Pablo Greco 40546a
From 4cf3b3d335b83b5feb49e71775b6a8f1fddbbce9 Mon Sep 17 00:00:00 2001
Pablo Greco 40546a
Message-Id: <4cf3b3d335b83b5feb49e71775b6a8f1fddbbce9@dist-git>
Pablo Greco 40546a
From: Pavel Hrdina <phrdina@redhat.com>
Pablo Greco 40546a
Date: Mon, 1 Jul 2019 17:06:55 +0200
Pablo Greco 40546a
Subject: [PATCH] vircgroup: extract virCgroupV1(Allow|Deny)AllDevices
Pablo Greco 40546a
MIME-Version: 1.0
Pablo Greco 40546a
Content-Type: text/plain; charset=UTF-8
Pablo Greco 40546a
Content-Transfer-Encoding: 8bit
Pablo Greco 40546a
Pablo Greco 40546a
Reviewed-by: Fabiano Fidêncio <fidencio@redhat.com>
Pablo Greco 40546a
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Pablo Greco 40546a
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Pablo Greco 40546a
(cherry picked from commit fd9a0368b91c425f860115c0451067ee917574d1)
Pablo Greco 40546a
Pablo Greco 40546a
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1689297
Pablo Greco 40546a
Pablo Greco 40546a
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Pablo Greco 40546a
Message-Id: <cec0c47305736e9da14175d4002509b5583e4ab0.1561993100.git.phrdina@redhat.com>
Pablo Greco 40546a
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Pablo Greco 40546a
---
Pablo Greco 40546a
 src/util/vircgroup.c        | 18 ++----------------
Pablo Greco 40546a
 src/util/vircgroupbackend.h |  9 +++++++++
Pablo Greco 40546a
 src/util/vircgroupv1.c      | 31 +++++++++++++++++++++++++++++++
Pablo Greco 40546a
 3 files changed, 42 insertions(+), 16 deletions(-)
Pablo Greco 40546a
Pablo Greco 40546a
diff --git a/src/util/vircgroup.c b/src/util/vircgroup.c
Pablo Greco 40546a
index a30fc6241d..67c68f3dc6 100644
Pablo Greco 40546a
--- a/src/util/vircgroup.c
Pablo Greco 40546a
+++ b/src/util/vircgroup.c
Pablo Greco 40546a
@@ -1822,10 +1822,7 @@ virCgroupGetCpusetCpus(virCgroupPtr group, char **cpus)
Pablo Greco 40546a
 int
Pablo Greco 40546a
 virCgroupDenyAllDevices(virCgroupPtr group)
Pablo Greco 40546a
 {
Pablo Greco 40546a
-    return virCgroupSetValueStr(group,
Pablo Greco 40546a
-                                VIR_CGROUP_CONTROLLER_DEVICES,
Pablo Greco 40546a
-                                "devices.deny",
Pablo Greco 40546a
-                                "a");
Pablo Greco 40546a
+    VIR_CGROUP_BACKEND_CALL(group, denyAllDevices, -1);
Pablo Greco 40546a
 }
Pablo Greco 40546a
 
Pablo Greco 40546a
 /**
Pablo Greco 40546a
@@ -1845,18 +1842,7 @@ virCgroupDenyAllDevices(virCgroupPtr group)
Pablo Greco 40546a
 int
Pablo Greco 40546a
 virCgroupAllowAllDevices(virCgroupPtr group, int perms)
Pablo Greco 40546a
 {
Pablo Greco 40546a
-    int ret = -1;
Pablo Greco 40546a
-
Pablo Greco 40546a
-    if (virCgroupAllowDevice(group, 'b', -1, -1, perms) < 0)
Pablo Greco 40546a
-        goto cleanup;
Pablo Greco 40546a
-
Pablo Greco 40546a
-    if (virCgroupAllowDevice(group, 'c', -1, -1, perms) < 0)
Pablo Greco 40546a
-        goto cleanup;
Pablo Greco 40546a
-
Pablo Greco 40546a
-    ret = 0;
Pablo Greco 40546a
-
Pablo Greco 40546a
- cleanup:
Pablo Greco 40546a
-    return ret;
Pablo Greco 40546a
+    VIR_CGROUP_BACKEND_CALL(group, allowAllDevices, -1, perms);
Pablo Greco 40546a
 }
Pablo Greco 40546a
 
Pablo Greco 40546a
 
Pablo Greco 40546a
diff --git a/src/util/vircgroupbackend.h b/src/util/vircgroupbackend.h
Pablo Greco 40546a
index 04897b5895..436c83f6fa 100644
Pablo Greco 40546a
--- a/src/util/vircgroupbackend.h
Pablo Greco 40546a
+++ b/src/util/vircgroupbackend.h
Pablo Greco 40546a
@@ -269,6 +269,13 @@ typedef int
Pablo Greco 40546a
                          int minor,
Pablo Greco 40546a
                          int perms);
Pablo Greco 40546a
 
