From: "Daniel P. Berrange" <berrange@xxxxxxxxxx>
Introduce use of a virDomainDefPtr in the domain hotplug
APIs to simplify introduction of ACL security checks.
The virDomainPtr cannot be safely used, since the app
may have supplied mis-matching name/uuid/id fields. eg
the name points to domain X, while the uuid points to
domain Y. Resolving the virDomainPtr to a virDomainDefPtr
ensures a consistent name/uuid/id set.
Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx>
---
src/xen/xen_driver.c | 64 +++++++++++++++++++++++++++++++------
src/xen/xend_internal.c | 85 ++++++++++++++++++++++++++-----------------------
src/xen/xend_internal.h | 10 ++++--
src/xen/xm_internal.c | 22 +++++++------
src/xen/xm_internal.h | 6 ++--
5 files changed, 122 insertions(+), 65 deletions(-)
diff --git a/src/xen/xen_driver.c b/src/xen/xen_driver.c
index e68ed6c..1019957 100644
--- a/src/xen/xen_driver.c
+++ b/src/xen/xen_driver.c
@@ -1691,6 +1691,8 @@ xenUnifiedDomainAttachDevice(virDomainPtr dom, const char *xml)
{
xenUnifiedPrivatePtr priv = dom->conn->privateData;
unsigned int flags = VIR_DOMAIN_DEVICE_MODIFY_LIVE;
+ virDomainDefPtr def = NULL;
+ int ret = -1;
/*
* HACK: xend with xendConfigVersion >= 3 does not support changing live
@@ -1700,12 +1702,17 @@ xenUnifiedDomainAttachDevice(virDomainPtr dom, const char *xml)
if (priv->xendConfigVersion >= XEND_CONFIG_VERSION_3_0_4)
flags |= VIR_DOMAIN_DEVICE_MODIFY_CONFIG;
+ if (!(def = xenGetDomainDefForDom(dom)))
+ goto cleanup;
+
if (dom->id < 0 && priv->xendConfigVersion < XEND_CONFIG_VERSION_3_0_4)
- return xenXMDomainAttachDeviceFlags(dom, xml, flags);
+ ret = xenXMDomainAttachDeviceFlags(dom->conn, def, xml, flags);
else
- return xenDaemonAttachDeviceFlags(dom, xml, flags);
+ ret = xenDaemonAttachDeviceFlags(dom->conn, def, xml, flags);
- return -1;
+cleanup:
+ virDomainDefFree(def);
+ return ret;
}
static int
@@ -1713,11 +1720,20 @@ xenUnifiedDomainAttachDeviceFlags(virDomainPtr dom, const char *xml,
unsigned int flags)
{
xenUnifiedPrivatePtr priv = dom->conn->privateData;
+ virDomainDefPtr def = NULL;
+ int ret = -1;
+
+ if (!(def = xenGetDomainDefForDom(dom)))
+ goto cleanup;
if (dom->id < 0 && priv->xendConfigVersion < XEND_CONFIG_VERSION_3_0_4)
- return xenXMDomainAttachDeviceFlags(dom, xml, flags);
+ ret = xenXMDomainAttachDeviceFlags(dom->conn, def, xml, flags);
else
- return xenDaemonAttachDeviceFlags(dom, xml, flags);
+ ret = xenDaemonAttachDeviceFlags(dom->conn, def, xml, flags);
+
+cleanup:
+ virDomainDefFree(def);
+ return ret;
}
static int
@@ -1725,6 +1741,8 @@ xenUnifiedDomainDetachDevice(virDomainPtr dom, const char *xml)
{
xenUnifiedPrivatePtr priv = dom->conn->privateData;
unsigned int flags = VIR_DOMAIN_DEVICE_MODIFY_LIVE;
+ virDomainDefPtr def = NULL;
+ int ret = -1;
/*
* HACK: xend with xendConfigVersion >= 3 does not support changing live
@@ -1734,10 +1752,17 @@ xenUnifiedDomainDetachDevice(virDomainPtr dom, const char *xml)
