[libvirt] [PATCH 1/8] Add access control filtering of domain objects
Daniel P. Berrange
berrange at redhat.com
Thu Jun 27 16:57:18 UTC 2013
From: "Daniel P. Berrange" <berrange at redhat.com>
Ensure that all APIs which list domain objects filter
them against the access control system.
Signed-off-by: Daniel P. Berrange <berrange at redhat.com>
---
src/conf/domain_conf.c | 91 +++++++++++++++++++++++++++-------------
src/conf/domain_conf.h | 17 ++++++--
src/libxl/libxl_driver.c | 15 ++++---
src/lxc/lxc_driver.c | 15 ++++---
src/openvz/openvz_driver.c | 7 ++--
src/parallels/parallels_driver.c | 14 ++++---
src/qemu/qemu_driver.c | 24 ++++++-----
src/rpc/gendispatch.pl | 42 ++++++++++++-------
src/test/test_driver.c | 13 +++---
src/uml/uml_driver.c | 15 ++++---
src/vmware/vmware_driver.c | 12 +++---
11 files changed, 172 insertions(+), 93 deletions(-)
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index e41dfa2..f5cfb26 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -16984,47 +16984,51 @@ virDomainGetRootFilesystem(virDomainDefPtr def)
}
-static void
-virDomainObjListCountActive(void *payload,
- const void *name ATTRIBUTE_UNUSED,
- void *data)
-{
- virDomainObjPtr obj = payload;
- int *count = data;
- virObjectLock(obj);
- if (virDomainObjIsActive(obj))
- (*count)++;
- virObjectUnlock(obj);
-}
+struct virDomainObjListData {
+ virDomainObjListFilter filter;
+ virConnectPtr conn;
+ bool active;
+ int count;
+};
static void
-virDomainObjListCountInactive(void *payload,
- const void *name ATTRIBUTE_UNUSED,
- void *data)
+virDomainObjListCount(void *payload,
+ const void *name ATTRIBUTE_UNUSED,
+ void *opaque)
{
virDomainObjPtr obj = payload;
- int *count = data;
+ struct virDomainObjListData *data = opaque;
virObjectLock(obj);
- if (!virDomainObjIsActive(obj))
- (*count)++;
+ if (data->filter &&
+ !data->filter(data->conn, obj->def))
+ goto cleanup;
+ if (virDomainObjIsActive(obj)) {
+ if (data->active)
+ data->count++;
+ } else {
+ if (!data->active)
+ data->count++;
+ }
+cleanup:
virObjectUnlock(obj);
}
int
virDomainObjListNumOfDomains(virDomainObjListPtr doms,
- int active)
+ bool active,
+ virDomainObjListFilter filter,
+ virConnectPtr conn)
{
- int count = 0;
+ struct virDomainObjListData data = { filter, conn, active, 0 };
virObjectLock(doms);
- if (active)
- virHashForEach(doms->objs, virDomainObjListCountActive, &count);
- else
- virHashForEach(doms->objs, virDomainObjListCountInactive, &count);
+ virHashForEach(doms->objs, virDomainObjListCount, &data);
virObjectUnlock(doms);
- return count;
+ return data.count;
}
struct virDomainIDData {
+ virDomainObjListFilter filter;
+ virConnectPtr conn;
int numids;
int maxids;
int *ids;
@@ -17038,17 +17042,24 @@ virDomainObjListCopyActiveIDs(void *payload,
virDomainObjPtr obj = payload;
struct virDomainIDData *data = opaque;
virObjectLock(obj);
+ if (data->filter &&
+ !data->filter(data->conn, obj->def))
+ goto cleanup;
if (virDomainObjIsActive(obj) && data->numids < data->maxids)
