From: "Daniel P. Berrange" <berrange@xxxxxxxxxx>
Insert calls to the ACL checking APIs in all QEMU driver
entrypoints.
Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx>
---
src/qemu/qemu_driver.c | 716 +++++++++++++++++++++++++++++++++++++++++++------
1 file changed, 639 insertions(+), 77 deletions(-)
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index 5005afa..3214901 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -92,6 +92,8 @@
#include "virtypedparam.h"
#include "virbitmap.h"
#include "virstring.h"
+#include "access/viraccessapicheck.h"
+#include "access/viraccessapicheckqemu.h"
#define VIR_FROM_THIS VIR_FROM_QEMU
@@ -1041,6 +1043,10 @@ static virDrvOpenStatus qemuConnectOpen(virConnectPtr conn,
}
}
}
+
+ if (virConnectOpenEnsureACL(conn) < 0)
+ goto cleanup;
+
conn->privateData = qemu_driver;
ret = VIR_DRV_OPEN_SUCCESS;
@@ -1063,8 +1069,11 @@ static int qemuConnectClose(virConnectPtr conn)
/* Which features are supported by this driver? */
static int
-qemuConnectSupportsFeature(virConnectPtr conn ATTRIBUTE_UNUSED, int feature)
+qemuConnectSupportsFeature(virConnectPtr conn, int feature)
{
+ if (virConnectSupportsFeatureEnsureACL(conn) < 0)
+ return -1;
+
switch (feature) {
case VIR_DRV_FEATURE_MIGRATION_V2:
case VIR_DRV_FEATURE_MIGRATION_V3:
@@ -1081,6 +1090,9 @@ qemuConnectSupportsFeature(virConnectPtr conn ATTRIBUTE_UNUSED, int feature)
}
static const char *qemuConnectGetType(virConnectPtr conn ATTRIBUTE_UNUSED) {
+ if (virConnectGetTypeEnsureACL(conn) < 0)
+ return NULL;
+
return "QEMU";
}
@@ -1142,6 +1154,9 @@ qemuConnectGetSysinfo(virConnectPtr conn, unsigned int flags)
virCheckFlags(0, NULL);
+ if (virConnectGetSysinfoEnsureACL(conn) < 0)
+ return NULL;
+
if (!driver->hostsysinfo) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
_("Host SMBIOS information is not available"));
@@ -1158,6 +1173,9 @@ qemuConnectGetSysinfo(virConnectPtr conn, unsigned int flags)
}
static int qemuConnectGetMaxVcpus(virConnectPtr conn ATTRIBUTE_UNUSED, const char *type) {
+ if (virConnectGetMaxVcpusEnsureACL(conn) < 0)
+ return -1;
+
if (!type)
return 16;
@@ -1181,6 +1199,9 @@ static char *qemuConnectGetCapabilities(virConnectPtr conn) {
virCapsPtr caps = NULL;
char *xml = NULL;
+ if (virConnectGetCapabilitiesEnsureACL(conn) < 0)
+ return NULL;
+
if (!(caps = virQEMUDriverGetCapabilities(driver, true)))
goto cleanup;
@@ -1284,6 +1305,9 @@ static virDomainPtr qemuDomainLookupByID(virConnectPtr conn,
goto cleanup;
}
+ if (virDomainLookupByIDEnsureACL(conn, vm->def) < 0)
+ goto cleanup;
+
dom = virGetDomain(conn, vm->def->name, vm->def->uuid);
if (dom) dom->id = vm->def->id;
@@ -1309,6 +1333,9 @@ static virDomainPtr qemuDomainLookupByUUID(virConnectPtr conn,
goto cleanup;
}
+ if (virDomainLookupByUUIDEnsureACL(conn, vm->def) < 0)
+ goto cleanup;
+
dom = virGetDomain(conn, vm->def->name, vm->def->uuid);
if (dom) dom->id = vm->def->id;
@@ -1332,6 +1359,9 @@ static virDomainPtr qemuDomainLookupByName(virConnectPtr conn,
goto cleanup;
}
+ if (virDomainLookupByNameEnsureACL(conn, vm->def) < 0)
+ goto cleanup;
+
dom = virGetDomain(conn, vm->def->name, vm->def->uuid);
if (dom) dom->id = vm->def->id;
@@ -1350,6 +1380,9 @@ static int qemuDomainIsActive(virDomainPtr dom)
if (!(obj = qemuDomObjFromDomain(dom)))
goto cleanup;
+ if (virDomainIsActiveEnsureACL(dom->conn, obj->def) < 0)
+ goto cleanup;
+
ret = virDomainObjIsActive(obj);
cleanup:
@@ -1366,6 +1399,9 @@ static int qemuDomainIsPersistent(virDomainPtr dom)
if (!(obj = qemuDomObjFromDomain(dom)))
goto cleanup;
+ if (virDomainIsPersistentEnsureACL(dom->conn, obj->def) < 0)
+ goto cleanup;
+
ret = obj->persistent;
cleanup:
@@ -1382,6 +1418,9 @@ static int qemuDomainIsUpdated(virDomainPtr dom)
if (!(obj = qemuDomObjFromDomain(dom)))
goto cleanup;
+ if (virDomainIsUpdatedEnsureACL(dom->conn, obj->def) < 0)
+ goto cleanup;
+
ret = obj->updated;
cleanup:
@@ -1396,6 +1435,9 @@ static int qemuConnectGetVersion(virConnectPtr conn, unsigned long *version) {
unsigned int qemuVersion = 0;
virCapsPtr caps = NULL;
+ if (virConnectGetVersionEnsureACL(conn) < 0)
+ return -1;
+
if (!(caps = virQEMUDriverGetCapabilities(driver, false)))
goto cleanup;
@@ -1413,8 +1455,11 @@ cleanup:
}
-static char *qemuConnectGetHostname(virConnectPtr conn ATTRIBUTE_UNUSED)
+static char *qemuConnectGetHostname(virConnectPtr conn)
{
+ if (virConnectGetHostnameEnsureACL(conn) < 0)
+ return NULL;
+
return virGetHostname();
}
@@ -1423,6 +1468,9 @@ static int qemuConnectListDomains(virConnectPtr conn, int *ids, int nids) {
virQEMUDriverPtr driver = conn->privateData;
int n;
+ if (virConnectListDomainsEnsureACL(conn) < 0)
+ return -1;
+
n = virDomainObjListGetActiveIDs(driver->domains, ids, nids);
return n;
@@ -1432,6 +1480,9 @@ static int qemuConnectNumOfDomains(virConnectPtr conn) {
virQEMUDriverPtr driver = conn->privateData;
int n;
+ if (virConnectNumOfDomainsEnsureACL(conn) < 0)
+ return -1;
+
n = virDomainObjListNumOfDomains(driver->domains, 1);
return n;
@@ -1489,6 +1540,9 @@ static virDomainPtr qemuDomainCreateXML(virConnectPtr conn,
VIR_DOMAIN_XML_INACTIVE)))
goto cleanup;
+ if (virDomainCreateXMLEnsureACL(conn, def) < 0)
+ goto cleanup;
+
if (virSecurityManagerVerify(driver->securityManager, def) < 0)
goto cleanup;
@@ -1573,6 +1627,9 @@ static int qemuDomainSuspend(virDomainPtr dom) {
if (!(vm = qemuDomObjFromDomain(dom)))
return -1;
+ if (virDomainSuspendEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (!virDomainObjIsActive(vm)) {
virReportError(VIR_ERR_OPERATION_INVALID,
"%s", _("domain is not running"));
@@ -1651,6 +1708,9 @@ static int qemuDomainResume(virDomainPtr dom) {
cfg = virQEMUDriverGetConfig(driver);
+ if (virDomainResumeEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (qemuDomainObjBeginJob(driver, vm, QEMU_JOB_MODIFY) < 0)
goto cleanup;
@@ -1719,6 +1779,9 @@ static int qemuDomainShutdownFlags(virDomainPtr dom, unsigned int flags) {
if (agentRequested || (!flags && priv->agent))
useAgent = true;
+ if (virDomainShutdownFlagsEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (priv->agentError) {
if (agentRequested && !acpiRequested) {
virReportError(VIR_ERR_AGENT_UNRESPONSIVE, "%s",
@@ -1808,6 +1871,9 @@ qemuDomainReboot(virDomainPtr dom, unsigned int flags)
priv = vm->privateData;
+ if (virDomainRebootEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if ((flags & VIR_DOMAIN_REBOOT_GUEST_AGENT) ||
(!(flags & VIR_DOMAIN_REBOOT_ACPI_POWER_BTN) &&
priv->agent))
@@ -1889,6 +1955,9 @@ qemuDomainReset(virDomainPtr dom, unsigned int flags)
if (!(vm = qemuDomObjFromDomain(dom)))
goto cleanup;
+ if (virDomainResetEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (qemuDomainObjBeginJob(driver, vm, QEMU_JOB_MODIFY) < 0)
goto cleanup;
@@ -1946,6 +2015,9 @@ qemuDomainDestroyFlags(virDomainPtr dom,
