From: "Daniel P. Berrange" <berrange@xxxxxxxxxx>
Insert calls to the ACL checking APIs in all Xen driver
entrypoints.
Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx>
---
src/Makefile.am | 1 +
src/xen/xen_driver.c | 217 +++++++++++++++++++++++++++++++++++++++++++++++++--
2 files changed, 210 insertions(+), 8 deletions(-)
diff --git a/src/Makefile.am b/src/Makefile.am
index 75db540..b3aed10 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -964,6 +964,7 @@ endif
libvirt_driver_xen_impl_la_CFLAGS = \
$(XEN_CFLAGS) \
+ -I$(top_srcdir)/src/access \
-I$(top_srcdir)/src/conf \
-I$(top_srcdir)/src/xenxs \
$(AM_CFLAGS)
diff --git a/src/xen/xen_driver.c b/src/xen/xen_driver.c
index 217d380..4871907 100644
--- a/src/xen/xen_driver.c
+++ b/src/xen/xen_driver.c
@@ -66,6 +66,7 @@
#include "nodeinfo.h"
#include "configmake.h"
#include "virstring.h"
+#include "viraccessapicheck.h"
#define VIR_FROM_THIS VIR_FROM_XEN
#define XEN_SAVE_DIR LOCALSTATEDIR "/lib/libvirt/xen/save"
@@ -398,6 +399,9 @@ xenUnifiedConnectOpen(virConnectPtr conn, virConnectAuthPtr auth, unsigned int f
/* We now know the URI is definitely for this driver, so beyond
* here, don't return DECLINED, always use ERROR */
+ if (virConnectOpenEnsureACL(conn) < 0)
+ return VIR_DRV_OPEN_ERROR;
+
/* Allocate per-connection private data. */
if (VIR_ALLOC(priv) < 0) {
virReportOOMError();
@@ -542,15 +546,21 @@ unsigned long xenUnifiedVersion(void)
static const char *
-xenUnifiedConnectGetType(virConnectPtr conn ATTRIBUTE_UNUSED)
+xenUnifiedConnectGetType(virConnectPtr conn)
{
+ if (virConnectGetTypeEnsureACL(conn) < 0)
+ return NULL;
+
return "Xen";
}
/* Which features are supported by this driver? */
static int
-xenUnifiedConnectSupportsFeature(virConnectPtr conn ATTRIBUTE_UNUSED, int feature)
+xenUnifiedConnectSupportsFeature(virConnectPtr conn, int feature)
{
+ if (virConnectSupportsFeatureEnsureACL(conn) < 0)
+ return -1;
+
switch (feature) {
case VIR_DRV_FEATURE_MIGRATION_V1:
case VIR_DRV_FEATURE_MIGRATION_DIRECT:
@@ -563,12 +573,18 @@ xenUnifiedConnectSupportsFeature(virConnectPtr conn ATTRIBUTE_UNUSED, int featur
static int
xenUnifiedConnectGetVersion(virConnectPtr conn, unsigned long *hvVer)
{
+ if (virConnectGetVersionEnsureACL(conn) < 0)
+ return -1;
+
return xenHypervisorGetVersion(conn, hvVer);
}
-static char *xenUnifiedConnectGetHostname(virConnectPtr conn ATTRIBUTE_UNUSED)
+static char *xenUnifiedConnectGetHostname(virConnectPtr conn)
{
+ if (virConnectGetHostnameEnsureACL(conn) < 0)
+ return NULL;
+
return virGetHostname();
}
@@ -603,6 +619,9 @@ xenUnifiedConnectIsAlive(virConnectPtr conn ATTRIBUTE_UNUSED)
int
xenUnifiedConnectGetMaxVcpus(virConnectPtr conn, const char *type)
{
+ if (virConnectGetMaxVcpusEnsureACL(conn) < 0)
+ return -1;
+
if (type && STRCASENEQ(type, "Xen")) {
virReportError(VIR_ERR_INVALID_ARG, __FUNCTION__);
return -1;
@@ -614,6 +633,9 @@ xenUnifiedConnectGetMaxVcpus(virConnectPtr conn, const char *type)
static int