if (priv->xendConfigVersion >= XEND_CONFIG_VERSION_3_0_4)
flags |= VIR_DOMAIN_DEVICE_MODIFY_CONFIG;
+ if (!(def = xenGetDomainDefForDom(dom)))
+ goto cleanup;
+
if (dom->id < 0 && priv->xendConfigVersion < XEND_CONFIG_VERSION_3_0_4)
- return xenXMDomainDetachDeviceFlags(dom, xml, flags);
+ ret = xenXMDomainDetachDeviceFlags(dom->conn, def, xml, flags);
else
- return xenDaemonDetachDeviceFlags(dom, xml, flags);
+ ret = xenDaemonDetachDeviceFlags(dom->conn, def, xml, flags);
+
+cleanup:
+ virDomainDefFree(def);
+ return ret;
}
static int
@@ -1745,18 +1770,37 @@ xenUnifiedDomainDetachDeviceFlags(virDomainPtr dom, const char *xml,
unsigned int flags)
{
xenUnifiedPrivatePtr priv = dom->conn->privateData;
+ virDomainDefPtr def = NULL;
+ int ret = -1;
+
+ if (!(def = xenGetDomainDefForDom(dom)))
+ goto cleanup;
if (dom->id < 0 && priv->xendConfigVersion < XEND_CONFIG_VERSION_3_0_4)
- return xenXMDomainDetachDeviceFlags(dom, xml, flags);
+ ret = xenXMDomainDetachDeviceFlags(dom->conn, def, xml, flags);
else
- return xenDaemonDetachDeviceFlags(dom, xml, flags);
+ ret = xenDaemonDetachDeviceFlags(dom->conn, def, xml, flags);
+
+cleanup:
+ virDomainDefFree(def);
+ return ret;
}
static int
xenUnifiedDomainUpdateDeviceFlags(virDomainPtr dom, const char *xml,
unsigned int flags)
{
- return xenDaemonUpdateDeviceFlags(dom, xml, flags);
+ virDomainDefPtr def = NULL;
+ int ret = -1;
+
+ if (!(def = xenGetDomainDefForDom(dom)))
+ goto cleanup;
+
+ ret = xenDaemonUpdateDeviceFlags(dom->conn, def, xml, flags);
+
+cleanup:
+ virDomainDefFree(def);
+ return ret;
}
static int
diff --git a/src/xen/xend_internal.c b/src/xen/xend_internal.c
index ebafa56..669e7db 100644
--- a/src/xen/xend_internal.c
+++ b/src/xen/xend_internal.c
@@ -60,7 +60,8 @@
#define XEND_RCV_BUF_MAX_LEN (256 * 1024)
static int
-virDomainXMLDevID(virDomainPtr domain, virDomainDeviceDefPtr dev, char *class,
+virDomainXMLDevID(virConnectPtr conn, virDomainDefPtr domain,
+ virDomainDeviceDefPtr dev, char *class,
char *ref, int ref_len);
/**
@@ -2203,11 +2204,12 @@ xenDaemonCreateXML(virConnectPtr conn, virDomainDefPtr def)
* Returns 0 in case of success, -1 in case of failure.
*/
int
-xenDaemonAttachDeviceFlags(virDomainPtr domain,
+xenDaemonAttachDeviceFlags(virConnectPtr conn,
+ virDomainDefPtr minidef,
const char *xml,
unsigned int flags)
{
- xenUnifiedPrivatePtr priv = domain->conn->privateData;
+ xenUnifiedPrivatePtr priv = conn->privateData;
char *sexpr = NULL;
int ret = -1;
virDomainDeviceDefPtr dev = NULL;
@@ -2218,7 +2220,7 @@ xenDaemonAttachDeviceFlags(virDomainPtr domain,
virCheckFlags(VIR_DOMAIN_AFFECT_LIVE | VIR_DOMAIN_AFFECT_CONFIG, -1);
- if (domain->id < 0) {
+ if (minidef->id < 0) {
/* Cannot modify live config if domain is inactive */
if (flags & VIR_DOMAIN_DEVICE_MODIFY_LIVE) {
virReportError(VIR_ERR_OPERATION_INVALID, "%s",
@@ -2248,9 +2250,9 @@ xenDaemonAttachDeviceFlags(virDomainPtr domain,
}
}
