Daniel P. Berrange wrote:
> From: "Daniel P. Berrange" <berrange@xxxxxxxxxx>
>
> Introduce use of a virDomainDefPtr in the domain autostart
> APIs to simplify introduction of ACL security checks.
> The virDomainPtr cannot be safely used, since the app
> may have supplied mis-matching name/uuid/id fields. eg
> the name points to domain X, while the uuid points to
> domain Y. Resolving the virDomainPtr to a virDomainDefPtr
> ensures a consistent name/uuid/id set.
>
> Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx>
> ---
> src/xen/xen_driver.c | 26 ++++++++++++++++++++++----
> src/xen/xend_internal.c | 14 +++++++++-----
> src/xen/xend_internal.h | 10 ++++++----
> src/xen/xm_internal.c | 22 ++++++++++++----------
> src/xen/xm_internal.h | 6 ++++--
> 5 files changed, 53 insertions(+), 25 deletions(-)
>
ACK.
Regards,
Jim
> diff --git a/src/xen/xen_driver.c b/src/xen/xen_driver.c
> index f5f6407..43b3020 100644
> --- a/src/xen/xen_driver.c
> +++ b/src/xen/xen_driver.c
> @@ -1811,22 +1811,40 @@ static int
> xenUnifiedDomainGetAutostart(virDomainPtr dom, int *autostart)
> {
> xenUnifiedPrivatePtr priv = dom->conn->privateData;
> + virDomainDefPtr def = NULL;
> + int ret = -1;
> +
> + if (!(def = xenGetDomainDefForDom(dom)))
> + goto cleanup;
>
> if (priv->xendConfigVersion < XEND_CONFIG_VERSION_3_0_4)
> - return xenXMDomainGetAutostart(dom, autostart);
> + ret = xenXMDomainGetAutostart(def, autostart);
> else
> - return xenDaemonDomainGetAutostart(dom, autostart);
> + ret = xenDaemonDomainGetAutostart(dom->conn, def, autostart);
> +
> +cleanup:
> + virDomainDefFree(def);
> + return ret;
> }
>
> static int
> xenUnifiedDomainSetAutostart(virDomainPtr dom, int autostart)
> {
> xenUnifiedPrivatePtr priv = dom->conn->privateData;
> + virDomainDefPtr def = NULL;
> + int ret = -1;
> +
> + if (!(def = xenGetDomainDefForDom(dom)))
> + goto cleanup;
>
> if (priv->xendConfigVersion < XEND_CONFIG_VERSION_3_0_4)
> - return xenXMDomainSetAutostart(dom, autostart);
> + ret = xenXMDomainSetAutostart(def, autostart);
> else
> - return xenDaemonDomainSetAutostart(dom, autostart);
> + ret = xenDaemonDomainSetAutostart(dom->conn, def, autostart);
> +
> +cleanup:
> + virDomainDefFree(def);
> + return ret;
> }
>
> static char *
> diff --git a/src/xen/xend_internal.c b/src/xen/xend_internal.c
> index 2715a3e..3d852d2 100644
> --- a/src/xen/xend_internal.c
> +++ b/src/xen/xend_internal.c
> @@ -2546,12 +2546,14 @@ cleanup:
> }
>
> int
> -xenDaemonDomainGetAutostart(virDomainPtr domain, int *autostart)
> +xenDaemonDomainGetAutostart(virConnectPtr conn,
> + virDomainDefPtr def,
> + int *autostart)
> {
> struct sexpr *root;
> const char *tmp;
>
> - root = sexpr_get(domain->conn, "/xend/domain/%s?detail=1", domain->name);
> + root = sexpr_get(conn, "/xend/domain/%s?detail=1", def->name);
> if (root == NULL) {
> virReportError(VIR_ERR_XEN_CALL,
> "%s", _("xenDaemonGetAutostart failed to find this domain"));
> @@ -2570,14 +2572,16 @@ xenDaemonDomainGetAutostart(virDomainPtr domain, int *autostart)
> }
>
> int
> -xenDaemonDomainSetAutostart(virDomainPtr domain, int autostart)
> +xenDaemonDomainSetAutostart(virConnectPtr conn,
> + virDomainDefPtr def,
> + int autostart)
> {
> struct sexpr *root, *autonode;
> virBuffer buffer = VIR_BUFFER_INITIALIZER;
> char *content = NULL;
> int ret = -1;
>
> - root = sexpr_get(domain->conn, "/xend/domain/%s?detail=1", domain->name);
> + root = sexpr_get(conn, "/xend/domain/%s?detail=1", def->name);
> if (root == NULL) {
> virReportError(VIR_ERR_XEN_CALL,
> "%s", _("xenDaemonSetAutostart failed to find this domain"));
