[libvirt] [PATCH 9/9] vz: add ACL checks to API calls
Maxim Nestratov
mnestratov at virtuozzo.com
Wed Aug 17 22:09:01 UTC 2016
24-Jun-16 17:32, Nikolay Shirokovskiy пишет:
> vzDomainMigrateConfirm3Params is whitelisted. Otherwise we need to
> move removing domain from domain list from perform to confirm
> step. This would further imply adding a flag and check that migration
> is in progress to prohibit mistakenly (maliciously) removing domains
> on confirm step. vz version of p2p also need to be fixed to include confirm step.
> One would also need to add means to cleanup pending migration
> on client disconnect as now is has state across several API
> calls.
>
> On the other hand current version of confirm step is totaly
> harmless thus it is easier to whitelist it at the moment.
>
> Signed-off-by: Nikolay Shirokovskiy <nshirokovskiy at virtuozzo.com>
> ---
> src/Makefile.am | 5 +-
> src/check-aclrules.pl | 1 +
> src/remote/remote_protocol.x | 4 +-
> src/vz/vz_driver.c | 348 +++++++++++++++++++++++++++++++++++++++----
> 4 files changed, 330 insertions(+), 28 deletions(-)
>
> diff --git a/src/Makefile.am b/src/Makefile.am
> index a14cb3f..8ecec55 100644
> --- a/src/Makefile.am
> +++ b/src/Makefile.am
> @@ -651,6 +651,7 @@ STATEFUL_DRIVER_SOURCE_FILES = \
> $(STORAGE_DRIVER_SOURCES) \
> $(UML_DRIVER_SOURCES) \
> $(XEN_DRIVER_SOURCES) \
> + $(VZ_DRIVER_SOURCES) \
> $(NULL)
>
>
> @@ -1514,7 +1515,9 @@ else ! WITH_DRIVER_MODULES
> noinst_LTLIBRARIES += libvirt_driver_vz.la
> endif ! WITH_DRIVER_MODULES
> libvirt_driver_vz_impl_la_CFLAGS = \
> - -I$(srcdir)/conf $(AM_CFLAGS) \
> + -I$(srcdir)/conf \
> + -I$(srcdir)/access \
> + $(AM_CFLAGS) \
> $(PARALLELS_SDK_CFLAGS) $(LIBNL_CFLAGS)
> libvirt_driver_vz_impl_la_SOURCES = $(VZ_DRIVER_SOURCES)
> libvirt_driver_vz_impl_la_LIBADD = $(PARALLELS_SDK_LIBS) $(LIBNL_LIBS)
> diff --git a/src/check-aclrules.pl b/src/check-aclrules.pl
> index 9151e6a..8739cda 100755
> --- a/src/check-aclrules.pl
> +++ b/src/check-aclrules.pl
> @@ -73,6 +73,7 @@ my %implwhitelist = (
> "xenUnifiedDomainIsPersistent" => 1,
> "xenUnifiedDomainIsUpdated" => 1,
> "xenUnifiedDomainOpenConsole" => 1,
> + "vzDomainMigrateConfirm3Params" => 1,
> );
> my %filterimplwhitelist = (
> "xenUnifiedConnectListDomains" => 1,
> diff --git a/src/remote/remote_protocol.x b/src/remote/remote_protocol.x
> index e7a7025..64e4b9e 100644
> --- a/src/remote/remote_protocol.x
> +++ b/src/remote/remote_protocol.x
> @@ -5794,13 +5794,13 @@ enum remote_procedure {
>
> /**
> * @generate: none
> - * @acl: none
> + * @acl: connect:getattr
> */
> REMOTE_PROC_CONNECT_REGISTER_CLOSE_CALLBACK = 360,
>
> /**
> * @generate: none
> - * @acl: none
> + * @acl: connect:getattr
> */
> REMOTE_PROC_CONNECT_UNREGISTER_CLOSE_CALLBACK = 361,
>
> diff --git a/src/vz/vz_driver.c b/src/vz/vz_driver.c
> index 9fa377e..8e1d039 100644
> --- a/src/vz/vz_driver.c
> +++ b/src/vz/vz_driver.c
> @@ -53,6 +53,7 @@
> #include "virtypedparam.h"
> #include "virhostmem.h"
> #include "virhostcpu.h"
> +#include "viraccessapicheck.h"
>
> #include "vz_driver.h"
> #include "vz_utils.h"
> @@ -229,6 +230,9 @@ vzConnectGetCapabilities(virConnectPtr conn)
> vzConnPtr privconn = conn->privateData;
> char *xml;
>
> + if (virConnectGetCapabilitiesEnsureACL(conn) < 0)
> + return NULL;
> +
> xml = virCapabilitiesFormatXML(privconn->driver->caps);
> return xml;
> }
> @@ -375,6 +379,9 @@ vzConnectOpen(virConnectPtr conn,
> return VIR_DRV_OPEN_ERROR;
> }
>
> + if (virConnectOpenEnsureACL(conn) < 0)
> + return VIR_DRV_OPEN_ERROR;
> +
> if (!(driver = vzGetDriverConnection()))
> return VIR_DRV_OPEN_ERROR;
>
> @@ -432,13 +439,20 @@ static int
> vzConnectGetVersion(virConnectPtr conn, unsigned long *hvVer)
> {
> vzConnPtr privconn = conn->privateData;
> +
> + if (virConnectGetVersionEnsureACL(conn) < 0)
> + return -1;
> +
> *hvVer = privconn->driver->vzVersion;
> return 0;
> }
>
>
> -static char *vzConnectGetHostname(virConnectPtr conn ATTRIBUTE_UNUSED)
> +static char *vzConnectGetHostname(virConnectPtr conn)
> {
> + if (virConnectGetHostnameEnsureACL(conn) < 0)
> + return NULL;
> +
> return virGetHostname();
> }
>