data->ids[data->numids++] = obj->def->id;
+cleanup:
virObjectUnlock(obj);
}
int
virDomainObjListGetActiveIDs(virDomainObjListPtr doms,
int *ids,
- int maxids)
+ int maxids,
+ virDomainObjListFilter filter,
+ virConnectPtr conn)
{
- struct virDomainIDData data = { 0, maxids, ids };
+ struct virDomainIDData data = { filter, conn,
+ 0, maxids, ids };
virObjectLock(doms);
virHashForEach(doms->objs, virDomainObjListCopyActiveIDs, &data);
virObjectUnlock(doms);
@@ -17056,6 +17067,8 @@ virDomainObjListGetActiveIDs(virDomainObjListPtr doms,
}
struct virDomainNameData {
+ virDomainObjListFilter filter;
+ virConnectPtr conn;
int oom;
int numnames;
int maxnames;
@@ -17074,12 +17087,16 @@ virDomainObjListCopyInactiveNames(void *payload,
return;
virObjectLock(obj);
+ if (data->filter &&
+ !data->filter(data->conn, obj->def))
+ goto cleanup;
if (!virDomainObjIsActive(obj) && data->numnames < data->maxnames) {
if (VIR_STRDUP(data->names[data->numnames], obj->def->name) < 0)
data->oom = 1;
else
data->numnames++;
}
+cleanup:
virObjectUnlock(obj);
}
@@ -17087,9 +17104,12 @@ virDomainObjListCopyInactiveNames(void *payload,
int
virDomainObjListGetInactiveNames(virDomainObjListPtr doms,
char **const names,
- int maxnames)
+ int maxnames,
+ virDomainObjListFilter filter,
+ virConnectPtr conn)
{
- struct virDomainNameData data = { 0, 0, maxnames, names };
+ struct virDomainNameData data = { filter, conn,
+ 0, 0, maxnames, names };
int i;
virObjectLock(doms);
virHashForEach(doms->objs, virDomainObjListCopyInactiveNames, &data);
@@ -17805,6 +17825,7 @@ cleanup:
struct virDomainListData {
virConnectPtr conn;
virDomainPtr *domains;
+ virDomainObjListFilter filter;
unsigned int flags;
int ndomains;
bool error;
@@ -17826,6 +17847,11 @@ virDomainListPopulate(void *payload,
virObjectLock(vm);
/* check if the domain matches the filter */
+ /* filter by the callback function (access control checks) */
+ if (data->filter != NULL &&
+ !data->filter(data->conn, vm->def))
+ goto cleanup;
+
/* filter by active state */
if (MATCH(VIR_CONNECT_LIST_DOMAINS_FILTERS_ACTIVE) &&
!((MATCH(VIR_CONNECT_LIST_DOMAINS_ACTIVE) &&
@@ -17905,12 +17931,17 @@ int
virDomainObjListExport(virDomainObjListPtr doms,
virConnectPtr conn,
virDomainPtr **domains,
+ virDomainObjListFilter filter,
unsigned int flags)
{
int ret = -1;
int i;
- struct virDomainListData data = { conn, NULL, flags, 0, false };
+ struct virDomainListData data = {
+ conn, NULL,
+ filter,
+ flags, 0, false
+ };
virObjectLock(doms);
if (domains) {
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
index 3817e37..7310c1c 100644
--- a/src/conf/domain_conf.h
+++ b/src/conf/domain_conf.h
@@ -2051,6 +2051,9 @@ struct _virDomainObj {
typedef struct _virDomainObjList virDomainObjList;
typedef virDomainObjList *virDomainObjListPtr;
+typedef bool (*virDomainObjListFilter)(virConnectPtr conn,
+ virDomainDefPtr def);
+
/* This structure holds various callbacks and data needed
* while parsing and creating domain XMLs */