Pablo Greco 40546a
+typedef int
Pablo Greco 40546a
+(*virCgroupAllowAllDevicesCB)(virCgroupPtr group,
Pablo Greco 40546a
+                              int perms);
Pablo Greco 40546a
+
Pablo Greco 40546a
+typedef int
Pablo Greco 40546a
+(*virCgroupDenyAllDevicesCB)(virCgroupPtr group);
Pablo Greco 40546a
+
Pablo Greco 40546a
 struct _virCgroupBackend {
Pablo Greco 40546a
     virCgroupBackendType type;
Pablo Greco 40546a
 
Pablo Greco 40546a
@@ -321,6 +328,8 @@ struct _virCgroupBackend {
Pablo Greco 40546a
 
Pablo Greco 40546a
     virCgroupAllowDeviceCB allowDevice;
Pablo Greco 40546a
     virCgroupDenyDeviceCB denyDevice;
Pablo Greco 40546a
+    virCgroupAllowAllDevicesCB allowAllDevices;
Pablo Greco 40546a
+    virCgroupDenyAllDevicesCB denyAllDevices;
Pablo Greco 40546a
 };
Pablo Greco 40546a
 typedef struct _virCgroupBackend virCgroupBackend;
Pablo Greco 40546a
 typedef virCgroupBackend *virCgroupBackendPtr;
Pablo Greco 40546a
diff --git a/src/util/vircgroupv1.c b/src/util/vircgroupv1.c
Pablo Greco 40546a
index 02cd7ab956..34393812d2 100644
Pablo Greco 40546a
--- a/src/util/vircgroupv1.c
Pablo Greco 40546a
+++ b/src/util/vircgroupv1.c
Pablo Greco 40546a
@@ -1737,6 +1737,35 @@ virCgroupV1DenyDevice(virCgroupPtr group,
Pablo Greco 40546a
 }
Pablo Greco 40546a
 
Pablo Greco 40546a
 
Pablo Greco 40546a
+static int
Pablo Greco 40546a
+virCgroupV1AllowAllDevices(virCgroupPtr group,
Pablo Greco 40546a
+                           int perms)
Pablo Greco 40546a
+{
Pablo Greco 40546a
+    int ret = -1;
Pablo Greco 40546a
+
Pablo Greco 40546a
+    if (virCgroupV1AllowDevice(group, 'b', -1, -1, perms) < 0)
Pablo Greco 40546a
+        goto cleanup;
Pablo Greco 40546a
+
Pablo Greco 40546a
+    if (virCgroupV1AllowDevice(group, 'c', -1, -1, perms) < 0)
Pablo Greco 40546a
+        goto cleanup;
Pablo Greco 40546a
+
Pablo Greco 40546a
+    ret = 0;
Pablo Greco 40546a
+
Pablo Greco 40546a
+ cleanup:
Pablo Greco 40546a
+    return ret;
Pablo Greco 40546a
+}
Pablo Greco 40546a
+
Pablo Greco 40546a
+
Pablo Greco 40546a
+static int
Pablo Greco 40546a
+virCgroupV1DenyAllDevices(virCgroupPtr group)
Pablo Greco 40546a
+{
Pablo Greco 40546a
+    return virCgroupSetValueStr(group,
Pablo Greco 40546a
+                                VIR_CGROUP_CONTROLLER_DEVICES,
Pablo Greco 40546a
+                                "devices.deny",
Pablo Greco 40546a
+                                "a");
Pablo Greco 40546a
+}
Pablo Greco 40546a
+
Pablo Greco 40546a
+
Pablo Greco 40546a
 virCgroupBackend virCgroupV1Backend = {
Pablo Greco 40546a
     .type = VIR_CGROUP_BACKEND_TYPE_V1,
Pablo Greco 40546a
 
Pablo Greco 40546a
@@ -1787,6 +1816,8 @@ virCgroupBackend virCgroupV1Backend = {
Pablo Greco 40546a
 
Pablo Greco 40546a
     .allowDevice = virCgroupV1AllowDevice,
Pablo Greco 40546a
     .denyDevice = virCgroupV1DenyDevice,
Pablo Greco 40546a
+    .allowAllDevices = virCgroupV1AllowAllDevices,
Pablo Greco 40546a
+    .denyAllDevices = virCgroupV1DenyAllDevices,
Pablo Greco 40546a
 };
Pablo Greco 40546a
 
Pablo Greco 40546a
 
Pablo Greco 40546a
-- 
Pablo Greco 40546a
2.22.0
Pablo Greco 40546a