[fedora-virt] Some USB devices are blocked by host policy
Frederick N. Brier
fnbrier at gmail.com
Wed Jan 7 19:02:47 UTC 2015
On 01/07/2015 06:37 AM, Cole Robinson wrote:
> On 01/06/2015 12:08 AM, Frederick N. Brier wrote:
>> I'm using Spice and want to share a USB device on workstation with a VM
>> running on another physical host. The filters are all set up for the VM in
>> its domain XML. The Spice "Select USB devices for redirection" dialog shows
>> the device I want to redirect. However, all the USB devices are greyed out
>> and Alert text says, "Some USB devices are blocked by host policy". My
>> understanding, from the doc
>> <https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Virtualization_Administration_Guide/sect-limit-redirection.html>,
>> is that the following XML needs to be configured on the "host physical
>> machine's domain XML" which I am interpreting as the workstation, although it
>> could be the hypervisor host, to unblock the USB device:
>>
>> <redirfilter>
>> <usbdev class='0x08' vendor='0x0951' product='0x1625' version='2.0' allow='yes'/>
>> <usbdev allow='no'/>
>> </redirfilter>
>>
>> Either way, I cannot figure out what the name or location of the file where
>> this XML would go, let alone find a complete schema or example of what the
>> file would look like. Has anyone else done this? Please... <gasp> Help!
>>
> I've never seen that message before. Can you provide the guest XML you are
> using? And maybe upload a screenshot somewhere of what you are seeing in
> virt-viewer.
>
> What type of device are you trying to passthrough?
>
> CCing hans who is the usbredir expert
>
> - Cole
The guest XML is below. There is an extra <redirdev> element in the
XML, which got added when I was attempting to use a virt-manager 1.0.1
on my Fedora 20 workstation remotely connected to the CentOS KVM host,
but it was doing this before as well. A snapshot of the dialog can be
found at http://snag.gy/8UViT.jpg . The Alert message appears to be in
the spice-gtk project <https://github.com/mathslinux/spice-gtk> in the
usb-device-manager.c
<https://github.com/mathslinux/spice-gtk/blob/master/gtk/usb-device-manager.c>
file. Initially, I used remote-viewer with no parameters and specified
the URI (spice://cyclone:5908) in its dialog, but then I created an INI
file passed to remote-viewer. That file's contents are also below.
There was no difference in the behavior. Now please don't laugh, but I
was trying to pass the "Hercules Rocksmith USB Guitar Adapter" to the
VM. It would kind of cool and geeky to be able to play Rocksmith 2014
in a remote VM on my Fedora box. Thank you for the help.
- Fred
---------Start----------
[virt-viewer]
type=spice
host=cyclone
port=5908
title=Rain
fullscreen=1
enable-usbredir=1
enable-usb-autoshare=1
usb-filter=-1,12ba,00ff,-1,yes
---------End----------
<domain type='kvm' id='21'>
<name>Rain</name>
<uuid>bc456b4a-cc10-4be5-b5a5-92e54be74025</uuid>
<title>Windows 7 on Cyclone</title>
<description>This VM is for running non-games applications that only
run under Windows. The installed applications include XML Spy 2004 Pro,
Quickbooks 2012, Chief Architect's Architectural Home Design, and
Visual Studio.</description>
<memory unit='KiB'>4194304</memory>
<currentMemory unit='KiB'>4194304</currentMemory>
<vcpu placement='static'>2</vcpu>
<os>
<type arch='x86_64' machine='rhel6.5.0'>hvm</type>
<boot dev='hd'/>
</os>
<features>
<acpi/>
<apic/>
<pae/>
</features>
<clock offset='localtime'>
<timer name='rtc' tickpolicy='catchup'/>
<timer name='pit' tickpolicy='delay'/>
<timer name='hpet' present='no'/>
</clock>
<on_poweroff>destroy</on_poweroff>
<on_reboot>restart</on_reboot>
<on_crash>restart</on_crash>
<devices>
<emulator>/usr/libexec/qemu-kvm</emulator>
<disk type='block' device='disk'>
<driver name='qemu' type='raw' cache='none' io='native'/>
