On 09/03/2014 05:00 PM, Erik Skultety wrote:
Tuning NUMA or network interface parameters require root
privileges, thus an attempt to set some of these parameters in
session mode should be invalid followed by an error. As an example might
be memory tuning which raises an error in such case. This patch
provides similar behavior for numatune and domiftune.
Resolves
https://bugzilla.redhat.com/show_bug.cgi?id=1126762
---
src/qemu/qemu_command.c | 33 ++++++++++++++++++++++++++++++++-
src/qemu/qemu_driver.c | 20 ++++++++++++++++++++
2 files changed, 52 insertions(+), 1 deletion(-)
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index c84c7c3..c021080 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -7443,7 +7443,7 @@ qemuBuildCommandLine(virConnectPtr conn,
emulator = def->emulator;
if (!cfg->privileged) {
- /* If we have no cgroups than we can have no tunings that
+ /* If we have no cgroups then we can have no tunings that
* require them */
if (def->mem.hard_limit || def->mem.soft_limit ||
@@ -7466,6 +7466,37 @@ qemuBuildCommandLine(virConnectPtr conn,
_("CPU tuning is not available in session
mode"));
goto error;
}
+
+ if (virDomainNumatuneGetNodeset(def->numatune, NULL, -1) ||
+ virDomainNumatuneGetMode(def->numatune, -1)) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+ _("NUMA tuning is not available in session
mode"));
+ goto error;
+ }
+
+ virDomainNetDefPtr *nets = def->nets;
+ size_t nnets = def->nnets;
+ for (i = 0; i < nnets; i++) {
+ if (nets[i]->bandwidth) {
+ if (nets[i]->bandwidth->in &&
+ (nets[i]->bandwidth->in->average ||
+ nets[i]->bandwidth->in->peak ||
+ nets[i]->bandwidth->in->burst)) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+ _("Network bandwidth tuning is not available in
session mode"));
+ goto error;
+ }
+
+ if (nets[i]->bandwidth->out &&
+ (nets[i]->bandwidth->out->average ||
+ nets[i]->bandwidth->out->peak ||
+ nets[i]->bandwidth->out->burst)) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+ _("Network bandwidth tuning is not available in
session mode"));
+ goto error;
+ }
+ }
+ }
}
NACK, I forgot to test for struct element 'floor' here. Fixing in v2.
for (i = 0; i < def->ngraphics; ++i) {
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index 239a300..b46e12f 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -8779,6 +8779,12 @@ qemuDomainSetNumaParameters(virDomainPtr dom,
if (virDomainSetNumaParametersEnsureACL(dom->conn, vm->def, flags) < 0)
goto cleanup;
+ if (!cfg->privileged) {
+ virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s",
+ _("NUMA tuning is not available in session mode"));
+ goto cleanup;
+ }
+
if (!(caps = virQEMUDriverGetCapabilities(driver, false)))
goto cleanup;
@@ -8870,6 +8876,7 @@ qemuDomainGetNumaParameters(virDomainPtr dom,
size_t i;
virDomainObjPtr vm = NULL;
virDomainDefPtr persistentDef = NULL;
+ virQEMUDriverConfigPtr cfg = NULL;
char *nodeset = NULL;
int ret = -1;
virCapsPtr caps = NULL;
@@ -8888,10 +8895,17 @@ qemuDomainGetNumaParameters(virDomainPtr dom,
return -1;
priv = vm->privateData;
+ cfg = virQEMUDriverGetConfig(driver);
if (virDomainGetNumaParametersEnsureACL(dom->conn, vm->def) < 0)
goto cleanup;
+ if (!cfg->privileged) {
+ virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s",
+ _("NUMA tuning is not available in session mode"));
+ goto cleanup;
+ }
+
if (!(caps = virQEMUDriverGetCapabilities(driver, false)))
goto cleanup;
@@ -9889,6 +9903,12 @@ qemuDomainSetInterfaceParameters(virDomainPtr dom,
if (virDomainSetInterfaceParametersEnsureACL(dom->conn, vm->def, flags) <
0)
goto cleanup;
+ if (!cfg->privileged) {
+ virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s",
+ _("Network bandwidth tuning is not available in session
mode"));
+ goto cleanup;
+ }
+
if (!(caps = virQEMUDriverGetCapabilities(driver, false)))
goto cleanup;
Erik