[libvirt] [PATCH 07/19] Auto-generate helpers for checking access control rules
Michal Privoznik
mprivozn at redhat.com
Fri Jun 21 09:18:46 UTC 2013
On 19.06.2013 19:00, Daniel P. Berrange wrote:
> From: "Daniel P. Berrange" <berrange at redhat.com>
>
> Extend the 'gendispatch.pl' script to be able to generate
> three new types of file.
>
> - 'aclheader' - defines signatures of helper APIs for
> doing authorization checks. There is one helper API
> for each API requiring an auth check. Any @acl
> annotations result in a method being generated with
> a suffix of 'EnsureACL'. If the ACL check requires
> examination of flags, an extra 'flags' param will be
> present. Some examples
>
> extern int virConnectBaselineCPUEnsureACL(void);
> extern int virConnectDomainEventDeregisterEnsureACL(virDomainDefPtr domain);
> extern int virDomainAttachDeviceFlagsEnsureACL(virDomainDefPtr domain, unsigned int flags);
>
> Any @aclfilter annotations resuilt in a method being
> generated with a suffix of 'CheckACL'.
>
> extern int virConnectListAllDomainsCheckACL(virDomainDefPtr domain);
>
> These are used for filtering individual objects from APIs
> which return a list of objects
>
> - 'aclbody' - defines the actual implementation of the
> methods described above. This calls into the access
> manager APIs. A complex example:
>
> /* Returns: -1 on error (denied==error), 0 on allowed */
> int virDomainAttachDeviceFlagsEnsureACL(virConnectPtr conn,
> virDomainDefPtr domain,
> unsigned int flags)
> {
> virAccessManagerPtr mgr;
> int rv;
>
> if (!(mgr = virAccessManagerGetDefault()))
> return -1;
The virAccessManagerGetDefault increments the refcount on @mgr. However,
you are not decrementing it anywhere.
>
> if ((rv = virAccessManagerCheckDomain(mgr,
> conn->driver->name,
> domain,
> VIR_ACCESS_PERM_DOMAIN_WRITE)) <= 0) {
> if (rv == 0)
> virReportError(VIR_ERR_ACCESS_DENIED, NULL);
> return -1;
> }
> if (((flags & (VIR_DOMAIN_AFFECT_CONFIG|VIR_DOMAIN_AFFECT_LIVE)) == 0) &&
> (rv = virAccessManagerCheckDomain(mgr,
> conn->driver->name,
> domain,
> VIR_ACCESS_PERM_DOMAIN_SAVE)) <= 0) {
> if (rv == 0)
> virReportError(VIR_ERR_ACCESS_DENIED, NULL);
> return -1;
> }
> if (((flags & (VIR_DOMAIN_AFFECT_CONFIG)) == (VIR_DOMAIN_AFFECT_CONFIG)) &&
> (rv = virAccessManagerCheckDomain(mgr,
> conn->driver->name,
> domain,
> VIR_ACCESS_PERM_DOMAIN_SAVE)) <= 0) {
> if (rv == 0)
> virReportError(VIR_ERR_ACCESS_DENIED, NULL);
> return -1;
> }
> return 0;
> }
>
> - 'aclsyms' - generates a linker script to export the
> APIs to drivers. Some examples
>
> virConnectBaselineCPUEnsureACL;
> virConnectCompareCPUEnsureACL;
>
> Signed-off-by: Daniel P. Berrange <berrange at redhat.com>
> ---
> .gitignore | 9 +++
> src/Makefile.am | 55 ++++++++++++-
> src/rpc/gendispatch.pl | 209 ++++++++++++++++++++++++++++++++++++++++++++++++-
> 3 files changed, 268 insertions(+), 5 deletions(-)
>
Michal
More information about the libvir-list
mailing list