@@ -2404,14 +2407,21 @@ int virDomainFSIndexByName(virDomainDefPtr def, const char *name);
int virDomainVideoDefaultType(virDomainDefPtr def);
int virDomainVideoDefaultRAM(virDomainDefPtr def, int type);
-int virDomainObjListNumOfDomains(virDomainObjListPtr doms, int active);
+int virDomainObjListNumOfDomains(virDomainObjListPtr doms,
+ bool active,
+ virDomainObjListFilter filter,
+ virConnectPtr conn);
int virDomainObjListGetActiveIDs(virDomainObjListPtr doms,
int *ids,
- int maxids);
+ int maxids,
+ virDomainObjListFilter filter,
+ virConnectPtr conn);
int virDomainObjListGetInactiveNames(virDomainObjListPtr doms,
char **const names,
- int maxnames);
+ int maxnames,
+ virDomainObjListFilter filter,
+ virConnectPtr conn);
typedef int (*virDomainObjListIterator)(virDomainObjPtr dom,
void *opaque);
@@ -2621,6 +2631,7 @@ VIR_ENUM_DECL(virDomainStartupPolicy)
int virDomainObjListExport(virDomainObjListPtr doms,
virConnectPtr conn,
virDomainPtr **domains,
+ virDomainObjListFilter filter,
unsigned int flags);
virDomainVcpuPinDefPtr virDomainLookupVcpuPin(virDomainDefPtr def,
diff --git a/src/libxl/libxl_driver.c b/src/libxl/libxl_driver.c
index 9f52394..eee42fa 100644
--- a/src/libxl/libxl_driver.c
+++ b/src/libxl/libxl_driver.c
@@ -1574,7 +1574,8 @@ libxlConnectListDomains(virConnectPtr conn, int *ids, int nids)
return -1;
libxlDriverLock(driver);
- n = virDomainObjListGetActiveIDs(driver->domains, ids, nids);
+ n = virDomainObjListGetActiveIDs(driver->domains, ids, nids,
+ virConnectListDomainsCheckACL, conn);
libxlDriverUnlock(driver);
return n;
@@ -1590,7 +1591,8 @@ libxlConnectNumOfDomains(virConnectPtr conn)
return -1;
libxlDriverLock(driver);
- n = virDomainObjListNumOfDomains(driver->domains, 1);
+ n = virDomainObjListNumOfDomains(driver->domains, true,
+ virConnectNumOfDomainsCheckACL, conn);
libxlDriverUnlock(driver);
return n;
@@ -3202,7 +3204,8 @@ libxlConnectListDefinedDomains(virConnectPtr conn,
return -1;
libxlDriverLock(driver);
- n = virDomainObjListGetInactiveNames(driver->domains, names, nnames);
+ n = virDomainObjListGetInactiveNames(driver->domains, names, nnames,
+ virConnectListDefinedDomainsCheckACL, conn);
libxlDriverUnlock(driver);
return n;
}
@@ -3217,7 +3220,8 @@ libxlConnectNumOfDefinedDomains(virConnectPtr conn)
return -1;
libxlDriverLock(driver);
- n = virDomainObjListNumOfDomains(driver->domains, 0);
+ n = virDomainObjListNumOfDomains(driver->domains, false,
+ virConnectNumOfDefinedDomainsCheckACL, NULL);
libxlDriverUnlock(driver);
return n;
@@ -4609,7 +4613,8 @@ libxlConnectListAllDomains(virConnectPtr conn,
return -1;
libxlDriverLock(driver);
- ret = virDomainObjListExport(driver->domains, conn, domains, flags);
+ ret = virDomainObjListExport(driver->domains, conn, domains,
+ virConnectListAllDomainsCheckACL, flags);
libxlDriverUnlock(driver);
return ret;
diff --git a/src/lxc/lxc_driver.c b/src/lxc/lxc_driver.c
index 8d02c52..1a6d086 100644
--- a/src/lxc/lxc_driver.c
+++ b/src/lxc/lxc_driver.c
