[libvirt] [PATCH 00/40] Refactor Xen driver to support ACL work

Thu May 2 15:18:14 UTC 2013

From: "Daniel P. Berrange" <berrange at redhat.com>

The Xen driver currently is a really horrible mess, in particular
with the way iterates over sub-drivers calling each one in turn,
until one magically works. For each operation there is always a
clear rule for which sub-driver must be used. Thus instead of
blindly iterating over all drivers, we can directly invoke the
correct sub-driver. This highlights that quite alot of code is
in fact completely unreachable / used & can be deleted.

The second big issue is that the Xen sub-drivers will randomly
use either the 'id', 'name' or 'uuid' from the virDomainPtr object.
If the user provides a malicious virDomainPtr instance, it is
possible to have a 'id' referring to domain A, a 'name' referring
to domain B and a 'uuid' referring to domain C. This makes doing
reliable access control checks difficult. To ensure we have a
consistent triple, use the 'uuid' from virDomainPtr to lookup the
guest with the hypervisor and return a virDomainDefPtr where only
the name/id/uuid are filled out. Use this in the all the subdrivers
isolating them from the public virDomainPtr object. The top level
Xen driver will then be able to do access control checks on the
virDomainDefPtr instances.

Daniel P. Berrange (40):
  Remove xen driver checks for priv->handle < 0
  Remove VIR_CONNECT_RO checks from xen drivers
  Remove pointless GET_PRIVATE macro from Xen driver
  Simplify opening of Xen drivers
  Simplify the Xen get type driver method
  Simplify the Xen get version driver method
  Simplify the Xen get max vcpus / node get info driver methods
  Simplify the Xen count/list domains driver methods
  Simplify the Xen domain create driver method
  Simplify the Xen domain lookup driver methods
  Simplify the Xen domain is persistent driver method
  Simplify the Xen domain suspend/resume driver methods
  Simplify the Xen domain shutdown/reboot driver methods
  Simplify the Xen domain destroy driver method
  Simplify the Xen domain get OS type driver method
  Remove Xen get hostname driver method
  Simplify the Xen domain get/set (max) memory driver methods
  Simplify the Xen domain get info/state driver methods
  Simplify the Xen domain save/restore driver methods
  Simplify the Xen domain VCPU driver methods
  Simplify the Xen domain get XML driver method
  Simplify the Xen domain migration driver methods
  Simplify the Xen driver define domain driver methods
  Simplify the Xen domain start driver method
  Simplify the Xen domain define/undefine driver methods
  Simplify the Xen domain attach/dettach driver methods
  Simplify the Xen domain scheduler parameter driver methods
  Simplify the Xen domain autostart driver method
  Simplify the Xen domain stats/peek / node memory driver methods
  Convert Xen domain lookup driver methods to use virDomainDefPtr
  Convert Xen domain lifecycle driver methods to use virDomainDefPtr
  Convert Xen domain property driver methods to use virDomainDefPtr
  Convert Xen domain managed save driver methods to use virDomainDefPtr
  Convert Xen domain start/migration APIs to use virDomainDefPtr
  Convert Xen domain VCPU driver methods to use virDomainDefPtr
  Convert Xen domain device hotplug driver methods to use
    virDomainDefPtr
  Convert Xen domain autostart driver methods to use virDomainDefPtr
  Convert Xen domain scheduler driver methods to use virDomainDefPtr
  Convert Xen domain stats/peek driver methods to use virDomainDefPtr
  Convert Xen domain core dump driver methods to use virDomainDefPtr

 src/conf/domain_conf.c   |   23 +
 src/conf/domain_conf.h   |    4 +
 src/libvirt_private.syms |    1 +
 src/xen/block_stats.c    |    6 +-
 src/xen/block_stats.h    |    2 +-
 src/xen/xen_driver.c     | 1542 ++++++++++++++++++++++++----------------------
 src/xen/xen_driver.h     |   37 --
 src/xen/xen_hypervisor.c |  668 +++-----------------
 src/xen/xen_hypervisor.h |   83 ++-
 src/xen/xen_inotify.c    |   22 +-
 src/xen/xen_inotify.h    |   11 +-
 src/xen/xend_internal.c  |  855 ++++++++-----------------
 src/xen/xend_internal.h  |  164 +++--
 src/xen/xm_internal.c    |  312 ++++------
 src/xen/xm_internal.h    |   84 ++-
 src/xen/xs_internal.c    |  427 +------------
 src/xen/xs_internal.h    |   20 +-
 17 files changed, 1492 insertions(+), 2769 deletions(-)

-- 
1.8.1.4