xenUnifiedNodeGetInfo(virConnectPtr conn, virNodeInfoPtr info)
{
+ if (virNodeGetInfoEnsureACL(conn) < 0)
+ return -1;
+
return xenDaemonNodeGetInfo(conn, info);
}
@@ -623,6 +645,9 @@ xenUnifiedConnectGetCapabilities(virConnectPtr conn)
xenUnifiedPrivatePtr priv = conn->privateData;
char *xml;
+ if (virConnectGetCapabilitiesEnsureACL(conn) < 0)
+ return NULL;
+
if (!(xml = virCapabilitiesFormatXML(priv->caps))) {
virReportOOMError();
return NULL;
@@ -634,12 +659,18 @@ xenUnifiedConnectGetCapabilities(virConnectPtr conn)
static int
xenUnifiedConnectListDomains(virConnectPtr conn, int *ids, int maxids)
{
+ if (virConnectListDomainsEnsureACL(conn) < 0)
+ return -1;
+
return xenStoreListDomains(conn, ids, maxids);
}
static int
xenUnifiedConnectNumOfDomains(virConnectPtr conn)
{
+ if (virConnectNumOfDomainsEnsureACL(conn) < 0)
+ return -1;
+
return xenStoreNumOfDomains(conn);
}
@@ -659,6 +690,9 @@ xenUnifiedDomainCreateXML(virConnectPtr conn,
VIR_DOMAIN_XML_INACTIVE)))
goto cleanup;
+ if (virDomainCreateXMLEnsureACL(conn, def) < 0)
+ goto cleanup;
+
if (xenDaemonCreateXML(conn, def) < 0)
goto cleanup;
@@ -680,6 +714,9 @@ xenUnifiedDomainLookupByID(virConnectPtr conn, int id)
if (!(def = xenGetDomainDefForID(conn, id)))
goto cleanup;
+ if (virDomainLookupByIDEnsureACL(conn, def) < 0)
+ goto cleanup;
+
if (!(ret = virGetDomain(conn, def->name, def->uuid)))
goto cleanup;
@@ -700,6 +737,9 @@ xenUnifiedDomainLookupByUUID(virConnectPtr conn,
if (!(def = xenGetDomainDefForUUID(conn, uuid)))
goto cleanup;
+ if (virDomainLookupByUUIDEnsureACL(conn, def) < 0)
+ goto cleanup;
+
if (!(ret = virGetDomain(conn, def->name, def->uuid)))
goto cleanup;
@@ -720,6 +760,9 @@ xenUnifiedDomainLookupByName(virConnectPtr conn,
if (!(def = xenGetDomainDefForName(conn, name)))
goto cleanup;
+ if (virDomainLookupByNameEnsureACL(conn, def) < 0)
+ goto cleanup;
+
if (!(ret = virGetDomain(conn, def->name, def->uuid)))
goto cleanup;
@@ -809,6 +852,9 @@ xenUnifiedDomainSuspend(virDomainPtr dom)
if (!(def = xenGetDomainDefForDom(dom)))
goto cleanup;
+ if (virDomainSuspendEnsureACL(dom->conn, def) < 0)
+ goto cleanup;
+
ret = xenDaemonDomainSuspend(dom->conn, def);
cleanup:
@@ -825,6 +871,9 @@ xenUnifiedDomainResume(virDomainPtr dom)
if (!(def = xenGetDomainDefForDom(dom)))
goto cleanup;
+ if (virDomainResumeEnsureACL(dom->conn, def) < 0)
+ goto cleanup;
+
ret = xenDaemonDomainResume(dom->conn, def);
cleanup:
@@ -844,6 +893,9 @@ xenUnifiedDomainShutdownFlags(virDomainPtr dom,
if (!(def = xenGetDomainDefForDom(dom)))
goto cleanup;
+ if (virDomainShutdownFlagsEnsureACL(dom->conn, def) < 0)
+ goto cleanup;
+
ret = xenDaemonDomainShutdown(dom->conn, def);
cleanup:
@@ -868,6 +920,9 @@ xenUnifiedDomainReboot(virDomainPtr dom, unsigned int flags)
if (!(def = xenGetDomainDefForDom(dom)))
goto cleanup;
+ if (virDomainRebootEnsureACL(dom->conn, def) < 0)
+ goto cleanup;
+
ret = xenDaemonDomainReboot(dom->conn, def);
cleanup:
@@ -887,6 +942,9 @@ xenUnifiedDomainDestroyFlags(virDomainPtr dom,
