From: "Daniel P. Berrange" <berrange@xxxxxxxxxx> This patch introduces the virAccessManagerPtr class as the interface between virtualization drivers and the access control drivers. The viraccessperm.h file defines the various permissions that will be used for each type of object libvirt manages Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> --- include/libvirt/virterror.h | 4 + po/POTFILES.in | 1 + src/Makefile.am | 16 + src/access/viraccessdriver.h | 89 ++++++ src/access/viraccessdrivernop.c | 118 +++++++ src/access/viraccessdrivernop.h | 28 ++ src/access/viraccessdriverstack.c | 285 +++++++++++++++++ src/access/viraccessdriverstack.h | 32 ++ src/access/viraccessmanager.c | 339 ++++++++++++++++++++ src/access/viraccessmanager.h | 91 ++++++ src/access/viraccessperm.c | 84 +++++ src/access/viraccessperm.h | 647 ++++++++++++++++++++++++++++++++++++++ src/libvirt.c | 6 +- src/libvirt_private.syms | 37 +++ src/util/virerror.c | 8 + 15 files changed, 1783 insertions(+), 2 deletions(-) create mode 100644 src/access/viraccessdriver.h create mode 100644 src/access/viraccessdrivernop.c create mode 100644 src/access/viraccessdrivernop.h create mode 100644 src/access/viraccessdriverstack.c create mode 100644 src/access/viraccessdriverstack.h create mode 100644 src/access/viraccessmanager.c create mode 100644 src/access/viraccessmanager.h create mode 100644 src/access/viraccessperm.c create mode 100644 src/access/viraccessperm.h diff --git a/include/libvirt/virterror.h b/include/libvirt/virterror.h index cd7e3b3..5f78856 100644 --- a/include/libvirt/virterror.h +++ b/include/libvirt/virterror.h @@ -118,6 +118,8 @@ typedef enum { VIR_FROM_IDENTITY = 53, /* Error from identity code */ VIR_FROM_CGROUP = 54, /* Error from cgroups */ + VIR_FROM_ACCESS = 55, /* Error from access control manager */ + # ifdef VIR_ENUM_SENTINELS VIR_ERR_DOMAIN_LAST # endif @@ -290,6 +292,8 @@ typedef enum { VIR_ERR_AGENT_UNRESPONSIVE = 86, /* guest agent is unresponsive, not running or not usable */ VIR_ERR_RESOURCE_BUSY = 87, /* resource is already in use */ + VIR_ERR_ACCESS_DENIED = 88, /* operation on the object/resource + was denied */ } virErrorNumber; /** diff --git a/po/POTFILES.in b/po/POTFILES.in index f3ea4da..b3a8ec1 100644 --- a/po/POTFILES.in +++ b/po/POTFILES.in @@ -6,6 +6,7 @@ daemon/remote_dispatch.h daemon/stream.c gnulib/lib/gai_strerror.c gnulib/lib/regcomp.c +src/access/viraccessmanager.c src/conf/cpu_conf.c src/conf/device_conf.c src/conf/domain_conf.c diff --git a/src/Makefile.am b/src/Makefile.am index 3b86dcd..fea4862 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -790,6 +790,13 @@ SECURITY_DRIVER_APPARMOR_SOURCES = \ security/security_apparmor.h security/security_apparmor.c +ACCESS_DRIVER_SOURCES = \ + access/viraccessperm.h access/viraccessperm.c \ + access/viraccessmanager.h access/viraccessmanager.c \ + access/viraccessdriver.h \ + access/viraccessdrivernop.h access/viraccessdrivernop.c \ + access/viraccessdriverstack.h access/viraccessdriverstack.c + NODE_DEVICE_DRIVER_SOURCES = \ node_device/node_device_driver.c \ node_device/node_device_driver.h \ @@ -1376,6 +1383,15 @@ libvirt_security_manager_la_SOURCES += $(SECURITY_DRIVER_APPARMOR_SOURCES) libvirt_security_manager_la_CFLAGS += $(APPARMOR_CFLAGS) endif +libvirt_driver_access_la_SOURCES = $(ACCESS_DRIVER_SOURCES) +noinst_LTLIBRARIES += libvirt_driver_access.la +libvirt_la_BUILT_LIBADD += libvirt_driver_access.la +libvirt_driver_access_la_CFLAGS = \ + -I$(top_srcdir)/src/conf $(AM_CFLAGS) +libvirt_driver_access_la_LDFLAGS = $(AM_LDFLAGS) +libvirt_driver_access_la_LIBADD = + + # Add all conditional sources just in case... EXTRA_DIST += \ $(TEST_DRIVER_SOURCES) \ diff --git a/src/access/viraccessdriver.h b/src/access/viraccessdriver.h new file mode 100644 index 0000000..e3050b6 --- /dev/null +++ b/src/access/viraccessdriver.h @@ -0,0 +1,89 @@ +/* + * viraccessdriver.h: access control driver + * + * Copyright (C) 2012-2013 Red Hat, Inc. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library. If not, see + * <http://www.gnu.org/licenses/>. + */ + +#ifndef __VIR_ACCESS_DRIVER_H__ +# define __VIR_ACCESS_DRIVER_H__ + +# include "conf/domain_conf.h" +# include "access/viraccessmanager.h" + +typedef int (*virAccessDriverCheckConnectDrv)(virAccessManagerPtr manager, + const char *driverName, + virAccessPermConnect av); +typedef int (*virAccessDriverCheckDomainDrv)(virAccessManagerPtr manager, + const char *driverName, + virDomainDefPtr domain, + virAccessPermDomain av); +typedef int (*virAccessDriverCheckInterfaceDrv)(virAccessManagerPtr manager, + const char *driverName, + virInterfaceDefPtr iface, + virAccessPermInterface av); +typedef int (*virAccessDriverCheckNetworkDrv)(virAccessManagerPtr manager, + const char *driverName, + virNetworkDefPtr network, + virAccessPermNetwork av); +typedef int (*virAccessDriverCheckNodeDeviceDrv)(virAccessManagerPtr manager, + const char *driverName, + virNodeDeviceDefPtr nodedev, + virAccessPermNodeDevice av); +typedef int (*virAccessDriverCheckNWFilterDrv)(virAccessManagerPtr manager, + const char *driverName, + virNWFilterDefPtr nwfilter, + virAccessPermNWFilter av); +typedef int (*virAccessDriverCheckSecretDrv)(virAccessManagerPtr manager, + const char *driverName, + virSecretDefPtr secret, + virAccessPermSecret av); +typedef int (*virAccessDriverCheckStoragePoolDrv)(virAccessManagerPtr manager, + const char *driverName, + virStoragePoolDefPtr pool, + virAccessPermStoragePool av); +typedef int (*virAccessDriverCheckStorageVolDrv)(virAccessManagerPtr manager, + const char *driverName, + virStoragePoolDefPtr pool, + virStorageVolDefPtr vol, + virAccessPermStorageVol av); + +typedef int (*virAccessDriverSetupDrv)(virAccessManagerPtr manager); +typedef void (*virAccessDriverCleanupDrv)(virAccessManagerPtr manager); + +typedef struct _virAccessDriver virAccessDriver; +typedef virAccessDriver *virAccessDriverPtr; + +struct _virAccessDriver { + size_t privateDataLen; + const char *name; + + virAccessDriverSetupDrv setup; + virAccessDriverCleanupDrv cleanup; + + virAccessDriverCheckConnectDrv checkConnect; + virAccessDriverCheckDomainDrv checkDomain; + virAccessDriverCheckInterfaceDrv checkInterface; + virAccessDriverCheckNetworkDrv checkNetwork; + virAccessDriverCheckNodeDeviceDrv checkNodeDevice; + virAccessDriverCheckNWFilterDrv checkNWFilter; + virAccessDriverCheckSecretDrv checkSecret; + virAccessDriverCheckStoragePoolDrv checkStoragePool; + virAccessDriverCheckStorageVolDrv checkStorageVol; +}; + + +#endif /* __VIR_ACCESS_DRIVER_H__ */ diff --git a/src/access/viraccessdrivernop.c b/src/access/viraccessdrivernop.c new file mode 100644 index 0000000..86ceef3 --- /dev/null +++ b/src/access/viraccessdrivernop.c @@ -0,0 +1,118 @@ +/* + * viraccessdrivernop.c: no-op access control driver + * + * Copyright (C) 2012-2013 Red Hat, Inc. