[PATCH v2 00/11] Refactor Xen driver to support ACL work

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



From: "Daniel P. Berrange" <berrange@xxxxxxxxxx>

The Xen driver currently is a really horrible mess, in particular
with the way iterates over sub-drivers calling each one in turn,
until one magically works. For each operation there is always a
clear rule for which sub-driver must be used. Thus instead of
blindly iterating over all drivers, we can directly invoke the
correct sub-driver. This highlights that quite alot of code is
in fact completely unreachable / used & can be deleted.

The second big issue is that the Xen sub-drivers will randomly
use either the 'id', 'name' or 'uuid' from the virDomainPtr object.
If the user provides a malicious virDomainPtr instance, it is
possible to have a 'id' referring to domain A, a 'name' referring
to domain B and a 'uuid' referring to domain C. This makes doing
reliable access control checks difficult. To ensure we have a
consistent triple, use the 'uuid' from virDomainPtr to lookup the
guest with the hypervisor and return a virDomainDefPtr where only
the name/id/uuid are filled out. Use this in the all the subdrivers
isolating them from the public virDomainPtr object. The top level
Xen driver will then be able to do access control checks on the
virDomainDefPtr instances.


In v2:

 - Merged all patches removing the sub-driver iteration
   concept
 - Rebased to latest git

Daniel P. Berrange (11):
  Convert Xen domain lookup driver methods to use virDomainDefPtr
  Convert Xen domain lifecycle driver methods to use virDomainDefPtr
  Convert Xen domain property driver methods to use virDomainDefPtr
  Convert Xen domain managed save driver methods to use virDomainDefPtr
  Convert Xen domain start/migration APIs to use virDomainDefPtr
  Convert Xen domain VCPU driver methods to use virDomainDefPtr
  Convert Xen domain device hotplug driver methods to use
    virDomainDefPtr
  Convert Xen domain autostart driver methods to use virDomainDefPtr
  Convert Xen domain scheduler driver methods to use virDomainDefPtr
  Convert Xen domain stats/peek driver methods to use virDomainDefPtr
  Convert Xen domain core dump driver methods to use virDomainDefPtr

 src/conf/domain_conf.c   |  24 ++
 src/conf/domain_conf.h   |   4 +
 src/libvirt_private.syms |   1 +
 src/xen/block_stats.c    |   6 +-
 src/xen/block_stats.h    |   2 +-
 src/xen/xen_driver.c     | 781 ++++++++++++++++++++++++++++++++++++-----------
 src/xen/xen_hypervisor.c | 131 ++++----
 src/xen/xen_hypervisor.h |  60 ++--
 src/xen/xen_inotify.c    |  14 +-
 src/xen/xend_internal.c  | 469 ++++++++++++++--------------
 src/xen/xend_internal.h  | 127 +++++---
 src/xen/xm_internal.c    | 224 +++++++-------
 src/xen/xm_internal.h    |  71 +++--
 13 files changed, 1230 insertions(+), 684 deletions(-)

-- 
1.8.1.4

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list




[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]