<source dev='/dev/vg_data/rain'/>
<target dev='vda' bus='virtio'/>
<alias name='virtio-disk0'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x08'
function='0x0'/>
</disk>
<disk type='block' device='disk'>
<driver name='qemu' type='raw' cache='none' io='native'/>
<source dev='/dev/vg_data/windata'/>
<target dev='vdb' bus='virtio'/>
<alias name='virtio-disk1'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x09'
function='0x0'/>
</disk>
<disk type='block' device='cdrom'>
<driver name='qemu' type='raw'/>
<source dev='/dev/sr0'/>
<target dev='hdc' bus='ide'/>
<readonly/>
<alias name='ide0-1-0'/>
<address type='drive' controller='0' bus='1' target='0' unit='0'/>
</disk>
<controller type='usb' index='0' model='ich9-ehci1'>
<alias name='usb0'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x05'
function='0x7'/>
</controller>
<controller type='usb' index='0' model='ich9-uhci1'>
<alias name='usb0'/>
<master startport='0'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x05'
function='0x0' multifunction='on'/>
</controller>
<controller type='usb' index='0' model='ich9-uhci2'>
<alias name='usb0'/>
<master startport='2'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x05'
function='0x1'/>
</controller>
<controller type='usb' index='0' model='ich9-uhci3'>
<alias name='usb0'/>
<master startport='4'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x05'
function='0x2'/>
</controller>
<controller type='scsi' index='0' model='virtio-scsi'>
<alias name='scsi0'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x0a'
function='0x0'/>
</controller>
<controller type='ide' index='0'>
<alias name='ide0'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x01'
function='0x1'/>
</controller>
<controller type='virtio-serial' index='0'>
<alias name='virtio-serial0'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x06'
function='0x0'/>
</controller>
<interface type='bridge'>
<mac address='52:54:00:9c:35:fc'/>
<source bridge='br0'/>
<target dev='vnet8'/>
<model type='virtio'/>
<alias name='net0'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03'
function='0x0'/>
</interface>
<serial type='pty'>
<source path='/dev/pts/9'/>
<target port='0'/>
<alias name='serial0'/>
</serial>
<console type='pty' tty='/dev/pts/9'>
<source path='/dev/pts/9'/>
<target type='serial' port='0'/>
<alias name='serial0'/>
</console>
<channel type='spicevmc'>
<target type='virtio' name='com.redhat.spice.0'/>
<alias name='channel0'/>
<address type='virtio-serial' controller='0' bus='0' port='1'/>
</channel>
<input type='tablet' bus='usb'>
<alias name='input0'/>
</input>
<input type='mouse' bus='ps2'/>
<graphics type='spice' port='5908' autoport='yes' listen='0.0.0.0'>
<listen type='address' address='0.0.0.0'/>
</graphics>
<sound model='ich6'>
<alias name='sound0'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x04'
function='0x0'/>
</sound>
<video>
<model type='qxl' ram='65536' vram='65536' heads='1'/>
<alias name='video0'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02'
function='0x0'/>
</video>
<redirdev bus='usb' type='spicevmc'>
<alias name='redir0'/>
<address type='usb' bus='0' port='4'/>
</redirdev>
<redirdev bus='usb' type='spicevmc'>
<alias name='redir1'/>
</redirdev>
<redirfilter>
<usbdev class='0x08' vendor='0x12BA' product='0x00FF'
version='2.0' allow='yes'/>
<usbdev allow='no'/>
</redirfilter>
<memballoon model='virtio'>
<alias name='balloon0'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x07'
function='0x0'/>
</memballoon>
</devices>
<seclabel type='dynamic' model='selinux' relabel='yes'>
<label>unconfined_u:system_r:svirt_t:s0:c824,c991</label>
<imagelabel>unconfined_u:object_r:svirt_image_t:s0:c824,c991</imagelabel>
</seclabel>
</domain>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/virt/attachments/20150107/56d2e8d6/attachment-0001.html>
More information about the virt
mailing list