- if (!(def = xenDaemonDomainFetch(domain->conn,
- domain->id,
- domain->name,
+ if (!(def = xenDaemonDomainFetch(conn,
+ minidef->id,
+ minidef->name,
NULL)))
goto cleanup;
@@ -2276,7 +2278,7 @@ xenDaemonAttachDeviceFlags(virDomainPtr domain,
break;
case VIR_DOMAIN_DEVICE_NET:
- if (xenFormatSxprNet(domain->conn,
+ if (xenFormatSxprNet(conn,
dev->data.net,
&buf,
STREQ(def->os.type, "hvm") ? 1 : 0,
@@ -2321,9 +2323,9 @@ xenDaemonAttachDeviceFlags(virDomainPtr domain,
sexpr = virBufferContentAndReset(&buf);
- if (virDomainXMLDevID(domain, dev, class, ref, sizeof(ref))) {
+ if (virDomainXMLDevID(conn, minidef, dev, class, ref, sizeof(ref))) {
/* device doesn't exist, define it */
- ret = xend_op(domain->conn, domain->name, "op", "device_create",
+ ret = xend_op(conn, def->name, "op", "device_create",
"config", sexpr, NULL);
} else {
if (dev->data.disk->device != VIR_DOMAIN_DISK_DEVICE_CDROM) {
@@ -2331,7 +2333,7 @@ xenDaemonAttachDeviceFlags(virDomainPtr domain,
_("target '%s' already exists"), target);
} else {
/* device exists, attempt to modify it */
- ret = xend_op(domain->conn, domain->name, "op", "device_configure",
+ ret = xend_op(conn, minidef->name, "op", "device_configure",
"config", sexpr, "dev", ref, NULL);
}
}
@@ -2356,11 +2358,12 @@ cleanup:
* Returns 0 in case of success, -1 in case of failure.
*/
int
-xenDaemonUpdateDeviceFlags(virDomainPtr domain,
+xenDaemonUpdateDeviceFlags(virConnectPtr conn,
+ virDomainDefPtr minidef,
const char *xml,
unsigned int flags)
{
- xenUnifiedPrivatePtr priv = domain->conn->privateData;
+ xenUnifiedPrivatePtr priv = conn->privateData;
char *sexpr = NULL;
int ret = -1;
virDomainDeviceDefPtr dev = NULL;
@@ -2371,7 +2374,7 @@ xenDaemonUpdateDeviceFlags(virDomainPtr domain,
virCheckFlags(VIR_DOMAIN_DEVICE_MODIFY_LIVE |
VIR_DOMAIN_DEVICE_MODIFY_CONFIG, -1);
- if (domain->id < 0) {
+ if (minidef->id < 0) {
/* Cannot modify live config if domain is inactive */
if (flags & VIR_DOMAIN_DEVICE_MODIFY_LIVE) {
virReportError(VIR_ERR_OPERATION_INVALID, "%s",
@@ -2401,9 +2404,9 @@ xenDaemonUpdateDeviceFlags(virDomainPtr domain,
}
}
- if (!(def = xenDaemonDomainFetch(domain->conn,
- domain->id,
- domain->name,
+ if (!(def = xenDaemonDomainFetch(conn,
+ minidef->id,
+ minidef->name,
NULL)))
goto cleanup;
@@ -2429,13 +2432,13 @@ xenDaemonUpdateDeviceFlags(virDomainPtr domain,
sexpr = virBufferContentAndReset(&buf);
- if (virDomainXMLDevID(domain, dev, class, ref, sizeof(ref))) {
+ if (virDomainXMLDevID(conn, minidef, dev, class, ref, sizeof(ref))) {
virReportError(VIR_ERR_OPERATION_INVALID, "%s",
_("requested device does not exist"));
goto cleanup;
} else {
/* device exists, attempt to modify it */
- ret = xend_op(domain->conn, domain->name, "op", "device_configure",
+ ret = xend_op(conn, minidef->name, "op", "device_configure",
"config", sexpr, "dev", ref, NULL);
}
@@ -2457,11 +2460,12 @@ cleanup:
* Returns 0 in case of success, -1 in case of failure.