priv = vm->privateData;
+ if (virDomainDestroyFlagsEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
qemuDomainSetFakeReboot(driver, vm, false);
@@ -2021,6 +2093,9 @@ static char *qemuDomainGetOSType(virDomainPtr dom) {
if (!(vm = qemuDomObjFromDomain(dom)))
goto cleanup;
+ if (virDomainGetOSTypeEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (!(type = strdup(vm->def->os.type)))
virReportOOMError();
@@ -2040,6 +2115,9 @@ qemuDomainGetMaxMemory(virDomainPtr dom)
if (!(vm = qemuDomObjFromDomain(dom)))
goto cleanup;
+ if (virDomainGetMaxMemoryEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
ret = vm->def->mem.max_balloon;
cleanup:
@@ -2067,6 +2145,9 @@ static int qemuDomainSetMemoryFlags(virDomainPtr dom, unsigned long newmem,
cfg = virQEMUDriverGetConfig(driver);
+ if (virDomainSetMemoryFlagsEnsureACL(dom->conn, vm->def, flags) < 0)
+ goto cleanup;
+
if (qemuDomainObjBeginJob(driver, vm, QEMU_JOB_MODIFY) < 0)
goto cleanup;
@@ -2167,6 +2248,9 @@ static int qemuDomainInjectNMI(virDomainPtr domain, unsigned int flags)
if (!(vm = qemuDomObjFromDomain(domain)))
return -1;
+ if (virDomainInjectNMIEnsureACL(domain->conn, vm->def) < 0)
+ goto cleanup;
+
if (!virDomainObjIsActive(vm)) {
virReportError(VIR_ERR_OPERATION_INVALID,
"%s", _("domain is not running"));
@@ -2238,6 +2322,9 @@ static int qemuDomainSendKey(virDomainPtr domain,
priv = vm->privateData;
+ if (virDomainSendKeyEnsureACL(domain->conn, vm->def) < 0)
+ goto cleanup;
+
if (qemuDomainObjBeginJob(driver, vm, QEMU_JOB_MODIFY) < 0)
goto cleanup;
@@ -2273,6 +2360,9 @@ static int qemuDomainGetInfo(virDomainPtr dom,
if (!(vm = qemuDomObjFromDomain(dom)))
goto cleanup;
+ if (virDomainGetInfoEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
info->state = virDomainObjGetState(vm, NULL);
if (!virDomainObjIsActive(vm)) {
@@ -2352,6 +2442,9 @@ qemuDomainGetState(virDomainPtr dom,
if (!(vm = qemuDomObjFromDomain(dom)))
goto cleanup;
+ if (virDomainGetStateEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
*state = virDomainObjGetState(vm, reason);
ret = 0;
@@ -2375,6 +2468,9 @@ qemuDomainGetControlInfo(virDomainPtr dom,
if (!(vm = qemuDomObjFromDomain(dom)))
goto cleanup;
+ if (virDomainGetControlInfoEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (!virDomainObjIsActive(vm)) {
virReportError(VIR_ERR_OPERATION_INVALID,
"%s", _("domain is not running"));
@@ -2944,6 +3040,9 @@ qemuDomainSaveFlags(virDomainPtr dom, const char *path, const char *dxml,
if (!(vm = qemuDomObjFromDomain(dom)))
goto cleanup;
+ if (virDomainSaveFlagsEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (!virDomainObjIsActive(vm)) {
virReportError(VIR_ERR_OPERATION_INVALID,
"%s", _("domain is not running"));
@@ -2999,6 +3098,9 @@ qemuDomainManagedSave(virDomainPtr dom, unsigned int flags)
if (!(vm = qemuDomObjFromDomain(dom)))
return -1;
+ if (virDomainManagedSaveEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (!virDomainObjIsActive(vm)) {
virReportError(VIR_ERR_OPERATION_INVALID,
"%s", _("domain is not running"));
@@ -3057,14 +3159,19 @@ static int
qemuDomainHasManagedSaveImage(virDomainPtr dom, unsigned int flags)
{
virDomainObjPtr vm = NULL;
- int ret;
+ int ret = -1;
virCheckFlags(0, -1);
if (!(vm = qemuDomObjFromDomain(dom)))
return -1;
+ if (virDomainHasManagedSaveImageEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
ret = vm->hasManagedSave;
+
+cleanup:
virObjectUnlock(vm);
return ret;
}
@@ -3082,6 +3189,9 @@ qemuDomainManagedSaveRemove(virDomainPtr dom, unsigned int flags)
if (!(vm = qemuDomObjFromDomain(dom)))
return -1;
+ if (virDomainManagedSaveRemoveEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (!(name = qemuDomainManagedSavePath(driver, vm)))
goto cleanup;
@@ -3244,6 +3354,9 @@ static int qemuDomainCoreDump(virDomainPtr dom,
if (!(vm = qemuDomObjFromDomain(dom)))
return -1;
+ if (virDomainCoreDumpEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (qemuDomainObjBeginAsyncJob(driver, vm,
QEMU_ASYNC_JOB_DUMP) < 0)
goto cleanup;
@@ -3350,6 +3463,9 @@ qemuDomainScreenshot(virDomainPtr dom,
priv = vm->privateData;
cfg = virQEMUDriverGetConfig(driver);
+ if (virDomainScreenshotEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (qemuDomainObjBeginJob(driver, vm, QEMU_JOB_QUERY) < 0)
goto cleanup;
@@ -3706,11 +3822,15 @@ qemuDomainSetVcpusFlags(virDomainPtr dom, unsigned int nvcpus,
return -1;
}
+ if (!(vm = qemuDomObjFromDomain(dom)))
+ goto cleanup;
+
cfg = virQEMUDriverGetConfig(driver);
- if (!(caps = virQEMUDriverGetCapabilities(driver, false)))
+
+ if (virDomainSetVcpusFlagsEnsureACL(dom->conn, vm->def, flags) < 0)
goto cleanup;
- if (!(vm = qemuDomObjFromDomain(dom)))
+ if (!(caps = virQEMUDriverGetCapabilities(driver, false)))
goto cleanup;
if (qemuDomainObjBeginJob(driver, vm, QEMU_JOB_MODIFY) < 0)
@@ -3805,6 +3925,9 @@ qemuDomainPinVcpuFlags(virDomainPtr dom,
if (!(vm = qemuDomObjFromDomain(dom)))
goto cleanup;
+ if (virDomainPinVcpuFlagsEnsureACL(dom->conn, vm->def, flags) < 0)
+ goto cleanup;
+
if (!(caps = virQEMUDriverGetCapabilities(driver, false)))
goto cleanup;
@@ -3988,6 +4111,9 @@ qemuDomainGetVcpuPinInfo(virDomainPtr dom,
if (!(vm = qemuDomObjFromDomain(dom)))
goto cleanup;
+ if (virDomainGetVcpuPinInfoEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (!(caps = virQEMUDriverGetCapabilities(driver, false)))
goto cleanup;
@@ -4076,6 +4202,9 @@ qemuDomainPinEmulator(virDomainPtr dom,
if (!(vm = qemuDomObjFromDomain(dom)))
goto cleanup;
+ if (virDomainPinEmulatorEnsureACL(dom->conn, vm->def, flags) < 0)
+ goto cleanup;
+
if (!(caps = virQEMUDriverGetCapabilities(driver, false)))
goto cleanup;
@@ -4230,6 +4359,9 @@ qemuDomainGetEmulatorPinInfo(virDomainPtr dom,
if (!(vm = qemuDomObjFromDomain(dom)))
goto cleanup;
+ if (virDomainGetEmulatorPinInfoEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (!(caps = virQEMUDriverGetCapabilities(driver, false)))
goto cleanup;
@@ -4295,6 +4427,9 @@ qemuDomainGetVcpus(virDomainPtr dom,
if (!(vm = qemuDomObjFromDomain(dom)))
goto cleanup;
+ if (virDomainGetVcpusEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (!virDomainObjIsActive(vm)) {
virReportError(VIR_ERR_OPERATION_INVALID,
"%s",
@@ -4387,6 +4522,9 @@ qemuDomainGetVcpusFlags(virDomainPtr dom, unsigned int flags)
if (!(vm = qemuDomObjFromDomain(dom)))
goto cleanup;
+ if (virDomainGetVcpusFlagsEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (!(caps = virQEMUDriverGetCapabilities(driver, false)))
goto cleanup;
@@ -4425,6 +4563,9 @@ static int qemuDomainGetSecurityLabel(virDomainPtr dom, virSecurityLabelPtr secl
if (!(vm = qemuDomObjFromDomain(dom)))
return -1;
+ if (virDomainGetSecurityLabelEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (!virDomainVirtTypeToString(vm->def->virtType)) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("unknown virt type in domain definition '%d'"),