if (!(def = xenGetDomainDefForDom(dom)))
goto cleanup;
+ if (virDomainDestroyFlagsEnsureACL(dom->conn, def) < 0)
+ goto cleanup;
+
ret = xenDaemonDomainDestroy(dom->conn, def);
cleanup:
@@ -910,6 +968,9 @@ xenUnifiedDomainGetOSType(virDomainPtr dom)
if (!(def = xenGetDomainDefForDom(dom)))
goto cleanup;
+ if (virDomainGetOSTypeEnsureACL(dom->conn, def) < 0)
+ goto cleanup;
+
if (def->id < 0) {
if (priv->xendConfigVersion < XEND_CONFIG_VERSION_3_0_4) {
virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
@@ -938,6 +999,9 @@ xenUnifiedDomainGetMaxMemory(virDomainPtr dom)
if (!(def = xenGetDomainDefForDom(dom)))
goto cleanup;
+ if (virDomainGetMaxMemoryEnsureACL(dom->conn, def) < 0)
+ goto cleanup;
+
if (def->id < 0) {
if (priv->xendConfigVersion < XEND_CONFIG_VERSION_3_0_4)
ret = xenXMDomainGetMaxMemory(dom->conn, def);
@@ -962,6 +1026,9 @@ xenUnifiedDomainSetMaxMemory(virDomainPtr dom, unsigned long memory)
if (!(def = xenGetDomainDefForDom(dom)))
goto cleanup;
+ if (virDomainSetMaxMemoryEnsureACL(dom->conn, def) < 0)
+ goto cleanup;
+
if (def->id < 0) {
if (priv->xendConfigVersion < XEND_CONFIG_VERSION_3_0_4)
ret = xenXMDomainSetMaxMemory(dom->conn, def, memory);
@@ -986,6 +1053,9 @@ xenUnifiedDomainSetMemory(virDomainPtr dom, unsigned long memory)
if (!(def = xenGetDomainDefForDom(dom)))
goto cleanup;
+ if (virDomainSetMemoryEnsureACL(dom->conn, def) < 0)
+ goto cleanup;
+
if (def->id < 0 && priv->xendConfigVersion < XEND_CONFIG_VERSION_3_0_4)
ret = xenXMDomainSetMemory(dom->conn, def, memory);
else
@@ -1006,6 +1076,9 @@ xenUnifiedDomainGetInfo(virDomainPtr dom, virDomainInfoPtr info)
if (!(def = xenGetDomainDefForDom(dom)))
goto cleanup;
+ if (virDomainGetInfoEnsureACL(dom->conn, def) < 0)
+ goto cleanup;
+
if (def->id < 0) {
if (priv->xendConfigVersion < XEND_CONFIG_VERSION_3_0_4)
ret = xenXMDomainGetInfo(dom->conn, def, info);
@@ -1035,6 +1108,9 @@ xenUnifiedDomainGetState(virDomainPtr dom,
if (!(def = xenGetDomainDefForDom(dom)))
goto cleanup;
+ if (virDomainGetStateEnsureACL(dom->conn, def) < 0)
+ goto cleanup;
+
if (def->id < 0) {
if (priv->xendConfigVersion < XEND_CONFIG_VERSION_3_0_4)
ret = xenXMDomainGetState(dom->conn, def, state, reason);
@@ -1067,6 +1143,9 @@ xenUnifiedDomainSaveFlags(virDomainPtr dom, const char *to, const char *dxml,
if (!(def = xenGetDomainDefForDom(dom)))
goto cleanup;
+ if (virDomainSaveFlagsEnsureACL(dom->conn, def) < 0)
+ goto cleanup;
+
ret = xenDaemonDomainSave(dom->conn, def, to);
cleanup:
@@ -1108,6 +1187,9 @@ xenUnifiedDomainManagedSave(virDomainPtr dom, unsigned int flags)
if (!(def = xenGetDomainDefForDom(dom)))
goto cleanup;
+ if (virDomainManagedSaveEnsureACL(dom->conn, def) < 0)
+ goto cleanup;
+
if (!(name = xenUnifiedDomainManagedSavePath(priv, def)))
goto cleanup;
@@ -1132,6 +1214,9 @@ xenUnifiedDomainHasManagedSaveImage(virDomainPtr dom, unsigned int flags)
if (!(def = xenGetDomainDefForDom(dom)))
goto cleanup;
+ if (virDomainHasManagedSaveImageEnsureACL(dom->conn, def) < 0)