> @@ -451,6 +465,9 @@ vzConnectGetSysinfo(virConnectPtr conn, unsigned int flags)
>
> virCheckFlags(0, NULL);
>
> + if (virConnectGetSysinfoEnsureACL(conn) < 0)
> + return NULL;
> +
> if (!driver->hostsysinfo) {
> virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
> _("Host SMBIOS information is not available"));
> @@ -471,8 +488,11 @@ vzConnectListDomains(virConnectPtr conn, int *ids, int maxids)
> vzConnPtr privconn = conn->privateData;
> int n;
>
> + if (virConnectListDomainsEnsureACL(conn) < 0)
> + return -1;
> +
> n = virDomainObjListGetActiveIDs(privconn->driver->domains, ids, maxids,
> - NULL, NULL);
> + virConnectListDomainsCheckACL, conn);
>
> return n;
> }
> @@ -483,8 +503,11 @@ vzConnectNumOfDomains(virConnectPtr conn)
> vzConnPtr privconn = conn->privateData;
> int count;
>
> + if (virConnectNumOfDomainsEnsureACL(conn) < 0)
> + return -1;
> +
> count = virDomainObjListNumOfDomains(privconn->driver->domains, true,
> - NULL, NULL);
> + virConnectNumOfDomainsCheckACL, conn);
>
> return count;
> }
> @@ -495,9 +518,14 @@ vzConnectListDefinedDomains(virConnectPtr conn, char **const names, int maxnames
> vzConnPtr privconn = conn->privateData;
> int n;
>
> + if (virConnectListDefinedDomainsEnsureACL(conn) < 0)
> + return -1;
> +
> memset(names, 0, sizeof(*names) * maxnames);
> n = virDomainObjListGetInactiveNames(privconn->driver->domains, names,
> - maxnames, NULL, NULL);
> + maxnames,
> + virConnectListDefinedDomainsCheckACL,
> + conn);
>
> return n;
> }
> @@ -508,8 +536,12 @@ vzConnectNumOfDefinedDomains(virConnectPtr conn)
> vzConnPtr privconn = conn->privateData;
> int count;
>
> + if (virConnectNumOfDefinedDomainsEnsureACL(conn) < 0)
> + return -1;
> +
> count = virDomainObjListNumOfDomains(privconn->driver->domains, false,
> - NULL, NULL);
> + virConnectNumOfDefinedDomainsCheckACL,
> + conn);
> return count;
> }
>
> @@ -522,8 +554,12 @@ vzConnectListAllDomains(virConnectPtr conn,
> int ret = -1;
>
> virCheckFlags(VIR_CONNECT_LIST_DOMAINS_FILTERS_ALL, -1);
> +
> + if (virConnectListAllDomainsEnsureACL(conn) < 0)
> + return -1;
> +
> ret = virDomainObjListExport(privconn->driver->domains, conn, domains,
> - NULL, flags);
> + virConnectListAllDomainsCheckACL, flags);
>
> return ret;
> }
> @@ -532,7 +568,7 @@ static virDomainPtr
> vzDomainLookupByID(virConnectPtr conn, int id)
> {
> vzConnPtr privconn = conn->privateData;
> - virDomainPtr ret;
> + virDomainPtr ret = NULL;
> virDomainObjPtr dom;
>
> dom = virDomainObjListFindByID(privconn->driver->domains, id);
> @@ -542,10 +578,14 @@ vzDomainLookupByID(virConnectPtr conn, int id)
> return NULL;
> }
>
> + if (virDomainLookupByIDEnsureACL(conn, dom->def) < 0)
> + goto cleanup;
> +
> ret = virGetDomain(conn, dom->def->name, dom->def->uuid);
> if (ret)
> ret->id = dom->def->id;
>
> + cleanup:
> virObjectUnlock(dom);
> return ret;
> }
> @@ -554,7 +594,7 @@ static virDomainPtr
> vzDomainLookupByUUID(virConnectPtr conn, const unsigned char *uuid)
> {
> vzConnPtr privconn = conn->privateData;
> - virDomainPtr ret;
> + virDomainPtr ret = NULL;
> virDomainObjPtr dom;
>
> dom = virDomainObjListFindByUUID(privconn->driver->domains, uuid);
> @@ -567,10 +607,14 @@ vzDomainLookupByUUID(virConnectPtr conn, const unsigned char *uuid)
> return NULL;
> }
>
> + if (virDomainLookupByUUIDEnsureACL(conn, dom->def) < 0)
> + goto cleanup;
> +
> ret = virGetDomain(conn, dom->def->name, dom->def->uuid);
> if (ret)
> ret->id = dom->def->id;
>
> + cleanup:
> virObjectUnlock(dom);
> return ret;
> }
> @@ -579,7 +623,7 @@ static virDomainPtr
> vzDomainLookupByName(virConnectPtr conn, const char *name)
> {
> vzConnPtr privconn = conn->privateData;
> - virDomainPtr ret;
> + virDomainPtr ret = NULL;
> virDomainObjPtr dom;
>
> dom = virDomainObjListFindByName(privconn->driver->domains, name);
> @@ -590,10 +634,14 @@ vzDomainLookupByName(virConnectPtr conn, const char *name)
> return NULL;
> }
>
> + if (virDomainLookupByNameEnsureACL(conn, dom->def) < 0)
> + goto cleanup;
> +
> ret = virGetDomain(conn, dom->def->name, dom->def->uuid);
> if (ret)
> ret->id = dom->def->id;
>
> + cleanup:
> virDomainObjEndAPI(&dom);
> return ret;
> }