@@ -4473,6 +4614,9 @@ static int qemuDomainGetSecurityLabelList(virDomainPtr dom,
if (!(vm = qemuDomObjFromDomain(dom)))
return -1;
+ if (virDomainGetSecurityLabelListEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (!virDomainVirtTypeToString(vm->def->virtType)) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("unknown virt type in domain definition '%d'"),
@@ -4540,6 +4684,9 @@ static int qemuNodeGetSecurityModel(virConnectPtr conn,
if (!(caps = virQEMUDriverGetCapabilities(driver, false)))
goto cleanup;
+ if (virNodeGetSecurityModelEnsureACL(conn) < 0)
+ goto cleanup;
+
/* We treat no driver as success, but simply return no data in *secmodel */
if (caps->host.nsecModels == 0 ||
caps->host.secModels[0].model == NULL)
@@ -4868,6 +5015,9 @@ qemuDomainRestoreFlags(virConnectPtr conn,
if (fd < 0)
goto cleanup;
+ if (virDomainRestoreFlagsEnsureACL(conn, def) < 0)
+ goto cleanup;
+
if (!(vm = virDomainObjListAdd(driver->domains, def,
driver->xmlopt,
VIR_DOMAIN_OBJ_LIST_ADD_LIVE |
@@ -4926,6 +5076,9 @@ qemuDomainSaveImageGetXMLDesc(virConnectPtr conn, const char *path,
if (fd < 0)
goto cleanup;
+ if (virDomainSaveImageGetXMLDescEnsureACL(conn, def) < 0)
+ goto cleanup;
+
ret = qemuDomainDefFormatXML(driver, def, flags);
cleanup:
@@ -4965,6 +5118,9 @@ qemuDomainSaveImageDefineXML(virConnectPtr conn, const char *path,
goto cleanup;
}
+ if (virDomainSaveImageDefineXMLEnsureACL(conn, def) < 0)
+ goto cleanup;
+
xml = qemuDomainDefFormatXML(driver, def,
VIR_DOMAIN_XML_INACTIVE |
VIR_DOMAIN_XML_SECURE |
@@ -5075,6 +5231,9 @@ static char *qemuDomainGetXMLDesc(virDomainPtr dom,
priv = vm->privateData;
+ if (virDomainGetXMLDescEnsureACL(dom->conn, vm->def, flags) < 0)
+ goto cleanup;
+
/* Refresh current memory based on balloon info if supported */
if ((vm->def->memballoon != NULL) &&
(vm->def->memballoon->model != VIR_DOMAIN_MEMBALLOON_MODEL_NONE) &&
@@ -5133,6 +5292,9 @@ static char *qemuConnectDomainXMLFromNative(virConnectPtr conn,
virCheckFlags(0, NULL);
+ if (virConnectDomainXMLFromNativeEnsureACL(conn) < 0)
+ goto cleanup;
+
if (STRNEQ(format, QEMU_CONFIG_FORMAT_ARGV)) {
virReportError(VIR_ERR_INVALID_ARG,
_("unsupported config type %s"), format);
@@ -5181,6 +5343,9 @@ static char *qemuConnectDomainXMLToNative(virConnectPtr conn,
cfg = virQEMUDriverGetConfig(driver);
+ if (virConnectDomainXMLToNativeEnsureACL(conn) < 0)
+ goto cleanup;
+
if (STRNEQ(format, QEMU_CONFIG_FORMAT_ARGV)) {
virReportError(VIR_ERR_INVALID_ARG,
_("unsupported config type %s"), format);
@@ -5354,19 +5519,28 @@ cleanup:
static int qemuConnectListDefinedDomains(virConnectPtr conn,
char **const names, int nnames) {
virQEMUDriverPtr driver = conn->privateData;
- int n;
+ int ret = -1;
- n = virDomainObjListGetInactiveNames(driver->domains, names, nnames);
- return n;
+ if (virConnectListDefinedDomainsEnsureACL(conn) < 0)
+ goto cleanup;
+
+ ret = virDomainObjListGetInactiveNames(driver->domains, names, nnames);
+
+cleanup:
+ return ret;
}
static int qemuConnectNumOfDefinedDomains(virConnectPtr conn) {
virQEMUDriverPtr driver = conn->privateData;
- int n;
+ int ret = -1;
+
+ if (virConnectNumOfDefinedDomainsEnsureACL(conn) < 0)
+ goto cleanup;
- n = virDomainObjListNumOfDomains(driver->domains, 0);
+ ret = virDomainObjListNumOfDomains(driver->domains, 0);
- return n;
+cleanup:
+ return ret;
}
@@ -5463,6 +5637,9 @@ qemuDomainCreateWithFlags(virDomainPtr dom, unsigned int flags)
if (!(vm = qemuDomObjFromDomain(dom)))
return -1;
+ if (virDomainCreateWithFlagsEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (qemuDomainObjBeginJob(driver, vm, QEMU_JOB_MODIFY) < 0)
goto cleanup;
@@ -5514,6 +5691,9 @@ static virDomainPtr qemuDomainDefineXML(virConnectPtr conn, const char *xml) {
VIR_DOMAIN_XML_INACTIVE)))
goto cleanup;
+ if (virDomainDefineXMLEnsureACL(conn, def) < 0)
+ goto cleanup;
+
if (virSecurityManagerVerify(driver->securityManager, def) < 0)
goto cleanup;
@@ -5603,6 +5783,9 @@ qemuDomainUndefineFlags(virDomainPtr dom,
cfg = virQEMUDriverGetConfig(driver);
+ if (virDomainUndefineFlagsEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (!vm->persistent) {
virReportError(VIR_ERR_OPERATION_INVALID,
"%s", _("cannot undefine transient domain"));
@@ -6369,6 +6552,9 @@ static int qemuDomainAttachDeviceFlags(virDomainPtr dom, const char *xml,
priv = vm->privateData;
+ if (virDomainAttachDeviceFlagsEnsureACL(dom->conn, vm->def, flags) < 0)
+ goto cleanup;
+
if (qemuDomainObjBeginJob(driver, vm, QEMU_JOB_MODIFY) < 0)
goto cleanup;
@@ -6509,6 +6695,9 @@ static int qemuDomainUpdateDeviceFlags(virDomainPtr dom,
priv = vm->privateData;
+ if (virDomainUpdateDeviceFlagsEnsureACL(dom->conn, vm->def, flags) < 0)
+ goto cleanup;
+
if (qemuDomainObjBeginJob(driver, vm, QEMU_JOB_MODIFY) < 0)
goto cleanup;
@@ -6641,6 +6830,9 @@ static int qemuDomainDetachDeviceFlags(virDomainPtr dom, const char *xml,
priv = vm->privateData;
+ if (virDomainDetachDeviceFlagsEnsureACL(dom->conn, vm->def, flags) < 0)
+ goto cleanup;
+
if (qemuDomainObjBeginJob(driver, vm, QEMU_JOB_MODIFY) < 0)
goto cleanup;
@@ -6756,6 +6948,9 @@ static int qemuDomainGetAutostart(virDomainPtr dom,
if (!(vm = qemuDomObjFromDomain(dom)))
goto cleanup;
+ if (virDomainGetAutostartEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
*autostart = vm->autostart;
ret = 0;
@@ -6778,6 +6973,9 @@ static int qemuDomainSetAutostart(virDomainPtr dom,
cfg = virQEMUDriverGetConfig(driver);
+ if (virDomainSetAutostartEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (!vm->persistent) {
virReportError(VIR_ERR_OPERATION_INVALID,
"%s", _("cannot set autostart for transient domain"));
@@ -6879,6 +7077,9 @@ static char *qemuDomainGetSchedulerType(virDomainPtr dom,
}
priv = vm->privateData;
+ if (virDomainGetSchedulerTypeEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (!virCgroupHasController(priv->cgroup, VIR_CGROUP_CONTROLLER_CPU)) {
virReportError(VIR_ERR_OPERATION_INVALID,
"%s", _("cgroup CPU controller is not mounted"));
@@ -7063,6 +7264,10 @@ qemuDomainSetBlkioParameters(virDomainPtr dom,
priv = vm->privateData;
cfg = virQEMUDriverGetConfig(driver);
+
+ if (virDomainSetBlkioParametersEnsureACL(dom->conn, vm->def, flags) < 0)
+ goto cleanup;
+
if (!(caps = virQEMUDriverGetCapabilities(driver, false)))
goto cleanup;
@@ -7210,6 +7415,9 @@ qemuDomainGetBlkioParameters(virDomainPtr dom,
priv = vm->privateData;
+ if (virDomainGetBlkioParametersEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (!(caps = virQEMUDriverGetCapabilities(driver, false)))
goto cleanup;
@@ -7399,6 +7607,9 @@ qemuDomainSetMemoryParameters(virDomainPtr dom,
priv = vm->privateData;
cfg = virQEMUDriverGetConfig(driver);
+ if (virDomainSetMemoryParametersEnsureACL(dom->conn, vm->def, flags) < 0)
