[libvirt] [PATCH 00/19] implement cgroups v2 devices support

Pavel Hrdina phrdina at redhat.com
Wed Jan 2 14:08:32 UTC 2019


In cgroups v2 there is no devices controller, BPF should be used
instead.

Patches 3 - 12 will be squashed into single commit and they need to be
compiled together, I've separated them to make review easier.

Pavel Hrdina (19):
  util: introduce virbpf helpers
  vircgroup: introduce virCgroupV2DevicesAvailable
  vircgroup: introduce virCgroupV2DeviceLoadProg
  vircgroup: introduce virCgroupV2DeviceAttachProg
  vircgroup: introduce virCgroupV2DeviceDetectProg
  vircgroup: introduce virCgroupV2DeviceCreateProg
  vircgroup: introduce virCgroupV2DeviceReallocMap
  vircgroup: introduce virCgroupV2DevicePrepareProg
  vircgroup: introduce virCgroupV2DeviceRemoveProg
  vircgroup: introduce virCgroupV2DeviceGetPerms
  vircgroup: introduce virCgroupV2DeviceGetKey
  vircgroup: introduce virCgroupV2AllowDevice
  vircgroup: introduce virCgroupV2DenyDevice
  vircgroup: introduce virCgroupV2AllowAllDevices
  vircgroup: introduce virCgroupV2DenyAllDevices
  vircgroup: workaround devices in hybrid mode
  vircgroupv2: detech BPF program before removing cgroup
  vircgroupv2: use dummy process to workaround kernel bug with systemd
  vircgroupmock: mock virBPFQueryProg

 include/libvirt/virterror.h       |   1 +
 src/Makefile.am                   |   1 +
 src/libvirt_private.syms          |  17 +
 src/lxc/lxc_cgroup.c              |   1 +
 src/qemu/qemu_cgroup.c            |   6 +-
 src/util/Makefile.inc.am          |   2 +
 src/util/virbpf.c                 | 263 ++++++++++++
 src/util/virbpf.h                 | 249 ++++++++++++
 src/util/vircgroup.c              |  18 +-
 src/util/vircgroup.h              |   1 +
 src/util/vircgroupbackend.h       |   3 +-
 src/util/vircgrouppriv.h          |  12 +
 src/util/vircgroupv1.c            |   9 +-
 src/util/vircgroupv2.c            | 638 +++++++++++++++++++++++++++++-
 src/util/virerror.c               |   1 +
 src/util/virsystemd.c             |   2 +-
 src/util/virsystemd.h             |   2 +
 tests/vircgroupdata/hybrid.parsed |   2 +-
 tests/vircgroupmock.c             |  11 +
 tests/vircgrouptest.c             |   4 +-
 20 files changed, 1233 insertions(+), 10 deletions(-)
 create mode 100644 src/util/virbpf.c
 create mode 100644 src/util/virbpf.h

-- 
2.20.1




More information about the libvir-list mailing list