|
 |
c1c534 |
From 1cc1a4e1c069571d0db11848a5949da143c76166 Mon Sep 17 00:00:00 2001
|
|
|
c1c534 |
Message-Id: <1cc1a4e1c069571d0db11848a5949da143c76166@dist-git>
|
|
|
c1c534 |
From: =?UTF-8?q?J=C3=A1n=20Tomko?= <jtomko@redhat.com>
|
|
|
c1c534 |
Date: Mon, 27 Nov 2017 14:21:02 +0100
|
|
|
c1c534 |
Subject: [PATCH] qemu: Properly label and create evdev on input device hotplug
|
|
|
c1c534 |
MIME-Version: 1.0
|
|
|
c1c534 |
Content-Type: text/plain; charset=UTF-8
|
|
|
c1c534 |
Content-Transfer-Encoding: 8bit
|
|
|
c1c534 |
|
|
|
c1c534 |
Utilize all the newly introduced function to create the evdev node
|
|
|
c1c534 |
and label it on hotplug and destroy it on hotunplug.
|
|
|
c1c534 |
|
|
|
c1c534 |
This was forgotten in commits bc9ffaf and 67486bb.
|
|
|
c1c534 |
|
|
|
c1c534 |
https://bugzilla.redhat.com/show_bug.cgi?id=1509866
|
|
|
c1c534 |
(cherry picked from commit 2814f66f281064477815065bf3ddc5f5cec82062)
|
|
|
c1c534 |
Signed-off-by: Ján Tomko <jtomko@redhat.com>
|
|
|
c1c534 |
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
|
|
|
c1c534 |
---
|
|
|
c1c534 |
src/qemu/qemu_hotplug.c | 40 +++++++++++++++++++++++++++++++++++++---
|
|
|
c1c534 |
1 file changed, 37 insertions(+), 3 deletions(-)
|
|
|
c1c534 |
|
|
|
c1c534 |
diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c
|
|
|
c1c534 |
index edf07d0b65..56e8a93885 100644
|
|
|
c1c534 |
--- a/src/qemu/qemu_hotplug.c
|
|
|
c1c534 |
+++ b/src/qemu/qemu_hotplug.c
|
|
|
c1c534 |
@@ -2746,7 +2746,11 @@ qemuDomainAttachInputDevice(virQEMUDriverPtr driver,
|
|
|
c1c534 |
qemuDomainObjPrivatePtr priv = vm->privateData;
|
|
|
c1c534 |
virDomainDeviceDef dev = { VIR_DOMAIN_DEVICE_INPUT,
|
|
|
c1c534 |
{ .input = input } };
|
|
|
c1c534 |
+ virErrorPtr originalError = NULL;
|
|
|
c1c534 |
bool releaseaddr = false;
|
|
|
c1c534 |
+ bool teardowndevice = false;
|
|
|
c1c534 |
+ bool teardownlabel = false;
|
|
|
c1c534 |
+ bool teardowncgroup = false;
|
|
|
c1c534 |
|
|
|
c1c534 |
if (input->bus != VIR_DOMAIN_INPUT_BUS_USB &&
|
|
|
c1c534 |
input->bus != VIR_DOMAIN_INPUT_BUS_VIRTIO) {
|
|
|
c1c534 |
@@ -2773,6 +2777,18 @@ qemuDomainAttachInputDevice(virQEMUDriverPtr driver,
|
|
|
c1c534 |
if (qemuBuildInputDevStr(&devstr, vm->def, input, priv->qemuCaps) < 0)
|
|
|
c1c534 |
goto cleanup;
|
|
|
c1c534 |
|
|
|
c1c534 |
+ if (qemuDomainNamespaceSetupInput(vm, input) < 0)
|
|
|
c1c534 |
+ goto cleanup;
|
|
|
c1c534 |
+ teardowndevice = true;