@@ -392,7 +392,8 @@ static int lxcConnectListDomains(virConnectPtr conn, int *ids, int nids) {
return -1;
lxcDriverLock(driver);
- n = virDomainObjListGetActiveIDs(driver->domains, ids, nids);
+ n = virDomainObjListGetActiveIDs(driver->domains, ids, nids,
+ virConnectListDomainsCheckACL, conn);
lxcDriverUnlock(driver);
return n;
@@ -406,7 +407,8 @@ static int lxcConnectNumOfDomains(virConnectPtr conn) {
return -1;
lxcDriverLock(driver);
- n = virDomainObjListNumOfDomains(driver->domains, 1);
+ n = virDomainObjListNumOfDomains(driver->domains, true,
+ virConnectNumOfDomainsCheckACL, conn);
lxcDriverUnlock(driver);
return n;
@@ -421,7 +423,8 @@ static int lxcConnectListDefinedDomains(virConnectPtr conn,
return -1;
lxcDriverLock(driver);
- n = virDomainObjListGetInactiveNames(driver->domains, names, nnames);
+ n = virDomainObjListGetInactiveNames(driver->domains, names, nnames,
+ virConnectListDefinedDomainsCheckACL, conn);
lxcDriverUnlock(driver);
return n;
@@ -436,7 +439,8 @@ static int lxcConnectNumOfDefinedDomains(virConnectPtr conn) {
return -1;
lxcDriverLock(driver);
- n = virDomainObjListNumOfDomains(driver->domains, 0);
+ n = virDomainObjListNumOfDomains(driver->domains, false,
+ virConnectNumOfDefinedDomainsCheckACL, conn);
lxcDriverUnlock(driver);
return n;
@@ -2829,7 +2833,8 @@ lxcConnectListAllDomains(virConnectPtr conn,
return -1;
lxcDriverLock(driver);
- ret = virDomainObjListExport(driver->domains, conn, domains, flags);
+ ret = virDomainObjListExport(driver->domains, conn, domains,
+ virConnectListAllDomainsCheckACL, flags);
lxcDriverUnlock(driver);
return ret;
diff --git a/src/openvz/openvz_driver.c b/src/openvz/openvz_driver.c
index d04e3ba..7af0349 100644
--- a/src/openvz/openvz_driver.c
+++ b/src/openvz/openvz_driver.c
@@ -1566,7 +1566,7 @@ static int openvzConnectNumOfDomains(virConnectPtr conn) {
int n;
openvzDriverLock(driver);
- n = virDomainObjListNumOfDomains(driver->domains, 1);
+ n = virDomainObjListNumOfDomains(driver->domains, true, NULL, NULL);
openvzDriverUnlock(driver);
return n;
@@ -1678,7 +1678,7 @@ static int openvzConnectNumOfDefinedDomains(virConnectPtr conn) {
int n;
openvzDriverLock(driver);
- n = virDomainObjListNumOfDomains(driver->domains, 0);
+ n = virDomainObjListNumOfDomains(driver->domains, false, NULL, NULL);
openvzDriverUnlock(driver);
return n;
@@ -2122,7 +2122,8 @@ openvzConnectListAllDomains(virConnectPtr conn,
virCheckFlags(VIR_CONNECT_LIST_DOMAINS_FILTERS_ALL, -1);
openvzDriverLock(driver);
- ret = virDomainObjListExport(driver->domains, conn, domains, flags);
+ ret = virDomainObjListExport(driver->domains, conn, domains,
+ NULL, flags);
openvzDriverUnlock(driver);
return ret;
diff --git a/src/parallels/parallels_driver.c b/src/parallels/parallels_driver.c
index b7c4ec4..d5e0ea3 100644
--- a/src/parallels/parallels_driver.c
+++ b/src/parallels/parallels_driver.c
@@ -1045,7 +1045,8 @@ parallelsConnectListDomains(virConnectPtr conn, int *ids, int maxids)
int n;