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library. If not, see + * <http://www.gnu.org/licenses/>. + */ + +#include <config.h> + +#include "access/viraccessdrivernop.h" + +static int +virAccessDriverNopCheckConnect(virAccessManagerPtr manager ATTRIBUTE_UNUSED, + const char *driverName ATTRIBUTE_UNUSED, + virAccessPermConnect perm ATTRIBUTE_UNUSED) +{ + return 1; /* Allow */ +} + +static int +virAccessDriverNopCheckDomain(virAccessManagerPtr manager ATTRIBUTE_UNUSED, + const char *driverName ATTRIBUTE_UNUSED, + virDomainDefPtr domain ATTRIBUTE_UNUSED, + virAccessPermDomain perm ATTRIBUTE_UNUSED) +{ + return 1; /* Allow */ +} + +static int +virAccessDriverNopCheckInterface(virAccessManagerPtr manager ATTRIBUTE_UNUSED, + const char *driverName ATTRIBUTE_UNUSED, + virInterfaceDefPtr iface ATTRIBUTE_UNUSED, + virAccessPermInterface perm ATTRIBUTE_UNUSED) +{ + return 1; /* Allow */ +} + +static int +virAccessDriverNopCheckNetwork(virAccessManagerPtr manager ATTRIBUTE_UNUSED, + const char *driverName ATTRIBUTE_UNUSED, + virNetworkDefPtr network ATTRIBUTE_UNUSED, + virAccessPermNetwork perm ATTRIBUTE_UNUSED) +{ + return 1; /* Allow */ +} + +static int +virAccessDriverNopCheckNodeDevice(virAccessManagerPtr manager ATTRIBUTE_UNUSED, + const char *driverName ATTRIBUTE_UNUSED, + virNodeDeviceDefPtr nodedev ATTRIBUTE_UNUSED, + virAccessPermNodeDevice perm ATTRIBUTE_UNUSED) +{ + return 1; /* Allow */ +} + +static int +virAccessDriverNopCheckNWFilter(virAccessManagerPtr manager ATTRIBUTE_UNUSED, + const char *driverName ATTRIBUTE_UNUSED, + virNWFilterDefPtr nwfilter ATTRIBUTE_UNUSED, + virAccessPermNWFilter perm ATTRIBUTE_UNUSED) +{ + return 1; /* Allow */ +} + +static int +virAccessDriverNopCheckSecret(virAccessManagerPtr manager ATTRIBUTE_UNUSED, + const char *driverName ATTRIBUTE_UNUSED, + virSecretDefPtr secret ATTRIBUTE_UNUSED, + virAccessPermSecret perm ATTRIBUTE_UNUSED) +{ + return 1; /* Allow */ +} + +static int +virAccessDriverNopCheckStoragePool(virAccessManagerPtr manager ATTRIBUTE_UNUSED, + const char *driverName ATTRIBUTE_UNUSED, + virStoragePoolDefPtr pool ATTRIBUTE_UNUSED, + virAccessPermStoragePool perm ATTRIBUTE_UNUSED) +{ + return 1; /* Allow */ +} + +static int +virAccessDriverNopCheckStorageVol(virAccessManagerPtr manager ATTRIBUTE_UNUSED, + const char *driverName ATTRIBUTE_UNUSED, + virStoragePoolDefPtr pool ATTRIBUTE_UNUSED, + virStorageVolDefPtr vol ATTRIBUTE_UNUSED, + virAccessPermStorageVol perm ATTRIBUTE_UNUSED) +{ + return 1; /* Allow */ +} + + +virAccessDriver accessDriverNop = { + .name = "none", + .checkConnect = virAccessDriverNopCheckConnect, + .checkDomain = virAccessDriverNopCheckDomain, + .checkInterface = virAccessDriverNopCheckInterface, + .checkNetwork = virAccessDriverNopCheckNetwork, + .checkNodeDevice = virAccessDriverNopCheckNodeDevice, + .checkNWFilter = virAccessDriverNopCheckNWFilter, + .checkSecret = virAccessDriverNopCheckSecret, + .checkStoragePool = virAccessDriverNopCheckStoragePool, + .checkStorageVol = virAccessDriverNopCheckStorageVol, +}; diff --git a/src/access/viraccessdrivernop.h b/src/access/viraccessdrivernop.h new file mode 100644 index 0000000..0b5d413 --- /dev/null +++ b/src/access/viraccessdrivernop.h @@ -0,0 +1,28 @@ +/* + * viraccessdrivernop.h: no-op access control driver + * + * Copyright (C) 2012-2013 Red Hat, Inc. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library. If not, see + * <http://www.gnu.org/licenses/>. + */ + +#ifndef __VIR_ACCESS_DRIVER_NOP_H__ +# define __VIR_ACCESS_DRIVER_NOP_H__ + +# include "access/viraccessdriver.h" + +extern virAccessDriver accessDriverNop; + +#endif /* __VIR_ACCESS_DRIVER_NOP_H__ */ diff --git a/src/access/viraccessdriverstack.c b/src/access/viraccessdriverstack.c new file mode 100644 index 0000000..10c1c9b --- /dev/null +++ b/src/access/viraccessdriverstack.c @@ -0,0 +1,285 @@ +/* + * viraccessdriverstack.c: stacked access control driver + * + * Copyright (C) 2012-2013 Red Hat, Inc. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library. If not, see + * <http://www.gnu.org/licenses/>. + */ + +#include <config.h> + +#include "viraccessdriverstack.h" +#include "viralloc.h" +#include "virerror.h" + +#define VIR_FROM_THIS VIR_FROM_ACCESS + +typedef struct _virAccessDriverStackPrivate virAccessDriverStackPrivate; +typedef virAccessDriverStackPrivate *virAccessDriverStackPrivatePtr; + +struct _virAccessDriverStackPrivate { + virAccessManagerPtr *managers; + size_t managersLen; +}; + + +int virAccessDriverStackAppend(virAccessManagerPtr manager, + virAccessManagerPtr child) +{ + virAccessDriverStackPrivatePtr priv = virAccessManagerGetPrivateData(manager); + + if (VIR_EXPAND_N(priv->managers, priv->managersLen, 1) < 0) { + virReportOOMError(); + return -1; + } + + priv->managers[priv->managersLen-1] = child; + + return 0; +} + + +static void virAccessDriverStackCleanup(virAccessManagerPtr manager) +{ + virAccessDriverStackPrivatePtr priv = virAccessManagerGetPrivateData(manager); + size_t i; + + for (i = 0; i < priv->managersLen; i++) { + virObjectUnref(priv->managers[i]); + } + VIR_FREE(priv->managers); +} + + +static int +virAccessDriverStackCheckConnect(virAccessManagerPtr manager, + const char *driverName, + virAccessPermConnect perm) +{ + virAccessDriverStackPrivatePtr priv = virAccessManagerGetPrivateData(manager); + int ret = 1; + size_t i; + + for (i = 0; i < priv->managersLen; i++) { + int rv; + /* We do not short-circuit on first denial - always check all drivers */ + rv = virAccessManagerCheckConnect(priv->managers[i], driverName, perm); + if (rv == 0 && ret != -1) + ret = 0; + else if (rv == -1) + ret = -1; + } + + return ret; +} + +static int +virAccessDriverStackCheckDomain(virAccessManagerPtr manager, + const char *driverName, + virDomainDefPtr domain, + virAccessPermDomain perm) +{ + virAccessDriverStackPrivatePtr priv = virAccessManagerGetPrivateData(manager); + int ret = 1; + size_t i; + + for (i = 0; i < priv->managersLen; i++) { + int rv; + /* We do not short-circuit on first denial - always check all drivers */ + rv = virAccessManagerCheckDomain(priv->managers[i], driverName, domain, perm); + if (rv == 0 && ret != -1) + ret = 0; + else if (rv == -1) + ret = -1; + } + + return ret; +} + +static int +virAccessDriverStackCheckInterface(virAccessManagerPtr manager, + const char *driverName, + virInterfaceDefPtr iface, + virAccessPermInterface perm) +{ + virAccessDriverStackPrivatePtr priv = virAccessManagerGetPrivateData(manager); + int ret = 1; + size_t i; + + for (i = 0; i < priv->managersLen; i++) { + int rv; + /* We do not short-circuit on first denial - always check all drivers */ + rv = virAccessManagerCheckInterface(priv->managers[i], driverName, iface, perm); + if (rv == 0 && ret != -1) + ret = 0; + else if (rv == -1) + ret = -1; + } + + return ret; +} + +static int +virAccessDriverStackCheckNetwork(virAccessManagerPtr manager, + const char *driverName, + virNetworkDefPtr network, + virAccessPermNetwork perm) +{ + virAccessDriverStackPrivatePtr priv = virAccessManagerGetPrivateData(manager); + int ret = 1; + size_t i; + + for (i = 0; i < priv->managersLen; i++) { + int rv; + /* We do not short-circuit on first denial - always check all drivers */ + rv = virAccessManagerCheckNetwork(priv->managers[i], driverName, network, perm); + if (rv == 0 && ret != -1) + ret = 0; + else if (rv == -1) + ret = -1; + } + + return ret; +} + +static int +virAccessDriverStackCheckNodeDevice(virAccessManagerPtr manager, + const char *driverName, + virNodeDeviceDefPtr nodedev, + virAccessPermNodeDevice perm) +{ + virAccessDriverStackPrivatePtr priv = virAccessManagerGetPrivateData(manager); + int ret = 1; + size_t i; + + for (i = 0; i < priv->managersLen; i++) { + int rv; + /* We do not short-circuit on first denial - always check all drivers */ + rv = virAccessManagerCheckNodeDevice(priv->managers[i], driverName, nodedev, perm); + if (rv == 0 && ret != -1) + ret = 0; + else if (rv == -1) + ret = -1; + } + + return ret; +} + +static int +virAccessDriverStackCheckNWFilter(virAccessManagerPtr manager, + const char *driverName, + virNWFilterDefPtr nwfilter, + virAccessPermNWFilter perm) +{ + virAccessDriverStackPrivatePtr priv = virAccessManagerGetPrivateData(manager); + int ret = 1; + size_t i; + + for (i = 0; i < priv->managersLen; i++) { + int rv; + /* We do not short-circuit on first denial - always check all drivers */ + rv = virAccessManagerCheckNWFilter(priv->managers[i], driverName, nwfilter, perm); + if (rv == 0 && ret != -1) + ret = 0; + else if (rv == -1) + ret = -1; + } + + return ret; +} + +static int +virAccessDriverStackCheckSecret(virAccessManagerPtr manager, + const char *driverName, + virSecretDefPtr secret, + virAccessPermSecret perm) +{ + virAccessDriverStackPrivatePtr priv = virAccessManagerGetPrivateData(manager); + int ret = 1; + size_t i; + + for (i = 0; i < priv->managersLen; i++) { + int rv; + /* We do not short-circuit on first denial - always check all drivers */ + rv = virAccessManagerCheckSecret(priv->managers[i], driverName, secret, perm); + if (rv == 0 && ret != -1) + ret = 0; + else if (rv == -1) + ret = -1; + } + + return ret; +} + +static int +virAccessDriverStackCheckStoragePool(virAccessManagerPtr manager, + const char *driverName, + virStoragePoolDefPtr pool, + virAccessPermStoragePool perm) +{ + virAccessDriverStackPrivatePtr priv = virAccessManagerGetPrivateData(manager); + int ret = 1; + size_t i; + + for (i = 0; i < priv->managersLen; i++) { + int rv; + /* We do not short-circuit on first denial - always check all drivers */ + rv = virAccessManagerCheckStoragePool(priv->managers[i], driverName, pool, perm); + if (rv == 0 && ret != -1) + ret = 0; + else if (rv == -1) + ret = -1; + } + + return ret; +} + +static int +virAccessDriverStackCheckStorageVol(virAccessManagerPtr manager, + const char *driverName, + virStoragePoolDefPtr pool, + virStorageVolDefPtr vol, + virAccessPermStorageVol perm) +{ + virAccessDriverStackPrivatePtr priv = virAccessManagerGetPrivateData(manager); + int ret = 1; + size_t i; + + for (i = 0; i < priv->managersLen; i++) { + int rv; + /* We do not short-circuit on first denial - always check all drivers */ + rv = virAccessManagerCheckStorageVol(priv->managers[i], driverName, pool, vol, perm); + if (rv == 0 && ret != -1) + ret = 0; + else if (rv == -1) + ret = -1; + } + + return ret; +} + +virAccessDriver accessDriverStack = { + .name = "stack", + .cleanup = virAccessDriverStackCleanup, + .checkConnect = virAccessDriverStackCheckConnect, + .checkDomain = virAccessDriverStackCheckDomain, + .checkInterface = virAccessDriverStackCheckInterface, + .checkNetwork = virAccessDriverStackCheckNetwork, + .checkNodeDevice = virAccessDriverStackCheckNodeDevice, + .checkNWFilter = virAccessDriverStackCheckNWFilter, + .checkSecret = virAccessDriverStackCheckSecret, + .checkStoragePool = virAccessDriverStackCheckStoragePool, + .checkStorageVol = virAccessDriverStackCheckStorageVol, +}; diff --git a/src/access/viraccessdriverstack.h b/src/access/viraccessdriverstack.h new file mode 100644 index 0000000..4e34d5f --- /dev/null +++ b/src/access/viraccessdriverstack.h @@ -0,0 +1,32 @@ +/* + * viraccessdriverstack.h: stacked access control driver + * + * Copyright (C) 2012-2013 Red Hat, Inc. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library. If not, see + * <http://www.gnu.org/licenses/>. + */ + +#ifndef __VIR_ACCESS_DRIVER_STACK_H__ +# define __VIR_ACCESS_DRIVER_STACK_H__ + +# include "access/viraccessdriver.h" + + +int virAccessDriverStackAppend(virAccessManagerPtr manager, + virAccessManagerPtr child); + +extern virAccessDriver accessDriverStack; + +#endif /* __VIR_ACCESS_DRIVER_STACK_H__ */ diff --git a/src/access/viraccessmanager.c b/src/access/viraccessmanager.c new file mode 100644 index 0000000..8b1f150 --- /dev/null +++ b/src/access/viraccessmanager.c @@ -0,0 +1,339 @@ +/* + * viraccessmanager.c: access control manager + * + * Copyright (C) 2012-2013 Red Hat, Inc. