[libvirt] [PATCH V3] enhance capabilities mode hostdev process

hostdev has mode "capabilities" for LXC, from formatdomain.html: " Block / character devices from the host can be passed through to the guest using the hostdev element. This is only possible with container based virtualization. since after 1.0.1 for LXC " So forbid capabilities mode hostdev if domain is not LXC. The affected files are: * src/libxl/libxl_domain.c * src/openvz/openvz_driver.c * src/qemu/qemu_domain.c * src/uml/uml_driver.c * src/xen/xen_driver.c * src/xenapi/xenapi_driver.c There are some drivers lack function devicesPostParseCallback(), like: vbox, bhyve, and so on. V3: move the hostdev checking to devicesPostParseCallback(), this is more reasonable to check it in define phase, and implement in each driver. V2: move the hostdev checking to qemuBuildCommandLine(). Signed-off-by: Jincheng Miao <jmiao(a)redhat.com&gt; --- src/libxl/libxl_domain.c | 8 ++++++++ src/openvz/openvz_driver.c | 9 +++++++++ src/qemu/qemu_domain.c | 9 +++++++++ src/uml/uml_driver.c | 9 +++++++++ src/xen/xen_driver.c | 9 +++++++++ src/xenapi/xenapi_driver.c | 9 +++++++++ 6 files changed, 53 insertions(+) diff --git a/src/libxl/libxl_domain.c b/src/libxl/libxl_domain.c index 73242ac..96f3b88 100644 --- a/src/libxl/libxl_domain.c +++ b/src/libxl/libxl_domain.c @@ -485,6 +485,14 @@ libxlDomainDeviceDefPostParse(virDomainDeviceDefPtr dev, if (dev->type == VIR_DOMAIN_DEVICE_HOSTDEV) { virDomainHostdevDefPtr hostdev = dev->data.hostdev; + /* forbid capabilities mode hostdev in this kind of hypervisor */ + if (hostdev->mode == VIR_DOMAIN_HOSTDEV_MODE_CAPABILITIES) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("Unsupported capabilities mode hostdev in %s"), + virDomainVirtTypeToString(def->virtType)); + return -1; + } + if (hostdev->mode == VIR_DOMAIN_HOSTDEV_MODE_SUBSYS && hostdev->source.subsys.type == VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI && hostdev->source.subsys.u.pci.backend == VIR_DOMAIN_HOSTDEV_PCI_BACKEND_DEFAULT) diff --git a/src/openvz/openvz_driver.c b/src/openvz/openvz_driver.c index 4c815ed..8635f50 100644 --- a/src/openvz/openvz_driver.c +++ b/src/openvz/openvz_driver.c @@ -113,6 +113,15 @@ openvzDomainDeviceDefPostParse(virDomainDeviceDefPtr dev, dev->data.chr->targetType == VIR_DOMAIN_CHR_CONSOLE_TARGET_TYPE_NONE) dev->data.chr->targetType = VIR_DOMAIN_CHR_CONSOLE_TARGET_TYPE_OPENVZ; + /* forbid capabilities mode hostdev in this kind of hypervisor */ + if (dev->type == VIR_DOMAIN_DEVICE_HOSTDEV && + dev->data.hostdev->mode == VIR_DOMAIN_HOSTDEV_MODE_CAPABILITIES) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("Unsupported capabilities mode hostdev in %s"), + virDomainVirtTypeToString(def->virtType)); + return -1; + } + return 0; } diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index e40c5ec..9c07385 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -940,6 +940,15 @@ qemuDomainDeviceDefPostParse(virDomainDeviceDefPtr dev, dev->data.chr->source.data.nix.listen = true; } + /* forbid capabilities mode hostdev in this kind of hypervisor */ + if (dev->type == VIR_DOMAIN_DEVICE_HOSTDEV && + dev->data.hostdev->mode == VIR_DOMAIN_HOSTDEV_MODE_CAPABILITIES) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("Unsupported capabilities mode hostdev in %s"), + virDomainVirtTypeToString(def->virtType)); + goto cleanup; + } + ret = 0; cleanup: diff --git a/src/uml/uml_driver.c b/src/uml/uml_driver.c index 5ccd443..9990fc0 100644 --- a/src/uml/uml_driver.c +++ b/src/uml/uml_driver.c @@ -430,6 +430,15 @@ umlDomainDeviceDefPostParse(virDomainDeviceDefPtr dev, dev->data.chr->targetType == VIR_DOMAIN_CHR_CONSOLE_TARGET_TYPE_NONE) dev->data.chr->targetType = VIR_DOMAIN_CHR_CONSOLE_TARGET_TYPE_UML; + /* forbid capabilities mode hostdev in this kind of hypervisor */ + if (dev->type == VIR_DOMAIN_DEVICE_HOSTDEV && + dev->data.hostdev->mode == VIR_DOMAIN_HOSTDEV_MODE_CAPABILITIES) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("Unsupported capabilities mode hostdev in %s"), + virDomainVirtTypeToString(def->virtType)); + return -1; + } + return 0; } diff --git a/src/xen/xen_driver.c b/src/xen/xen_driver.c index bd51909..9882bd4 100644 --- a/src/xen/xen_driver.c +++ b/src/xen/xen_driver.c @@ -343,6 +343,15 @@ xenDomainDeviceDefPostParse(virDomainDeviceDefPtr dev, STRNEQ(def->os.type, "hvm")) dev->data.chr->targetType = VIR_DOMAIN_CHR_CONSOLE_TARGET_TYPE_XEN; + /* forbid capabilities mode hostdev in this kind of hypervisor */ + if (dev->type == VIR_DOMAIN_DEVICE_HOSTDEV && + dev->data.hostdev->mode == VIR_DOMAIN_HOSTDEV_MODE_CAPABILITIES) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("Unsupported capabilities mode hostdev in %s"), + virDomainVirtTypeToString(def->virtType)); + return -1; + } + return 0; } diff --git a/src/xenapi/xenapi_driver.c b/src/xenapi/xenapi_driver.c index 908448b..c2fe8a1 100644 --- a/src/xenapi/xenapi_driver.c +++ b/src/xenapi/xenapi_driver.c @@ -55,6 +55,15 @@ xenapiDomainDeviceDefPostParse(virDomainDeviceDefPtr dev, STRNEQ(def->os.type, "hvm")) dev->data.chr->targetType = VIR_DOMAIN_CHR_CONSOLE_TARGET_TYPE_XEN; + /* forbid capabilities mode hostdev in this kind of hypervisor */ + if (dev->type == VIR_DOMAIN_DEVICE_HOSTDEV && + dev->data.hostdev->mode == VIR_DOMAIN_HOSTDEV_MODE_CAPABILITIES) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("Unsupported capabilities mode hostdev in %s"), + virDomainVirtTypeToString(def->virtType)); + return -1; + } + return 0; } -- 1.8.4.2