+ goto cleanup;
+
if (!(name = xenUnifiedDomainManagedSavePath(priv, def)))
goto cleanup;
@@ -1156,6 +1241,9 @@ xenUnifiedDomainManagedSaveRemove(virDomainPtr dom, unsigned int flags)
if (!(def = xenGetDomainDefForDom(dom)))
goto cleanup;
+ if (virDomainManagedSaveRemoveEnsureACL(dom->conn, def) < 0)
+ goto cleanup;
+
if (!(name = xenUnifiedDomainManagedSavePath(priv, def)))
goto cleanup;
@@ -1197,6 +1285,9 @@ xenUnifiedDomainCoreDump(virDomainPtr dom, const char *to, unsigned int flags)
if (!(def = xenGetDomainDefForDom(dom)))
goto cleanup;
+ if (virDomainCoreDumpEnsureACL(dom->conn, def) < 0)
+ goto cleanup;
+
ret = xenDaemonDomainCoreDump(dom->conn, def, to, flags);
cleanup:
@@ -1234,6 +1325,9 @@ xenUnifiedDomainSetVcpusFlags(virDomainPtr dom, unsigned int nvcpus,
if (!(def = xenGetDomainDefForDom(dom)))
goto cleanup;
+ if (virDomainSetVcpusFlagsEnsureACL(dom->conn, def, flags) < 0)
+ goto cleanup;
+
/* Try non-hypervisor methods first, then hypervisor direct method
* as a last resort.
*/
@@ -1273,6 +1367,9 @@ xenUnifiedDomainPinVcpu(virDomainPtr dom, unsigned int vcpu,
if (!(def = xenGetDomainDefForDom(dom)))
goto cleanup;
+ if (virDomainPinVcpuEnsureACL(dom->conn, def) < 0)
+ goto cleanup;
+
if (dom->id < 0) {
if (priv->xendConfigVersion < XEND_CONFIG_VERSION_3_0_4)
ret = xenXMDomainPinVcpu(dom->conn, def, vcpu, cpumap, maplen);
@@ -1299,6 +1396,9 @@ xenUnifiedDomainGetVcpus(virDomainPtr dom,
if (!(def = xenGetDomainDefForDom(dom)))
goto cleanup;
+ if (virDomainGetVcpusEnsureACL(dom->conn, def) < 0)
+ goto cleanup;
+
if (dom->id < 0) {
if (priv->xendConfigVersion < XEND_CONFIG_VERSION_3_0_4) {
virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
@@ -1330,6 +1430,9 @@ xenUnifiedDomainGetVcpusFlags(virDomainPtr dom, unsigned int flags)
if (!(def = xenGetDomainDefForDom(dom)))
goto cleanup;
+ if (virDomainGetVcpusFlagsEnsureACL(dom->conn, def) < 0)
+ goto cleanup;
+
if (dom->id < 0) {
if (priv->xendConfigVersion < XEND_CONFIG_VERSION_3_0_4)
ret = xenXMDomainGetVcpusFlags(dom->conn, def, flags);
@@ -1365,6 +1468,9 @@ xenUnifiedDomainGetXMLDesc(virDomainPtr dom, unsigned int flags)
if (!(minidef = xenGetDomainDefForDom(dom)))
goto cleanup;
+ if (virDomainGetXMLDescEnsureACL(dom->conn, minidef, flags) < 0)
+ goto cleanup;
+
if (dom->id < 0 && priv->xendConfigVersion < XEND_CONFIG_VERSION_3_0_4) {
def = xenXMDomainGetXMLDesc(dom->conn, minidef);
} else {
@@ -1402,6 +1508,9 @@ xenUnifiedConnectDomainXMLFromNative(virConnectPtr conn,
virCheckFlags(0, NULL);
+ if (virConnectDomainXMLFromNativeEnsureACL(conn) < 0)
+ return NULL;
+
if (STRNEQ(format, XEN_CONFIG_FORMAT_XM) &&
STRNEQ(format, XEN_CONFIG_FORMAT_SEXPR)) {
virReportError(VIR_ERR_INVALID_ARG,
@@ -1451,6 +1560,9 @@ xenUnifiedConnectDomainXMLToNative(virConnectPtr conn,
virCheckFlags(0, NULL);
+ if (virConnectDomainXMLToNativeEnsureACL(conn) < 0)
+ return NULL;
+
if (STRNEQ(format, XEN_CONFIG_FORMAT_XM) &&
STRNEQ(format, XEN_CONFIG_FORMAT_SEXPR)) {
