,21 +414,37 @@ static int virLXCCgroupSetupDeviceACL(virDomainDefPtr def, virDomainHostdevDefPtr hostdev = def->hostdevs[i]; usbDevice *usb; - if (hostdev->mode != VIR_DOMAIN_HOSTDEV_MODE_SUBSYS) - continue; - if (hostdev->source.subsys.type != VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_USB) - continue; - if (hostdev->missing) - continue; - - if ((usb = usbGetDevice(hostdev->source.subsys.u.usb.bus, - hostdev->source.subsys.u.usb.device, - NULL)) == NULL) - goto cleanup; - - if (usbDeviceFileIterate(usb, virLXCSetupHostUsbDeviceCgroup, - cgroup) < 0) - goto cleanup; + switch (hostdev->mode) { + case VIR_DOMAIN_HOSTDEV_MODE_SUBSYS: + if (hostdev->source.subsys.type != VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_USB) + continue; + if (hostdev->missing) + continue; + + if ((usb = usbGetDevice(hostdev->source.subsys.u.usb.bus, + hostdev->source.subsys.u.usb.device, + NULL)) == NULL) + goto cleanup; + + if (usbDeviceFileIterate(usb, virLXCSetupHostUsbDeviceCgroup, + cgroup) < 0) + goto cleanup; + break; + case VIR_DOMAIN_HOSTDEV_MODE_CAPABILITIES: + switch (hostdev->source.caps.type) { + case VIR_DOMAIN_HOSTDEV_CAPS_TYPE_STORAGE: + if (virCgroupAllowDevicePath(cgroup, + hostdev->source.caps.u.storage.block, + VIR_CGROUP_DEVICE_RW | + VIR_CGROUP_DEVICE_MKNOD) < 0) + goto cleanup; + break; + default: + break; + } + default: + break; + } } rc = virCgroupAllowDeviceMajor(cgroup, 'c', LXC_DEV_MAJ_PTY, diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c index 0a407bf..19c5702 100644 --- a/src/lxc/lxc_container.c +++ b/src/lxc/lxc_container.c @@ -1384,6 +1384,64 @@ cleanup: } +static int lxcContainerSetupHostdevCapsStorage(virDomainDefPtr vmDef ATTRIBUTE_UNUSED, + virDomainHostdevDefPtr def ATTRIBUTE_UNUSED, + const char *dstprefix ATTRIBUTE_UNUSED, + virSecurityManagerPtr securityDriver ATTRIBUTE_UNUSED) +{ + char *src = NULL; + int ret = -1; + struct stat sb; + mode_t mode; + + if (def->source.caps.u.storage.block == NULL) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("Missing storage host block path")); + goto cleanup; + } + + if (virAsprintf(&src, "%s/%s", dstprefix, def->source.caps.u.storage.block) < 0) { + virReportOOMError(); + goto cleanup; + } + + if (stat(src, &sb) < 0) { + virReportSystemError(errno, + _("Unable to access %s"), + src); + goto cleanup; + } + + if (!S_ISBLK(sb.st_mode)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("Storage source %s must be a block device"), + def->source.caps.u.storage.block); + goto cleanup; + } + + mode = 0700 | S_IFBLK; + + VIR_DEBUG("Creating dev %s (%d,%d)", + def->source.caps.u.storage.block, + major(sb.st_rdev), minor(sb.st_rdev)); + if (mknod(def->source.caps.u.storage.block, mode, sb.st_rdev) < 0) { + virReportSystemError(errno, + _("Unable to create device %s"), + def->source.caps.u.storage.block); + goto cleanup; + } + + if (virSecurityManagerSetHostdevLabel(securityDriver, vmDef, def, NULL) < 0) + goto cleanup; + + ret = 0; + +cleanup: + VIR_FREE(src); + return ret; +} + + static int lxcContainerSetupHostdevSubsys(virDomainDefPtr vmDef, virDomainHostdevDefPtr def, const char *dstprefix, @@ -1402,6 +1460,24 @@ static int lxcContainerSetupHostdevSubsys(virDomainDefPtr vmDef, } +static