> @@ -607,6 +655,9 @@ vzDomainGetInfo(virDomainPtr domain, virDomainInfoPtr info)
> if (!(dom = vzDomObjFromDomainRef(domain)))
> goto cleanup;
>
> + if (virDomainGetInfoEnsureACL(domain->conn, dom->def) < 0)
> + goto cleanup;
> +
> info->state = virDomainObjGetState(dom, NULL);
> info->memory = dom->def->mem.cur_balloon;
> info->maxMem = virDomainDefGetMemoryTotal(dom->def);
> @@ -645,8 +696,12 @@ vzDomainGetOSType(virDomainPtr domain)
> if (!(dom = vzDomObjFromDomain(domain)))
> return NULL;
>
> + if (virDomainGetOSTypeEnsureACL(domain->conn, dom->def) < 0)
> + goto cleanup;
> +
> ignore_value(VIR_STRDUP(ret, virDomainOSTypeToString(dom->def->os.type)));
>
> + cleanup:
> virObjectUnlock(dom);
> return ret;
> }
> @@ -655,12 +710,19 @@ static int
> vzDomainIsPersistent(virDomainPtr domain)
> {
> virDomainObjPtr dom;
> + int ret = -1;
>
> if (!(dom = vzDomObjFromDomain(domain)))
> return -1;
>
> + if (virDomainIsPersistentEnsureACL(domain->conn, dom->def) < 0)
> + goto cleanup;
> +
> + ret = 1;
> +
> + cleanup:
> virObjectUnlock(dom);
> - return 1;
> + return ret;
> }
>
> static int
> @@ -668,16 +730,22 @@ vzDomainGetState(virDomainPtr domain,
> int *state, int *reason, unsigned int flags)
> {
> virDomainObjPtr dom;
> + int ret = -1;
>
> virCheckFlags(0, -1);
>
> if (!(dom = vzDomObjFromDomain(domain)))
> return -1;
>
> + if (virDomainGetStateEnsureACL(domain->conn, dom->def) < 0)
> + goto cleanup;
> +
> *state = virDomainObjGetState(dom, reason);
> + ret = 0;
>
> + cleanup:
> virObjectUnlock(dom);
> - return 0;
> + return ret;
> }
>
> static char *
> @@ -693,11 +761,15 @@ vzDomainGetXMLDesc(virDomainPtr domain, unsigned int flags)
> if (!(dom = vzDomObjFromDomain(domain)))
> return NULL;
>
> + if (virDomainGetXMLDescEnsureACL(domain->conn, dom->def, flags) < 0)
> + goto cleanup;
> +
> def = (flags & VIR_DOMAIN_XML_INACTIVE) &&
> dom->newDef ? dom->newDef : dom->def;
>
> ret = virDomainDefFormat(def, privconn->driver->caps, flags);
>
> + cleanup:
> virObjectUnlock(dom);
> return ret;
> }
> @@ -706,14 +778,20 @@ static int
> vzDomainGetAutostart(virDomainPtr domain, int *autostart)
> {
> virDomainObjPtr dom;
> + int ret = -1;
>
> if (!(dom = vzDomObjFromDomain(domain)))
> return -1;
>
> + if (virDomainGetAutostartEnsureACL(domain->conn, dom->def) < 0)
> + goto cleanup;
> +
> *autostart = dom->autostart;
> + ret = 0;
>
> + cleanup:
> virObjectUnlock(dom);
> - return 0;
> + return ret;
> }
>
> static bool
> @@ -752,6 +830,9 @@ vzDomainDefineXMLFlags(virConnectPtr conn, const char *xml, unsigned int flags)
> parse_flags)) == NULL)
> goto cleanup;
>
> + if (virDomainDefineXMLFlagsEnsureACL(conn, def) < 0)
> + goto cleanup;
> +
> dom = virDomainObjListFindByUUIDRef(driver->domains, def->uuid);
> if (dom == NULL) {
> virResetLastError();
> @@ -829,9 +910,12 @@ vzDomainDefineXML(virConnectPtr conn, const char *xml)
>
>
> static int
> -vzNodeGetInfo(virConnectPtr conn ATTRIBUTE_UNUSED,
> +vzNodeGetInfo(virConnectPtr conn,
> virNodeInfoPtr nodeinfo)
> {
> + if (virNodeGetInfoEnsureACL(conn) < 0)
> + return -1;
> +
> return nodeGetInfo(nodeinfo);
> }
>
> @@ -854,13 +938,16 @@ static int vzConnectIsAlive(virConnectPtr conn ATTRIBUTE_UNUSED)
>
>
> static char *
> -vzConnectBaselineCPU(virConnectPtr conn ATTRIBUTE_UNUSED,
> +vzConnectBaselineCPU(virConnectPtr conn,
> const char **xmlCPUs,
> unsigned int ncpus,
> unsigned int flags)
> {
> virCheckFlags(VIR_CONNECT_BASELINE_CPU_EXPAND_FEATURES, NULL);
>
> + if (virConnectBaselineCPUEnsureACL(conn) < 0)
> + return NULL;
> +
> return cpuBaselineXML(xmlCPUs, ncpus, NULL, 0, flags);
> }
>
> @@ -879,6 +966,9 @@ vzDomainGetVcpus(virDomainPtr domain,
> if (!(dom = vzDomObjFromDomainRef(domain)))
> return -1;
>
> + if (virDomainGetVcpusEnsureACL(domain->conn, dom->def) < 0)
> + goto cleanup;
> +
> if (!virDomainObjIsActive(dom)) {
> virReportError(VIR_ERR_OPERATION_INVALID,
> "%s",
> @@ -922,6 +1012,9 @@ vzNodeGetCPUMap(virConnectPtr conn ATTRIBUTE_UNUSED,
It's no longer unused
> unsigned int *online,
> unsigned int flags)
> {
> + if (virNodeGetCPUMapEnsureACL(conn) < 0)
> + return -1;
> +
> return virHostCPUGetMap(cpumap, online, flags);
> }
