On Thu, Mar 19, 2026 at 17:36:52 +0100, Pavel Hrdina via Devel wrote:
From: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Pavel Hrdina <phrdina@redhat.com> --- src/qemu/qemu_cgroup.c | 2 +- src/qemu/qemu_command.c | 2 +- src/qemu/qemu_namespace.c | 2 +- src/qemu/qemu_validate.c | 2 +- src/security/security_apparmor.c | 2 +- src/security/security_dac.c | 4 ++-- src/security/security_selinux.c | 4 ++-- src/security/virt-aa-helper.c | 2 +- 8 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/src/qemu/qemu_cgroup.c b/src/qemu/qemu_cgroup.c index 6148990f19..0e1815f571 100644 --- a/src/qemu/qemu_cgroup.c +++ b/src/qemu/qemu_cgroup.c @@ -479,7 +479,7 @@ qemuSetupHostdevCgroup(virDomainObj *vm, g_autofree char *path = NULL; int perms;
- if (dev->source.subsys.u.pci.driver.iommufd == VIR_TRISTATE_BOOL_YES) + if (virHostdevIsPCIDeviceWithIOMMUFD(dev)) return 0;
if (!virCgroupHasController(priv->cgroup, VIR_CGROUP_CONTROLLER_DEVICES)) diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index d0df7b7826..7286fd8b83 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -5266,7 +5266,7 @@ qemuBuildHostdevCommandLine(virCommand *cmd, if (qemuCommandAddExtDevice(cmd, hostdev->info, def, qemuCaps) < 0) return -1;
- if (subsys->u.pci.driver.iommufd == VIR_TRISTATE_BOOL_YES) { + if (virHostdevIsPCIDeviceWithIOMMUFD(hostdev)) { qemuDomainHostdevPrivate *hostdevPriv = QEMU_DOMAIN_HOSTDEV_PRIVATE(hostdev);
qemuFDPassDirectTransferCommand(hostdevPriv->vfioDeviceFd, cmd); diff --git a/src/qemu/qemu_namespace.c b/src/qemu/qemu_namespace.c index fb0734193d..4a063064f1 100644 --- a/src/qemu/qemu_namespace.c +++ b/src/qemu/qemu_namespace.c @@ -345,7 +345,7 @@ qemuDomainSetupHostdev(virDomainObj *vm, { g_autofree char *path = NULL;
- if (hostdev->source.subsys.u.pci.driver.iommufd == VIR_TRISTATE_BOOL_YES)
At least this function gets called on any 'hostdev' not just PCI, so this patch fixes the invalid access to the union here, because 'pci' variant might not have been filled. That likely happens in the two cases above too but I didn't check closely. That should be mentioned in the commit message as well ass add a: Fixes: 7d2f91f9cb572ab95d0916bdd1a46dd198874529 tag (unless there are more commits which added such invalid access)
+ if (virHostdevIsPCIDeviceWithIOMMUFD(hostdev)) return 0;
if (qemuDomainGetHostdevPath(hostdev, &path, NULL) < 0) diff --git a/src/qemu/qemu_validate.c b/src/qemu/qemu_validate.c index f8a15374c9..b3db2c71d8 100644 --- a/src/qemu/qemu_validate.c +++ b/src/qemu/qemu_validate.c @@ -2791,7 +2791,7 @@ qemuValidateDomainDeviceDefHostdev(const virDomainHostdevDef *hostdev, return -1; }
- if (hostdev->source.subsys.u.pci.driver.iommufd == VIR_TRISTATE_BOOL_YES) { + if (virHostdevIsPCIDeviceWithIOMMUFD(hostdev)) {
^^^^
if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_OBJECT_IOMMUFD)) { virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", _("IOMMUFD is not supported by this version of qemu")); diff --git a/src/security/security_apparmor.c b/src/security/security_apparmor.c index 40f13ec1a5..e53486ee0c 100644 --- a/src/security/security_apparmor.c +++ b/src/security/security_apparmor.c @@ -847,7 +847,7 @@ AppArmorSetSecurityHostdevLabel(virSecurityManager *mgr, return -1;
if (pcisrc->driver.name == VIR_DEVICE_HOSTDEV_PCI_DRIVER_NAME_VFIO) { - if (dev->source.subsys.u.pci.driver.iommufd != VIR_TRISTATE_BOOL_YES) { + if (virHostdevIsPCIDeviceWithoutIOMMUFD(dev)) {
^^^^^^^ Having virHostdevIsPCIDeviceWithIOMMUFD and virHostdevIsPCIDeviceWithoutIOMMUFD is really confusing BTW ... especially when mixed in one commit.
g_autofree char *vfioGroupDev = virPCIDeviceGetIOMMUGroupDev(pci);
if (!vfioGroupDev)
Reviewed-by: Peter Krempa <pkrempa@redhat.com>