virReportError(VIR_ERR_INVALID_ARG,
@@ -1523,6 +1635,9 @@ xenUnifiedDomainMigratePerform(virDomainPtr dom,
if (!(def = xenGetDomainDefForDom(dom)))
goto cleanup;
+ if (virDomainMigratePerformEnsureACL(dom->conn, def) < 0)
+ goto cleanup;
+
ret = xenDaemonDomainMigratePerform(dom->conn, def,
cookie, cookielen, uri,
flags, dname, resource);
@@ -1550,6 +1665,9 @@ xenUnifiedDomainMigrateFinish(virConnectPtr dconn,
if (!(minidef = xenGetDomainDefForName(dconn, dname)))
goto cleanup;
+ if (virDomainMigrateFinishEnsureACL(dconn, minidef) < 0)
+ goto cleanup;
+
if (flags & VIR_MIGRATE_PERSIST_DEST) {
if (!(def = xenDaemonDomainGetXMLDesc(dconn, minidef, NULL)))
goto cleanup;
@@ -1579,6 +1697,9 @@ xenUnifiedConnectListDefinedDomains(virConnectPtr conn, char **const names,
{
xenUnifiedPrivatePtr priv = conn->privateData;
+ if (virConnectListDefinedDomainsEnsureACL(conn) < 0)
+ return -1;
+
if (priv->xendConfigVersion < XEND_CONFIG_VERSION_3_0_4) {
return xenXMListDefinedDomains(conn, names, maxnames);
} else {
@@ -1591,6 +1712,9 @@ xenUnifiedConnectNumOfDefinedDomains(virConnectPtr conn)
{
xenUnifiedPrivatePtr priv = conn->privateData;
+ if (virConnectNumOfDefinedDomainsEnsureACL(conn) < 0)
+ return -1;
+
if (priv->xendConfigVersion < XEND_CONFIG_VERSION_3_0_4) {
return xenXMNumOfDefinedDomains(conn);
} else {
@@ -1611,6 +1735,9 @@ xenUnifiedDomainCreateWithFlags(virDomainPtr dom, unsigned int flags)
if (!(def = xenGetDomainDefForDom(dom)))
goto cleanup;
+ if (virDomainCreateWithFlagsEnsureACL(dom->conn, def) < 0)
+ goto cleanup;
+
if (!(name = xenUnifiedDomainManagedSavePath(priv, def)))
goto cleanup;
@@ -1653,6 +1780,9 @@ xenUnifiedDomainDefineXML(virConnectPtr conn, const char *xml)
VIR_DOMAIN_XML_INACTIVE)))
goto cleanup;
+ if (virDomainDefineXMLEnsureACL(conn, def) < 0)
+ goto cleanup;
+
if (priv->xendConfigVersion < XEND_CONFIG_VERSION_3_0_4) {
if (xenXMDomainDefineXML(conn, def) < 0)
goto cleanup;
@@ -1684,6 +1814,9 @@ xenUnifiedDomainUndefineFlags(virDomainPtr dom, unsigned int flags)
if (!(def = xenGetDomainDefForDom(dom)))
goto cleanup;
+ if (virDomainUndefineFlagsEnsureACL(dom->conn, def) < 0)
+ goto cleanup;
+
if (priv->xendConfigVersion < XEND_CONFIG_VERSION_3_0_4)
ret = xenXMDomainUndefine(dom->conn, def);
else
@@ -1718,6 +1851,9 @@ xenUnifiedDomainAttachDevice(virDomainPtr dom, const char *xml)
if (!(def = xenGetDomainDefForDom(dom)))
goto cleanup;
+ if (virDomainAttachDeviceEnsureACL(dom->conn, def) < 0)
+ goto cleanup;
+
if (dom->id < 0 && priv->xendConfigVersion < XEND_CONFIG_VERSION_3_0_4)
ret = xenXMDomainAttachDeviceFlags(dom->conn, def, xml, flags);
else
@@ -1739,6 +1875,9 @@ xenUnifiedDomainAttachDeviceFlags(virDomainPtr dom, const char *xml,
if (!(def = xenGetDomainDefForDom(dom)))
goto cleanup;
+ if (virDomainAttachDeviceFlagsEnsureACL(dom->conn, def, flags) < 0)
+ goto cleanup;
+
if (dom->id < 0 && priv->xendConfigVersion < XEND_CONFIG_VERSION_3_0_4)
ret = xenXMDomainAttachDeviceFlags(dom->conn, def, xml, flags);
else