>
> @@ -935,6 +1028,10 @@ vzConnectDomainEventRegisterAny(virConnectPtr conn,
> {
> int ret = -1;
> vzConnPtr privconn = conn->privateData;
> +
> + if (virConnectDomainEventRegisterAnyEnsureACL(conn) < 0)
> + return -1;
> +
> if (virDomainEventStateRegisterID(conn,
> privconn->driver->domainEventState,
> domain, eventID,
> @@ -949,6 +1046,9 @@ vzConnectDomainEventDeregisterAny(virConnectPtr conn,
> {
> vzConnPtr privconn = conn->privateData;
>
> + if (virConnectDomainEventDeregisterAnyEnsureACL(conn) < 0)
> + return -1;
> +
> if (virObjectEventStateDeregisterID(conn,
> privconn->driver->domainEventState,
> callbackID) < 0)
> @@ -968,6 +1068,9 @@ vzDomainSuspend(virDomainPtr domain)
> if (!(dom = vzDomObjFromDomainRef(domain)))
> return -1;
>
> + if (virDomainSuspendEnsureACL(domain->conn, dom->def) < 0)
> + goto cleanup;
> +
> if (vzDomainObjBeginJob(dom) < 0)
> goto cleanup;
> job = true;
> @@ -1002,6 +1105,9 @@ vzDomainResume(virDomainPtr domain)
> if (!(dom = vzDomObjFromDomainRef(domain)))
> return -1;
>
> + if (virDomainResumeEnsureACL(domain->conn, dom->def) < 0)
> + goto cleanup;
> +
> if (vzDomainObjBeginJob(dom) < 0)
> goto cleanup;
> job = true;
> @@ -1038,6 +1144,9 @@ vzDomainCreateWithFlags(virDomainPtr domain, unsigned int flags)
> if (!(dom = vzDomObjFromDomainRef(domain)))
> return -1;
>
> + if (virDomainCreateWithFlagsEnsureACL(domain->conn, dom->def) < 0)
> + goto cleanup;
> +
> if (vzDomainObjBeginJob(dom) < 0)
> goto cleanup;
> job = true;
> @@ -1074,6 +1183,9 @@ vzDomainDestroyFlags(virDomainPtr domain, unsigned int flags)
> if (!(dom = vzDomObjFromDomainRef(domain)))
> return -1;
>
> + if (virDomainDestroyFlagsEnsureACL(domain->conn, dom->def) < 0)
> + goto cleanup;
> +
> if (vzDomainObjBeginJob(dom) < 0)
> goto cleanup;
> job = true;
> @@ -1116,6 +1228,9 @@ vzDomainShutdownFlags(virDomainPtr domain, unsigned int flags)
> if (!(dom = vzDomObjFromDomainRef(domain)))
> return -1;
>
> + if (virDomainShutdownFlagsEnsureACL(domain->conn, dom->def, flags) < 0)
> + goto cleanup;
> +
> if (vzDomainObjBeginJob(dom) < 0)
> goto cleanup;
> job = true;
> @@ -1157,6 +1272,9 @@ vzDomainReboot(virDomainPtr domain, unsigned int flags)
> if (!(dom = vzDomObjFromDomainRef(domain)))
> return -1;
>
> + if (virDomainRebootEnsureACL(domain->conn, dom->def, flags) < 0)
> + goto cleanup;
> +
> if (vzDomainObjBeginJob(dom) < 0)
> goto cleanup;
> job = true;
> @@ -1188,7 +1306,12 @@ static int vzDomainIsActive(virDomainPtr domain)
> if (!(dom = vzDomObjFromDomain(domain)))
> return -1;
>
> + if (virDomainIsActiveEnsureACL(domain->conn, dom->def) < 0)
> + goto cleanup;
> +
> ret = virDomainObjIsActive(dom);
> +
> + cleanup:
> virObjectUnlock(dom);
>
> return ret;
> @@ -1215,6 +1338,9 @@ vzDomainUndefineFlags(virDomainPtr domain,
> if (!(dom = vzDomObjFromDomainRef(domain)))
> return -1;
>
> + if (virDomainUndefineFlagsEnsureACL(domain->conn, dom->def) < 0)
> + goto cleanup;
> +
> if (vzDomainObjBeginJob(dom) < 0)
> goto cleanup;
> job = true;
> @@ -1244,16 +1370,23 @@ vzDomainHasManagedSaveImage(virDomainPtr domain, unsigned int flags)
> {
> virDomainObjPtr dom = NULL;
> int state, reason;
> - int ret = 0;
> + int ret = -1;
>
> virCheckFlags(0, -1);
>
> if (!(dom = vzDomObjFromDomain(domain)))
> return -1;
>
> + if (virDomainHasManagedSaveImageEnsureACL(domain->conn, dom->def) < 0)
> + goto cleanup;
> +
> state = virDomainObjGetState(dom, &reason);
> if (state == VIR_DOMAIN_SHUTOFF && reason == VIR_DOMAIN_SHUTOFF_SAVED)
> ret = 1;
> + else
> + ret = 0;
> +
> + cleanup:
> virObjectUnlock(dom);
>
> return ret;
> @@ -1274,6 +1407,9 @@ vzDomainManagedSave(virDomainPtr domain, unsigned int flags)
> if (!(dom = vzDomObjFromDomainRef(domain)))
> return -1;
>
> + if (virDomainManagedSaveEnsureACL(domain->conn, dom->def) < 0)
> + goto cleanup;
> +
> if (vzDomainObjBeginJob(dom) < 0)
> goto cleanup;
> job = true;
> @@ -1314,6 +1450,9 @@ vzDomainManagedSaveRemove(virDomainPtr domain, unsigned int flags)
> if (!(dom = vzDomObjFromDomainRef(domain)))
> return -1;
>
> + if (virDomainManagedSaveRemoveEnsureACL(domain->conn, dom->def) < 0)
> + goto cleanup;
> +