+ goto cleanup;
+
if (!(caps = virQEMUDriverGetCapabilities(driver, false)))
goto cleanup;
@@ -7519,6 +7730,10 @@ qemuDomainGetMemoryParameters(virDomainPtr dom,
return -1;
priv = vm->privateData;
+
+ if (virDomainGetMemoryParametersEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (!(caps = virQEMUDriverGetCapabilities(driver, false)))
goto cleanup;
@@ -7671,6 +7886,9 @@ qemuDomainSetNumaParameters(virDomainPtr dom,
priv = vm->privateData;
cfg = virQEMUDriverGetConfig(driver);
+ if (virDomainSetNumaParametersEnsureACL(dom->conn, vm->def, flags) < 0)
+ goto cleanup;
+
if (!(caps = virQEMUDriverGetCapabilities(driver, false)))
goto cleanup;
@@ -7813,6 +8031,9 @@ qemuDomainGetNumaParameters(virDomainPtr dom,
priv = vm->privateData;
+ if (virDomainGetNumaParametersEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (!(caps = virQEMUDriverGetCapabilities(driver, false)))
goto cleanup;
@@ -8012,6 +8233,9 @@ qemuDomainSetSchedulerParametersFlags(virDomainPtr dom,
priv = vm->privateData;
cfg = virQEMUDriverGetConfig(driver);
+ if (virDomainSetSchedulerParametersFlagsEnsureACL(dom->conn, vm->def, flags) < 0)
+ goto cleanup;
+
if (!(caps = virQEMUDriverGetCapabilities(driver, false)))
goto cleanup;
@@ -8281,6 +8505,9 @@ qemuDomainGetSchedulerParametersFlags(virDomainPtr dom,
priv = vm->privateData;
+ if (virDomainGetSchedulerParametersFlagsEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (*nparams > 1) {
rc = qemuGetCpuBWStatus(priv->cgroup);
if (rc < 0)
@@ -8437,6 +8664,9 @@ qemuDomainBlockResize(virDomainPtr dom,
priv = vm->privateData;
+ if (virDomainBlockResizeEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (qemuDomainObjBeginJob(driver, vm, QEMU_JOB_MODIFY) < 0)
goto cleanup;
@@ -8497,6 +8727,9 @@ qemuDomainBlockStats(virDomainPtr dom,
if (!(vm = qemuDomObjFromDomain(dom)))
goto cleanup;
+ if (virDomainBlockStatsEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (!virDomainObjIsActive(vm)) {
virReportError(VIR_ERR_OPERATION_INVALID,
"%s", _("domain is not running"));
@@ -8574,6 +8807,9 @@ qemuDomainBlockStatsFlags(virDomainPtr dom,
if (!(vm = qemuDomObjFromDomain(dom)))
goto cleanup;
+ if (virDomainBlockStatsFlagsEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (qemuDomainObjBeginJob(driver, vm, QEMU_JOB_QUERY) < 0)
goto cleanup;
@@ -8727,6 +8963,9 @@ qemuDomainInterfaceStats(virDomainPtr dom,
if (!(vm = qemuDomObjFromDomain(dom)))
goto cleanup;
+ if (virDomainInterfaceStatsEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (!virDomainObjIsActive(vm)) {
virReportError(VIR_ERR_OPERATION_INVALID,
"%s", _("domain is not running"));
@@ -8805,6 +9044,9 @@ qemuDomainSetInterfaceParameters(virDomainPtr dom,
cfg = virQEMUDriverGetConfig(driver);
+ if (virDomainSetInterfaceParametersEnsureACL(dom->conn, vm->def, flags) < 0)
+ goto cleanup;
+
if (!(caps = virQEMUDriverGetCapabilities(driver, false)))
goto cleanup;
@@ -8964,6 +9206,9 @@ qemuDomainGetInterfaceParameters(virDomainPtr dom,
if (!(vm = qemuDomObjFromDomain(dom)))
return -1;
+ if (virDomainGetInterfaceParametersEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (!(caps = virQEMUDriverGetCapabilities(driver, false)))
goto cleanup;
@@ -9070,6 +9315,9 @@ qemuDomainMemoryStats(virDomainPtr dom,
if (!(vm = qemuDomObjFromDomain(dom)))
goto cleanup;
+ if (virDomainMemoryStatsEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (qemuDomainObjBeginJob(driver, vm, QEMU_JOB_QUERY) < 0)
goto cleanup;
@@ -9121,6 +9369,9 @@ qemuDomainBlockPeek(virDomainPtr dom,
if (!(vm = qemuDomObjFromDomain(dom)))
goto cleanup;
+ if (virDomainBlockPeekEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (!path || path[0] == '\0') {
virReportError(VIR_ERR_INVALID_ARG,
"%s", _("NULL or empty path"));
@@ -9183,6 +9434,9 @@ qemuDomainMemoryPeek(virDomainPtr dom,
cfg = virQEMUDriverGetConfig(driver);
+ if (virDomainMemoryPeekEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (flags != VIR_MEMORY_VIRTUAL && flags != VIR_MEMORY_PHYSICAL) {
virReportError(VIR_ERR_INVALID_ARG,
"%s", _("flags parameter must be VIR_MEMORY_VIRTUAL or VIR_MEMORY_PHYSICAL"));
@@ -9276,6 +9530,9 @@ static int qemuDomainGetBlockInfo(virDomainPtr dom,
cfg = virQEMUDriverGetConfig(driver);
+ if (virDomainGetBlockInfoEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (!path || path[0] == '\0') {
virReportError(VIR_ERR_INVALID_ARG,
"%s", _("NULL or empty path"));
@@ -9410,12 +9667,19 @@ qemuConnectDomainEventRegister(virConnectPtr conn,
virFreeCallback freecb)
{
virQEMUDriverPtr driver = conn->privateData;
- int ret;
+ int ret = -1;
- ret = virDomainEventStateRegister(conn,
- driver->domainEventState,
- callback, opaque, freecb);
+ if (virConnectDomainEventRegisterEnsureACL(conn) < 0)
+ goto cleanup;
+
+ if (virDomainEventStateRegister(conn,
+ driver->domainEventState,
+ callback, opaque, freecb) < 0)
+ goto cleanup;
+ ret = 0;
+
+cleanup:
return ret;
}
@@ -9425,12 +9689,19 @@ qemuConnectDomainEventDeregister(virConnectPtr conn,
virConnectDomainEventCallback callback)
{
virQEMUDriverPtr driver = conn->privateData;
- int ret;
+ int ret = -1;
- ret = virDomainEventStateDeregister(conn,
- driver->domainEventState,
- callback);
+ if (virConnectDomainEventDeregisterEnsureACL(conn) < 0)
+ goto cleanup;
+
+ if (virDomainEventStateDeregister(conn,
+ driver->domainEventState,
+ callback) < 0)
+ goto cleanup;
+
+ ret = 0;
+cleanup:
return ret;
}
@@ -9444,14 +9715,20 @@ qemuConnectDomainEventRegisterAny(virConnectPtr conn,
virFreeCallback freecb)
{
virQEMUDriverPtr driver = conn->privateData;
- int ret;
+ int ret = -1;
+
+ if (virConnectDomainEventRegisterAnyEnsureACL(conn) < 0)
+ goto cleanup;
if (virDomainEventStateRegisterID(conn,
driver->domainEventState,
dom, eventID,
callback, opaque, freecb, &ret) < 0)
- ret = -1;
+ goto cleanup;
+ ret = 0;
+
+cleanup:
return ret;
}
@@ -9461,12 +9738,19 @@ qemuConnectDomainEventDeregisterAny(virConnectPtr conn,
int callbackID)
{
virQEMUDriverPtr driver = conn->privateData;
- int ret;
+ int ret = -1;
- ret = virDomainEventStateDeregisterID(conn,
- driver->domainEventState,
- callbackID);
+ if (virConnectDomainEventDeregisterAnyEnsureACL(conn) < 0)
+ goto cleanup;
+ if (virDomainEventStateDeregisterID(conn,
+ driver->domainEventState,
+ callbackID) < 0)
+ goto cleanup;
+
+ ret = 0;
+
+cleanup:
return ret;
}
@@ -9534,6 +9818,9 @@ qemuDomainMigratePrepareTunnel(virConnectPtr dconn,
}
}
+ if (virDomainMigratePrepareTunnelEnsureACL(dconn, def) < 0)
+ goto cleanup;
+
ret = qemuMigrationPrepareTunnel(driver, dconn,
NULL, 0, NULL, NULL, /* No cookies in v2 */
st, def, flags);
@@ -9607,6 +9894,9 @@ qemuDomainMigratePrepare2(virConnectPtr dconn,
}
}
+ if (virDomainMigratePrepare2EnsureACL(dconn, def) < 0)
+ goto cleanup;
+
/* Do not use cookies in v2 protocol, since the cookie