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library. If not, see + * <http://www.gnu.org/licenses/>. + */ + +#include <config.h> + +#include "viraccessmanager.h" +#include "viraccessdrivernop.h" +#include "viraccessdriverstack.h" +#include "viralloc.h" +#include "virerror.h" +#include "virobject.h" +#include "virthread.h" +#include "virlog.h" + +#define VIR_FROM_THIS VIR_FROM_ACCESS +#define virAccessError(code, ...) \ + virReportErrorHelper(VIR_FROM_THIS, code, __FILE__, \ + __FUNCTION__, __LINE__, __VA_ARGS__) + +struct _virAccessManager { + virObjectLockable parent; + + virAccessDriverPtr drv; + void *privateData; +}; + +static virClassPtr virAccessManagerClass; +static virAccessManagerPtr virAccessManagerDefault; + +static void virAccessManagerDispose(void *obj); + +static int virAccessManagerOnceInit(void) +{ + if (!(virAccessManagerClass = virClassNew(virClassForObjectLockable(), + "virAccessManagerClass", + sizeof(virAccessManager), + virAccessManagerDispose))) + return -1; + + return 0; +} + +VIR_ONCE_GLOBAL_INIT(virAccessManager); + + +virAccessManagerPtr virAccessManagerGetDefault(void) +{ + return virObjectRef(virAccessManagerDefault); +} + + +void virAccessManagerSetDefault(virAccessManagerPtr mgr) +{ + virObjectUnref(virAccessManagerDefault); + + virAccessManagerDefault = virObjectRef(mgr); +} + + +static virAccessManagerPtr virAccessManagerNewDriver(virAccessDriverPtr drv) +{ + virAccessManagerPtr mgr; + char *privateData; + + if (virAccessManagerInitialize() < 0) + return NULL; + + if (VIR_ALLOC_N(privateData, drv->privateDataLen) < 0) { + virReportOOMError(); + return NULL; + } + + if (!(mgr = virObjectLockableNew(virAccessManagerClass))) { + VIR_FREE(privateData); + return NULL; + } + + mgr->drv = drv; + mgr->privateData = privateData; + + if (mgr->drv->setup && + mgr->drv->setup(mgr) < 0) { + virObjectUnref(mgr); + return NULL; + } + + VIR_DEBUG("Initialized with %s", mgr->drv->name); + return mgr; +} + + +static virAccessDriverPtr accessDrivers[] = { + &accessDriverNop, +}; + + +static virAccessDriverPtr virAccessManagerFindDriver(const char *name) +{ + size_t i; + for (i = 0; i < ARRAY_CARDINALITY(accessDrivers); i++) { + if (STREQ(name, accessDrivers[i]->name)) + return accessDrivers[i]; + } + + return NULL; +} + + +virAccessManagerPtr virAccessManagerNew(const char *name) +{ + virAccessDriverPtr drv; + + if (virAccessManagerInitialize() < 0) + return NULL; + + if (!(drv = virAccessManagerFindDriver(name))) { + virReportError(VIR_ERR_INTERNAL_ERROR, + _("Cannot find security driver '%s'"), + name); + return NULL; + } + + return virAccessManagerNewDriver(drv); +} + + +virAccessManagerPtr virAccessManagerNewStack(const char **names) +{ + virAccessManagerPtr manager = virAccessManagerNewDriver(&accessDriverStack); + size_t i; + + if (!manager) + return NULL; + + for (i = 0; names[i] != NULL; i++) { + virAccessManagerPtr child = virAccessManagerNew(names[i]); + + if (!child) + goto error; + + if (virAccessDriverStackAppend(manager, child) < 0) { + virObjectUnref(child); + goto error; + } + } + + return manager; + +error: + virObjectUnref(manager); + return NULL; +} + + +void *virAccessManagerGetPrivateData(virAccessManagerPtr mgr) +{ + return mgr->privateData; +} + + +static void virAccessManagerDispose(void *object) +{ + virAccessManagerPtr mgr = object; + + if (mgr->drv->cleanup) + mgr->drv->cleanup(mgr); + VIR_FREE(mgr->privateData); +} + + +/* Standard security practice is to not tell the caller *why* + * they were denied access. So this method takes the real + * libvirt errors & replaces it with a generic error. Fortunately + * the daemon logs will still contain the original error message + * should the admin need to debug things + */ +static int +virAccessManagerSanitizeError(int ret) +{ + if (ret < 0) { + virResetLastError(); + virAccessError(VIR_ERR_ACCESS_DENIED, NULL); + } + + return ret; +} + +int virAccessManagerCheckConnect(virAccessManagerPtr manager, + const char *driverName, + virAccessPermConnect perm) +{ + int ret = 0; + VIR_DEBUG("manager=%p(name=%s) driver=%s perm=%d", + manager, manager->drv->name, driverName, perm); + + if (manager->drv->checkConnect) + ret = manager->drv->checkConnect(manager, driverName, perm); + + return virAccessManagerSanitizeError(ret); +} + + +int virAccessManagerCheckDomain(virAccessManagerPtr manager, + const char *driverName, + virDomainDefPtr domain, + virAccessPermDomain perm) +{ + int ret = 0; + VIR_DEBUG("manager=%p(name=%s) driver=%s domain=%p perm=%d", + manager, manager->drv->name, driverName, domain, perm); + + if (manager->drv->checkDomain) + ret = manager->drv->checkDomain(manager, driverName, domain, perm); + + return virAccessManagerSanitizeError(ret); +} + +int virAccessManagerCheckInterface(virAccessManagerPtr manager, + const char *driverName, + virInterfaceDefPtr iface, + virAccessPermInterface perm) +{ + int ret = 0; + VIR_DEBUG("manager=%p(name=%s) driver=%s iface=%p perm=%d", + manager, manager->drv->name, driverName, iface, perm); + + if (manager->drv->checkInterface) + ret = manager->drv->checkInterface(manager, driverName, iface, perm); + + return virAccessManagerSanitizeError(ret); +} + +int virAccessManagerCheckNetwork(virAccessManagerPtr manager, + const char *driverName, + virNetworkDefPtr network, + virAccessPermNetwork perm) +{ + int ret = 0; + VIR_DEBUG("manager=%p(name=%s) driver=%s network=%p perm=%d", + manager, manager->drv->name, driverName, network, perm); + + if (manager->drv->checkNetwork) + ret = manager->drv->checkNetwork(manager, driverName, network, perm); + + return virAccessManagerSanitizeError(ret); +} + +int virAccessManagerCheckNodeDevice(virAccessManagerPtr manager, + const char *driverName, + virNodeDeviceDefPtr nodedev, + virAccessPermNodeDevice perm) +{ + int ret = 0; + VIR_DEBUG("manager=%p(name=%s) driver=%s nodedev=%p perm=%d", + manager, manager->drv->name, driverName, nodedev, perm); + + if (manager->drv->checkNodeDevice) + ret = manager->drv->checkNodeDevice(manager, driverName, nodedev, perm); + + return virAccessManagerSanitizeError(ret); +} + +int virAccessManagerCheckNWFilter(virAccessManagerPtr