> state = virDomainObjGetState(dom, &reason);
>
> if (!(state == VIR_DOMAIN_SHUTOFF && reason == VIR_DOMAIN_SHUTOFF_SAVED))
> @@ -1366,6 +1505,9 @@ static int vzDomainAttachDeviceFlags(virDomainPtr domain, const char *xml,
> if (vzCheckConfigUpdateFlags(dom, &flags) < 0)
> goto cleanup;
>
> + if (virDomainAttachDeviceFlagsEnsureACL(domain->conn, dom->def, flags) < 0)
> + goto cleanup;
> +
> dev = virDomainDeviceDefParse(xml, dom->def, privconn->driver->caps,
> privconn->driver->xmlopt, VIR_DOMAIN_XML_INACTIVE);
> if (dev == NULL)
> @@ -1435,6 +1577,9 @@ static int vzDomainDetachDeviceFlags(virDomainPtr domain, const char *xml,
> if (vzCheckConfigUpdateFlags(dom, &flags) < 0)
> goto cleanup;
>
> + if (virDomainDetachDeviceFlagsEnsureACL(domain->conn, dom->def, flags) < 0)
> + goto cleanup;
> +
> dev = virDomainDeviceDefParse(xml, dom->def, privconn->driver->caps,
> privconn->driver->xmlopt,
> VIR_DOMAIN_XML_INACTIVE |
> @@ -1502,6 +1647,9 @@ vzDomainSetUserPassword(virDomainPtr domain,
> if (!(dom = vzDomObjFromDomainRef(domain)))
> return -1;
>
> + if (virDomainSetUserPasswordEnsureACL(domain->conn, dom->def) < 0)
> + goto cleanup;
> +
> if (vzDomainObjBeginJob(dom) < 0)
> goto cleanup;
> job = true;
> @@ -1527,7 +1675,12 @@ vzDomainGetMaxMemory(virDomainPtr domain)
> if (!(dom = vzDomObjFromDomain(domain)))
> return -1;
>
> + if (virDomainGetMaxMemoryEnsureACL(domain->conn, dom->def) < 0)
> + goto cleanup;
> +
> ret = virDomainDefGetMemoryTotal(dom->def);
> +
> + cleanup:
> virObjectUnlock(dom);
> return ret;
> }
> @@ -1586,6 +1739,9 @@ vzDomainBlockStats(virDomainPtr domain,
> if (!(dom = vzDomObjFromDomainRef(domain)))
> return -1;
>
> + if (virDomainBlockStatsEnsureACL(domain->conn, dom->def) < 0)
> + goto cleanup;
> +
> if (vzDomainBlockStatsImpl(dom, path, stats) < 0)
> goto cleanup;
>
> @@ -1650,6 +1806,9 @@ vzDomainBlockStatsFlags(virDomainPtr domain,
> if (!(dom = vzDomObjFromDomainRef(domain)))
> return -1;
>
> + if (virDomainBlockStatsFlagsEnsureACL(domain->conn, dom->def) < 0)
> + goto cleanup;
> +
> if (vzDomainBlockStatsImpl(dom, path, &stats) < 0)
> goto cleanup;
>
> @@ -1671,14 +1830,19 @@ vzDomainInterfaceStats(virDomainPtr domain,
> {
> virDomainObjPtr dom = NULL;
> vzDomObjPtr privdom;
> - int ret;
> + int ret = -1;
>
> if (!(dom = vzDomObjFromDomainRef(domain)))
> return -1;
>
> + if (virDomainInterfaceStatsEnsureACL(domain->conn, dom->def) < 0)
> + goto cleanup;
> +
> privdom = dom->privateData;
>
> ret = prlsdkGetNetStats(privdom->stats, privdom->sdkdom, path, stats);
> +
> + cleanup:
> virDomainObjEndAPI(&dom);
>
> return ret;
> @@ -1698,9 +1862,14 @@ vzDomainMemoryStats(virDomainPtr domain,
> if (!(dom = vzDomObjFromDomainRef(domain)))
> return -1;
>
> + if (virDomainMemoryStatsEnsureACL(domain->conn, dom->def) < 0)
> + goto cleanup;
> +
> privdom = dom->privateData;
>
> ret = prlsdkGetMemoryStats(privdom->stats, stats, nr_stats);
> +
> + cleanup:
> virDomainObjEndAPI(&dom);
>
> return ret;
> @@ -1711,7 +1880,7 @@ vzDomainGetVcpusFlags(virDomainPtr domain,
> unsigned int flags)
> {
> virDomainObjPtr dom;
> - int ret;
> + int ret = -1;
>
> virCheckFlags(VIR_DOMAIN_AFFECT_LIVE |
> VIR_DOMAIN_AFFECT_CONFIG |
> @@ -1720,11 +1889,15 @@ vzDomainGetVcpusFlags(virDomainPtr domain,
> if (!(dom = vzDomObjFromDomain(domain)))
> return -1;
>
> + if (virDomainGetVcpusFlagsEnsureACL(domain->conn, dom->def, flags) < 0)
> + goto cleanup;
> +
> if (flags & VIR_DOMAIN_VCPU_MAXIMUM)
> ret = virDomainDefGetVcpusMax(dom->def);
> else
> ret = virDomainDefGetVcpus(dom->def);
>
> + cleanup:
> virObjectUnlock(dom);
>
> return ret;
> @@ -1739,19 +1912,29 @@ static int vzDomainGetMaxVcpus(virDomainPtr domain)
> static int vzDomainIsUpdated(virDomainPtr domain)
> {
> virDomainObjPtr dom;
> + int ret = -1;
>
> /* As far as VZ domains are always updated (e.g. current==persistent),
> * we just check for domain existence */
> if (!(dom = vzDomObjFromDomain(domain)))
> return -1;
>
> + if (virDomainIsUpdatedEnsureACL(domain->conn, dom->def) < 0)
> + goto cleanup;
> +
> + ret = 0;
> +
> + cleanup:
> virObjectUnlock(dom);
> - return 0;
> + return ret;
> }
>