int lxcContainerSetupHostdevCaps(virDomainDefPtr vmDef, + virDomainHostdevDefPtr def, + const char *dstprefix, + virSecurityManagerPtr securityDriver) +{ + switch (def->source.subsys.type) { + case VIR_DOMAIN_HOSTDEV_CAPS_TYPE_STORAGE: + return lxcContainerSetupHostdevCapsStorage(vmDef, def, dstprefix, securityDriver); + + default: + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("Unsupported host device mode %s"), + virDomainHostdevCapsTypeToString(def->source.subsys.type)); + return -1; + } +} + + static int lxcContainerSetupAllHostdevs(virDomainDefPtr vmDef, const char *dstprefix, virSecurityManagerPtr securityDriver) @@ -1416,6 +1492,10 @@ static int lxcContainerSetupAllHostdevs(virDomainDefPtr vmDef, if (lxcContainerSetupHostdevSubsys(vmDef, def, dstprefix, securityDriver) < 0) return -1; break; + case VIR_DOMAIN_HOSTDEV_MODE_CAPABILITIES: + if (lxcContainerSetupHostdevCaps(vmDef, def, dstprefix, securityDriver) < 0) + return -1; + break; default: virReportError(VIR_ERR_CONFIG_UNSUPPORTED, _("Unsupported host device mode %s"), -- 1.8.0.1

on 2012/12/01 04:26, Daniel P. Berrange wrote: ATTRIBUTE_UNUSED should be removed. we need proper error message. ACK

On 2012/12/01 04:26, Daniel P. Berrange wrote: Need some proper err msg,just as the err msg in lxcDomainDetachDeviceConfig Ack

From: "Daniel P. Berrange" <berrange(a)redhat.com&gt; Wire up the attach/detach/update device APIs to support changing of disks in the persistent config file Signed-off-by: Daniel P. Berrange <berrange(a)redhat.com&gt; --- src/lxc/lxc_driver.c | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/src/lxc/lxc_driver.c b/src/lxc/lxc_driver.c index ecd7cb8..9a56643 100644 --- a/src/lxc/lxc_driver.c +++ b/src/lxc/lxc_driver.c @@ -2774,9 +2774,26 @@ lxcDomainAttachDeviceConfig(virDomainDefPtr vmdef, virDomainDeviceDefPtr dev) { int ret = -1; + virDomainDiskDefPtr disk; virDomainNetDefPtr net; switch (dev->type) { + case VIR_DOMAIN_DEVICE_DISK: + disk = dev->data.disk; + if (virDomainDiskIndexByName(vmdef, disk->dst, true) >= 0) { + virReportError(VIR_ERR_INVALID_ARG, + _("target %s already exists."), disk->dst); + return -1; + } + if (virDomainDiskInsert(vmdef, disk)) { + virReportOOMError(); + return -1; + } + /* vmdef has the pointer. Generic codes for vmdef will do all jobs */ + dev->data.disk = NULL; + ret = 0; + break; + case VIR_DOMAIN_DEVICE_NET: net = dev->data.net; if (virDomainNetInsert(vmdef, net) < 0) { @@ -2849,11 +2866,23 @@ lxcDomainDetachDeviceConfig(virDomainDefPtr vmdef, virDomainDeviceDefPtr dev) { int ret = -1; + virDomainDiskDefPtr disk, det_disk; virDomainNetDefPtr net; int idx; char mac[VIR_MAC_STRING_BUFLEN]; switch (dev->type) { + case VIR_DOMAIN_DEVICE_DISK: + disk = dev->data.disk; + if (!(det_disk = virDomainDiskRemoveByName(vmdef, disk->dst))) { + virReportError(VIR_ERR_INVALID_ARG, + _("no target device %s"), disk->dst); + return -1; + } + virDomainDiskDefFree(det_disk); + ret = 0; + break; + case VIR_DOMAIN_DEVICE_NET: net = dev->data.net; idx = virDomainNetFindIdx(vmdef, net); -- 1.8.0.1

