Signed-off-by: Pavel Hrdina <phrdina(a)redhat.com>
---
src/libvirt_private.syms | 1 +
src/util/vircgroupv2devices.c | 34 ++++++++++++++++++++++++++++++++++
src/util/vircgroupv2devices.h | 6 ++++++
3 files changed, 41 insertions(+)
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index f42bdad9ef..469a1cdbe0 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -1657,6 +1657,7 @@ virCgroupV2DevicesAttachProg;
virCgroupV2DevicesAvailable;
virCgroupV2DevicesCreateProg;
virCgroupV2DevicesDetectProg;
+virCgroupV2DevicesGetPerms;
virCgroupV2DevicesPrepareProg;
virCgroupV2DevicesRemoveProg;
diff --git a/src/util/vircgroupv2devices.c b/src/util/vircgroupv2devices.c
index 70e29b8470..0455ff6b24 100644
--- a/src/util/vircgroupv2devices.c
+++ b/src/util/vircgroupv2devices.c
@@ -570,6 +570,32 @@ virCgroupV2DevicesRemoveProg(virCgroupPtr group)
return 0;
}
+
+
+uint32_t
+virCgroupV2DevicesGetPerms(int perms,
+ char type)
+{
+ uint32_t ret = 0;
+
+ if (perms & VIR_CGROUP_DEVICE_MKNOD)
+ ret |= BPF_DEVCG_ACC_MKNOD << 16;
+
+ if (perms & VIR_CGROUP_DEVICE_READ)
+ ret |= BPF_DEVCG_ACC_READ << 16;
+
+ if (perms & VIR_CGROUP_DEVICE_WRITE)
+ ret |= BPF_DEVCG_ACC_WRITE << 16;
+
+ if (type == 'b')
+ ret |= BPF_DEVCG_DEV_BLOCK;
+ else if (type == 'c')
+ ret |= BPF_DEVCG_DEV_CHAR;
+ else
+ ret |= BPF_DEVCG_DEV_BLOCK | BPF_DEVCG_DEV_CHAR;
+
+ return ret;
+}
#else /* !HAVE_DECL_BPF_CGROUP_DEVICE */
bool
virCgroupV2DevicesAvailable(virCgroupPtr group ATTRIBUTE_UNUSED)
@@ -625,4 +651,12 @@ virCgroupV2DevicesRemoveProg(virCgroupPtr group ATTRIBUTE_UNUSED)
{
return 0;
}
+
+
+uint32_t
+virCgroupV2DevicesGetPerms(int perms ATTRIBUTE_UNUSED,
+ char type ATTRIBUTE_UNUSED)
+{
+ return 0;
+}
#endif /* !HAVE_DECL_BPF_CGROUP_DEVICE */
diff --git a/src/util/vircgroupv2devices.h b/src/util/vircgroupv2devices.h
index ae02f9c334..cbfd9ae119 100644
--- a/src/util/vircgroupv2devices.h
+++ b/src/util/vircgroupv2devices.h
@@ -19,6 +19,8 @@
#ifndef LIBVIRT_VIRCGROUPV2DEVICES_H
# define LIBVIRT_VIRCGROUPV2DEVICES_H
+# include <sys/types.h>
+
# include "vircgroup.h"
bool
@@ -41,4 +43,8 @@ virCgroupV2DevicesPrepareProg(virCgroupPtr group);
int
virCgroupV2DevicesRemoveProg(virCgroupPtr group);
+uint32_t
+virCgroupV2DevicesGetPerms(int perms,
+ char type);
+
#endif /* LIBVIRT_VIRCGROUPV2DEVICES_H */
--
2.20.1