From 1cc1a4e1c069571d0db11848a5949da143c76166 Mon Sep 17 00:00:00 2001
Message-Id: <1cc1a4e1c069571d0db11848a5949da143c76166@dist-git>
From: =?UTF-8?q?J=C3=A1n=20Tomko?= <jtomko@redhat.com>
Date: Mon, 27 Nov 2017 14:21:02 +0100
Subject: [PATCH] qemu: Properly label and create evdev on input device hotplug
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Utilize all the newly introduced function to create the evdev node
and label it on hotplug and destroy it on hotunplug.
This was forgotten in commits bc9ffaf and 67486bb.
https://bugzilla.redhat.com/show_bug.cgi?id=1509866
(cherry picked from commit 2814f66f281064477815065bf3ddc5f5cec82062)
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
---
src/qemu/qemu_hotplug.c | 40 +++++++++++++++++++++++++++++++++++++---
1 file changed, 37 insertions(+), 3 deletions(-)
diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c
index edf07d0b65..56e8a93885 100644
--- a/src/qemu/qemu_hotplug.c
+++ b/src/qemu/qemu_hotplug.c
@@ -2746,7 +2746,11 @@ qemuDomainAttachInputDevice(virQEMUDriverPtr driver,
qemuDomainObjPrivatePtr priv = vm->privateData;
virDomainDeviceDef dev = { VIR_DOMAIN_DEVICE_INPUT,
{ .input = input } };
+ virErrorPtr originalError = NULL;
bool releaseaddr = false;
+ bool teardowndevice = false;
+ bool teardownlabel = false;
+ bool teardowncgroup = false;
if (input->bus != VIR_DOMAIN_INPUT_BUS_USB &&
input->bus != VIR_DOMAIN_INPUT_BUS_VIRTIO) {
@@ -2773,6 +2777,18 @@ qemuDomainAttachInputDevice(virQEMUDriverPtr driver,
if (qemuBuildInputDevStr(&devstr, vm->def, input, priv->qemuCaps) < 0)
goto cleanup;
+ if (qemuDomainNamespaceSetupInput(vm, input) < 0)
+ goto cleanup;
+ teardowndevice = true;
+
+ if (qemuSetupInputCgroup(vm, input) < 0)
+ goto cleanup;
+ teardowncgroup = true;
+
+ if (qemuSecuritySetInputLabel(vm, input) < 0)
+ goto cleanup;
+ teardownlabel = true;
+
if (VIR_REALLOC_N(vm->def->inputs, vm->def->ninputs + 1) < 0)
goto cleanup;
@@ -2788,14 +2804,23 @@ qemuDomainAttachInputDevice(virQEMUDriverPtr driver,
VIR_APPEND_ELEMENT_COPY_INPLACE(vm->def->inputs, vm->def->ninputs, input);
ret = 0;
- releaseaddr = false;
audit:
virDomainAuditInput(vm, input, "attach", ret == 0);
cleanup:
- if (releaseaddr)
- qemuDomainReleaseDeviceAddress(vm, &input->info, NULL);
+ if (ret < 0) {
+ virErrorPreserveLast(&originalError);
+ if (teardownlabel)
+ qemuSecurityRestoreInputLabel(vm, input);
+ if (teardowncgroup)
+ qemuTeardownInputCgroup(vm, input);
+ if (teardowndevice)
+ qemuDomainNamespaceTeardownInput(vm, input);
+ if (releaseaddr)
+ qemuDomainReleaseDeviceAddress(vm, &input->info, NULL);
+ virErrorRestore(&originalError);
+ }
VIR_FREE(devstr);
return ret;
@@ -4283,6 +4308,15 @@ qemuDomainRemoveInputDevice(virDomainObjPtr vm,
break;
}
qemuDomainReleaseDeviceAddress(vm, &dev->info, NULL);
+ if (qemuSecurityRestoreInputLabel(vm, dev) < 0)
+ VIR_WARN("Unable to restore security label on input device");
+
+ if (qemuTeardownInputCgroup(vm, dev) < 0)
+ VIR_WARN("Unable to remove input device cgroup ACL");
+
+ if (qemuDomainNamespaceTeardownInput(vm, dev) < 0)
+ VIR_WARN("Unable to remove input device from /dev");
+
virDomainInputDefFree(vm->def->inputs[i]);
VIR_DELETE_ELEMENT(vm->def->inputs, i, vm->def->ninputs);
return 0;
--
2.15.1