[...]
+int +qemuTeardownRNGCgroup(virDomainObjPtr vm, + virDomainRNGDefPtr rng) +{ + qemuDomainObjPrivatePtr priv = vm->privateData; + int rv; + + if (rng->backend == VIR_DOMAIN_RNG_BACKEND_RANDOM) { + VIR_DEBUG("Setting Cgroup ACL for RNG device");
s/Setting/Tearing down/ (or something similar - Unsetting, Removing) Looks reasonable otherwise, ACK John
+ rv = virCgroupDenyDevicePath(priv->cgroup, + rng->source.file, + VIR_CGROUP_DEVICE_RW, false); + virDomainAuditCgroupPath(vm, priv->cgroup, "deny", + rng->source.file, + "rw", rv == 0); + if (rv < 0 && + !virLastErrorIsSystemErrno(ENOENT)) + return -1; + } + + return 0; +} + + [...]