openkylin
/
libvirt
mirror of https://gitee.com/openkylin/libvirt.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity

vircgroup: introduce virCgroupV2DenyAllDevices 

If we want to deny all devices we just need to replace any existing
program with new program with empty map.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
This commit is contained in:
Pavel Hrdina 2019-01-11 14:56:48 +01:00
parent 285aefb31c
commit 884479b42b
1 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
src/util/vircgroupv2.c
View File

@ -1824,6 +1824,16 @@ virCgroupV2AllowAllDevices(virCgroupPtr group,
}
static int
virCgroupV2DenyAllDevices(virCgroupPtr group)
{
if (virCgroupV2DevicesDetectProg(group) < 0)
return -1;
return virCgroupV2DevicesCreateProg(group);
}
virCgroupBackend virCgroupV2Backend = {
.type = VIR_CGROUP_BACKEND_TYPE_V2,
@ -1876,6 +1886,7 @@ virCgroupBackend virCgroupV2Backend = {
.allowDevice = virCgroupV2AllowDevice,
.denyDevice = virCgroupV2DenyDevice,
.allowAllDevices = virCgroupV2AllowAllDevices,
.denyAllDevices = virCgroupV2DenyAllDevices,
.setCpuShares = virCgroupV2SetCpuShares,
.getCpuShares = virCgroupV2GetCpuShares,