> @@ -2616,7 +2620,7 @@ xenDaemonDomainSetAutostart(virDomainPtr domain, int autostart)
>
> content = virBufferContentAndReset(&buffer);
>
> - if (xend_op(domain->conn, "", "op", "new", "config", content, NULL) != 0) {
> + if (xend_op(conn, "", "op", "new", "config", content, NULL) != 0) {
> virReportError(VIR_ERR_XEN_CALL,
> "%s", _("Failed to redefine sexpr"));
> goto error;
> diff --git a/src/xen/xend_internal.h b/src/xen/xend_internal.h
> index 62b85ef..3a7c0ac 100644
> --- a/src/xen/xend_internal.h
> +++ b/src/xen/xend_internal.h
> @@ -167,10 +167,12 @@ int xenDaemonUpdateDeviceFlags(virConnectPtr conn,
> virDomainDefPtr def,
> const char *xml,
> unsigned int flags);
> -int xenDaemonDomainGetAutostart (virDomainPtr dom,
> - int *autostart);
> -int xenDaemonDomainSetAutostart (virDomainPtr domain,
> - int autostart);
> +int xenDaemonDomainGetAutostart(virConnectPtr conn,
> + virDomainDefPtr def,
> + int *autostart);
> +int xenDaemonDomainSetAutostart(virConnectPtr conn,
> + virDomainDefPtr def,
> + int autostart);
>
> int xenDaemonCreateXML(virConnectPtr conn, virDomainDefPtr def);
> virDomainDefPtr xenDaemonLookupByUUID(virConnectPtr conn, const unsigned char *uuid);
> diff --git a/src/xen/xm_internal.c b/src/xen/xm_internal.c
> index c2d9915..bc98cf1 100644
> --- a/src/xen/xm_internal.c
> +++ b/src/xen/xm_internal.c
> @@ -1417,28 +1417,29 @@ xenXMDomainBlockPeek(virDomainPtr dom ATTRIBUTE_UNUSED,
>
>
> static char *
> -xenXMAutostartLinkName(virDomainPtr dom)
> +xenXMAutostartLinkName(virDomainDefPtr def)
> {
> char *ret;
> - if (virAsprintf(&ret, "/etc/xen/auto/%s", dom->name) < 0)
> + if (virAsprintf(&ret, "/etc/xen/auto/%s", def->name) < 0)
> return NULL;
> return ret;
> }
>
> static char *
> -xenXMDomainConfigName(virDomainPtr dom)
> +xenXMDomainConfigName(virDomainDefPtr def)
> {
> char *ret;
> - if (virAsprintf(&ret, "/etc/xen/%s", dom->name) < 0)
> + if (virAsprintf(&ret, "/etc/xen/%s", def->name) < 0)
> return NULL;
> return ret;
> }
>
> int
> -xenXMDomainGetAutostart(virDomainPtr dom, int *autostart)
> +xenXMDomainGetAutostart(virDomainDefPtr def,
> + int *autostart)
> {
> - char *linkname = xenXMAutostartLinkName(dom);
> - char *config = xenXMDomainConfigName(dom);
> + char *linkname = xenXMAutostartLinkName(def);
> + char *config = xenXMDomainConfigName(def);
> int ret = -1;
>
> if (!linkname || !config) {
> @@ -1464,10 +1465,11 @@ cleanup:
>
>
> int
> -xenXMDomainSetAutostart(virDomainPtr dom, int autostart)
> +xenXMDomainSetAutostart(virDomainDefPtr def,
> + int autostart)
> {
> - char *linkname = xenXMAutostartLinkName(dom);
> - char *config = xenXMDomainConfigName(dom);
> + char *linkname = xenXMAutostartLinkName(def);
> + char *config = xenXMDomainConfigName(def);
> int ret = -1;
>
> if (!linkname || !config) {
> diff --git a/src/xen/xm_internal.h b/src/xen/xm_internal.h
> index 7d64dc6..78cd15c 100644
> --- a/src/xen/xm_internal.h
> +++ b/src/xen/xm_internal.h
> @@ -82,8 +82,10 @@ int xenXMDomainUndefine(virConnectPtr conn, virDomainDefPtr def);
>
> int xenXMDomainBlockPeek (virDomainPtr dom, const char *path, unsigned long long offset, size_t size, void *buffer);
>
> -int xenXMDomainGetAutostart(virDomainPtr dom, int *autostart);
> -int xenXMDomainSetAutostart(virDomainPtr dom, int autostart);
> +int xenXMDomainGetAutostart(virDomainDefPtr def,
> + int *autostart);
> +int xenXMDomainSetAutostart(virDomainDefPtr def,
> + int autostart);
>
> int xenXMDomainAttachDeviceFlags(virConnectPtr conn,
> virDomainDefPtr def,
>
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list