> -static int vzConnectGetMaxVcpus(virConnectPtr conn ATTRIBUTE_UNUSED,
> +static int vzConnectGetMaxVcpus(virConnectPtr conn,
> const char *type)
> {
> + if (virConnectGetMaxVcpusEnsureACL(conn) < 0)
> + return -1;
> +
> /* As far as we have no limitation for containers
> * we report maximum */
> if (type == NULL || STRCASEEQ(type, "vz") || STRCASEEQ(type, "parallels"))
> @@ -1763,38 +1946,51 @@ static int vzConnectGetMaxVcpus(virConnectPtr conn ATTRIBUTE_UNUSED,
> }
>
> static int
> -vzNodeGetCPUStats(virConnectPtr conn ATTRIBUTE_UNUSED,
> +vzNodeGetCPUStats(virConnectPtr conn,
> int cpuNum,
> virNodeCPUStatsPtr params,
> int *nparams,
> unsigned int flags)
> {
> + if (virNodeGetCPUStatsEnsureACL(conn) < 0)
> + return -1;
> +
> return virHostCPUGetStats(cpuNum, params, nparams, flags);
> }
>
> static int
> -vzNodeGetMemoryStats(virConnectPtr conn ATTRIBUTE_UNUSED,
> +vzNodeGetMemoryStats(virConnectPtr conn,
> int cellNum,
> virNodeMemoryStatsPtr params,
> int *nparams,
> unsigned int flags)
> {
> + if (virNodeGetMemoryStatsEnsureACL(conn) < 0)
> + return -1;
> +
> return virHostMemGetStats(cellNum, params, nparams, flags);
> }
>
> static int
> -vzNodeGetCellsFreeMemory(virConnectPtr conn ATTRIBUTE_UNUSED,
> +vzNodeGetCellsFreeMemory(virConnectPtr conn,
> unsigned long long *freeMems,
> int startCell,
> int maxCells)
> {
> + if (virNodeGetCellsFreeMemoryEnsureACL(conn) < 0)
> + return -1;
> +
> return virHostMemGetCellsFree(freeMems, startCell, maxCells);
> }
>
> static unsigned long long
> -vzNodeGetFreeMemory(virConnectPtr conn ATTRIBUTE_UNUSED)
> +vzNodeGetFreeMemory(virConnectPtr conn)
> {
> unsigned long long freeMem;
> +
> + if (virNodeGetFreeMemoryEnsureACL(conn) < 0)
> + return -1;
> +
> if (virHostMemGetInfo(NULL, &freeMem) < 0)
> return 0;
> return freeMem;
> @@ -1809,6 +2005,9 @@ vzConnectRegisterCloseCallback(virConnectPtr conn,
> vzConnPtr privconn = conn->privateData;
> int ret = -1;
>
> + if (virConnectRegisterCloseCallbackEnsureACL(conn) < 0)
> + return -1;
> +
> virObjectLock(privconn->driver);
>
> if (virConnectCloseCallbackDataGetCallback(privconn->closeCallback) != NULL) {
> @@ -1833,6 +2032,9 @@ vzConnectUnregisterCloseCallback(virConnectPtr conn, virConnectCloseFunc cb)
> vzConnPtr privconn = conn->privateData;
> int ret = -1;
>
> + if (virConnectUnregisterCloseCallbackEnsureACL(conn) < 0)
> + return -1;
> +
> virObjectLock(privconn->driver);
>
> if (virConnectCloseCallbackDataGetCallback(privconn->closeCallback) != cb) {
> @@ -1866,6 +2068,9 @@ static int vzDomainSetMemoryFlags(virDomainPtr domain, unsigned long memory,
> if (vzCheckConfigUpdateFlags(dom, &flags) < 0)
> goto cleanup;
>
> + if (virDomainSetMemoryFlagsEnsureACL(domain->conn, dom->def, flags) < 0)
> + goto cleanup;
> +
> if (vzDomainObjBeginJob(dom) < 0)
> goto cleanup;
> job = true;
> @@ -1892,6 +2097,9 @@ static int vzDomainSetMemory(virDomainPtr domain, unsigned long memory)
> if (!(dom = vzDomObjFromDomainRef(domain)))
> return -1;
>
> + if (virDomainSetMemoryEnsureACL(domain->conn, dom->def) < 0)
> + goto cleanup;
> +
> if (vzDomainObjBeginJob(dom) < 0)
> goto cleanup;
> job = true;
> @@ -1964,6 +2172,9 @@ vzDomainSnapshotNum(virDomainPtr domain, unsigned int flags)
> if (!(dom = vzDomObjFromDomainRef(domain)))
> return -1;
>
> + if (virDomainSnapshotNumEnsureACL(domain->conn, dom->def) < 0)
> + goto cleanup;
> +
> if (!(snapshots = prlsdkLoadSnapshots(dom)))
> goto cleanup;
>
> @@ -1992,6 +2203,9 @@ vzDomainSnapshotListNames(virDomainPtr domain,
> if (!(dom = vzDomObjFromDomainRef(domain)))
> return -1;
>
> + if (virDomainSnapshotListNamesEnsureACL(domain->conn, dom->def) < 0)
> + goto cleanup;
> +
> if (!(snapshots = prlsdkLoadSnapshots(dom)))
> goto cleanup;
>
> @@ -2019,6 +2233,9 @@ vzDomainListAllSnapshots(virDomainPtr domain,
> if (!(dom = vzDomObjFromDomainRef(domain)))
> return -1;
>
> + if (virDomainListAllSnapshotsEnsureACL(domain->conn, dom->def) < 0)
> + goto cleanup;
> +
> if (!(snapshots = prlsdkLoadSnapshots(dom)))
> goto cleanup;
>
> @@ -2046,6 +2263,9 @@ vzDomainSnapshotGetXMLDesc(virDomainSnapshotPtr snapshot, unsigned int flags)
> if (!(dom = vzDomObjFromDomainRef(snapshot->domain)))