parallelsDriverLock(privconn);
- n = virDomainObjListGetActiveIDs(privconn->domains, ids, maxids);
+ n = virDomainObjListGetActiveIDs(privconn->domains, ids, maxids,
+ NULL, NULL);
parallelsDriverUnlock(privconn);
return n;
@@ -1058,7 +1059,8 @@ parallelsConnectNumOfDomains(virConnectPtr conn)
int count;
parallelsDriverLock(privconn);
- count = virDomainObjListNumOfDomains(privconn->domains, 1);
+ count = virDomainObjListNumOfDomains(privconn->domains, true,
+ NULL, NULL);
parallelsDriverUnlock(privconn);
return count;
@@ -1073,7 +1075,7 @@ parallelsConnectListDefinedDomains(virConnectPtr conn, char **const names, int m
parallelsDriverLock(privconn);
memset(names, 0, sizeof(*names) * maxnames);
n = virDomainObjListGetInactiveNames(privconn->domains, names,
- maxnames);
+ maxnames, NULL, NULL);
parallelsDriverUnlock(privconn);
return n;
@@ -1086,7 +1088,8 @@ parallelsConnectNumOfDefinedDomains(virConnectPtr conn)
int count;
parallelsDriverLock(privconn);
- count = virDomainObjListNumOfDomains(privconn->domains, 0);
+ count = virDomainObjListNumOfDomains(privconn->domains, false,
+ NULL, NULL);
parallelsDriverUnlock(privconn);
return count;
@@ -1102,7 +1105,8 @@ parallelsConnectListAllDomains(virConnectPtr conn,
virCheckFlags(VIR_CONNECT_LIST_DOMAINS_FILTERS_ALL, -1);
parallelsDriverLock(privconn);
- ret = virDomainObjListExport(privconn->domains, conn, domains, flags);
+ ret = virDomainObjListExport(privconn->domains, conn, domains,
+ NULL, flags);
parallelsDriverUnlock(privconn);
return ret;
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index f51e766..593f532 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -1484,7 +1484,8 @@ static int qemuConnectListDomains(virConnectPtr conn, int *ids, int nids) {
if (virConnectListDomainsEnsureACL(conn) < 0)
return -1;
- n = virDomainObjListGetActiveIDs(driver->domains, ids, nids);
+ n = virDomainObjListGetActiveIDs(driver->domains, ids, nids,
+ virConnectListDomainsCheckACL, conn);
return n;
}
@@ -1496,7 +1497,8 @@ static int qemuConnectNumOfDomains(virConnectPtr conn) {
if (virConnectNumOfDomainsEnsureACL(conn) < 0)
return -1;
- n = virDomainObjListNumOfDomains(driver->domains, 1);
+ n = virDomainObjListNumOfDomains(driver->domains, true,
+ virConnectNumOfDomainsCheckACL, conn);
return n;
}
@@ -5711,7 +5713,8 @@ static int qemuConnectListDefinedDomains(virConnectPtr conn,
if (virConnectListDefinedDomainsEnsureACL(conn) < 0)
goto cleanup;
- ret = virDomainObjListGetInactiveNames(driver->domains, names, nnames);
+ ret = virDomainObjListGetInactiveNames(driver->domains, names, nnames,
+ virConnectListDefinedDomainsCheckACL, NULL);
cleanup:
return ret;
@@ -5724,7 +5727,8 @@ static int qemuConnectNumOfDefinedDomains(virConnectPtr conn) {
if (virConnectNumOfDefinedDomainsEnsureACL(conn) < 0)
goto cleanup;
- ret = virDomainObjListNumOfDomains(driver->domains, 0);
+ ret = virDomainObjListNumOfDomains(driver->domains, false,
+ virConnectNumOfDefinedDomainsCheckACL, NULL);
cleanup:
return ret;