From: "Daniel P. Berrange" <berrange(a)redhat.com&gt; Wire up the attach/detach/update device APIs to support changing of hostdevs in the persistent config file Signed-off-by: Daniel P. Berrange <berrange(a)redhat.com&gt; --- src/lxc/lxc_driver.c | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/src/lxc/lxc_driver.c b/src/lxc/lxc_driver.c index 9a56643..daf32c7 100644 --- a/src/lxc/lxc_driver.c +++ b/src/lxc/lxc_driver.c @@ -2776,6 +2776,7 @@ lxcDomainAttachDeviceConfig(virDomainDefPtr vmdef, int ret = -1; virDomainDiskDefPtr disk; virDomainNetDefPtr net; + virDomainHostdevDefPtr hostdev; switch (dev->type) { case VIR_DOMAIN_DEVICE_DISK: @@ -2804,6 +2805,21 @@ lxcDomainAttachDeviceConfig(virDomainDefPtr vmdef, ret = 0; break; + case VIR_DOMAIN_DEVICE_HOSTDEV: + hostdev = dev->data.hostdev; + if (virDomainHostdevFind(vmdef, hostdev, NULL) >= 0) { + virReportError(VIR_ERR_INVALID_ARG, "%s", + _("device is already in the domain configuration")); + return -1; + } + if (virDomainHostdevInsert(vmdef, hostdev) < 0) { + virReportOOMError(); + return -1; + } + dev->data.hostdev = NULL; + ret = 0; + break; + default: virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", _("persistent attach of device is not supported")); @@ -2868,6 +2884,7 @@ lxcDomainDetachDeviceConfig(virDomainDefPtr vmdef, int ret = -1; virDomainDiskDefPtr disk, det_disk; virDomainNetDefPtr net; + virDomainHostdevDefPtr hostdev, det_hostdev; int idx; char mac[VIR_MAC_STRING_BUFLEN]; @@ -2901,6 +2918,19 @@ lxcDomainDetachDeviceConfig(virDomainDefPtr vmdef, ret = 0; break; + case VIR_DOMAIN_DEVICE_HOSTDEV: { + hostdev = dev->data.hostdev; + if ((idx = virDomainHostdevFind(vmdef, hostdev, &det_hostdev)) < 0) { + virReportError(VIR_ERR_INVALID_ARG, "%s", + _("device not present in domain configuration")); + return -1; + } + virDomainHostdevRemove(vmdef, idx); + virDomainHostdevDefFree(det_hostdev); + ret = 0; + break; + } + default: virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", _("persistent detach of device is not supported")); -- 1.8.0.1

From: "Daniel P. Berrange" <berrange(a)redhat.com&gt; Wire up the attach/detach device drivers in LXC to support the hotplug/unplug of disks. Signed-off-by: Daniel P. Berrange <berrange(a)redhat.com&gt; --- src/lxc/lxc_driver.c | 212 +++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 212 insertions(+) diff --git a/src/lxc/lxc_driver.c b/src/lxc/lxc_driver.c index daf32c7..a2bb497 100644 --- a/src/lxc/lxc_driver.c +++ b/src/lxc/lxc_driver.c @@ -30,6 +30,7 @@ #include <string.h> #include <sys/types.h> #include <sys/socket.h> +#include <sys/stat.h> #include <sys/un.h> #include <sys/poll.h> #include <unistd.h> @@ -2943,6 +2944,136 @@ cleanup: static int +lxcDomainAttachDeviceDiskLive(virLXCDriverPtr driver, + virDomainObjPtr vm, + virDomainDeviceDefPtr dev) +{ + virLXCDomainObjPrivatePtr priv = vm->privateData; + virDomainDiskDefPtr def = dev->data.disk; + virCgroupPtr group = NULL; + int ret = -1; + char *dst; + struct stat sb; + bool created = false; + mode_t mode = 0; + char *tmpsrc = def->src; + + if (!priv->initpid) { + virReportError(VIR_ERR_OPERATION_INVALID, "%s", + _("Cannot attach disk until init PID is known")); + goto cleanup; + } + + if (def->type != VIR_DOMAIN_DISK_TYPE_BLOCK) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("Can't setup disk for non-block device")); + goto