[PATCH 8/9] qemu, libxl, hypervisor: use virDomainDriverNodeDeviceDetachFlags() helper

Daniel Henrique Barboza danielhb413 at gmail.com
Tue Feb 2 17:32:07 UTC 2021 


On 2/2/21 1:35 PM, Daniel P. Berrangé wrote:
> On Tue, Feb 02, 2021 at 05:32:14PM +0100, Ján Tomko wrote:
>> On a Tuesday in 2021, Daniel P. Berrangé wrote:
>>> On Tue, Feb 02, 2021 at 05:18:51PM +0100, Ján Tomko wrote:
>>>> On a Monday in 2021, Daniel Henrique Barboza wrote:
>>>>> libxlNodeDeviceDetachFlags() and qemuNodeDeviceDetachFlags() are mostly
>>>>> equal, aside from how the virHostdevmanager pointer is retrieved and
>>>>> the PCI stub driver used.
>>>>>
>>>>> Now that the PCI stub driver verification is done early in both functions,
>>>>> we can use the virDomainDriverNodeDeviceDetachFlags() helper to reduce
>>>>> code duplication between them. 'driverName' is checked inside the helper
>>>>> to set the appropriate stub driver.
>>>>>
>>>>> Signed-off-by: Daniel Henrique Barboza <danielhb413 at gmail.com>
>>>>> ---
>>>>> src/hypervisor/domain_driver.c | 60 ++++++++++++++++++++++++++++++++++
>>>>> src/hypervisor/domain_driver.h |  4 +++
>>>>> src/libvirt_private.syms       |  1 +
>>>>> src/libxl/libxl_driver.c       | 54 ++----------------------------
>>>>> src/qemu/qemu_driver.c         | 49 ++-------------------------
>>>>> 5 files changed, 71 insertions(+), 97 deletions(-)
>>>>>
>>>>> diff --git a/src/hypervisor/domain_driver.c b/src/hypervisor/domain_driver.c
>>>>> index ea4c3c9466..6ee74d6dff 100644
>>>>> --- a/src/hypervisor/domain_driver.c
>>>>> +++ b/src/hypervisor/domain_driver.c
>>>>> @@ -459,3 +459,63 @@ virDomainDriverNodeDeviceReAttach(virNodeDevicePtr dev,
>>>>>
>>>>>      return virHostdevPCINodeDeviceReAttach(hostdevMgr, pci);
>>>>> }
>>>>> +
>>>>> +int
>>>>> +virDomainDriverNodeDeviceDetachFlags(virNodeDevicePtr dev,
>>>>> +                                     virHostdevManagerPtr hostdevMgr,
>>>>> +                                     const char *driverName)
>>>>
>>>> This helper does not even take flags, so the only reason to keep the
>>>> 'Flags' in its name is to be consistent with the driver method it
>>>> implements...

Fair point. I can remove the 'Flags' name of the helper since the flags
are now being considered by the callers.


>>>>
>>>>> +{
>>>>> +    virPCIDevicePtr pci = NULL;
>>>>> +    virPCIDeviceAddress devAddr;
>>>>> +    int ret = -1;
>>>>> +    virNodeDeviceDefPtr def = NULL;
>>>>> +    g_autofree char *xml = NULL;
>>>>> +    virConnectPtr nodeconn = NULL;
>>>>> +    virNodeDevicePtr nodedev = NULL;
>>>>> +
>>>>> +    if (!driverName)
>>>>> +        return -1;
>>>>> +
>>>>> +    if (!(nodeconn = virGetConnectNodeDev()))
>>>>> +        goto cleanup;
>>>>> +
>>>>> +    /* 'dev' is associated with virConnectPtr, so for split
>>>>> +     * daemons, we need to get a copy that is associated with
>>>>> +     * the virnodedevd daemon. */
>>>>> +    if (!(nodedev = virNodeDeviceLookupByName(nodeconn,
>>>>> +                                              virNodeDeviceGetName(dev))))
>>>>> +        goto cleanup;
>>>>> +
>>>>> +    xml = virNodeDeviceGetXMLDesc(nodedev, 0);
>>>>> +    if (!xml)
>>>>> +        goto cleanup;
>>>>> +
>>>>> +    def = virNodeDeviceDefParseString(xml, EXISTING_DEVICE, NULL);
>>>>> +    if (!def)
>>>>> +        goto cleanup;
>>>>> +
>>>>> +    /* ACL check must happen against original 'dev',
>>>>> +     * not the new 'nodedev' we acquired */
>>>>> +    if (virNodeDeviceDetachFlagsEnsureACL(dev->conn, def) < 0)
>>>>> +        goto cleanup;
>>>>> +
>>>>
>>>> ... and the ACL check required.
>>>>
>>>> But moving the ACL checks into src/hypervisor means they are no longer
>>>> covered by the check-aclrules check.
>>>>
>>>> I'd rather keep the ACL checks repetitive in each driver than risk the
>>>> chance of missing them, but that invalidates most of these refactors.
>>>>
>>>> Any ideas?
>>>
>>> Make the check-aclrules  also validate this new source file ?


I appreciate any pointers in doing that. I haven't found any 'not horrible' way
(e.g. creating a new condition to add domain_driver.c as a valid driver implementation
file) of doing it in check-aclrules.py.




Thanks,


DHB

>>>
>>>
>>
>> Ah, I thought they also verify that each driver method has at least one
>> ACL call, but we have plenty of methods that are just wrappers for
>> MethodFlags(..., 0);
> 
> 
> The check-aclrules.py script has some logic which looks to see if
> the method contains a function call that resolves to another
> public API entrypoint, as a special case.
> 
> So basically we'll need to process the hypervisor_driver.c file to
> extract a list of public API entrpoints with ACL checks, and then
> in special case the real drivers if they call one of these shared
> functions.
> 
> 
> 
> Regards,
> Daniel
>

More information about the libvir-list mailing list