@@ -12654,8 +12658,7 @@ static int qemuDomainSnapshotListNames(virDomainPtr domain, char **names,
if (virDomainSnapshotListNamesEnsureACL(domain->conn, vm->def) < 0)
goto cleanup;
- n = virDomainSnapshotObjListGetNames(vm->snapshots, NULL, names, nameslen,
- flags);
+ n = virDomainSnapshotObjListGetNames(vm->snapshots, NULL, names, nameslen, flags);
cleanup:
if (vm)
@@ -12732,8 +12735,7 @@ qemuDomainSnapshotListChildrenNames(virDomainSnapshotPtr snapshot,
if (!(snap = qemuSnapObjFromSnapshot(vm, snapshot)))
goto cleanup;
- n = virDomainSnapshotObjListGetNames(vm->snapshots, snap, names, nameslen,
- flags);
+ n = virDomainSnapshotObjListGetNames(vm->snapshots, snap, names, nameslen, flags);
cleanup:
if (vm)
@@ -12790,8 +12792,7 @@ qemuDomainSnapshotListAllChildren(virDomainSnapshotPtr snapshot,
if (!(snap = qemuSnapObjFromSnapshot(vm, snapshot)))
goto cleanup;
- n = virDomainListSnapshots(vm->snapshots, snap, snapshot->domain, snaps,
- flags);
+ n = virDomainListSnapshots(vm->snapshots, snap, snapshot->domain, snaps, flags);
cleanup:
if (vm)
@@ -15614,7 +15615,8 @@ qemuConnectListAllDomains(virConnectPtr conn,
if (virConnectListAllDomainsEnsureACL(conn) < 0)
goto cleanup;
- ret = virDomainObjListExport(driver->domains, conn, domains, flags);
+ ret = virDomainObjListExport(driver->domains, conn, domains,
+ virConnectListAllDomainsCheckACL, flags);
cleanup:
return ret;
diff --git a/src/rpc/gendispatch.pl b/src/rpc/gendispatch.pl
index ff15474..fdf5a79 100755
--- a/src/rpc/gendispatch.pl
+++ b/src/rpc/gendispatch.pl
@@ -1762,8 +1762,21 @@ elsif ($mode eq "client") {
push @argdecls, "unsigned int flags";
}
+ my $ret;
+ my $pass;
+ my $fail;
+ if ($action eq "Check") {
+ $ret = "bool";
+ $pass = "true";
+ $fail = "false";
+ } else {
+ $ret = "int";
+ $pass = "0";
+ $fail = "-1";
+ }
+
if ($mode eq "aclheader") {
- print "extern int $apiname(" . join(", ", @argdecls) . ");\n";
+ print "extern $ret $apiname(" . join(", ", @argdecls) . ");\n";
} else {
my @argvars;
push @argvars, "mgr";
@@ -1775,18 +1788,18 @@ elsif ($mode eq "client") {
push @argvars, $arg;
}
- if ($action eq "Check") {
- print "/* Returns: -1 on error, 0 on denied, 1 on allowed */\n";
- } else {
- print "/* Returns: -1 on error (denied==error), 0 on allowed */\n";
- }
- print "int $apiname(" . join(", ", @argdecls) . ")\n";
+ print "/* Returns: $fail on error/denied, $pass on allowed */\n";
+ print "$ret $apiname(" . join(", ", @argdecls) . ")\n";
print "{\n";
print " virAccessManagerPtr mgr;\n";
print " int rv;\n";
print "\n";
- print " if (!(mgr = virAccessManagerGetDefault()))\n";
- print " return -1;\n";
+ print " if (!(mgr = virAccessManagerGetDefault())) {\n";
+ if ($action eq "Check") {
+ print " virResetLastError();\n";
+ }
+ print " return $fail;\n";
+ print " }\n";
print "\n";
foreach my $acl (@acl) {
@@ -1811,20 +1824,17 @@ elsif ($mode eq "client") {
if ($action eq "Ensure") {
print " if (rv == 0)\n";
print " virReportError(VIR_ERR_ACCESS_DENIED, NULL);\n";