* length was not sufficiently large, causing failures
* migrating between old & new libvirtd
@@ -9651,6 +9941,9 @@ qemuDomainMigratePerform(virDomainPtr dom,
if (!(vm = qemuDomObjFromDomain(dom)))
goto cleanup;
+ if (virDomainMigratePerformEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (flags & VIR_MIGRATE_PEER2PEER) {
dconnuri = uri;
uri = NULL;
@@ -9695,6 +9988,9 @@ qemuDomainMigrateFinish2(virConnectPtr dconn,
goto cleanup;
}
+ if (virDomainMigrateFinish2EnsureACL(dconn, vm->def) < 0)
+ goto cleanup;
+
/* Do not use cookies in v2 protocol, since the cookie
* length was not sufficiently large, causing failures
* migrating between old & new libvirtd
@@ -9731,6 +10027,9 @@ qemuDomainMigrateBegin3(virDomainPtr domain,
if (!(vm = qemuDomObjFromDomain(domain)))
return NULL;
+ if (virDomainMigrateBegin3EnsureACL(domain->conn, vm->def) < 0)
+ goto cleanup;
+
if ((flags & VIR_MIGRATE_CHANGE_PROTECTION)) {
if (qemuMigrationJobStart(driver, vm, QEMU_ASYNC_JOB_MIGRATION_OUT) < 0)
goto cleanup;
@@ -9848,6 +10147,9 @@ qemuDomainMigratePrepare3(virConnectPtr dconn,
}
}
+ if (virDomainMigratePrepare3EnsureACL(dconn, def) < 0)
+ goto cleanup;
+
ret = qemuMigrationPrepareDirect(driver, dconn,
cookiein, cookieinlen,
cookieout, cookieoutlen,
@@ -9913,6 +10215,9 @@ qemuDomainMigratePrepareTunnel3(virConnectPtr dconn,
}
}
+ if (virDomainMigratePrepareTunnel3EnsureACL(dconn, def) < 0)
+ goto cleanup;
+
ret = qemuMigrationPrepareTunnel(driver, dconn,
cookiein, cookieinlen,
cookieout, cookieoutlen,
@@ -9947,6 +10252,11 @@ qemuDomainMigratePerform3(virDomainPtr dom,
if (!(vm = qemuDomObjFromDomain(dom)))
return -1;
+ if (virDomainMigratePerform3EnsureACL(dom->conn, vm->def) < 0) {
+ virObjectUnlock(vm);
+ return -1;
+ }
+
return qemuMigrationPerform(driver, dom->conn, vm, xmlin,
dconnuri, uri, cookiein, cookieinlen,
cookieout, cookieoutlen,
@@ -9979,6 +10289,9 @@ qemuDomainMigrateFinish3(virConnectPtr dconn,
goto cleanup;
}
+ if (virDomainMigrateFinish3EnsureACL(dconn, vm->def) < 0)
+ goto cleanup;
+
dom = qemuMigrationFinish(driver, dconn, vm,
cookiein, cookieinlen,
cookieout, cookieoutlen,
@@ -10008,6 +10321,9 @@ qemuDomainMigrateConfirm3(virDomainPtr domain,
cfg = virQEMUDriverGetConfig(driver);
+ if (virDomainMigrateConfirm3EnsureACL(domain->conn, vm->def) < 0)
+ goto cleanup;
+
if (!qemuMigrationJobIsActive(vm, QEMU_ASYNC_JOB_MIGRATION_OUT))
goto cleanup;
@@ -10043,25 +10359,15 @@ cleanup:
static int
-qemuNodeDeviceGetPciInfo(virNodeDevicePtr dev,
+qemuNodeDeviceGetPciInfo(virNodeDeviceDefPtr def,
unsigned *domain,
unsigned *bus,
unsigned *slot,
unsigned *function)
{
- virNodeDeviceDefPtr def = NULL;
virNodeDevCapsDefPtr cap;
- char *xml = NULL;
int ret = -1;
- xml = virNodeDeviceGetXMLDesc(dev, 0);
- if (!xml)
- goto out;
-
- def = virNodeDeviceDefParseString(xml, EXISTING_DEVICE, NULL);
- if (!def)
- goto out;
-
cap = def->caps;
while (cap) {
if (cap->type == VIR_NODE_DEV_CAP_PCI_DEV) {
@@ -10077,14 +10383,12 @@ qemuNodeDeviceGetPciInfo(virNodeDevicePtr dev,
if (!cap) {
virReportError(VIR_ERR_INVALID_ARG,
- _("device %s is not a PCI device"), dev->name);
+ _("device %s is not a PCI device"), def->name);
goto out;
}
ret = 0;
out:
- virNodeDeviceDefFree(def);
- VIR_FREE(xml);
return ret;
}
@@ -10098,15 +10402,28 @@ qemuNodeDeviceDetachFlags(virNodeDevicePtr dev,
unsigned domain, bus, slot, function;
int ret = -1;
bool in_inactive_list = false;
+ virNodeDeviceDefPtr def = NULL;
+ char *xml = NULL;
virCheckFlags(0, -1);
- if (qemuNodeDeviceGetPciInfo(dev, &domain, &bus, &slot, &function) < 0)
- return -1;
+ xml = virNodeDeviceGetXMLDesc(dev, 0);
+ if (!xml)
+ goto cleanup;
+
+ def = virNodeDeviceDefParseString(xml, EXISTING_DEVICE, NULL);
+ if (!def)
+ goto cleanup;
+
+ if (virNodeDeviceDetachFlagsEnsureACL(dev->conn, def) < 0)
+ goto cleanup;
+
+ if (qemuNodeDeviceGetPciInfo(def, &domain, &bus, &slot, &function) < 0)
+ goto cleanup;
pci = virPCIDeviceNew(domain, bus, slot, function);
if (!pci)
- return -1;
+ goto cleanup;
if (!driverName || STREQ(driverName, "kvm")) {
virPCIDeviceSetStubDriver(pci, "pci-stub");
@@ -10132,6 +10449,9 @@ out:
virObjectUnlock(driver->activePciHostdevs);
if (in_inactive_list)
virPCIDeviceFree(pci);
+cleanup:
+ virNodeDeviceDefFree(def);
+ VIR_FREE(xml);
return ret;
}
@@ -10145,17 +10465,30 @@ static int
qemuNodeDeviceReAttach(virNodeDevicePtr dev)
{
virQEMUDriverPtr driver = dev->conn->privateData;
- virPCIDevicePtr pci;
+ virPCIDevicePtr pci = NULL;
virPCIDevicePtr other;
unsigned domain, bus, slot, function;
int ret = -1;
+ virNodeDeviceDefPtr def = NULL;
+ char *xml = NULL;
- if (qemuNodeDeviceGetPciInfo(dev, &domain, &bus, &slot, &function) < 0)
- return -1;
+ xml = virNodeDeviceGetXMLDesc(dev, 0);
+ if (!xml)
+ goto cleanup;
+
+ def = virNodeDeviceDefParseString(xml, EXISTING_DEVICE, NULL);
+ if (!def)
+ goto cleanup;
+
+ if (virNodeDeviceReAttachEnsureACL(dev->conn, def) < 0)
+ goto cleanup;
+
+ if (qemuNodeDeviceGetPciInfo(def, &domain, &bus, &slot, &function) < 0)
+ goto cleanup;
pci = virPCIDeviceNew(domain, bus, slot, function);
if (!pci)
- return -1;
+ goto cleanup;
virObjectLock(driver->activePciHostdevs);
virObjectLock(driver->inactivePciHostdevs);
@@ -10185,6 +10518,9 @@ out:
virObjectUnlock(driver->inactivePciHostdevs);
virObjectUnlock(driver->activePciHostdevs);
virPCIDeviceFree(pci);
+cleanup:
+ virNodeDeviceDefFree(def);
+ VIR_FREE(xml);
return ret;
}
@@ -10195,13 +10531,26 @@ qemuNodeDeviceReset(virNodeDevicePtr dev)
virPCIDevicePtr pci;
unsigned domain, bus, slot, function;
int ret = -1;
+ virNodeDeviceDefPtr def = NULL;
+ char *xml = NULL;
- if (qemuNodeDeviceGetPciInfo(dev, &domain, &bus, &slot, &function) < 0)
- return -1;
+ xml = virNodeDeviceGetXMLDesc(dev, 0);
+ if (!xml)
+ goto cleanup;
+
+ def = virNodeDeviceDefParseString(xml, EXISTING_DEVICE, NULL);
+ if (!def)
+ goto cleanup;
+
+ if (virNodeDeviceResetEnsureACL(dev->conn, def) < 0)
+ goto cleanup;
+
+ if (qemuNodeDeviceGetPciInfo(def, &domain, &bus, &slot, &function) < 0)
+ goto cleanup;
pci = virPCIDeviceNew(domain, bus, slot, function);
if (!pci)
- return -1;
+ goto cleanup;
virObjectLock(driver->activePciHostdevs);
virObjectLock(driver->inactivePciHostdevs);
@@ -10215,6 +10564,9 @@ out:
virObjectUnlock(driver->inactivePciHostdevs);
virObjectUnlock(driver->activePciHostdevs);
virPCIDeviceFree(pci);
+cleanup:
+ virNodeDeviceDefFree(def);
+ VIR_FREE(xml);
return ret;
}
@@ -10229,6 +10581,9 @@ qemuConnectCompareCPU(virConnectPtr conn,
virCheckFlags(0, VIR_CPU_COMPARE_ERROR);
+ if (virConnectCompareCPUEnsureACL(conn) < 0)
+ goto cleanup;
+
if (!(caps = virQEMUDriverGetCapabilities(driver, false)))
goto cleanup;
@@ -10252,12 +10607,16 @@ qemuConnectBaselineCPU(virConnectPtr conn ATTRIBUTE_UNUSED,
unsigned int ncpus,
