From: "Daniel P. Berrange" <berrange@xxxxxxxxxx>
Insert calls to the ACL checking APIs in all nwfilter driver
entrypoints.
Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx>
---
src/nwfilter/nwfilter_driver.c | 26 ++++++++++++++++++++++++++
1 file changed, 26 insertions(+)
diff --git a/src/nwfilter/nwfilter_driver.c b/src/nwfilter/nwfilter_driver.c
index 64ea251..14c97a5 100644
--- a/src/nwfilter/nwfilter_driver.c
+++ b/src/nwfilter/nwfilter_driver.c
@@ -42,6 +42,7 @@
#include "nwfilter_gentech_driver.h"
#include "configmake.h"
#include "virstring.h"
+#include "access/viraccessapicheck.h"
#include "nwfilter_ipaddrmap.h"
#include "nwfilter_dhcpsnoop.h"
@@ -380,6 +381,9 @@ nwfilterLookupByUUID(virConnectPtr conn,
goto cleanup;
}
+ if (virNWFilterLookupByUUIDEnsureACL(conn, nwfilter->def) < 0)
+ goto cleanup;
+
ret = virGetNWFilter(conn, nwfilter->def->name, nwfilter->def->uuid);
cleanup:
@@ -406,6 +410,9 @@ nwfilterLookupByName(virConnectPtr conn,
goto cleanup;
}
+ if (virNWFilterLookupByNameEnsureACL(conn, nwfilter->def) < 0)
+ goto cleanup;
+
ret = virGetNWFilter(conn, nwfilter->def->name, nwfilter->def->uuid);
cleanup:
@@ -440,6 +447,10 @@ nwfilterClose(virConnectPtr conn) {
static int
nwfilterConnectNumOfNWFilters(virConnectPtr conn) {
virNWFilterDriverStatePtr driver = conn->nwfilterPrivateData;
+
+ if (virConnectNumOfNWFiltersEnsureACL(conn) < 0)
+ return -1;
+
return driver->nwfilters.count;
}
@@ -451,6 +462,9 @@ nwfilterConnectListNWFilters(virConnectPtr conn,
virNWFilterDriverStatePtr driver = conn->nwfilterPrivateData;
int got = 0, i;
+ if (virConnectListNWFiltersEnsureACL(conn) < 0)
+ return -1;
+
nwfilterDriverLock(driver);
for (i = 0 ; i < driver->nwfilters.count && got < nnames ; i++) {
virNWFilterObjLock(driver->nwfilters.objs[i]);
@@ -487,6 +501,9 @@ nwfilterConnectListAllNWFilters(virConnectPtr conn,
virCheckFlags(0, -1);
+ if (virConnectListAllNWFiltersEnsureACL(conn) < 0)
+ return -1;
+
nwfilterDriverLock(driver);
if (!filters) {
@@ -543,6 +560,9 @@ nwfilterDefineXML(virConnectPtr conn,
if (!(def = virNWFilterDefParseString(conn, xml)))
goto cleanup;
+ if (virNWFilterDefineXMLEnsureACL(conn, def) < 0)
+ goto cleanup;
+
if (!(nwfilter = virNWFilterObjAssignDef(conn, &driver->nwfilters, def)))
goto cleanup;
@@ -584,6 +604,9 @@ nwfilterUndefine(virNWFilterPtr obj) {
goto cleanup;
}
+ if (virNWFilterUndefineEnsureACL(obj->conn, nwfilter->def) < 0)
+ goto cleanup;
+
if (virNWFilterTestUnassignDef(obj->conn, nwfilter) < 0) {
virReportError(VIR_ERR_OPERATION_INVALID,
"%s",
@@ -632,6 +655,9 @@ nwfilterGetXMLDesc(virNWFilterPtr obj,
goto cleanup;
}
+ if (virNWFilterGetXMLDescEnsureACL(obj->conn, nwfilter->def) < 0)
+ goto cleanup;
+
ret = virNWFilterDefFormat(nwfilter->def);
cleanup:
--
1.8.1.4
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list