- print " return -1;\n";
+ print " return $fail;\n";
} else {
- print " return rv;\n";
+ print " virResetLastError();\n";
+ print " return $fail;\n";
}
print " }";
print "\n";
}
print " virObjectUnref(mgr);\n";
- if ($action eq "Check") {
- print " return 1;\n";
- } else {
- print " return 0;\n";
- }
+ print " return $pass;\n";
print "}\n\n";
}
}
diff --git a/src/test/test_driver.c b/src/test/test_driver.c
index 30c2194..88e23a3 100644
--- a/src/test/test_driver.c
+++ b/src/test/test_driver.c
@@ -1274,7 +1274,7 @@ static int testConnectNumOfDomains(virConnectPtr conn)
int count;
testDriverLock(privconn);
- count = virDomainObjListNumOfDomains(privconn->domains, 1);
+ count = virDomainObjListNumOfDomains(privconn->domains, true, NULL, NULL);
testDriverUnlock(privconn);
return count;
@@ -1463,7 +1463,7 @@ static int testConnectListDomains(virConnectPtr conn,
int n;
testDriverLock(privconn);
- n = virDomainObjListGetActiveIDs(privconn->domains, ids, maxids);
+ n = virDomainObjListGetActiveIDs(privconn->domains, ids, maxids, NULL, NULL);
testDriverUnlock(privconn);
return n;
@@ -2475,7 +2475,7 @@ static int testConnectNumOfDefinedDomains(virConnectPtr conn) {
int count;
testDriverLock(privconn);
- count = virDomainObjListNumOfDomains(privconn->domains, 0);
+ count = virDomainObjListNumOfDomains(privconn->domains, false, NULL, NULL);
testDriverUnlock(privconn);
return count;
@@ -2490,7 +2490,8 @@ static int testConnectListDefinedDomains(virConnectPtr conn,
testDriverLock(privconn);
memset(names, 0, sizeof(*names)*maxnames);
- n = virDomainObjListGetInactiveNames(privconn->domains, names, maxnames);
+ n = virDomainObjListGetInactiveNames(privconn->domains, names, maxnames,
+ NULL, NULL);
testDriverUnlock(privconn);
return n;
@@ -5688,6 +5689,7 @@ static int testNWFilterClose(virConnectPtr conn) {
return 0;
}
+
static int testConnectListAllDomains(virConnectPtr conn,
virDomainPtr **domains,
unsigned int flags)
@@ -5698,7 +5700,8 @@ static int testConnectListAllDomains(virConnectPtr conn,
virCheckFlags(VIR_CONNECT_LIST_DOMAINS_FILTERS_ALL, -1);
testDriverLock(privconn);
- ret = virDomainObjListExport(privconn->domains, conn, domains, flags);
+ ret = virDomainObjListExport(privconn->domains, conn, domains,
+ NULL, flags);
testDriverUnlock(privconn);
return ret;
diff --git a/src/uml/uml_driver.c b/src/uml/uml_driver.c
index 25b9748..df98eb8 100644
--- a/src/uml/uml_driver.c
+++ b/src/uml/uml_driver.c
@@ -1545,7 +1545,8 @@ static int umlConnectListDomains(virConnectPtr conn, int *ids, int nids) {
return -1;
umlDriverLock(driver);
- n = virDomainObjListGetActiveIDs(driver->domains, ids, nids);
+ n = virDomainObjListGetActiveIDs(driver->domains, ids, nids,
+ virConnectListDomainsCheckACL, conn);
umlDriverUnlock(driver);
return n;
@@ -1558,7 +1559,8 @@ static int umlConnectNumOfDomains(virConnectPtr conn) {
return -1;
umlDriverLock(driver);
- n = virDomainObjListNumOfDomains(driver->domains, 1);
+ n = virDomainObjListNumOfDomains(driver->domains, true,