unsigned int flags)
{
- char *cpu;
+ char *cpu = NULL;
virCheckFlags(0, NULL);
+ if (virConnectBaselineCPUEnsureACL(conn) < 0)
+ goto cleanup;
+
cpu = cpuBaselineXML(xmlCPUs, ncpus, NULL, 0);
+cleanup:
return cpu;
}
@@ -10273,6 +10632,9 @@ static int qemuDomainGetJobInfo(virDomainPtr dom,
priv = vm->privateData;
+ if (virDomainGetJobInfoEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (virDomainObjIsActive(vm)) {
if (priv->job.asyncJob && !priv->job.dump_memory_only) {
memcpy(info, &priv->job.info, sizeof(*info));
@@ -10325,6 +10687,9 @@ qemuDomainGetJobStats(virDomainPtr dom,
priv = vm->privateData;
+ if (virDomainGetJobStatsEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (!virDomainObjIsActive(vm)) {
virReportError(VIR_ERR_OPERATION_INVALID,
"%s", _("domain is not running"));
@@ -10453,6 +10818,9 @@ static int qemuDomainAbortJob(virDomainPtr dom) {
if (!(vm = qemuDomObjFromDomain(dom)))
goto cleanup;
+ if (virDomainAbortJobEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (qemuDomainObjBeginJob(driver, vm, QEMU_JOB_ABORT) < 0)
goto cleanup;
@@ -10507,6 +10875,9 @@ qemuDomainMigrateSetMaxDowntime(virDomainPtr dom,
if (!(vm = qemuDomObjFromDomain(dom)))
goto cleanup;
+ if (virDomainMigrateSetMaxDowntimeEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (qemuDomainObjBeginJob(driver, vm, QEMU_JOB_MIGRATION_OP) < 0)
goto cleanup;
@@ -10554,6 +10925,9 @@ qemuDomainMigrateGetCompressionCache(virDomainPtr dom,
if (!(vm = qemuDomObjFromDomain(dom)))
goto cleanup;
+ if (virDomainMigrateGetCompressionCacheEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (qemuDomainObjBeginJob(driver, vm, QEMU_JOB_QUERY) < 0)
goto cleanup;
@@ -10606,6 +10980,9 @@ qemuDomainMigrateSetCompressionCache(virDomainPtr dom,
if (!(vm = qemuDomObjFromDomain(dom)))
goto cleanup;
+ if (virDomainMigrateSetCompressionCacheEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (qemuDomainObjBeginJob(driver, vm, QEMU_JOB_MIGRATION_OP) < 0)
goto cleanup;
@@ -10660,6 +11037,10 @@ qemuDomainMigrateSetMaxSpeed(virDomainPtr dom,
goto cleanup;
priv = vm->privateData;
+
+ if (virDomainMigrateSetMaxSpeedEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (virDomainObjIsActive(vm)) {
if (qemuDomainObjBeginJob(driver, vm, QEMU_JOB_MIGRATION_OP) < 0)
goto cleanup;
@@ -10707,6 +11088,10 @@ qemuDomainMigrateGetMaxSpeed(virDomainPtr dom,
goto cleanup;
priv = vm->privateData;
+
+ if (virDomainMigrateGetMaxSpeedEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
*bandwidth = priv->migMaxBandwidth;
ret = 0;
@@ -11668,6 +12053,9 @@ qemuDomainSnapshotCreateXML(virDomainPtr domain,
cfg = virQEMUDriverGetConfig(driver);
+ if (virDomainSnapshotCreateXMLEnsureACL(domain->conn, vm->def) < 0)
+ goto cleanup;
+
if (!(caps = virQEMUDriverGetCapabilities(driver, false)))
goto cleanup;
@@ -12010,6 +12398,9 @@ static int qemuDomainSnapshotListNames(virDomainPtr domain, char **names,
if (!(vm = qemuDomObjFromDomain(domain)))
goto cleanup;
+ if (virDomainSnapshotListNamesEnsureACL(domain->conn, vm->def) < 0)
+ goto cleanup;
+
n = virDomainSnapshotObjListGetNames(vm->snapshots, NULL, names, nameslen,
flags);
@@ -12031,6 +12422,9 @@ static int qemuDomainSnapshotNum(virDomainPtr domain,
if (!(vm = qemuDomObjFromDomain(domain)))
goto cleanup;
+ if (virDomainSnapshotNumEnsureACL(domain->conn, vm->def) < 0)
+ goto cleanup;
+
n = virDomainSnapshotObjListNum(vm->snapshots, NULL, flags);
cleanup:
@@ -12052,6 +12446,9 @@ qemuDomainListAllSnapshots(virDomainPtr domain, virDomainSnapshotPtr **snaps,
if (!(vm = qemuDomObjFromDomain(domain)))
goto cleanup;
+ if (virDomainListAllSnapshotsEnsureACL(domain->conn, vm->def) < 0)
+ goto cleanup;
+
n = virDomainListSnapshots(vm->snapshots, NULL, domain, snaps, flags);
cleanup:
@@ -12076,6 +12473,9 @@ qemuDomainSnapshotListChildrenNames(virDomainSnapshotPtr snapshot,
if (!(vm = qemuDomObjFromSnapshot(snapshot)))
goto cleanup;
+ if (virDomainSnapshotListChildrenNamesEnsureACL(snapshot->domain->conn, vm->def) < 0)
+ goto cleanup;
+
if (!(snap = qemuSnapObjFromSnapshot(vm, snapshot)))
goto cleanup;
@@ -12102,6 +12502,9 @@ qemuDomainSnapshotNumChildren(virDomainSnapshotPtr snapshot,
if (!(vm = qemuDomObjFromSnapshot(snapshot)))
goto cleanup;
+ if (virDomainSnapshotNumChildrenEnsureACL(snapshot->domain->conn, vm->def) < 0)
+ goto cleanup;
+
if (!(snap = qemuSnapObjFromSnapshot(vm, snapshot)))
goto cleanup;
@@ -12128,6 +12531,9 @@ qemuDomainSnapshotListAllChildren(virDomainSnapshotPtr snapshot,
if (!(vm = qemuDomObjFromSnapshot(snapshot)))
goto cleanup;
+ if (virDomainSnapshotListAllChildrenEnsureACL(snapshot->domain->conn, vm->def) < 0)
+ goto cleanup;
+
if (!(snap = qemuSnapObjFromSnapshot(vm, snapshot)))
goto cleanup;
@@ -12153,6 +12559,9 @@ static virDomainSnapshotPtr qemuDomainSnapshotLookupByName(virDomainPtr domain,
if (!(vm = qemuDomObjFromDomain(domain)))
goto cleanup;
+ if (virDomainSnapshotLookupByNameEnsureACL(domain->conn, vm->def) < 0)
+ goto cleanup;
+
if (!(snap = qemuSnapObjFromName(vm, name)))
goto cleanup;
@@ -12175,6 +12584,9 @@ static int qemuDomainHasCurrentSnapshot(virDomainPtr domain,
if (!(vm = qemuDomObjFromDomain(domain)))
goto cleanup;
+ if (virDomainHasCurrentSnapshotEnsureACL(domain->conn, vm->def) < 0)
+ goto cleanup;
+
ret = (vm->current_snapshot != NULL);
cleanup:
@@ -12196,6 +12608,9 @@ qemuDomainSnapshotGetParent(virDomainSnapshotPtr snapshot,
if (!(vm = qemuDomObjFromSnapshot(snapshot)))
goto cleanup;
+ if (virDomainSnapshotGetParentEnsureACL(snapshot->domain->conn, vm->def) < 0)
+ goto cleanup;
+
if (!(snap = qemuSnapObjFromSnapshot(vm, snapshot)))
goto cleanup;
@@ -12225,6 +12640,9 @@ static virDomainSnapshotPtr qemuDomainSnapshotCurrent(virDomainPtr domain,
if (!(vm = qemuDomObjFromDomain(domain)))
goto cleanup;
+ if (virDomainSnapshotCurrentEnsureACL(domain->conn, vm->def) < 0)
+ goto cleanup;
+
if (!vm->current_snapshot) {
virReportError(VIR_ERR_NO_DOMAIN_SNAPSHOT, "%s",
_("the domain does not have a current snapshot"));
@@ -12252,6 +12670,9 @@ static char *qemuDomainSnapshotGetXMLDesc(virDomainSnapshotPtr snapshot,
if (!(vm = qemuDomObjFromSnapshot(snapshot)))
goto cleanup;
+ if (virDomainSnapshotGetXMLDescEnsureACL(snapshot->domain->conn, vm->def) < 0)
+ goto cleanup;
+
if (!(snap = qemuSnapObjFromSnapshot(vm, snapshot)))
goto cleanup;
@@ -12278,6 +12699,9 @@ qemuDomainSnapshotIsCurrent(virDomainSnapshotPtr snapshot,
if (!(vm = qemuDomObjFromSnapshot(snapshot)))
goto cleanup;
+ if (virDomainSnapshotIsCurrentEnsureACL(snapshot->domain->conn, vm->def) < 0)
+ goto cleanup;
+
if (!(snap = qemuSnapObjFromSnapshot(vm, snapshot)))
goto cleanup;
@@ -12304,6 +12728,9 @@ qemuDomainSnapshotHasMetadata(virDomainSnapshotPtr snapshot,
if (!(vm = qemuDomObjFromSnapshot(snapshot)))
goto cleanup;