*/
int
-xenDaemonDetachDeviceFlags(virDomainPtr domain,
+xenDaemonDetachDeviceFlags(virConnectPtr conn,
+ virDomainDefPtr minidef,
const char *xml,
unsigned int flags)
{
- xenUnifiedPrivatePtr priv = domain->conn->privateData;
+ xenUnifiedPrivatePtr priv = conn->privateData;
char class[8], ref[80];
virDomainDeviceDefPtr dev = NULL;
virDomainDefPtr def = NULL;
@@ -2471,7 +2475,7 @@ xenDaemonDetachDeviceFlags(virDomainPtr domain,
virCheckFlags(VIR_DOMAIN_AFFECT_LIVE | VIR_DOMAIN_AFFECT_CONFIG, -1);
- if (domain->id < 0) {
+ if (minidef->id < 0) {
/* Cannot modify live config if domain is inactive */
if (flags & VIR_DOMAIN_DEVICE_MODIFY_LIVE) {
virReportError(VIR_ERR_OPERATION_INVALID, "%s",
@@ -2501,9 +2505,9 @@ xenDaemonDetachDeviceFlags(virDomainPtr domain,
}
}
- if (!(def = xenDaemonDomainFetch(domain->conn,
- domain->id,
- domain->name,
+ if (!(def = xenDaemonDomainFetch(conn,
+ minidef->id,
+ minidef->name,
NULL)))
goto cleanup;
@@ -2511,7 +2515,7 @@ xenDaemonDetachDeviceFlags(virDomainPtr domain,
VIR_DOMAIN_XML_INACTIVE)))
goto cleanup;
- if (virDomainXMLDevID(domain, dev, class, ref, sizeof(ref)))
+ if (virDomainXMLDevID(conn, minidef, dev, class, ref, sizeof(ref)))
goto cleanup;
if (dev->type == VIR_DOMAIN_DEVICE_HOSTDEV) {
@@ -2525,12 +2529,12 @@ xenDaemonDetachDeviceFlags(virDomainPtr domain,
goto cleanup;
}
xendev = virBufferContentAndReset(&buf);
- ret = xend_op(domain->conn, domain->name, "op", "device_configure",
+ ret = xend_op(conn, minidef->name, "op", "device_configure",
"config", xendev, "dev", ref, NULL);
VIR_FREE(xendev);
}
else {
- ret = xend_op(domain->conn, domain->name, "op", "device_destroy",
+ ret = xend_op(conn, minidef->name, "op", "device_destroy",
"type", class, "dev", ref, "force", "0", "rm_cfg", "1",
NULL);
}
@@ -3325,13 +3329,14 @@ xenDaemonDomainBlockPeek(virDomainPtr domain,
* Returns 0 in case of success, -1 in case of failure.
*/
static int
-virDomainXMLDevID(virDomainPtr domain,
+virDomainXMLDevID(virConnectPtr conn,
+ virDomainDefPtr def,
virDomainDeviceDefPtr dev,
char *class,
char *ref,
int ref_len)
{
- xenUnifiedPrivatePtr priv = domain->conn->privateData;
+ xenUnifiedPrivatePtr priv = conn->privateData;
char *xref;
char *tmp;
@@ -3348,7 +3353,7 @@ virDomainXMLDevID(virDomainPtr domain,
if (dev->data.disk->dst == NULL)
return -1;
xenUnifiedLock(priv);
- xref = xenStoreDomainGetDiskID(domain->conn, domain->id,
+ xref = xenStoreDomainGetDiskID(conn, def->id,
dev->data.disk->dst);
xenUnifiedUnlock(priv);
if (xref == NULL)
@@ -3360,13 +3365,13 @@ virDomainXMLDevID(virDomainPtr domain,
return -1;
} else if (dev->type == VIR_DOMAIN_DEVICE_NET) {
char mac[VIR_MAC_STRING_BUFLEN];
- virDomainNetDefPtr def = dev->data.net;
- virMacAddrFormat(&def->mac, mac);
+ virDomainNetDefPtr netdef = dev->data.net;
+ virMacAddrFormat(&netdef->mac, mac);
strcpy(class, "vif");
xenUnifiedLock(priv);
- xref = xenStoreDomainGetNetworkID(domain->conn, domain->id, mac);
+ xref = xenStoreDomainGetNetworkID(conn, def->id, mac);
xenUnifiedUnlock(priv);
if (xref == NULL)
return -1;
@@ -3379,13 +3384,13 @@ virDomainXMLDevID(virDomainPtr domain,
dev->data.hostdev->mode == VIR_DOMAIN_HOSTDEV_MODE_SUBSYS &&
dev->data.hostdev->source.subsys.type == VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI) {
char *bdf;