manager, + const char *driverName, + virNWFilterDefPtr nwfilter, + virAccessPermNWFilter perm) +{ + int ret = 0; + VIR_DEBUG("manager=%p(name=%s) driver=%s nwfilter=%p perm=%d", + manager, manager->drv->name, driverName, nwfilter, perm); + + if (manager->drv->checkNWFilter) + ret = manager->drv->checkNWFilter(manager, driverName, nwfilter, perm); + + return virAccessManagerSanitizeError(ret); +} + +int virAccessManagerCheckSecret(virAccessManagerPtr manager, + const char *driverName, + virSecretDefPtr secret, + virAccessPermSecret perm) +{ + int ret = 0; + VIR_DEBUG("manager=%p(name=%s) driver=%s secret=%p perm=%d", + manager, manager->drv->name, driverName, secret, perm); + + if (manager->drv->checkSecret) + ret = manager->drv->checkSecret(manager, driverName, secret, perm); + + return virAccessManagerSanitizeError(ret); +} + +int virAccessManagerCheckStoragePool(virAccessManagerPtr manager, + const char *driverName, + virStoragePoolDefPtr pool, + virAccessPermStoragePool perm) +{ + int ret = 0; + VIR_DEBUG("manager=%p(name=%s) driver=%s pool=%p perm=%d", + manager, manager->drv->name, driverName, pool, perm); + + if (manager->drv->checkStoragePool) + ret = manager->drv->checkStoragePool(manager, driverName, pool, perm); + + return virAccessManagerSanitizeError(ret); +} + +int virAccessManagerCheckStorageVol(virAccessManagerPtr manager, + const char *driverName, + virStoragePoolDefPtr pool, + virStorageVolDefPtr vol, + virAccessPermStorageVol perm) +{ + int ret = 0; + VIR_DEBUG("manager=%p(name=%s) driver=%s pool=%p vol=%p perm=%d", + manager, manager->drv->name, driverName, pool, vol, perm); + + if (manager->drv->checkStorageVol) + ret = manager->drv->checkStorageVol(manager, driverName, pool, vol, perm); + + return virAccessManagerSanitizeError(ret); +} diff --git a/src/access/viraccessmanager.h b/src/access/viraccessmanager.h new file mode 100644 index 0000000..e7eb15d --- /dev/null +++ b/src/access/viraccessmanager.h @@ -0,0 +1,91 @@ +/* + * viraccessmanager.h: access control manager + * + * Copyright (C) 2012-2013 Red Hat, Inc. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library. If not, see + * <http://www.gnu.org/licenses/>. + */ + +#ifndef __VIR_ACCESS_MANAGER_H__ +# define __VIR_ACCESS_MANAGER_H__ + +# include "viridentity.h" +# include "conf/domain_conf.h" +# include "conf/network_conf.h" +# include "conf/nwfilter_conf.h" +# include "conf/node_device_conf.h" +# include "conf/storage_conf.h" +# include "conf/secret_conf.h" +# include "conf/interface_conf.h" +# include "access/viraccessperm.h" + +typedef struct _virAccessManager virAccessManager; +typedef virAccessManager *virAccessManagerPtr; + +virAccessManagerPtr virAccessManagerGetDefault(void); +void virAccessManagerSetDefault(virAccessManagerPtr manager); + +virAccessManagerPtr virAccessManagerNew(const char *name); +virAccessManagerPtr virAccessManagerNewStack(const char **names); + + +void *virAccessManagerGetPrivateData(virAccessManagerPtr manager); + + +/* + * The virAccessManagerCheckXXX functions will + * Return -1 on error + * Return 0 on auth deny + * Return 1 on auth allow + */ +int virAccessManagerCheckConnect(virAccessManagerPtr manager, + const char *driverName, + virAccessPermConnect perm); +int virAccessManagerCheckDomain(virAccessManagerPtr manager, + const char *driverName, + virDomainDefPtr domain, + virAccessPermDomain perm); +int virAccessManagerCheckInterface(virAccessManagerPtr manager, + const char *driverName, + virInterfaceDefPtr iface, + virAccessPermInterface perm); +int virAccessManagerCheckNetwork(virAccessManagerPtr manager, + const char *driverName, + virNetworkDefPtr network, + virAccessPermNetwork perm); +int virAccessManagerCheckNodeDevice(virAccessManagerPtr manager, + const char *driverName, + virNodeDeviceDefPtr nodedev, + virAccessPermNodeDevice perm); +int virAccessManagerCheckNWFilter(virAccessManagerPtr manager, + const char *driverName, + virNWFilterDefPtr nwfilter, + virAccessPermNWFilter perm); +int virAccessManagerCheckSecret(virAccessManagerPtr manager, + const char *driverName, + virSecretDefPtr secret, + virAccessPermSecret perm); +int virAccessManagerCheckStoragePool(virAccessManagerPtr manager, + const char *driverName, + virStoragePoolDefPtr pool, + virAccessPermStoragePool perm); +int virAccessManagerCheckStorageVol(virAccessManagerPtr manager, + const char *driverName, + virStoragePoolDefPtr pool, + virStorageVolDefPtr vol, + virAccessPermStorageVol perm); + + +#endif /* __VIR_ACCESS_MANAGER_H__ */ diff --git a/src/access/viraccessperm.c b/src/access/viraccessperm.c new file mode 100644 index 0000000..17f6243 --- /dev/null +++ b/src/access/viraccessperm.c @@ -0,0 +1,84 @@ +/* + * viraccessperm.c: access control permissions + * + * Copyright (C) 2012-2013 Red Hat, Inc. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library. If not, see + * <http://www.gnu.org/licenses/>. + */ + +#include <config.h> + +#include "viraccessperm.h" + + +VIR_ENUM_IMPL(virAccessPermConnect, + VIR_ACCESS_PERM_CONNECT_LAST, + "getattr", "read", "write", + "search_domains", "search_networks", + "search_storage_pools", "search_node_devices", + "search_interfaces", "search_secrets", + "search_nwfilters", + "detect_storage_pool", "pm_control", + "interface_transaction"); + +VIR_ENUM_IMPL(virAccessPermDomain, + VIR_ACCESS_PERM_DOMAIN_LAST, + "getattr", "read", "write", "read_secure", + "start", "stop", "reset", + "save", "delete", + "migrate", "snapshot", "suspend", "hibernate", "core_dump", "pm_control", + "init_control", "inject_nmi", "send_input", "send_signal", "fs_trim", + "block_read", "block_write", "mem_read", + "open_graphics", "open_device", "screenshot", + "open_namespace"); + +VIR_ENUM_IMPL(virAccessPermInterface, + VIR_ACCESS_PERM_INTERFACE_LAST, + "getattr", "read", "write", "save", + "delete", "start", "stop"); + +VIR_ENUM_IMPL(virAccessPermNetwork, + VIR_ACCESS_PERM_NETWORK_LAST, + "getattr", "read", "write", + "save", "delete", "start", "stop"); + +VIR_ENUM_IMPL(virAccessPermNodeDevice, + VIR_ACCESS_PERM_NODE_DEVICE_LAST, + "getattr", "read", "write", + "start", "stop", + "dettach"); + +VIR_ENUM_IMPL(virAccessPermNWFilter, + VIR_ACCESS_PERM_NWFILTER_LAST, + "getattr", "read", "write", + "save", "delete"); + +VIR_ENUM_IMPL(virAccessPermSecret, + VIR_ACCESS_PERM_SECRET_LAST, + "getattr", "read", "write", + "read_secure", "save", "delete"); + +VIR_ENUM_IMPL(virAccessPermStoragePool, + VIR_ACCESS_PERM_STORAGE_POOL_LAST, + "getattr", "read", "write", + "save", "delete", "start", "stop", + "refresh", "search_storage_vols", + "format"); + +VIR_ENUM_IMPL(virAccessPermStorageVol, + VIR_ACCESS_PERM_STORAGE_VOL_LAST, + "getattr", "read", "create", "delete", + "format", "resize", "data_read", + "data_write"); diff --git a/src/access/viraccessperm.h b/src/access/viraccessperm.h new file mode 100644 index 0000000..2f76c95 --- /dev/null +++ b/src/access/viraccessperm.h @@ -0,0 +1,647 @@ +/* + * viraccessperm.h: access control permissions + * + * Copyright (C) 2012-2013 Red Hat, Inc. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library. If not, see + * <http://www.gnu.org/licenses/>. + */ + +#ifndef __VIR_ACCESS_PERM_H__ +# define __VIR_ACCESS_PERM_H__ + +# include "internal.h" +# include "virutil.h" + +typedef enum { + /** + * @desc: Access connection + * @message: Accessing the connection requires authorization + * @anonymous: 1 + */ + VIR_ACCESS_PERM_CONNECT_GETATTR, + + /** + * @desc: Read host + * @message: Reading the host configuration requires authorization + * @anonymous: 1 + */ + VIR_ACCESS_PERM_CONNECT_READ, + + /** + * @desc: Write host + * @message: Writing the host configuration requires authorization + */ + VIR_ACCESS_PERM_CONNECT_WRITE, + + /** + * @desc: List domains + * @message: Listing domains requires authorization + * @anonymous: 1 + */ + VIR_ACCESS_PERM_CONNECT_SEARCH_DOMAINS, + + /** + * @desc: List networks + * @message: Listing networks requires authorization + * @anonymous: 1 + */ + VIR_ACCESS_PERM_CONNECT_SEARCH_NETWORKS, + + /** + * @desc: List storage pools + * @message: Listing storage pools requires authorization + * @anonymous: 1 + */ + VIR_ACCESS_PERM_CONNECT_SEARCH_STORAGE_POOLS, + + /** + * @desc: List node devices + * @message: Listing node devices requires authorization + * @anonymous: 1 + */ + VIR_ACCESS_PERM_CONNECT_SEARCH_NODE_DEVICES, + + /** + * @desc: List interfaces + * @message: Listing interfaces requires authorization + * @anonymous: 1 + */ + VIR_ACCESS_PERM_CONNECT_SEARCH_INTERFACES, + + /** + * @desc: List secrets + * @message: Listing secrets requires authorization + * @anonymous: 1 + */ + VIR_ACCESS_PERM_CONNECT_SEARCH_SECRETS, + + /** + * @desc: List network filters + * @message: Listing network filters requires authorization + * @anonymous: 1 + */ + VIR_ACCESS_PERM_CONNECT_SEARCH_NWFILTERS, + + + /** + * @desc: Detect storage pools + * @message: Detecting storage pools requires authorization + */ + VIR_ACCESS_PERM_CONNECT_DETECT_STORAGE_POOLS, + + /** + * @desc: Use host power management + * @message: Using host power management requires authorization + */ + VIR_ACCESS_PERM_CONNECT_PM_CONTROL, + + /** + * @desc: Interface transactions + * @message: Using interface transactions requires authorization + */ + VIR_ACCESS_PERM_CONNECT_INTERFACE_TRANSACTION, + + VIR_ACCESS_PERM_CONNECT_LAST, +} virAccessPermConnect; + +typedef enum { + /** + * @desc: Access domain + * @message: Accessing the domain requires authorization + * @anonymous: 1 + */ + VIR_ACCESS_PERM_DOMAIN_GETATTR, /* Name/ID/UUID access */ + + /** + * @desc: Read domain + * @message: Reading domain configuration requires authorization + * @anonymous: 1 + */ + VIR_ACCESS_PERM_DOMAIN_READ, /* Config view */ + + /** + * @desc: Write domain + * @message: Writing domain configuration requires authorization + */ + VIR_ACCESS_PERM_DOMAIN_WRITE, /* Config change */ + + /** + * @desc: Read secure domain + * @message: Reading secure domain configuration requires authorization + */ + VIR_ACCESS_PERM_DOMAIN_READ_SECURE, /* Config access of passwords */ + + /** + * @desc: Start domain + * @message: Starting the domain requires authorization + */ + VIR_ACCESS_PERM_DOMAIN_START, /* Power on */ + + /** + * @desc: Stop domain + * @message: Stopping the domain requires authorization + */ + VIR_ACCESS_PERM_DOMAIN_STOP, /* Power off */ + + /** + * @desc: Reset domain + * @message: Resetting the domain requires authorization + */ + VIR_ACCESS_PERM_DOMAIN_RESET, /* Power reset */ + + /** + * @desc: Save domain + * @message: Saving domain configuration requires authorization + */ + VIR_ACCESS_PERM_DOMAIN_SAVE, /* Write out persistent config */ + + /** + * @desc: Delete domain + * @message: Deleting domain configuration requires authorization + */ + VIR_ACCESS_PERM_DOMAIN_DELETE, /* Remove persistent config */ + + + /** + * @desc: Migrate domain + * @message: Migrating domain requires authorization + */ + VIR_ACCESS_PERM_DOMAIN_MIGRATE, /* Host migration */ + + /** + * @desc: Snapshot domain + * @message: Snapshotting domain requires authorization + */ + VIR_ACCESS_PERM_DOMAIN_SNAPSHOT, /* Snapshot disks/memory */ + + /** + * @desc: Suspend domain + * @message: Suspending domain CPUs requires authorization + */ + VIR_ACCESS_PERM_DOMAIN_SUSPEND, /* Pause/resume CPUs */ + + /** + * @desc: Hibernate domain + * @message: Saving domain state requires authorization + */ + VIR_ACCESS_PERM_DOMAIN_HIBERNATE, /* Save state to host */ + + /** + * @desc: Dump domain + * @message: Dumping domain corefile requires authorization + */ + VIR_ACCESS_PERM_DOMAIN_CORE_DUMP, /* Dump guest core */ + + /** + * @desc: Use domain power management + * @message: Using domain power management requires authoriation + */ + VIR_ACCESS_PERM_DOMAIN_PM_CONTROL, /* S3/S5 suspend/wakeup */ + + /* Interactions with guest OS */ + + /** + * @desc: Domain init control + * @message: Controlling domain init process requires authorization + */ + VIR_ACCESS_PERM_DOMAIN_INIT_CONTROL, /* Init shutdown/reboot request */ + + /** + * @desc: Inject domain NMI + * @message: Injecting interrupt requries authoriation + */ + VIR_ACCESS_PERM_DOMAIN_INJECT_NMI, /* Trigger interrupts */ + + /** + * @desc: Send domain input + * @message: Sending input events to domain requires authorization + */ + VIR_ACCESS_PERM_DOMAIN_SEND_INPUT, /* Send guest input device (key/mouse) events */ + + /** + * @desc: Send domain signal + * @message: Sending signals to processes in domain