+ if (virDomainSnapshotHasMetadataEnsureACL(snapshot->domain->conn, vm->def) < 0)
+ goto cleanup;
+
if (!(snap = qemuSnapObjFromSnapshot(vm, snapshot)))
goto cleanup;
@@ -12368,6 +12795,9 @@ static int qemuDomainRevertToSnapshot(virDomainSnapshotPtr snapshot,
cfg = virQEMUDriverGetConfig(driver);
+ if (virDomainRevertToSnapshotEnsureACL(snapshot->domain->conn, vm->def) < 0)
+ goto cleanup;
+
if (!(caps = virQEMUDriverGetCapabilities(driver, false)))
goto cleanup;
@@ -12730,6 +13160,10 @@ static int qemuDomainSnapshotDelete(virDomainSnapshotPtr snapshot,
return -1;
cfg = virQEMUDriverGetConfig(driver);
+
+ if (virDomainSnapshotDeleteEnsureACL(snapshot->domain->conn, vm->def) < 0)
+ goto cleanup;
+
if (!(snap = qemuSnapObjFromSnapshot(vm, snapshot)))
goto cleanup;
@@ -12829,6 +13263,9 @@ static int qemuDomainQemuMonitorCommand(virDomainPtr domain, const char *cmd,
if (!(vm = qemuDomObjFromDomain(domain)))
goto cleanup;
+ if (virDomainQemuMonitorCommandEnsureACL(domain->conn, vm->def) < 0)
+ goto cleanup;
+
if (!virDomainObjIsActive(vm)) {
virReportError(VIR_ERR_OPERATION_INVALID,
"%s", _("domain is not running"));
@@ -12890,6 +13327,9 @@ static virDomainPtr qemuDomainQemuAttach(virConnectPtr conn,
&pidfile, &monConfig, &monJSON)))
goto cleanup;
+ if (virDomainQemuAttachEnsureACL(conn, def) < 0)
+ goto cleanup;
+
if (!monConfig) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
_("No monitor connection for pid %u"), pid_value);
@@ -12978,6 +13418,9 @@ qemuDomainOpenConsole(virDomainPtr dom,
if (!(vm = qemuDomObjFromDomain(dom)))
goto cleanup;
+ if (virDomainOpenConsoleEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (!virDomainObjIsActive(vm)) {
virReportError(VIR_ERR_OPERATION_INVALID,
"%s", _("domain is not running"));
@@ -13056,6 +13499,9 @@ qemuDomainOpenChannel(virDomainPtr dom,
if (!(vm = qemuDomObjFromDomain(dom)))
goto cleanup;
+ if (virDomainOpenChannelEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (!virDomainObjIsActive(vm)) {
virReportError(VIR_ERR_OPERATION_INVALID,
"%s", _("domain is not running"));
@@ -13292,12 +13738,13 @@ cleanup:
}
static int
-qemuDomainBlockJobImpl(virDomainPtr dom, const char *path, const char *base,
+qemuDomainBlockJobImpl(virDomainObjPtr vm,
+ virConnectPtr conn,
+ const char *path, const char *base,
unsigned long bandwidth, virDomainBlockJobInfoPtr info,
int mode, unsigned int flags)
{
- virQEMUDriverPtr driver = dom->conn->privateData;
- virDomainObjPtr vm = NULL;
+ virQEMUDriverPtr driver = conn->privateData;
qemuDomainObjPrivatePtr priv;
char *device = NULL;
int ret = -1;
@@ -13306,9 +13753,6 @@ qemuDomainBlockJobImpl(virDomainPtr dom, const char *path, const char *base,
int idx;
virDomainDiskDefPtr disk;
- if (!(vm = qemuDomObjFromDomain(dom)))
- return -1;
-
if (!virDomainObjIsActive(vm)) {
virReportError(VIR_ERR_OPERATION_INVALID, "%s",
_("domain is not running"));
@@ -13365,7 +13809,7 @@ qemuDomainBlockJobImpl(virDomainPtr dom, const char *path, const char *base,
if (disk->mirror && mode == BLOCK_JOB_ABORT &&
(flags & VIR_DOMAIN_BLOCK_JOB_ABORT_PIVOT)) {
- ret = qemuDomainBlockPivot(dom->conn, driver, vm, device, disk);
+ ret = qemuDomainBlockPivot(conn, driver, vm, device, disk);
goto endjob;
}
@@ -13455,9 +13899,20 @@ cleanup:
static int
qemuDomainBlockJobAbort(virDomainPtr dom, const char *path, unsigned int flags)
{
+ virDomainObjPtr vm;
+
virCheckFlags(VIR_DOMAIN_BLOCK_JOB_ABORT_ASYNC |
VIR_DOMAIN_BLOCK_JOB_ABORT_PIVOT, -1);
- return qemuDomainBlockJobImpl(dom, path, NULL, 0, NULL, BLOCK_JOB_ABORT,
+
+ if (!(vm = qemuDomObjFromDomain(dom)))
+ return -1;
+
+ if (virDomainBlockJobAbortEnsureACL(dom->conn, vm->def) < 0) {
+ virObjectUnlock(vm);
+ return -1;
+ }
+
+ return qemuDomainBlockJobImpl(vm, dom->conn, path, NULL, 0, NULL, BLOCK_JOB_ABORT,
flags);
}
@@ -13465,8 +13920,18 @@ static int
qemuDomainGetBlockJobInfo(virDomainPtr dom, const char *path,
virDomainBlockJobInfoPtr info, unsigned int flags)
{
+ virDomainObjPtr vm;
virCheckFlags(0, -1);
- return qemuDomainBlockJobImpl(dom, path, NULL, 0, info, BLOCK_JOB_INFO,
+
+ if (!(vm = qemuDomObjFromDomain(dom)))
+ return -1;
+
+ if (virDomainGetBlockJobInfoEnsureACL(dom->conn, vm->def) < 0) {
+ virObjectUnlock(vm);
+ return -1;
+ }
+
+ return qemuDomainBlockJobImpl(vm, dom->conn, path, NULL, 0, info, BLOCK_JOB_INFO,
flags);
}
@@ -13474,18 +13939,29 @@ static int
qemuDomainBlockJobSetSpeed(virDomainPtr dom, const char *path,
unsigned long bandwidth, unsigned int flags)
{
+ virDomainObjPtr vm;
virCheckFlags(0, -1);
- return qemuDomainBlockJobImpl(dom, path, NULL, bandwidth, NULL,
+
+ if (!(vm = qemuDomObjFromDomain(dom)))
+ return -1;
+
+ if (virDomainBlockJobSetSpeedEnsureACL(dom->conn, vm->def) < 0) {
+ virObjectUnlock(vm);
+ return -1;
+ }
+
+ return qemuDomainBlockJobImpl(vm, dom->conn, path, NULL, bandwidth, NULL,
BLOCK_JOB_SPEED, flags);
}
static int
-qemuDomainBlockCopy(virDomainPtr dom, const char *path,
+qemuDomainBlockCopy(virDomainObjPtr vm,
+ virConnectPtr conn,
+ const char *path,
const char *dest, const char *format,
unsigned long bandwidth, unsigned int flags)
{
- virQEMUDriverPtr driver = dom->conn->privateData;
- virDomainObjPtr vm;
+ virQEMUDriverPtr driver = conn->privateData;
qemuDomainObjPrivatePtr priv;
char *device = NULL;
virDomainDiskDefPtr disk;
@@ -13500,10 +13976,9 @@ qemuDomainBlockCopy(virDomainPtr dom, const char *path,
virCheckFlags(VIR_DOMAIN_BLOCK_REBASE_SHALLOW |
VIR_DOMAIN_BLOCK_REBASE_REUSE_EXT, -1);
- if (!(vm = qemuDomObjFromDomain(dom)))
- goto cleanup;
priv = vm->privateData;
cfg = virQEMUDriverGetConfig(driver);
+
if (!virDomainObjIsActive(vm)) {
virReportError(VIR_ERR_OPERATION_INVALID, "%s",
_("domain is not running"));
@@ -13657,21 +14132,31 @@ static int
qemuDomainBlockRebase(virDomainPtr dom, const char *path, const char *base,
unsigned long bandwidth, unsigned int flags)
{
+ virDomainObjPtr vm;
+
virCheckFlags(VIR_DOMAIN_BLOCK_REBASE_SHALLOW |
VIR_DOMAIN_BLOCK_REBASE_REUSE_EXT |
VIR_DOMAIN_BLOCK_REBASE_COPY |
VIR_DOMAIN_BLOCK_REBASE_COPY_RAW, -1);
+ if (!(vm = qemuDomObjFromDomain(dom)))
+ return -1;
+
+ if (virDomainBlockRebaseEnsureACL(dom->conn, vm->def) < 0) {
+ virObjectUnlock(vm);
+ return -1;
+ }
+
if (flags & VIR_DOMAIN_BLOCK_REBASE_COPY) {
const char *format = NULL;
if (flags & VIR_DOMAIN_BLOCK_REBASE_COPY_RAW)
format = "raw";
flags &= ~(VIR_DOMAIN_BLOCK_REBASE_COPY |
VIR_DOMAIN_BLOCK_REBASE_COPY_RAW);
- return qemuDomainBlockCopy(dom, path, base, format, bandwidth, flags);
+ return qemuDomainBlockCopy(vm, dom->conn, path, base, format, bandwidth, flags);
}
- return qemuDomainBlockJobImpl(dom, path, base, bandwidth, NULL,
+ return qemuDomainBlockJobImpl(vm, dom->conn, path, base, bandwidth, NULL,
BLOCK_JOB_PULL, flags);
}
@@ -13679,8 +14164,18 @@ static int