cleanup; + } + if (def->src == NULL) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("Can't setup disk without media")); + goto cleanup; + } + + if (virDomainDiskIndexByName(vm->def, def->dst, true) >= 0) { + virReportError(VIR_ERR_OPERATION_FAILED, + _("target %s already exists"), def->dst); + goto cleanup; + } + + if (stat(def->src, &sb) < 0) { + virReportSystemError(errno, + _("Unable to access %s"), def->src); + goto cleanup; + } + + if (!S_ISCHR(sb.st_mode) && !S_ISBLK(sb.st_mode)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("Disk source %s must be a character/block device"), + def->src); + goto cleanup; + } + + if (virAsprintf(&dst, "/proc/%llu/root/dev/%s", + (unsigned long long)priv->initpid, def->dst) < 0) { + virReportOOMError(); + goto cleanup; + } + + if (VIR_REALLOC_N(vm->def->disks, vm->def->ndisks+1) < 0) { + virReportOOMError(); + goto cleanup; + } + + mode = 0700; + if (S_ISCHR(sb.st_mode)) + mode |= S_IFCHR; + else + mode |= S_IFBLK; + + /* Yes, the device name we're creating may not + * actually correspond to the major:minor number + * we're using, but we've no other option at this + * time. Just have to hope that containerized apps + * don't get upset that the major:minor is different + * to that normally implied by the device name + */ + VIR_DEBUG("Creating dev %s (%d,%d) from %s", + dst, major(sb.st_rdev), minor(sb.st_rdev), def->src); + if (mknod(dst, mode, sb.st_rdev) < 0) { + virReportSystemError(errno, + _("Unable to create device %s"), + dst); + goto cleanup; + } + created = true; + + /* Labelling normally operates on src, but we need + * to actally label the dst here, so hack the config */ + def->src = dst; + if (virSecurityManagerSetImageLabel(driver->securityManager, + vm->def, def) < 0) + goto cleanup; + + if (!lxcCgroupControllerActive(driver, VIR_CGROUP_CONTROLLER_DEVICES)) { + virReportError(VIR_ERR_OPERATION_INVALID, "%s", + _("devices cgroup isn't mounted")); + goto cleanup; + } + + if (virCgroupForDomain(driver->cgroup, vm->def->name, &group, 0) != 0) { + virReportError(VIR_ERR_INTERNAL_ERROR, + _("cannot find cgroup for domain %s"), vm->def->name); + goto cleanup; + } + + if (virCgroupAllowDevicePath(group, def->src, + (def->readonly ? + VIR_CGROUP_DEVICE_READ : + VIR_CGROUP_DEVICE_RW) | + VIR_CGROUP_DEVICE_MKNOD) != 0) { + virReportError(VIR_ERR_INTERNAL_ERROR, + _("cannot allow device %s for domain %s"), + def->src, vm->def->name); + goto cleanup; + } + + virDomainDiskInsertPreAlloced(vm->def, def); + + ret = 0; + +cleanup: + def->src = tmpsrc; + virDomainAuditDisk(vm, NULL, def->src, "attach", ret == 0); + if (group) + virCgroupFree(&group); + if (dst && created && ret < 0) + unlink(dst); + return ret; +} + + +static int lxcDomainAttachDeviceLive(virLXCDriverPtr driver ATTRIBUTE_UNUSED, virDomainObjPtr vm ATTRIBUTE_UNUSED, virDomainDeviceDefPtr dev) @@ -2950,6 +3081,12 @@ lxcDomainAttachDeviceLive(virLXCDriverPtr driver ATTRIBUTE_UNUSED, int ret = -1; switch (dev->type) { + case VIR_DOMAIN_DEVICE_DISK: + ret = lxcDomainAttachDeviceDiskLive(driver, vm, dev); + if (!ret) + dev->data.disk = NULL; + break; + default: virReportError(VIR_ERR_CONFIG_UNSUPPORTED, _("device type '%s' cannot be attached"), @@ -2962,6 +3099,77 @@ lxcDomainAttachDeviceLive(virLXCDriverPtr driver ATTRIBUTE_UNUSED, static int +lxcDomainDetachDeviceDiskLive(virLXCDriverPtr driver, + virDomainObjPtr vm, + virDomainDeviceDefPtr dev) +{ + virLXCDomainObjPrivatePtr priv = vm->privateData; + virDomainDiskDefPtr def = NULL; + virCgroupPtr group = NULL; + int i, ret = -1; + char *dst; + + if (!priv->initpid) { + virReportError(VIR_ERR_OPERATION_INVALID, "%s", + _("Cannot attach disk until init PID is known")); + goto cleanup; + } + + if ((i = virDomainDiskIndexByName(vm->def, + dev->data.disk->dst, + false)) < 0) { + virReportError(VIR_ERR_OPERATION_FAILED, + _("disk %s not found"), dev->data.disk->dst); + goto cleanup; + } + + def = vm->def->disks[i]; + + if (virAsprintf(&dst, "/proc/%llu/root/dev/%s", + (unsigned long long)priv->initpid, def->dst) < 0) { + virReportOOMError(); + goto cleanup; + } + + if (!lxcCgroupControllerActive(driver, VIR_CGROUP_CONTROLLER_DEVICES)) { + virReportError(VIR_ERR_OPERATION_INVALID, "%s", + _("devices cgroup isn't mounted")); + goto cleanup; + } + + if (virCgroupForDomain(driver->cgroup, vm->def->name, &group, 0) != 0) { + virReportError(VIR_ERR_INTERNAL_ERROR, + _("cannot find cgroup for domain %s"), vm->def->name); + goto cleanup; + } + + VIR_DEBUG("Unlinking %s (backed by %s)", dst, def->src); + if (unlink(dst) < 0 && errno != ENOENT) { + virDomainAuditDisk(vm, def->src, NULL, "detach", false); + virReportSystemError(errno, + _("Unable to remove device %s"), dst); + goto cleanup; + } + virDomainAuditDisk(vm, def->src, NULL, "detach", true); + + if (virCgroupDenyDevicePath(group, def->src, VIR_CGROUP_DEVICE_RWM) != 0) + VIR_WARN("cannot deny device %s for domain %s", + def->src, vm->def->name); + + virDomainDiskRemove(vm->def, i); + virDomainDiskDefFree(def); + + ret = 0; + +cleanup: + VIR_FREE(dst); + if (group) + virCgroupFree(&group); + return ret; +} + + +static int lxcDomainDetachDeviceLive(virLXCDriverPtr driver ATTRIBUTE_UNUSED, virDomainObjPtr vm ATTRIBUTE_UNUSED, virDomainDeviceDefPtr dev) @@ -2969,6 +3177,10 @@ lxcDomainDetachDeviceLive(virLXCDriverPtr driver ATTRIBUTE_UNUSED, int ret = -1; switch (dev->type) { + case VIR_DOMAIN_DEVICE_DISK: + ret = lxcDomainDetachDeviceDiskLive(driver, vm, dev); + break; + default: virReportError(VIR_ERR_CONFIG_UNSUPPORTED, _("device type '%s' cannot be detached"), -- 1.8.0.1

From: "Daniel P. Berrange" <berrange(a)redhat.com&gt; Wire up the attach/detach device drivers in LXC to support the hotplug/unplug of NICs. Signed-off-by: Daniel P. Berrange <berrange(a)redhat.com&gt; --- src/lxc/lxc_driver.c | 219 +++++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 214 insertions(+), 5 deletions(-) diff --git a/src/lxc/lxc_driver.c b/src/lxc/lxc_driver.c index a2bb497..08ac70d 100644 --- a/src/lxc/lxc_driver.c +++ b/src/lxc/lxc_driver.c @@ -3073,9 +3073,141 @@ cleanup: } +/* XXX conn required for network -> bridge resolution */ static int -lxcDomainAttachDeviceLive(virLXCDriverPtr driver ATTRIBUTE_UNUSED, - virDomainObjPtr vm ATTRIBUTE_UNUSED, +lxcDomainAttachDeviceNetLive(virConnectPtr conn, + virDomainObjPtr vm, + virDomainNetDefPtr net) +{ + virLXCDomainObjPrivatePtr priv = vm->privateData; + int ret = -1; + int actualType; + char *veth = NULL; + + if (!priv->initpid) { + virReportError(VIR_ERR_OPERATION_INVALID, "%s", + _("Cannot attach disk until init PID is known")); + goto cleanup; + } + + /* preallocate new slot for device */ + if (VIR_REALLOC_N(vm->def->nets, vm->def->nnets+1) < 0) { + virReportOOMError(); + return -1; + } + + /* If appropriate, grab a physical device from the configured + * network's pool of devices, or resolve bridge device name + * to the one defined in the network definition. + */ + if (networkAllocateActualDevice(net) < 0) + return -1; + + actualType = virDomainNetGetActualType(net); + + switch (actualType) { + case VIR_DOMAIN_NET_TYPE_BRIDGE: { + const char *brname = virDomainNetGetActualBridgeName(net); + if (!brname) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("No bridge name specified")); + goto cleanup; + } + if (!(veth = virLXCProcessSetupInterfaceBridged(conn, + vm->def, + net, + brname))) + goto cleanup; + } break; + case VIR_DOMAIN_NET_TYPE_NETWORK: { + virNetworkPtr network; + char *brname = NULL; + bool fail = false; + int active; + virErrorPtr errobj; + + if (!(network = virNetworkLookupByName(conn, + net->data.network.name))) + goto cleanup; + + active = virNetworkIsActive(network); + if (active != 1) { + fail = true; + if (active == 0) + virReportError(VIR_ERR_INTERNAL_ERROR, + _("Network '%s' is not active."), + net->data.network.name); + } + + if (!fail) { + brname = virNetworkGetBridgeName(network); + if (brname == NULL) + fail = true; + } + + /* Make sure any above failure is preserved */ + errobj = virSaveLastError(); + virNetworkFree(network); + virSetError(errobj); + virFreeError(errobj); + + if (fail) + goto cleanup; + + if (!(veth = virLXCProcessSetupInterfaceBridged(conn, + vm->def, + net, + brname))) { + VIR_FREE(brname); + goto cleanup; + } + VIR_FREE(brname); + } break; + case VIR_DOMAIN_NET_TYPE_DIRECT: { + if (!(veth = virLXCProcessSetupInterfaceDirect(conn, + vm->def, + net))) + goto cleanup; + } break; + default: + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("Network device type is not supported")); + goto cleanup; + } + + if (virNetDevSetNamespace(veth, priv->initpid) < 0) { + virDomainAuditNet(vm, NULL, net, "attach", false); + goto cleanup; + } + + virDomainAuditNet(vm, NULL, net, "attach", true); + + ret = 0; + +cleanup: + if (!ret) { + vm->def->nets[vm->def->nnets++] = net; + } else if (veth) { + switch (actualType) { + case VIR_DOMAIN_NET_TYPE_BRIDGE: + case VIR_DOMAIN_NET_TYPE_NETWORK: + ignore_value(virNetDevVethDelete(veth)); + break; + + case VIR_DOMAIN_NET_TYPE_DIRECT: + ignore_value(virNetDevMacVLanDelete(veth)); + break; + } + } + + return ret; +} + + +static int +lxcDomainAttachDeviceLive(virConnectPtr conn, + virLXCDriverPtr driver, + virDomainObjPtr vm, virDomainDeviceDefPtr dev) { int ret = -1; @@ -3087,6 +3219,13 @@ lxcDomainAttachDeviceLive(virLXCDriverPtr driver ATTRIBUTE_UNUSED, dev->data.disk = NULL; break; + case VIR_DOMAIN_DEVICE_NET: + ret = lxcDomainAttachDeviceNetLive(conn, vm, + dev->data.net); + if (!ret) + dev->data.net = NULL; + break; + default: virReportError(VIR_ERR_CONFIG_UNSUPPORTED, _("device type '%s' cannot be attached"), @@ -3170,8 +3309,74 @@ cleanup: static int -lxcDomainDetachDeviceLive(virLXCDriverPtr driver ATTRIBUTE_UNUSED, - virDomainObjPtr vm ATTRIBUTE_UNUSED, +lxcDomainDetachDeviceNetLive(virDomainObjPtr vm, + virDomainDeviceDefPtr dev) +{ + int detachidx, ret = -1; + virDomainNetDefPtr detach = NULL; + char mac[VIR_MAC_STRING_BUFLEN]; + virNetDevVPortProfilePtr vport = NULL; + + detachidx = virDomainNetFindIdx(vm->def, dev->data.net); + if (detachidx == -2) { + virReportError(VIR_ERR_OPERATION_FAILED, + _("multiple devices matching mac address %s found"), + virMacAddrFormat(&dev->data.net->mac, mac)); + goto cleanup; + } else if (detachidx < 0) { + virReportError(VIR_ERR_OPERATION_FAILED, + _("network device %s not found"), + virMacAddrFormat(&dev->data.net->mac, mac)); + goto cleanup; + } + detach = vm->def->nets[detachidx]; + + switch (virDomainNetGetActualType(detach)) { + case VIR_DOMAIN_NET_TYPE_BRIDGE: + case VIR_DOMAIN_NET_TYPE_NETWORK: + if (virNetDevVethDelete(detach->ifname) < 0) { + virDomainAuditNet(vm, detach, NULL, "detach", false); + goto cleanup; + } + break; + + /* It'd be nice to support this, but with macvlan + * once assigned to a container nothing exists on + * the host side. Further the container can change + * the mac address of NIC name, so we can't easily + * find out which guest NIC it maps to + case VIR_DOMAIN_NET_TYPE_DIRECT: + */ + + default: + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("Only bridged veth devices can be detached")); + goto cleanup; + } + + virDomainAuditNet(vm, detach, NULL, "detach", true); + + virDomainConfNWFilterTeardown(detach); + + vport = virDomainNetGetActualVirtPortProfile(detach); + if (vport && vport->virtPortType == VIR_NETDEV_VPORT_PROFILE_OPENVSWITCH) + ignore_value(virNetDevOpenvswitchRemovePort( + virDomainNetGetActualBridgeName(detach), + detach->ifname)); + ret = 0; +cleanup: + if (!ret) { + networkReleaseActualDevice(detach); + virDomainNetRemove(vm->def, detachidx); + virDomainNetDefFree(detach); + } + return ret; +} + + +static int +lxcDomainDetachDeviceLive(virLXCDriverPtr driver, + virDomainObjPtr vm, virDomainDeviceDefPtr dev) { int ret = -1; @@ -3181,6 +3386,10 @@ lxcDomainDetachDeviceLive(virLXCDriverPtr driver ATTRIBUTE_UNUSED, ret = lxcDomainDetachDeviceDiskLive(driver, vm, dev); break; + case VIR_DOMAIN_DEVICE_NET: + ret = lxcDomainDetachDeviceNetLive(vm, dev); + break; + default: virReportError(VIR_ERR_CONFIG_UNSUPPORTED, _("device type '%s' cannot be detached"), @@ -3299,7 +3508,7 @@ lxcDomainModifyDeviceFlags(virDomainPtr dom, const char *xml, switch (action) { case LXC_DEVICE_ATTACH: - ret = lxcDomainAttachDeviceLive(driver, vm, dev_copy); + ret = lxcDomainAttachDeviceLive(dom->conn, driver, vm, dev_copy); break; case LXC_DEVICE_DETACH: ret = lxcDomainDetachDeviceLive(driver, vm, dev_copy); -- 1.8.0.1

On 2012/12/01 04:26, Daniel P. Berrange wrote: It shouldn't be in patch [19/23]? dst and vroot should be freed. And I wonder vm->def->hostdevs shouldn't be restored when attaching failed? [...] Need proper error msg here. ACK

On 2012/12/01 04:26, Daniel P. Berrange wrote: VIR_CGROUP_DEVICE_RWM dst and vroot need be freed. ACK

On 2012年12月01日 04:26, Daniel P. Berrange wrote: ACK

On 2012年12月01日 04:26, Daniel P. Berrange wrote: ACK