[libvirt] [PATCH v5 15/24] access: add permissions for network port objects

Thu May 23 16:11:46 UTC 2019

On 5/14/19 11:48 AM, Daniel P. Berrangé wrote:
> Signed-off-by: Daniel P. Berrangé <berrange at redhat.com>
> ---
>   src/access/genpolkit.pl            |  2 +-
>   src/access/viraccessdriver.h       |  6 ++++
>   src/access/viraccessdrivernop.c    | 11 ++++++++
>   src/access/viraccessdriverpolkit.c | 26 ++++++++++++++++++
>   src/access/viraccessdriverstack.c  | 25 +++++++++++++++++
>   src/access/viraccessmanager.c      | 16 +++++++++++
>   src/access/viraccessmanager.h      |  6 ++++
>   src/access/viraccessperm.c         |  6 ++++
>   src/access/viraccessperm.h         | 44 ++++++++++++++++++++++++++++++
>   9 files changed, 141 insertions(+), 1 deletion(-)
>
> diff --git a/src/access/genpolkit.pl b/src/access/genpolkit.pl
> index e074c90eb6..f8f20caf65 100755
> --- a/src/access/genpolkit.pl
> +++ b/src/access/genpolkit.pl
> @@ -21,7 +21,7 @@ use strict;
>   use warnings;
>   
>   my @objects = (
> -    "CONNECT", "DOMAIN", "INTERFACE",
> +    "CONNECT", "DOMAIN", "INTERFACE", "NETWORK_PORT",
>       "NETWORK","NODE_DEVICE", "NWFILTER_BINDING", "NWFILTER",
>       "SECRET", "STORAGE_POOL", "STORAGE_VOL",
>       );
> diff --git a/src/access/viraccessdriver.h b/src/access/viraccessdriver.h
> index 2cc3950f60..590d86fdf0 100644
> --- a/src/access/viraccessdriver.h
> +++ b/src/access/viraccessdriver.h
> @@ -39,6 +39,11 @@ typedef int (*virAccessDriverCheckNetworkDrv)(virAccessManagerPtr manager,
>                                                 const char *driverName,
>                                                 virNetworkDefPtr network,
>                                                 virAccessPermNetwork av);
> +typedef int (*virAccessDriverCheckNetworkPortDrv)(virAccessManagerPtr manager,
> +                                                  const char *driverName,
> +                                                  virNetworkDefPtr network,
> +                                                  virNetworkPortDefPtr port,
> +                                                  virAccessPermNetworkPort av);
>   typedef int (*virAccessDriverCheckNodeDeviceDrv)(virAccessManagerPtr manager,
>                                                    const char *driverName,
>                                                    virNodeDeviceDefPtr nodedev,
> @@ -82,6 +87,7 @@ struct _virAccessDriver {
>       virAccessDriverCheckDomainDrv checkDomain;
>       virAccessDriverCheckInterfaceDrv checkInterface;
>       virAccessDriverCheckNetworkDrv checkNetwork;
> +    virAccessDriverCheckNetworkPortDrv checkNetworkPort;
>       virAccessDriverCheckNodeDeviceDrv checkNodeDevice;
>       virAccessDriverCheckNWFilterDrv checkNWFilter;
>       virAccessDriverCheckNWFilterBindingDrv checkNWFilterBinding;
> diff --git a/src/access/viraccessdrivernop.c b/src/access/viraccessdrivernop.c
> index 98ef9206c5..5e9d9db759 100644
> --- a/src/access/viraccessdrivernop.c
> +++ b/src/access/viraccessdrivernop.c
> @@ -57,6 +57,16 @@ virAccessDriverNopCheckNetwork(virAccessManagerPtr manager ATTRIBUTE_UNUSED,
>       return 1; /* Allow */
>   }
>   
> +static int
> +virAccessDriverNopCheckNetworkPort(virAccessManagerPtr manager ATTRIBUTE_UNUSED,
> +                                   const char *driverName ATTRIBUTE_UNUSED,
> +                                   virNetworkDefPtr network ATTRIBUTE_UNUSED,
> +                                   virNetworkPortDefPtr port ATTRIBUTE_UNUSED,
> +                                   virAccessPermNetworkPort perm ATTRIBUTE_UNUSED)
> +{
> +    return 1; /* Allow */
> +}
> +
>   static int
>   virAccessDriverNopCheckNodeDevice(virAccessManagerPtr manager ATTRIBUTE_UNUSED,
>                                     const char *driverName ATTRIBUTE_UNUSED,
> @@ -119,6 +129,7 @@ virAccessDriver accessDriverNop = {
>       .checkDomain = virAccessDriverNopCheckDomain,
>       .checkInterface = virAccessDriverNopCheckInterface,
>       .checkNetwork = virAccessDriverNopCheckNetwork,
> +    .checkNetworkPort = virAccessDriverNopCheckNetworkPort,
>       .checkNodeDevice = virAccessDriverNopCheckNodeDevice,
>       .checkNWFilter = virAccessDriverNopCheckNWFilter,
>       .checkNWFilterBinding = virAccessDriverNopCheckNWFilterBinding,
> diff --git a/src/access/viraccessdriverpolkit.c b/src/access/viraccessdriverpolkit.c
> index 6954d74a15..b1473cd0a4 100644
> --- a/src/access/viraccessdriverpolkit.c
> +++ b/src/access/viraccessdriverpolkit.c
> @@ -237,6 +237,31 @@ virAccessDriverPolkitCheckNetwork(virAccessManagerPtr manager,
>                                         attrs);
>   }
>   
> +static int
> +virAccessDriverPolkitCheckNetworkPort(virAccessManagerPtr manager,
> +                                      const char *driverName,
> +                                      virNetworkDefPtr network,
> +                                      virNetworkPortDefPtr port,
> +                                      virAccessPermNetworkPort perm)
> +{
> +    char uuidstr1[VIR_UUID_STRING_BUFLEN];
> +    char uuidstr2[VIR_UUID_STRING_BUFLEN];
> +    const char *attrs[] = {
> +        "connect_driver", driverName,
> +        "network_name", network->name,
> +        "network_uuid", uuidstr1,
> +        "port_uuid", uuidstr2,
> +        NULL,
> +    };
> +    virUUIDFormat(network->uuid, uuidstr1);
> +    virUUIDFormat(port->uuid, uuidstr2);
> +
> +    return virAccessDriverPolkitCheck(manager,
> +                                      "network-port",

Bah. Most of the other calls to virAccessDriverPolkitCheck with 
"typename" that is two words separate it with a "-", but the one for 
nwfilter binding  uses an underscore :-/ (I only noticed this because 
the names of the attributes to check always use underscore, and I've 
always been bothered by mixing of - and _ - too bad they don't all use 
_, that would allow the same name to be used as a C identifier, and make 
searching easier).

Anyway, pointless rant, sorry :-)

I can't claim to have deep knowledge of the access driver, but this 
addition follows the pattern of what's already there, so:

Reviewed-by: Laine Stump <laine at laine.org>