> return NULL;
>
> + if (virDomainSnapshotGetXMLDescEnsureACL(snapshot->domain->conn, dom->def, flags) < 0)
> + goto cleanup;
> +
> if (!(snapshots = prlsdkLoadSnapshots(dom)))
> goto cleanup;
>
> @@ -2079,6 +2299,9 @@ vzDomainSnapshotNumChildren(virDomainSnapshotPtr snapshot, unsigned int flags)
> if (!(dom = vzDomObjFromDomainRef(snapshot->domain)))
> return -1;
>
> + if (virDomainSnapshotNumChildrenEnsureACL(snapshot->domain->conn, dom->def) < 0)
> + goto cleanup;
> +
> if (!(snapshots = prlsdkLoadSnapshots(dom)))
> goto cleanup;
>
> @@ -2111,6 +2334,9 @@ vzDomainSnapshotListChildrenNames(virDomainSnapshotPtr snapshot,
> if (!(dom = vzDomObjFromDomainRef(snapshot->domain)))
> return -1;
>
> + if (virDomainSnapshotListChildrenNamesEnsureACL(snapshot->domain->conn, dom->def) < 0)
> + goto cleanup;
> +
> if (!(snapshots = prlsdkLoadSnapshots(dom)))
> goto cleanup;
>
> @@ -2142,6 +2368,9 @@ vzDomainSnapshotListAllChildren(virDomainSnapshotPtr snapshot,
> if (!(dom = vzDomObjFromDomainRef(snapshot->domain)))
> return -1;
>
> + if (virDomainSnapshotListAllChildrenEnsureACL(snapshot->domain->conn, dom->def) < 0)
> + goto cleanup;
> +
> if (!(snapshots = prlsdkLoadSnapshots(dom)))
> goto cleanup;
>
> @@ -2172,6 +2401,9 @@ vzDomainSnapshotLookupByName(virDomainPtr domain,
> if (!(dom = vzDomObjFromDomainRef(domain)))
> return NULL;
>
> + if (virDomainSnapshotLookupByNameEnsureACL(domain->conn, dom->def) < 0)
> + goto cleanup;
> +
> if (!(snapshots = prlsdkLoadSnapshots(dom)))
> goto cleanup;
>
> @@ -2199,6 +2431,9 @@ vzDomainHasCurrentSnapshot(virDomainPtr domain, unsigned int flags)
> if (!(dom = vzDomObjFromDomainRef(domain)))
> return -1;
>
> + if (virDomainHasCurrentSnapshotEnsureACL(domain->conn, dom->def) < 0)
> + goto cleanup;
> +
> if (!(snapshots = prlsdkLoadSnapshots(dom)))
> goto cleanup;
>
> @@ -2224,6 +2459,9 @@ vzDomainSnapshotGetParent(virDomainSnapshotPtr snapshot, unsigned int flags)
> if (!(dom = vzDomObjFromDomainRef(snapshot->domain)))
> return NULL;
>
> + if (virDomainSnapshotGetParentEnsureACL(snapshot->domain->conn, dom->def) < 0)
> + goto cleanup;
> +
> if (!(snapshots = prlsdkLoadSnapshots(dom)))
> goto cleanup;
>
> @@ -2259,6 +2497,9 @@ vzDomainSnapshotCurrent(virDomainPtr domain, unsigned int flags)
> if (!(dom = vzDomObjFromDomainRef(domain)))
> return NULL;
>
> + if (virDomainSnapshotCurrentEnsureACL(domain->conn, dom->def) < 0)
> + goto cleanup;
> +
> if (!(snapshots = prlsdkLoadSnapshots(dom)))
> goto cleanup;
>
> @@ -2290,6 +2531,9 @@ vzDomainSnapshotIsCurrent(virDomainSnapshotPtr snapshot, unsigned int flags)
> if (!(dom = vzDomObjFromDomainRef(snapshot->domain)))
> return -1;
>
> + if (virDomainSnapshotIsCurrentEnsureACL(snapshot->domain->conn, dom->def) < 0)
> + goto cleanup;
> +
> if (!(snapshots = prlsdkLoadSnapshots(dom)))
> goto cleanup;
>
> @@ -2317,6 +2561,9 @@ vzDomainSnapshotHasMetadata(virDomainSnapshotPtr snapshot,
> if (!(dom = vzDomObjFromDomainRef(snapshot->domain)))
> return -1;
>
> + if (virDomainSnapshotHasMetadataEnsureACL(snapshot->domain->conn, dom->def) < 0)
> + goto cleanup;
> +
> if (!(snapshots = prlsdkLoadSnapshots(dom)))
> goto cleanup;
>
> @@ -2352,6 +2599,9 @@ vzDomainSnapshotCreateXML(virDomainPtr domain,
> if (!(dom = vzDomObjFromDomainRef(domain)))
> return NULL;
>
> + if (virDomainSnapshotCreateXMLEnsureACL(domain->conn, dom->def, flags) < 0)
> + goto cleanup;
> +
> if (!(def = virDomainSnapshotDefParseString(xmlDesc, driver->caps,
> driver->xmlopt, parse_flags)))
> goto cleanup;
> @@ -2412,9 +2662,13 @@ vzDomainSnapshotDelete(virDomainSnapshotPtr snapshot, unsigned int flags)
> if (!(dom = vzDomObjFromDomainRef(snapshot->domain)))
> return -1;
>
> + if (virDomainSnapshotDeleteEnsureACL(snapshot->domain->conn, dom->def) < 0)
> + goto cleanup;
> +
> ret = prlsdkDeleteSnapshot(dom, snapshot->name,
> flags & VIR_DOMAIN_SNAPSHOT_DELETE_CHILDREN);
>
> + cleanup:
> virDomainObjEndAPI(&dom);
>
> return ret;
> @@ -2432,6 +2686,9 @@ vzDomainRevertToSnapshot(virDomainSnapshotPtr snapshot, unsigned int flags)
> if (!(dom = vzDomObjFromDomain(snapshot->domain)))
> return -1;
>