|
|
|
c1c534 |
+
|
|
|
c1c534 |
+ if (qemuSetupInputCgroup(vm, input) < 0)
|
|
|
c1c534 |
+ goto cleanup;
|
|
|
c1c534 |
+ teardowncgroup = true;
|
|
|
c1c534 |
+
|
|
|
c1c534 |
+ if (qemuSecuritySetInputLabel(vm, input) < 0)
|
|
|
c1c534 |
+ goto cleanup;
|
|
|
c1c534 |
+ teardownlabel = true;
|
|
|
c1c534 |
+
|
|
|
c1c534 |
if (VIR_REALLOC_N(vm->def->inputs, vm->def->ninputs + 1) < 0)
|
|
|
c1c534 |
goto cleanup;
|
|
|
c1c534 |
|
|
|
c1c534 |
@@ -2788,14 +2804,23 @@ qemuDomainAttachInputDevice(virQEMUDriverPtr driver,
|
|
|
c1c534 |
VIR_APPEND_ELEMENT_COPY_INPLACE(vm->def->inputs, vm->def->ninputs, input);
|
|
|
c1c534 |
|
|
|
c1c534 |
ret = 0;
|
|
|
c1c534 |
- releaseaddr = false;
|
|
|
c1c534 |
|
|
|
c1c534 |
audit:
|
|
|
c1c534 |
virDomainAuditInput(vm, input, "attach", ret == 0);
|
|
|
c1c534 |
|
|
|
c1c534 |
cleanup:
|
|
|
c1c534 |
- if (releaseaddr)
|
|
|
c1c534 |
- qemuDomainReleaseDeviceAddress(vm, &input->info, NULL);
|
|
|
c1c534 |
+ if (ret < 0) {
|
|
|
c1c534 |
+ virErrorPreserveLast(&originalError);
|
|
|
c1c534 |
+ if (teardownlabel)
|
|
|
c1c534 |
+ qemuSecurityRestoreInputLabel(vm, input);
|
|
|
c1c534 |
+ if (teardowncgroup)
|
|
|
c1c534 |
+ qemuTeardownInputCgroup(vm, input);
|
|
|
c1c534 |
+ if (teardowndevice)
|
|
|
c1c534 |
+ qemuDomainNamespaceTeardownInput(vm, input);
|
|
|
c1c534 |
+ if (releaseaddr)
|
|
|
c1c534 |
+ qemuDomainReleaseDeviceAddress(vm, &input->info, NULL);
|
|
|
c1c534 |
+ virErrorRestore(&originalError);
|
|
|
c1c534 |
+ }
|
|
|
c1c534 |
|
|
|
c1c534 |
VIR_FREE(devstr);
|
|
|
c1c534 |
return ret;
|
|
|
c1c534 |
@@ -4283,6 +4308,15 @@ qemuDomainRemoveInputDevice(virDomainObjPtr vm,
|
|
|
c1c534 |
break;
|
|
|
c1c534 |
}
|
|
|
c1c534 |
qemuDomainReleaseDeviceAddress(vm, &dev->info, NULL);
|
|
|
c1c534 |
+ if (qemuSecurityRestoreInputLabel(vm, dev) < 0)
|
|
|
c1c534 |
+ VIR_WARN("Unable to restore security label on input device");
|
|
|
c1c534 |
+
|
|
|
c1c534 |
+ if (qemuTeardownInputCgroup(vm, dev) < 0)
|
|
|
c1c534 |
+ VIR_WARN("Unable to remove input device cgroup ACL");
|
|
|
c1c534 |
+
|
|
|
c1c534 |
+ if (qemuDomainNamespaceTeardownInput(vm, dev) < 0)
|
|
|
c1c534 |
+ VIR_WARN("Unable to remove input device from /dev");
|
|
|
c1c534 |
+
|
|
|
c1c534 |
virDomainInputDefFree(vm->def->inputs[i]);
|
|
|
c1c534 |
VIR_DELETE_ELEMENT(vm->def->inputs, i, vm->def->ninputs);
|
|
|
c1c534 |
return 0;
|
|
|
c1c534 |
--
|
|
|
c1c534 |
2.15.1
|
|
|
c1c534 |
|