requires authorization + */ + VIR_ACCESS_PERM_DOMAIN_SEND_SIGNAL, /* Send a signal to processes inside */ + + /** + * @desc: Trim domain filesystems + * @message: Trimming domain filesystems require authorization + */ + VIR_ACCESS_PERM_DOMAIN_FS_TRIM, /* Issue TRIM to guest filesystems */ + + /* Peeking at guest */ + + /** + * @desc: Read domain block + * @message: Reading domain block devices requires authorization + */ + VIR_ACCESS_PERM_DOMAIN_BLOCK_READ, /* Read data from block devices */ + + /** + * @desc: Write domain block + * @message: Writing domain block devices requires authorization + */ + VIR_ACCESS_PERM_DOMAIN_BLOCK_WRITE, /* resize/pull/rebase/commit */ + + /** + * @desc: Read domain memory + * @message: Reading domain memory requires authorization + */ + VIR_ACCESS_PERM_DOMAIN_MEM_READ, /* Read data from guest memory */ + + /* Device interaction */ + + /** + * @desc: Open domain graphics + * @message: Opening domain graphics console requires authorization + */ + VIR_ACCESS_PERM_DOMAIN_OPEN_GRAPHICS, /* Open graphical console */ + + /** + * @desc: Open domain device + * @message: Opening domain devices requires authorization + */ + VIR_ACCESS_PERM_DOMAIN_OPEN_DEVICE, /* Open a guest console/channel */ + + /** + * @desc: Take domain screenshot + * @message: Taking domain screenshots requires authorization + */ + VIR_ACCESS_PERM_DOMAIN_SCREENSHOT, /* Trigger a screen shot */ + + + /** + * @desc: Open domain namespace + * @message: Opening domain namespaces requires authorization + */ + VIR_ACCESS_PERM_DOMAIN_OPEN_NAMESPACE, + + VIR_ACCESS_PERM_DOMAIN_LAST, +} virAccessPermDomain; + +typedef enum { + + /** + * @desc: Access interface + * @message: Accessing interface requires authorization + * @anonymous: 1 + */ + VIR_ACCESS_PERM_INTERFACE_GETATTR, + + /** + * @desc: Read interface + * @message: Reading interface configuration requires authorization + * @anonymous: 1 + */ + VIR_ACCESS_PERM_INTERFACE_READ, + + /** + * @desc: Write interface + * @message: Writing interface configuration requires authorization + */ + VIR_ACCESS_PERM_INTERFACE_WRITE, + + /** + * @desc: Save interface + * @message: Saving interface configuration requires authorization + */ + VIR_ACCESS_PERM_INTERFACE_SAVE, + + /** + * @desc: Delete interface + * @message: Deleting interface configuration requires authorization + */ + VIR_ACCESS_PERM_INTERFACE_DELETE, + + /** + * @desc: Start interface + * @message: Starting interface requires authorization + */ + VIR_ACCESS_PERM_INTERFACE_START, + + /** + * @desc: Stop interface + * @message: Stopping interface requires authorization + */ + VIR_ACCESS_PERM_INTERFACE_STOP, + + VIR_ACCESS_PERM_INTERFACE_LAST +} virAccessPermInterface; + +typedef enum { + + /** + * @desc: Access network + * @message: Accessing network requires authorization + * @anonymous: 1 + */ + VIR_ACCESS_PERM_NETWORK_GETATTR, + + /** + * @desc: Read network + * @message: Reading network configuration requires authorization + * @anonymous: 1 + */ + VIR_ACCESS_PERM_NETWORK_READ, + + /** + * @desc: Write network + * @message: Writing network configuration requries authorization + */ + VIR_ACCESS_PERM_NETWORK_WRITE, + + /** + * @desc: Save network + * @message: Saving network configuration requires authorization + */ + VIR_ACCESS_PERM_NETWORK_SAVE, + + /** + * @desc: Delete network + * @message: Deleting network configuration requires authorization + */ + VIR_ACCESS_PERM_NETWORK_DELETE, + + /** + * @desc: Start network + * @message: Starting network requires authorization + */ + VIR_ACCESS_PERM_NETWORK_START, + + /** + * @desc: Stop network + * @message: Stopping network requires authorization + */ + VIR_ACCESS_PERM_NETWORK_STOP, + + VIR_ACCESS_PERM_NETWORK_LAST +} virAccessPermNetwork; + +typedef enum { + + /** + * @desc: Access node device + * @message: Accesing node device requires authorization + * @anonymous: 1 + */ + VIR_ACCESS_PERM_NODE_DEVICE_GETATTR, + + /** + * @desc: Read node device + * @message: Reading node device configuration requires authorization + */ + VIR_ACCESS_PERM_NODE_DEVICE_READ, + + /** + * @desc: Write node device + * @message: Writing node device configuration requires authorization + */ + VIR_ACCESS_PERM_NODE_DEVICE_WRITE, + + /** + * @desc: Start node device + * @message: Starting node device requires authorization + */ + VIR_ACCESS_PERM_NODE_DEVICE_START, + + /** + * @desc: Stop node device + * @message: Stopping node device requires authorization + */ + VIR_ACCESS_PERM_NODE_DEVICE_STOP, + + /** + * @desc: Detach node device + * @message: Detaching node device driver requires authorization + */ + VIR_ACCESS_PERM_NODE_DEVICE_DETTACH, + + VIR_ACCESS_PERM_NODE_DEVICE_LAST +} virAccessPermNodeDevice; + +typedef enum { + + /** + * @desc: Access network filter + * @message: Accessing network filter requires authorization + * @anonymous: 1 + */ + VIR_ACCESS_PERM_NWFILTER_GETATTR, + + /** + * @desc: Read network filter + * @message: Reading network filter configuration requires authorization + * @anonymous: 1 + */ + VIR_ACCESS_PERM_NWFILTER_READ, + + /** + * @desc: Write network filter + * @message: Writing network filter configuration requires authorization + */ + VIR_ACCESS_PERM_NWFILTER_WRITE, + + /** + * @desc: Save network filter + * @message: Saving network filter configuration requires authorization + */ + VIR_ACCESS_PERM_NWFILTER_SAVE, + + /** + * @desc: Delete network filter + * @message: Deleting network filter configuration requires authorization + */ + VIR_ACCESS_PERM_NWFILTER_DELETE, + + VIR_ACCESS_PERM_NWFILTER_LAST +} virAccessPermNWFilter; + +typedef enum { + + /** + * @desc: Access secret + * @message: Accessing secret requires authorization + * @anonymous: 1 + */ + VIR_ACCESS_PERM_SECRET_GETATTR, + + /** + * @desc: Read secret + * @message: Reading secret configuration requires authorization + * @anonymous: 1 + */ + VIR_ACCESS_PERM_SECRET_READ, + + /** + * @desc: Write secret + * @message: Writing secret configuration requires authorization + */ + VIR_ACCESS_PERM_SECRET_WRITE, + + /** + * @desc: Read secure secret + * @message: Reading secure secret configuration requires authorization + */ + VIR_ACCESS_PERM_SECRET_READ_SECURE, + + /** + * @desc: Save secret + * @message: Saving secret