qemuDomainBlockPull(virDomainPtr dom, const char *path, unsigned long bandwidth,
unsigned int flags)
{
+ virDomainObjPtr vm;
virCheckFlags(0, -1);
- return qemuDomainBlockJobImpl(dom, path, NULL, bandwidth, NULL,
+
+ if (!(vm = qemuDomObjFromDomain(dom)))
+ return -1;
+
+ if (virDomainBlockPullEnsureACL(dom->conn, vm->def) < 0) {
+ virObjectUnlock(vm);
+ return -1;
+ }
+
+ return qemuDomainBlockJobImpl(vm, dom->conn, path, NULL, bandwidth, NULL,
BLOCK_JOB_PULL, flags);
}
@@ -13709,6 +14204,9 @@ qemuDomainBlockCommit(virDomainPtr dom, const char *path, const char *base,
goto cleanup;
priv = vm->privateData;
+ if (virDomainBlockCommitEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (qemuDomainObjBeginJob(driver, vm, QEMU_JOB_MODIFY) < 0)
goto cleanup;
@@ -13838,6 +14336,9 @@ qemuDomainOpenGraphics(virDomainPtr dom,
if (!(vm = qemuDomObjFromDomain(dom)))
return -1;
+ if (virDomainOpenGraphicsEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (!virDomainObjIsActive(vm)) {
virReportError(VIR_ERR_OPERATION_INVALID,
"%s", _("domain is not running"));
@@ -13930,6 +14431,9 @@ qemuDomainSetBlockIoTune(virDomainPtr dom,
priv = vm->privateData;
cfg = virQEMUDriverGetConfig(driver);
+ if (virDomainSetBlockIoTuneEnsureACL(dom->conn, vm->def, flags) < 0)
+ goto cleanup;
+
if (!(caps = virQEMUDriverGetCapabilities(driver, false)))
goto cleanup;
@@ -14083,6 +14587,9 @@ qemuDomainGetBlockIoTune(virDomainPtr dom,
if (!(vm = qemuDomObjFromDomain(dom)))
return -1;
+ if (virDomainGetBlockIoTuneEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (!(caps = virQEMUDriverGetCapabilities(driver, false)))
goto cleanup;
@@ -14210,6 +14717,9 @@ qemuDomainGetDiskErrors(virDomainPtr dom,
priv = vm->privateData;
+ if (virDomainGetDiskErrorsEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (qemuDomainObjBeginJob(driver, vm, QEMU_JOB_QUERY) < 0)
goto cleanup;
@@ -14288,6 +14798,9 @@ qemuDomainSetMetadata(virDomainPtr dom,
cfg = virQEMUDriverGetConfig(driver);
+ if (virDomainSetMetadataEnsureACL(dom->conn, vm->def, flags) < 0)
+ goto cleanup;
+
if (!(caps = virQEMUDriverGetCapabilities(driver, false)))
goto cleanup;
@@ -14385,6 +14898,9 @@ qemuDomainGetMetadata(virDomainPtr dom,
if (!(vm = qemuDomObjFromDomain(dom)))
goto cleanup;
+ if (virDomainGetMetadataEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (!(caps = virQEMUDriverGetCapabilities(driver, false)))
goto cleanup;
@@ -14668,6 +15184,9 @@ qemuDomainGetCPUStats(virDomainPtr domain,
priv = vm->privateData;
+ if (virDomainGetCPUStatsEnsureACL(domain->conn, vm->def) < 0)
+ goto cleanup;
+
isActive = virDomainObjIsActive(vm);
if (!isActive) {
virReportError(VIR_ERR_OPERATION_INVALID, "%s",
@@ -14725,6 +15244,9 @@ qemuDomainPMSuspendForDuration(virDomainPtr dom,
priv = vm->privateData;
+ if (virDomainPMSuspendForDurationEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (!virDomainObjIsActive(vm)) {
virReportError(VIR_ERR_OPERATION_INVALID,
"%s", _("domain is not running"));
@@ -14807,6 +15329,9 @@ qemuDomainPMWakeup(virDomainPtr dom,
if (!(vm = qemuDomObjFromDomain(dom)))
goto cleanup;
+ if (virDomainPMWakeupEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (qemuDomainObjBeginJob(driver, vm, QEMU_JOB_MODIFY) < 0)
goto cleanup;
@@ -14849,8 +15374,12 @@ qemuConnectListAllDomains(virConnectPtr conn,
virCheckFlags(VIR_CONNECT_LIST_DOMAINS_FILTERS_ALL, -1);
+ if (virConnectListAllDomainsEnsureACL(conn) < 0)
+ goto cleanup;
+
ret = virDomainObjListExport(driver->domains, conn, domains, flags);
+cleanup:
return ret;
}
@@ -14873,6 +15402,9 @@ qemuDomainQemuAgentCommand(virDomainPtr domain,
priv = vm->privateData;
+ if (virDomainQemuAgentCommandEnsureACL(domain->conn, vm->def) < 0)
+ goto cleanup;
+
if (!virDomainObjIsActive(vm)) {
virReportError(VIR_ERR_OPERATION_INVALID,
"%s", _("domain is not running"));
@@ -14946,6 +15478,9 @@ qemuDomainFSTrim(virDomainPtr dom,
priv = vm->privateData;
+ if (virDomainFSTrimEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (!virDomainObjIsActive(vm)) {
virReportError(VIR_ERR_OPERATION_INVALID,
"%s", _("domain is not running"));
@@ -14990,88 +15525,115 @@ cleanup:
static int
-qemuNodeGetInfo(virConnectPtr conn ATTRIBUTE_UNUSED,
+qemuNodeGetInfo(virConnectPtr conn,
virNodeInfoPtr nodeinfo)
{
+ if (virNodeGetInfoEnsureACL(conn) < 0)
+ return -1;
+
return nodeGetInfo(nodeinfo);
}
static int
-qemuNodeGetCPUStats(virConnectPtr conn ATTRIBUTE_UNUSED,
+qemuNodeGetCPUStats(virConnectPtr conn,
int cpuNum,
virNodeCPUStatsPtr params,
int *nparams,
unsigned int flags)
{
+ if (virNodeGetCPUStatsEnsureACL(conn) < 0)
+ return -1;
+
return nodeGetCPUStats(cpuNum, params, nparams, flags);
}
static int
-qemuNodeGetMemoryStats(virConnectPtr conn ATTRIBUTE_UNUSED,
+qemuNodeGetMemoryStats(virConnectPtr conn,
int cellNum,
virNodeMemoryStatsPtr params,
int *nparams,
unsigned int flags)
{
+ if (virNodeGetMemoryStatsEnsureACL(conn) < 0)
+ return -1;
+
return nodeGetMemoryStats(cellNum, params, nparams, flags);
}
static int
-qemuNodeGetCellsFreeMemory(virConnectPtr conn ATTRIBUTE_UNUSED,
+qemuNodeGetCellsFreeMemory(virConnectPtr conn,
unsigned long long *freeMems,
int startCell,
int maxCells)
{
+ if (virNodeGetCellsFreeMemoryEnsureACL(conn) < 0)
+ return -1;
+
return nodeGetCellsFreeMemory(freeMems, startCell, maxCells);
}
static unsigned long long
-qemuNodeGetFreeMemory(virConnectPtr conn ATTRIBUTE_UNUSED)
+qemuNodeGetFreeMemory(virConnectPtr conn)
{
+ if (virNodeGetFreeMemoryEnsureACL(conn) < 0)
+ return 0;
+
return nodeGetFreeMemory();
}
static int
-qemuNodeGetMemoryParameters(virConnectPtr conn ATTRIBUTE_UNUSED,
+qemuNodeGetMemoryParameters(virConnectPtr conn,
virTypedParameterPtr params,
int *nparams,
unsigned int flags)
{
+ if (virNodeGetMemoryParametersEnsureACL(conn) < 0)
+ return -1;
+
return nodeGetMemoryParameters(params, nparams, flags);
}
static int
-qemuNodeSetMemoryParameters(virConnectPtr conn ATTRIBUTE_UNUSED,
+qemuNodeSetMemoryParameters(virConnectPtr conn,
virTypedParameterPtr params,
int nparams,
unsigned int flags)
{
+ if (virNodeSetMemoryParametersEnsureACL(conn) < 0)
+ return -1;
+
return nodeSetMemoryParameters(params, nparams, flags);
}
static int
-qemuNodeGetCPUMap(virConnectPtr conn ATTRIBUTE_UNUSED,
+qemuNodeGetCPUMap(virConnectPtr conn,
unsigned char **cpumap,
unsigned int *online,
unsigned int flags)
{
+ if (virNodeGetCPUMapEnsureACL(conn) < 0)
+ return -1;
+
return nodeGetCPUMap(cpumap, online, flags);
}
static int
-qemuNodeSuspendForDuration(virConnectPtr conn ATTRIBUTE_UNUSED,
+qemuNodeSuspendForDuration(virConnectPtr conn,
unsigned int target,
unsigned long long duration,
unsigned int flags)
{
+ if (virNodeSuspendForDurationEnsureACL(conn) < 0)
+ return -1;
+
return nodeSuspendForDuration(target, duration, flags);
}
--
1.8.1.4
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list