[libvirt] [PATCH v7 2/2] bhyve: add ACL support

Roman Bogorodskiy bogorodskiy at gmail.com
Sun Feb 9 14:46:13 UTC 2014


---
 src/Makefile.am          |  5 ++--
 src/bhyve/bhyve_driver.c | 63 ++++++++++++++++++++++++++++++++++++++++++++----
 2 files changed, 61 insertions(+), 7 deletions(-)

diff --git a/src/Makefile.am b/src/Makefile.am
index 3567d13..d0aa18d 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -1330,8 +1330,9 @@ noinst_LTLIBRARIES += libvirt_driver_bhyve.la
 endif ! WITH_DRIVER_MODULES
 
 libvirt_driver_bhyve_impl_la_CFLAGS = \
-               -I$(top_srcdir)/src/conf \
-               $(AM_CFLAGS)
+	-I$(top_srcdir)/src/access \
+	-I$(top_srcdir)/src/conf \
+	$(AM_CFLAGS)
 libvirt_driver_bhyve_impl_la_LDFLAGS = $(AM_LDFLAGS)
 libvirt_driver_bhyve_impl_la_SOURCES = $(BHYVE_DRIVER_SOURCES)
 endif WITH_BHYVE
diff --git a/src/bhyve/bhyve_driver.c b/src/bhyve/bhyve_driver.c
index e8e082b..2d2e54e 100644
--- a/src/bhyve/bhyve_driver.c
+++ b/src/bhyve/bhyve_driver.c
@@ -47,6 +47,7 @@
 #include "virrandom.h"
 #include "virstring.h"
 #include "cpu/cpu.h"
+#include "viraccessapicheck.h"
 
 #include "bhyve_driver.h"
 #include "bhyve_process.h"
@@ -101,6 +102,9 @@ bhyveConnectGetCapabilities(virConnectPtr conn)
     bhyveConnPtr privconn = conn->privateData;
     char *xml;
 
+    if (virConnectGetCapabilitiesEnsureACL(conn) < 0)
+        return NULL;
+
     bhyveDriverLock(privconn);
     if ((xml = virCapabilitiesFormatXML(privconn->caps)) == NULL)
         virReportOOMError();
@@ -157,6 +161,9 @@ bhyveConnectOpen(virConnectPtr conn,
          return VIR_DRV_OPEN_ERROR;
      }
 
+     if (virConnectOpenEnsureACL(conn) < 0)
+         return VIR_DRV_OPEN_ERROR;
+
      conn->privateData = bhyve_driver;
 
      return VIR_DRV_OPEN_SUCCESS;
@@ -173,6 +180,9 @@ bhyveConnectClose(virConnectPtr conn)
 static char *
 bhyveConnectGetHostname(virConnectPtr conn ATTRIBUTE_UNUSED)
 {
+    if (virConnectGetHostnameEnsureACL(conn) < 0)
+        return NULL;
+
     return virGetHostname();
 }
 
@@ -181,6 +191,9 @@ bhyveConnectGetVersion(virConnectPtr conn ATTRIBUTE_UNUSED, unsigned long *versi
 {
     struct utsname ver;
 
+    if (virConnectGetVersionEnsureACL(conn) < 0)
+        return -1;
+
     uname(&ver);
 
     if (virParseVersionString(ver.release, version, true) < 0) {
@@ -201,6 +214,9 @@ bhyveDomainGetInfo(virDomainPtr domain, virDomainInfoPtr info)
     if (!(vm = bhyveDomObjFromDomain(domain)))
         goto cleanup;
 
+    if (virDomainGetInfoEnsureACL(domain->conn, vm->def) < 0)
+        goto cleanup;
+
     info->state = virDomainObjGetState(vm, NULL);
     info->maxMem = vm->def->mem.max_balloon;
     info->nrVirtCpu = vm->def->vcpus;
@@ -226,6 +242,9 @@ bhyveDomainGetState(virDomainPtr domain,
     if (!(vm = bhyveDomObjFromDomain(domain)))
         goto cleanup;
 
+    if (virDomainGetStateEnsureACL(domain->conn, vm->def) < 0)
+       goto cleanup;
+
     *state = virDomainObjGetState(vm, reason);
     ret = 0;
 
@@ -244,6 +263,9 @@ bhyveDomainGetXMLDesc(virDomainPtr domain, unsigned int flags)
     if (!(vm = bhyveDomObjFromDomain(domain)))
         goto cleanup;
 
+    if (virDomainGetXMLDescEnsureACL(domain->conn, vm->def, flags) < 0)
+        goto cleanup;
+
     ret = virDomainDefFormat(vm->def, flags);
 
 cleanup:
@@ -269,6 +291,9 @@ bhyveDomainDefineXML(virConnectPtr conn, const char *xml)
         goto cleanup;
     }
 