configuration requires authorization + */ + VIR_ACCESS_PERM_SECRET_SAVE, + + /** + * @desc: Delete secret + * @message: Deleting secret configuration requires authorization + */ + VIR_ACCESS_PERM_SECRET_DELETE, + + VIR_ACCESS_PERM_SECRET_LAST +} virAccessPermSecret; + +typedef enum { + + /** + * @desc: Access storage pool + * @message: Accessing storage pool requires authorization + * @anonymous: 1 + */ + VIR_ACCESS_PERM_STORAGE_POOL_GETATTR, + + /** + * @desc: Read storage pool + * @message: Reading storage pool configuration requires authorization + * @anonymous: 1 + */ + VIR_ACCESS_PERM_STORAGE_POOL_READ, + + /** + * @desc: Write storage pool + * @message: Writing storage pool configuration requires authorization + */ + VIR_ACCESS_PERM_STORAGE_POOL_WRITE, + + /** + * @desc: Save storage pool + * @message: Saving storage pool configuration requires authorization + */ + VIR_ACCESS_PERM_STORAGE_POOL_SAVE, + + /** + * @desc: Delete storage pool + * @message: Deleting storage pool configuration requires authorization + */ + VIR_ACCESS_PERM_STORAGE_POOL_DELETE, + + /** + * @desc: Start storage pool + * @message: Starting storage pool configuration requires authorization + */ + VIR_ACCESS_PERM_STORAGE_POOL_START, + + /** + * @desc: Stop storage pool + * @message: Stopping storage pool configuration requires authorization + */ + VIR_ACCESS_PERM_STORAGE_POOL_STOP, + + /** + * @desc: Refresh storage pool + * @message: Refreshing storage pool volumes requires authorization + */ + VIR_ACCESS_PERM_STORAGE_POOL_REFRESH, + + /** + * @desc: List storage pool volumes + * @message: Listing storage pool volumes requires authorization + */ + VIR_ACCESS_PERM_STORAGE_POOL_SEARCH_STORAGE_VOLS, + + /** + * @desc: Format storage pool + * @message: Formatting storage pool data requires authorization + */ + VIR_ACCESS_PERM_STORAGE_POOL_FORMAT, + + VIR_ACCESS_PERM_STORAGE_POOL_LAST +} virAccessPermStoragePool; + +typedef enum { + + /** + * @desc: Access storage volume + * @message: Acceessing storage volume requires authorization + * @anonymous: 1 + */ + VIR_ACCESS_PERM_STORAGE_VOL_GETATTR, + + /** + * @desc: Read storage volume + * @message: Reading storage volume configuration requires authorization + * @anonymous: 1 + */ + VIR_ACCESS_PERM_STORAGE_VOL_READ, + + /** + * @desc: Create storage volume + * @message: Creating storage volume requires authorization + */ + VIR_ACCESS_PERM_STORAGE_VOL_CREATE, + + /** + * @desc: Delete storage volume + * @message: Deleting storage volume requires authorization + */ + VIR_ACCESS_PERM_STORAGE_VOL_DELETE, + + /** + * @desc: Format storage volume + * @message: Formatting storage volume data requires authorization + */ + VIR_ACCESS_PERM_STORAGE_VOL_FORMAT, + + /** + * @desc: Resize storage volume + * @message: Resizing storage volume requires authorization + */ + VIR_ACCESS_PERM_STORAGE_VOL_RESIZE, + + /** + * @desc: Read storage volume data + * @message: Reading storage volume data requires authorization + */ + VIR_ACCESS_PERM_STORAGE_VOL_DATA_READ, + + /** + * @desc: Write storage volume data + * @message: Writing storage volume data requires authorization + */ + VIR_ACCESS_PERM_STORAGE_VOL_DATA_WRITE, + + VIR_ACCESS_PERM_STORAGE_VOL_LAST +} virAccessPermStorageVol; + +VIR_ENUM_DECL(virAccessPermConnect); +VIR_ENUM_DECL(virAccessPermDomain); +VIR_ENUM_DECL(virAccessPermInterface); +VIR_ENUM_DECL(virAccessPermNetwork); +VIR_ENUM_DECL(virAccessPermNodeDevice); +VIR_ENUM_DECL(virAccessPermNWFilter); +VIR_ENUM_DECL(virAccessPermSecret); +VIR_ENUM_DECL(virAccessPermStoragePool); +VIR_ENUM_DECL(virAccessPermStorageVol); + +#endif /* __VIR_ACCESS_PERM_H__ */ diff --git a/src/libvirt.c b/src/libvirt.c index db120b7..b467679 100644 --- a/src/libvirt.c +++ b/src/libvirt.c @@ -827,8 +827,10 @@ int virStateInitialize(bool privileged, if (virStateDriverTab[i]->stateInitialize(privileged, callback, opaque) < 0) { - VIR_ERROR(_("Initialization of %s state driver failed"), - virStateDriverTab[i]->name); + virErrorPtr err = virGetLastError(); + VIR_ERROR(_("Initialization of %s state driver failed: %s"), + virStateDriverTab[i]->name, + err && err->message ? err->message : _("Unknown problem")); return -1; } } diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index b449293..ccfa236 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -5,6 +5,43 @@ # Keep this file sorted by header name, then by symbols with each header. # +# access/viraccessmanager.h +virAccessManagerCheckConnect; +virAccessManagerCheckDomain; +virAccessManagerCheckInterface; +virAccessManagerCheckNetwork; +virAccessManagerCheckNodeDevice; +virAccessManagerCheckNWFilter; +virAccessManagerCheckSecret; +virAccessManagerCheckStoragePool; +virAccessManagerCheckStorageVol; +virAccessManagerGetDefault; +virAccessManagerNew; +virAccessManagerNewStack; +virAccessManagerSetDefault; + + +# access/viraccessperm.h +virAccessPermConnectTypeFromString; +virAccessPermConnectTypeToString; +virAccessPermDomainTypeFromString; +virAccessPermDomainTypeToString; +virAccessPermInterfaceTypeFromString; +virAccessPermInterfaceTypeToString; +virAccessPermNetworkTypeFromString; +virAccessPermNetworkTypeToString; +virAccessPermNodeDeviceTypeFromString; +virAccessPermNodeDeviceTypeToString; +virAccessPermNWFilterTypeFromString; +virAccessPermNWFilterTypeToString; +virAccessPermSecretTypeFromString; +virAccessPermSecretTypeToString; +virAccessPermStoragePoolTypeFromString; +virAccessPermStoragePoolTypeToString; +virAccessPermStorageVolTypeFromString; +virAccessPermStorageVolTypeToString; + + # conf/capabilities.h virCapabilitiesAddGuest; virCapabilitiesAddGuestDomain; diff --git a/src/util/virerror.c b/src/util/virerror.c index 251dbcd..4789bae 100644 --- a/src/util/virerror.c +++ b/src/util/virerror.c @@ -121,6 +121,8 @@ VIR_ENUM_IMPL(virErrorDomain, VIR_ERR_DOMAIN_LAST, "Init control", "Identity", "Cgroup", + + "Access Manager", /* 55 */ ) @@ -1235,6 +1237,12 @@ virErrorMsg(virErrorNumber error, const char *info) else errmsg = _("resource busy %s"); break; + case VIR_ERR_ACCESS_DENIED: + if (info == NULL) + errmsg = _("access denied"); + else + errmsg = _("access denied: %s"); + break; } return errmsg; } -- 1.8.1.4 -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list