> + if (virDomainRevertToSnapshotEnsureACL(snapshot->domain->conn, dom->def) < 0)
> + goto cleanup;
> +
> if (vzDomainObjBeginJob(dom) < 0)
> goto cleanup;
> job = true;
> @@ -2648,6 +2905,9 @@ vzDomainMigrateBegin3Params(virDomainPtr domain,
> if (!(dom = vzDomObjFromDomain(domain)))
> goto cleanup;
>
> + if (virDomainMigrateBegin3ParamsEnsureACL(domain->conn, dom->def) < 0)
> + goto cleanup;
> +
> xml = vzDomainMigrateBeginStep(dom, privconn->driver, params, nparams,
> cookieout, cookieoutlen);
>
> @@ -2694,8 +2954,11 @@ vzDomainMigratePrepare3Params(virConnectPtr conn,
> unsigned int flags)
> {
> vzConnPtr privconn = conn->privateData;
> + vzDriverPtr driver = privconn->driver;
> const char *miguri = NULL;
> const char *dname = NULL;
> + const char *dom_xml = NULL;
> + virDomainDefPtr def = NULL;
> int ret = -1;
>
> virCheckFlags(VZ_MIGRATION_FLAGS, -1);
> @@ -2706,6 +2969,8 @@ vzDomainMigratePrepare3Params(virConnectPtr conn,
> if (virTypedParamsGetString(params, nparams,
> VIR_MIGRATE_PARAM_URI, &miguri) < 0 ||
> virTypedParamsGetString(params, nparams,
> + VIR_MIGRATE_PARAM_DEST_XML, &dom_xml) < 0 ||
> + virTypedParamsGetString(params, nparams,
> VIR_MIGRATE_PARAM_DEST_NAME, &dname) < 0)
> goto cleanup;
>
> @@ -2722,15 +2987,32 @@ vzDomainMigratePrepare3Params(virConnectPtr conn,
> | VZ_MIGRATION_COOKIE_DOMAIN_NAME) < 0)
> goto cleanup;
>
> + if (!(def = virDomainDefParseString(dom_xml, driver->caps, driver->xmlopt,
> + VIR_DOMAIN_DEF_PARSE_INACTIVE)))
> + goto cleanup;
> +
> + if (dname) {
> + VIR_FREE(def->name);
> + if (VIR_STRDUP(def->name, dname) < 0)
> + goto cleanup;
> + }
> +
> + if (virDomainMigratePrepare3ParamsEnsureACL(conn, def) < 0)
> + goto cleanup;
> +
> ret = 0;
>
> cleanup:
> + virDomainDefFree(def);
> return ret;
> }
>
> static int
> vzConnectSupportsFeature(virConnectPtr conn ATTRIBUTE_UNUSED, int feature)
> {
> + if (virConnectSupportsFeatureEnsureACL(conn) < 0)
> + return -1;
> +
> switch (feature) {
> case VIR_DRV_FEATURE_MIGRATION_PARAMS:
> case VIR_DRV_FEATURE_MIGRATION_P2P:
> @@ -2947,7 +3229,7 @@ vzDomainMigratePerform3Params(virDomainPtr domain,
> int *cookieoutlen ATTRIBUTE_UNUSED,
> unsigned int flags)
> {
> - int ret;
> + int ret = -1;
> virDomainObjPtr dom;
> vzConnPtr privconn = domain->conn->privateData;
>
> @@ -2959,6 +3241,9 @@ vzDomainMigratePerform3Params(virDomainPtr domain,
> if (!(dom = vzDomObjFromDomainRef(domain)))
> return -1;
>
> + if (virDomainMigratePerform3ParamsEnsureACL(domain->conn, dom->def) < 0)
> + goto cleanup;
> +
> if (flags & VIR_MIGRATE_PEER2PEER)
> ret = vzDomainMigratePerformP2P(dom, privconn->driver, dconnuri,
> params, nparams, flags);
> @@ -2966,6 +3251,7 @@ vzDomainMigratePerform3Params(virDomainPtr domain,
> ret = vzDomainMigratePerformStep(dom, privconn->driver, params, nparams,
> cookiein, cookieinlen, flags);
>
> + cleanup:
> virDomainObjEndAPI(&dom);
>
> return ret;
> @@ -3003,6 +3289,11 @@ vzDomainMigrateFinish3Params(virConnectPtr dconn,
> if (!(dom = prlsdkAddDomainByName(driver, name)))
> goto cleanup;
>
> + /* At first glace at may look strange that we add domain and
> + * then check ACL but we touch only cache and not real system state */
> + if (virDomainMigrateFinish3ParamsEnsureACL(dconn, dom->def) < 0)
> + goto cleanup;
> +
> domain = virGetDomain(dconn, dom->def->name, dom->def->uuid);
> if (domain)
> domain->id = dom->def->id;
> @@ -3060,13 +3351,17 @@ static int
> vzDomainGetJobInfo(virDomainPtr domain, virDomainJobInfoPtr info)
> {
> virDomainObjPtr dom;
> - int ret;
> + int ret = -1;
>
> if (!(dom = vzDomObjFromDomain(domain)))
> return -1;
>
> + if (virDomainGetJobInfoEnsureACL(domain->conn, dom->def) < 0)
> + goto cleanup;
> +
> ret = vzDomainGetJobInfoImpl(dom, info);
>
> + cleanup:
> virObjectUnlock(dom);
> return ret;
> }
> @@ -3122,6 +3417,9 @@ vzDomainGetJobStats(virDomainPtr domain,
> if (!(dom = vzDomObjFromDomain(domain)))
> return -1;
>
> + if (virDomainGetJobStatsEnsureACL(domain->conn, dom->def) < 0)
> + goto cleanup;
> +
> if (vzDomainGetJobInfoImpl(dom, &info) < 0)
> goto cleanup;
>
ACK with some cosmetic changes after rebase
More information about the libvir-list
mailing list