+    if (virDomainDefineXMLEnsureACL(conn, def) < 0)
+        goto cleanup;
+
     if (!(vm = virDomainObjListAdd(privconn->domains, def,
                                    privconn->xmlopt,
                                    0, &oldDef)))
@@ -296,8 +321,11 @@ bhyveConnectListDomains(virConnectPtr conn, int *ids, int maxids)
     bhyveConnPtr privconn = conn->privateData;
     int n;
 
+    if (virConnectListDomainsEnsureACL(conn) < 0)
+        return -1;
+
     n = virDomainObjListGetActiveIDs(privconn->domains, ids, maxids,
-                                     NULL, NULL);
+                                     virConnectListDomainsCheckACL, conn);
 
     return n;
 }
@@ -308,8 +336,11 @@ bhyveConnectNumOfDomains(virConnectPtr conn)
     bhyveConnPtr privconn = conn->privateData;
     int count;
 
+    if (virConnectNumOfDomainsEnsureACL(conn) < 0)
+        return -1;
+
     count = virDomainObjListNumOfDomains(privconn->domains, true,
-                                         NULL, NULL);
+                                         virConnectNumOfDomainsCheckACL, conn);
 
     return count;
 }
@@ -321,9 +352,12 @@ bhyveConnectListDefinedDomains(virConnectPtr conn, char **const names,
     bhyveConnPtr privconn = conn->privateData;
     int n;
 
+    if (virConnectListDefinedDomainsEnsureACL(conn) < 0)
+        return -1;
+
     memset(names, 0, sizeof(*names) * maxnames);
     n = virDomainObjListGetInactiveNames(privconn->domains, names,
-                                         maxnames, NULL, NULL);
+                                         maxnames, virConnectListDefinedDomainsCheckACL, conn);
 
     return n;
 }
@@ -334,8 +368,11 @@ bhyveConnectNumOfDefinedDomains(virConnectPtr conn)
     bhyveConnPtr privconn = conn->privateData;
     int count;
 
+    if (virConnectNumOfDefinedDomainsEnsureACL(conn) < 0)
+        return -1;
+
     count = virDomainObjListNumOfDomains(privconn->domains, false,
-                                         NULL, NULL);
+                                         virConnectNumOfDefinedDomainsCheckACL, conn);
 
     return count;
 }
@@ -350,8 +387,11 @@ bhyveConnectListAllDomains(virConnectPtr conn,
 
     virCheckFlags(VIR_CONNECT_LIST_DOMAINS_FILTERS_ALL, -1);
 
+    if (virConnectListAllDomainsEnsureACL(conn) < 0)
+        return -1;
+
     ret = virDomainObjListExport(privconn->domains, conn, domains,
-                                 NULL, flags);
+                                 virConnectListAllDomainsCheckACL, flags);
 
     return ret;
 }
@@ -374,6 +414,9 @@ bhyveDomainLookupByUUID(virConnectPtr conn,
         goto cleanup;
     }
 
+    if (virDomainLookupByUUIDEnsureACL(conn, vm->def) < 0)
+        goto cleanup;
+
     dom = virGetDomain(conn, vm->def->name, vm->def->uuid);
     if (dom)
         dom->id = vm->def->id;
@@ -398,6 +441,10 @@ static virDomainPtr bhyveDomainLookupByName(virConnectPtr conn,
                        _("no domain with matching name '%s'"), name);
         goto cleanup;
     }
+
+    if (virDomainLookupByNameEnsureACL(conn, vm->def) < 0)
+        goto cleanup;
+
     dom = virGetDomain(conn, vm->def->name, vm->def->uuid);
     if (dom)
         dom->id = vm->def->id;
@@ -418,6 +465,9 @@ bhyveDomainCreate(virDomainPtr dom)
     if (!(vm = bhyveDomObjFromDomain(dom)))
         goto cleanup;
 
+    if (virDomainCreateEnsureACL(dom->conn, vm->def) < 0)
+        goto cleanup;
+
     if (virDomainObjIsActive(vm)) {
         virReportError(VIR_ERR_OPERATION_INVALID,
                        "%s", _("Domain is already running"));
@@ -443,6 +493,9 @@ bhyveDomainDestroy(virDomainPtr dom)
     if (!(vm = bhyveDomObjFromDomain(dom)))
         goto cleanup;
 
+    if (virDomainDestroyEnsureACL(dom->conn, vm->def) < 0)
+        goto cleanup;
+
     ret = virBhyveProcessStop(privconn, vm, VIR_DOMAIN_SHUTOFF_DESTROYED);
 
 cleanup:
-- 
1.8.4.3




More information about the libvir-list mailing list