+ virConnectNumOfDomainsCheckACL, conn);
umlDriverUnlock(driver);
return n;
@@ -1965,7 +1967,8 @@ static int umlConnectListDefinedDomains(virConnectPtr conn,
return -1;
umlDriverLock(driver);
- n = virDomainObjListGetInactiveNames(driver->domains, names, nnames);
+ n = virDomainObjListGetInactiveNames(driver->domains, names, nnames,
+ virConnectListDefinedDomainsCheckACL, conn);
umlDriverUnlock(driver);
return n;
@@ -1979,7 +1982,8 @@ static int umlConnectNumOfDefinedDomains(virConnectPtr conn) {
return -1;
umlDriverLock(driver);
- n = virDomainObjListNumOfDomains(driver->domains, 0);
+ n = virDomainObjListNumOfDomains(driver->domains, false,
+ virConnectNumOfDefinedDomainsCheckACL, conn);
umlDriverUnlock(driver);
return n;
@@ -2710,7 +2714,8 @@ static int umlConnectListAllDomains(virConnectPtr conn,
return -1;
umlDriverLock(driver);
- ret = virDomainObjListExport(driver->domains, conn, domains, flags);
+ ret = virDomainObjListExport(driver->domains, conn, domains,
+ virConnectListAllDomainsCheckACL, flags);
umlDriverUnlock(driver);
return ret;
diff --git a/src/vmware/vmware_driver.c b/src/vmware/vmware_driver.c
index 8a3fc99..ca6615f 100644
--- a/src/vmware/vmware_driver.c
+++ b/src/vmware/vmware_driver.c
@@ -987,7 +987,7 @@ vmwareConnectNumOfDefinedDomains(virConnectPtr conn)
vmwareDriverLock(driver);
vmwareDomainObjListUpdateAll(driver->domains, driver);
- n = virDomainObjListNumOfDomains(driver->domains, 0);
+ n = virDomainObjListNumOfDomains(driver->domains, false, NULL, NULL);
vmwareDriverUnlock(driver);
return n;
@@ -1001,7 +1001,7 @@ vmwareConnectNumOfDomains(virConnectPtr conn)
vmwareDriverLock(driver);
vmwareDomainObjListUpdateAll(driver->domains, driver);
- n = virDomainObjListNumOfDomains(driver->domains, 1);
+ n = virDomainObjListNumOfDomains(driver->domains, true, NULL, NULL);
vmwareDriverUnlock(driver);
return n;
@@ -1016,7 +1016,7 @@ vmwareConnectListDomains(virConnectPtr conn, int *ids, int nids)
vmwareDriverLock(driver);
vmwareDomainObjListUpdateAll(driver->domains, driver);
- n = virDomainObjListGetActiveIDs(driver->domains, ids, nids);
+ n = virDomainObjListGetActiveIDs(driver->domains, ids, nids, NULL, NULL);
vmwareDriverUnlock(driver);
return n;
@@ -1031,7 +1031,8 @@ vmwareConnectListDefinedDomains(virConnectPtr conn,
vmwareDriverLock(driver);
vmwareDomainObjListUpdateAll(driver->domains, driver);
- n = virDomainObjListGetInactiveNames(driver->domains, names, nnames);
+ n = virDomainObjListGetInactiveNames(driver->domains, names, nnames,
+ NULL, NULL);
vmwareDriverUnlock(driver);
return n;
}
@@ -1121,7 +1122,8 @@ vmwareConnectListAllDomains(virConnectPtr conn,
vmwareDriverLock(driver);
vmwareDomainObjListUpdateAll(driver->domains, driver);
- ret = virDomainObjListExport(driver->domains, conn, domains, flags);
+ ret = virDomainObjListExport(driver->domains, conn, domains,
+ NULL, flags);
vmwareDriverUnlock(driver);
return ret;
}
--
1.8.1.4
More information about the libvir-list
mailing list