- virDomainHostdevDefPtr def = dev->data.hostdev;
+ virDomainHostdevDefPtr hostdef = dev->data.hostdev;
if (virAsprintf(&bdf, "%04x:%02x:%02x.%0x",
- def->source.subsys.u.pci.addr.domain,
- def->source.subsys.u.pci.addr.bus,
- def->source.subsys.u.pci.addr.slot,
- def->source.subsys.u.pci.addr.function) < 0) {
+ hostdef->source.subsys.u.pci.addr.domain,
+ hostdef->source.subsys.u.pci.addr.bus,
+ hostdef->source.subsys.u.pci.addr.slot,
+ hostdef->source.subsys.u.pci.addr.function) < 0) {
virReportOOMError();
return -1;
}
@@ -3393,7 +3398,7 @@ virDomainXMLDevID(virDomainPtr domain,
strcpy(class, "pci");
xenUnifiedLock(priv);
- xref = xenStoreDomainGetPCIID(domain->conn, domain->id, bdf);
+ xref = xenStoreDomainGetPCIID(conn, def->id, bdf);
xenUnifiedUnlock(priv);
VIR_FREE(bdf);
if (xref == NULL)
diff --git a/src/xen/xend_internal.h b/src/xen/xend_internal.h
index b78145c..62b85ef 100644
--- a/src/xen/xend_internal.h
+++ b/src/xen/xend_internal.h
@@ -126,10 +126,12 @@ int xenDaemonListDefinedDomains(virConnectPtr conn,
char **const names,
int maxnames);
-int xenDaemonAttachDeviceFlags(virDomainPtr domain,
+int xenDaemonAttachDeviceFlags(virConnectPtr conn,
+ virDomainDefPtr def,
const char *xml,
unsigned int flags);
-int xenDaemonDetachDeviceFlags(virDomainPtr domain,
+int xenDaemonDetachDeviceFlags(virConnectPtr conn,
+ virDomainDefPtr def,
const char *xml,
unsigned int flags);
@@ -161,7 +163,9 @@ int xenDaemonDomainGetVcpus (virConnectPtr conn,
int maxinfo,
unsigned char *cpumaps,
int maplen);
-int xenDaemonUpdateDeviceFlags(virDomainPtr domain, const char *xml,
+int xenDaemonUpdateDeviceFlags(virConnectPtr conn,
+ virDomainDefPtr def,
+ const char *xml,
unsigned int flags);
int xenDaemonDomainGetAutostart (virDomainPtr dom,
int *autostart);
diff --git a/src/xen/xm_internal.c b/src/xen/xm_internal.c
index 9bb204a..94dc500 100644
--- a/src/xen/xm_internal.c
+++ b/src/xen/xm_internal.c
@@ -1220,7 +1220,8 @@ cleanup:
* Returns 0 in case of success, -1 in case of failure.
*/
int
-xenXMDomainAttachDeviceFlags(virDomainPtr domain,
+xenXMDomainAttachDeviceFlags(virConnectPtr conn,
+ virDomainDefPtr minidef,
const char *xml,
unsigned int flags)
{
@@ -1229,12 +1230,12 @@ xenXMDomainAttachDeviceFlags(virDomainPtr domain,
int ret = -1;
virDomainDeviceDefPtr dev = NULL;
virDomainDefPtr def;
- xenUnifiedPrivatePtr priv = domain->conn->privateData;
+ xenUnifiedPrivatePtr priv = conn->privateData;
virCheckFlags(VIR_DOMAIN_AFFECT_LIVE | VIR_DOMAIN_AFFECT_CONFIG, -1);
if ((flags & VIR_DOMAIN_DEVICE_MODIFY_LIVE) ||
- (domain->id != -1 && flags == VIR_DOMAIN_DEVICE_MODIFY_CURRENT)) {
+ (minidef->id != -1 && flags == VIR_DOMAIN_DEVICE_MODIFY_CURRENT)) {
virReportError(VIR_ERR_OPERATION_INVALID, "%s",
_("Xm driver only supports modifying persistent config"));
return -1;
@@ -1242,7 +1243,7 @@ xenXMDomainAttachDeviceFlags(virDomainPtr domain,
xenUnifiedLock(priv);
- if (!(filename = virHashLookup(priv->nameConfigMap, domain->name)))
+ if (!(filename = virHashLookup(priv->nameConfigMap, minidef->name)))
goto cleanup;
if (!(entry = virHashLookup(priv->configCache, filename)))
goto cleanup;
@@ -1285,7 +1286,7 @@ xenXMDomainAttachDeviceFlags(virDomainPtr domain,
/* If this fails, should we try to undo our changes to the
* in-memory representation of the config file. I say not!
