4:30 a.m.
Libvirt adds a USB controller to the guest even if the user does not
specify any in the XML. This is due to back-compat reasons.
To allow disabling USB for a guest this patch adds a new USB controller
type "none" that disables USB support for the guest.
---
docs/schemas/domaincommon.rng | 1 +
src/conf/domain_conf.c | 55 ++++++++++++++++++++++++++++++++++++++++-
src/conf/domain_conf.h | 1 +
src/qemu/qemu_command.c | 3 +-
4 files changed, 58 insertions(+), 2 deletions(-)
diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng
index b7562ad..c85d763 100644
--- a/docs/schemas/domaincommon.rng
+++ b/docs/schemas/domaincommon.rng
@@ -1222,6 +1222,7 @@
<value>vt82c686b-uhci</value>
<value>pci-ohci</value>
<value>nec-xhci</value>
+ <value>none</value>
</choice>
</attribute>
</optional>
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 89bae57..e38cdfe 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -258,7 +258,8 @@ VIR_ENUM_IMPL(virDomainControllerModelUSB,
VIR_DOMAIN_CONTROLLER_MODEL_USB_LAST,
"ich9-uhci3",
"vt82c686b-uhci",
"pci-ohci",
- "nec-xhci")
+ "nec-xhci",
+ "none")
VIR_ENUM_IMPL(virDomainFS, VIR_DOMAIN_FS_TYPE_LAST,
"mount",
@@ -7914,6 +7915,8 @@ static virDomainDefPtr virDomainDefParseXML(virCapsPtr caps,
virBitmapPtr bootMap = NULL;
unsigned long bootMapSize = 0;
xmlNodePtr cur;
+ bool usb_none = false;
+ bool usb_other = false;
if (VIR_ALLOC(def) < 0) {
virReportOOMError();
@@ -8639,6 +8642,27 @@ static virDomainDefPtr virDomainDefParseXML(virCapsPtr caps,
if (!controller)
goto error;
+ /* sanitize handling of "none" usb controller */
+ if (controller->type == VIR_DOMAIN_CONTROLLER_TYPE_USB) {
+ if (controller->model == VIR_DOMAIN_CONTROLLER_MODEL_USB_NONE) {
+ if (usb_other || usb_none) {
+ virDomainReportError(VIR_ERR_XML_DETAIL, "%s",
+ _("Can't add another USB controller:
"
+ "USB is disabled for this
domain"));
+ goto error;
+ }
+ usb_none = true;
+ } else {
+ if (usb_none) {
+ virDomainReportError(VIR_ERR_XML_DETAIL, "%s",
+ _("Can't add another USB controller:
"
+ "USB is disabled for this
domain"));
+ goto error;
+ }
+ usb_other = true;
+ }
+ }
+
virDomainControllerInsertPreAlloced(def, controller);
}
VIR_FREE(nodes);
@@ -8913,6 +8937,13 @@ static virDomainDefPtr virDomainDefParseXML(virCapsPtr caps,
if (!input)
goto error;
+ /* Check if USB bus is required */
+ if (input->bus == VIR_DOMAIN_INPUT_BUS_USB && usb_none) {
+ virDomainReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+ _("Can't add USB input device. "
+ "USB bus is disabled"));
+ goto error;
+ }
/* With QEMU / KVM / Xen graphics, mouse + PS/2 is implicit
* with graphics, so don't store it.
@@ -9040,6 +9071,14 @@ static virDomainDefPtr virDomainDefParseXML(virCapsPtr caps,
if (!hostdev)
goto error;
+ if (hostdev->source.subsys.type == VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_USB
&&
+ usb_none) {
+ virDomainReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+ _("Can't add USB device passthrough: "
+ "USB is disabled in this host"));
+ goto error;
+ }
+
def->hostdevs[def->nhostdevs++] = hostdev;
}
VIR_FREE(nodes);
@@ -9110,6 +9149,13 @@ static virDomainDefPtr virDomainDefParseXML(virCapsPtr caps,
if (!hub)
goto error;
+ if (hub->type == VIR_DOMAIN_HUB_TYPE_USB && usb_none) {
+ virDomainReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+ _("Can't add USB hub: "
+ "USB is disabled for this domain"));
+ goto error;
+ }
+
def->hubs[def->nhubs++] = hub;
}
VIR_FREE(nodes);
@@ -9126,6 +9172,13 @@ static virDomainDefPtr virDomainDefParseXML(virCapsPtr caps,
if (!redirdev)
goto error;
+ if (redirdev->bus == VIR_DOMAIN_REDIRDEV_BUS_USB && usb_none) {
+ virDomainReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+ _("Can't add USB redir device: "
+ "USB is disabled for this domain"));
+ goto error;
+ }
+
def->redirdevs[def->nredirdevs++] = redirdev;
}
VIR_FREE(nodes);
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
index 5e5374a..d02695d 100644
--- a/src/conf/domain_conf.h
+++ b/src/conf/domain_conf.h
@@ -633,6 +633,7 @@ enum virDomainControllerModelUSB {
VIR_DOMAIN_CONTROLLER_MODEL_USB_VT82C686B_UHCI,
VIR_DOMAIN_CONTROLLER_MODEL_USB_PCI_OHCI,
VIR_DOMAIN_CONTROLLER_MODEL_USB_NEC_XHCI,
+ VIR_DOMAIN_CONTROLLER_MODEL_USB_NONE,
VIR_DOMAIN_CONTROLLER_MODEL_USB_LAST
};
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index 16fa294..d202425 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -107,7 +107,8 @@ VIR_ENUM_IMPL(qemuControllerModelUSB,
VIR_DOMAIN_CONTROLLER_MODEL_USB_LAST,
"ich9-usb-uhci3",
"vt82c686b-usb-uhci",
"pci-ohci",
- "nec-usb-xhci");
+ "nec-usb-xhci",
+ "none");
VIR_ENUM_DECL(qemuDomainFSDriver)
VIR_ENUM_IMPL(qemuDomainFSDriver, VIR_DOMAIN_FS_DRIVER_TYPE_LAST,
--
1.7.8.6