From 8ab1d32390c9ba93dc183fd1a398418bdb24e755 Mon Sep 17 00:00:00 2001
From: jikui <jikui2@huawei.com>
Date: Tue, 30 Nov 2021 10:55:38 +0800
Subject: [PATCH] kata-runtime: check VFIO when create device

Signed-off-by: jikui <jikui2@huawei.com>
---
 kata-containers.spec                          |  8 +++-
 ...ainers-check-VFIO-when-create-device.patch | 38 +++++++++++++++++++
 series.conf                                   |  1 +
 3 files changed, 46 insertions(+), 1 deletion(-)
 create mode 100644 patches/0018-kata-containers-check-VFIO-when-create-device.patch

diff --git a/kata-containers.spec b/kata-containers.spec
index 6c23811..bdd4007 100644
--- a/kata-containers.spec
+++ b/kata-containers.spec
@@ -2,7 +2,7 @@
 %global debug_package %{nil}
 
 %define VERSION 2.1.0
-%define RELEASE 14
+%define RELEASE 15
 
 Name:           kata-containers
 Version:        %{VERSION}
@@ -108,6 +108,12 @@ strip %{buildroot}/usr/bin/containerd-shim-kata-v2
 %doc
 
 %changelog
+* Tue Nov 30 2021 jikui <jikui2@huawei.com> - 2.1.0-15
+- Type:bugfix
+- ID:NA
+- SUG:NA
+- DESC:check VFIO when create device
+
 * Mon Nov 29 2021 jikui <jikui2@huawei.com> - 2.1.0-14
 - Type:bugfix
 - ID:NA
diff --git a/patches/0018-kata-containers-check-VFIO-when-create-device.patch b/patches/0018-kata-containers-check-VFIO-when-create-device.patch
new file mode 100644
index 0000000..f858aab
--- /dev/null
+++ b/patches/0018-kata-containers-check-VFIO-when-create-device.patch
@@ -0,0 +1,38 @@
+From 8251be558d6824fa1dce37836b7f1d6ec6be6e9f Mon Sep 17 00:00:00 2001
+From: jikui <jikui2@huawei.com>
+Date: Tue, 30 Nov 2021 10:36:27 +0800
+Subject: [PATCH] kata-runtime: check VFIO when create device
+
+Signed-off-by: jikui <jikui2@huawei.com>
+---
+ src/runtime/virtcontainers/device/manager/manager.go | 7 ++++++-
+ 1 file changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/src/runtime/virtcontainers/device/manager/manager.go b/src/runtime/virtcontainers/device/manager/manager.go
+index 4515609..3afc148 100644
+--- a/src/runtime/virtcontainers/device/manager/manager.go
++++ b/src/runtime/virtcontainers/device/manager/manager.go
+@@ -10,6 +10,7 @@ import (
+ 	"context"
+ 	"encoding/hex"
+ 	"errors"
++	"fmt"
+ 	"sync"
+ 
+ 	"github.com/sirupsen/logrus"
+@@ -116,7 +117,11 @@ func (dm *deviceManager) createDevice(devInfo config.DeviceInfo) (dev api.Device
+ 	}()
+ 
+ 	if existingDev := dm.findDeviceByMajorMinor(devInfo.Major, devInfo.Minor); existingDev != nil {
+-		return existingDev, nil
++		if isVFIO(devInfo.HostPath) {
++			return nil, fmt.Errorf("device %s is replicated in the same Pod!", devInfo.ContainerPath)
++		} else {
++			return existingDev, nil
++		}
+ 	}
+ 
+ 	// device ID must be generated by manager instead of device itself
+-- 
+2.25.1
+
diff --git a/series.conf b/series.conf
index 2649f38..4cfede2 100644
--- a/series.conf
+++ b/series.conf
@@ -15,3 +15,4 @@
 0015-kata-containers-truncate-the-log.json-file-before-kata-.patch
 0016-kata-containers-validate-sandbox-cpu-and-memory-size.patch
 0017-kata-containers-fix-delete-sandbox-failed-problem.patch
+0018-kata-containers-check-VFIO-when-create-device.patch
-- 
Gitee