*/
- if (xenXMConfigSaveFile(domain->conn, entry->filename, entry->def) < 0)
+ if (xenXMConfigSaveFile(conn, entry->filename, entry->def) < 0)
goto cleanup;
ret = 0;
@@ -1310,7 +1311,8 @@ xenXMDomainAttachDeviceFlags(virDomainPtr domain,
* Returns 0 in case of success, -1 in case of failure.
*/
int
-xenXMDomainDetachDeviceFlags(virDomainPtr domain,
+xenXMDomainDetachDeviceFlags(virConnectPtr conn,
+ virDomainDefPtr minidef,
const char *xml,
unsigned int flags)
{
@@ -1320,12 +1322,12 @@ xenXMDomainDetachDeviceFlags(virDomainPtr domain,
virDomainDefPtr def;
int ret = -1;
int i;
- xenUnifiedPrivatePtr priv = domain->conn->privateData;
+ xenUnifiedPrivatePtr priv = conn->privateData;
virCheckFlags(VIR_DOMAIN_AFFECT_LIVE | VIR_DOMAIN_AFFECT_CONFIG, -1);
if ((flags & VIR_DOMAIN_DEVICE_MODIFY_LIVE) ||
- (domain->id != -1 && flags == VIR_DOMAIN_DEVICE_MODIFY_CURRENT)) {
+ (minidef->id != -1 && flags == VIR_DOMAIN_DEVICE_MODIFY_CURRENT)) {
virReportError(VIR_ERR_OPERATION_INVALID, "%s",
_("Xm driver only supports modifying persistent config"));
return -1;
@@ -1333,7 +1335,7 @@ xenXMDomainDetachDeviceFlags(virDomainPtr domain,
xenUnifiedLock(priv);
- if (!(filename = virHashLookup(priv->nameConfigMap, domain->name)))
+ if (!(filename = virHashLookup(priv->nameConfigMap, minidef->name)))
goto cleanup;
if (!(entry = virHashLookup(priv->configCache, filename)))
goto cleanup;
@@ -1391,7 +1393,7 @@ xenXMDomainDetachDeviceFlags(virDomainPtr domain,
/* If this fails, should we try to undo our changes to the
* in-memory representation of the config file. I say not!
*/
- if (xenXMConfigSaveFile(domain->conn, entry->filename, entry->def) < 0)
+ if (xenXMConfigSaveFile(conn, entry->filename, entry->def) < 0)
goto cleanup;
ret = 0;
diff --git a/src/xen/xm_internal.h b/src/xen/xm_internal.h
index 8b74ee6..ba38806 100644
--- a/src/xen/xm_internal.h
+++ b/src/xen/xm_internal.h
@@ -86,11 +86,13 @@ int xenXMDomainBlockPeek (virDomainPtr dom, const char *path, unsigned long long
int xenXMDomainGetAutostart(virDomainPtr dom, int *autostart);
int xenXMDomainSetAutostart(virDomainPtr dom, int autostart);
-int xenXMDomainAttachDeviceFlags(virDomainPtr domain,
+int xenXMDomainAttachDeviceFlags(virConnectPtr conn,
+ virDomainDefPtr def,
const char *xml,
unsigned int flags);
-int xenXMDomainDetachDeviceFlags(virDomainPtr domain,
+int xenXMDomainDetachDeviceFlags(virConnectPtr conn,
+ virDomainDefPtr def,
const char *xml,
unsigned int flags);
--
1.8.1.4
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list