@@ -1768,6 +1907,9 @@ xenUnifiedDomainDetachDevice(virDomainPtr dom, const char *xml)
if (!(def = xenGetDomainDefForDom(dom)))
goto cleanup;
+ if (virDomainDetachDeviceEnsureACL(dom->conn, def) < 0)
+ goto cleanup;
+
if (dom->id < 0 && priv->xendConfigVersion < XEND_CONFIG_VERSION_3_0_4)
ret = xenXMDomainDetachDeviceFlags(dom->conn, def, xml, flags);
else
@@ -1789,6 +1931,9 @@ xenUnifiedDomainDetachDeviceFlags(virDomainPtr dom, const char *xml,
if (!(def = xenGetDomainDefForDom(dom)))
goto cleanup;
+ if (virDomainDetachDeviceFlagsEnsureACL(dom->conn, def, flags) < 0)
+ goto cleanup;
+
if (dom->id < 0 && priv->xendConfigVersion < XEND_CONFIG_VERSION_3_0_4)
ret = xenXMDomainDetachDeviceFlags(dom->conn, def, xml, flags);
else
@@ -1809,6 +1954,9 @@ xenUnifiedDomainUpdateDeviceFlags(virDomainPtr dom, const char *xml,
if (!(def = xenGetDomainDefForDom(dom)))
goto cleanup;
+ if (virDomainUpdateDeviceFlagsEnsureACL(dom->conn, def, flags) < 0)
+ goto cleanup;
+
ret = xenDaemonUpdateDeviceFlags(dom->conn, def, xml, flags);
cleanup:
@@ -1826,6 +1974,9 @@ xenUnifiedDomainGetAutostart(virDomainPtr dom, int *autostart)
if (!(def = xenGetDomainDefForDom(dom)))
goto cleanup;
+ if (virDomainGetAutostartEnsureACL(dom->conn, def) < 0)
+ goto cleanup;
+
if (priv->xendConfigVersion < XEND_CONFIG_VERSION_3_0_4)
ret = xenXMDomainGetAutostart(def, autostart);
else
@@ -1846,6 +1997,9 @@ xenUnifiedDomainSetAutostart(virDomainPtr dom, int autostart)
if (!(def = xenGetDomainDefForDom(dom)))
goto cleanup;
+ if (virDomainSetAutostartEnsureACL(dom->conn, def) < 0)
+ goto cleanup;
+
if (priv->xendConfigVersion < XEND_CONFIG_VERSION_3_0_4)
ret = xenXMDomainSetAutostart(def, autostart);
else
@@ -1866,6 +2020,9 @@ xenUnifiedDomainGetSchedulerType(virDomainPtr dom, int *nparams)
if (!(def = xenGetDomainDefForDom(dom)))
goto cleanup;
+ if (virDomainGetSchedulerTypeEnsureACL(dom->conn, def) < 0)
+ goto cleanup;
+
if (dom->id < 0) {
if (priv->xendConfigVersion < XEND_CONFIG_VERSION_3_0_4) {
virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
@@ -1897,6 +2054,9 @@ xenUnifiedDomainGetSchedulerParametersFlags(virDomainPtr dom,
if (!(def = xenGetDomainDefForDom(dom)))
goto cleanup;
+ if (virDomainGetSchedulerParametersEnsureACL(dom->conn, def) < 0)
+ goto cleanup;
+
if (dom->id < 0) {
if (priv->xendConfigVersion < XEND_CONFIG_VERSION_3_0_4) {
virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
@@ -1937,6 +2097,9 @@ xenUnifiedDomainSetSchedulerParametersFlags(virDomainPtr dom,
if (!(def = xenGetDomainDefForDom(dom)))
goto cleanup;
+ if (virDomainSetSchedulerParametersFlagsEnsureACL(dom->conn, def, flags) < 0)
+ goto cleanup;
+
if (dom->id < 0) {
if (priv->xendConfigVersion < XEND_CONFIG_VERSION_3_0_4) {
virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
@@ -1972,6 +2135,9 @@ xenUnifiedDomainBlockStats(virDomainPtr dom, const char *path,
if (!(def = xenGetDomainDefForDom(dom)))
goto cleanup;
+ if (virDomainBlockStatsEnsureACL(dom->conn, def) < 0)
+ goto cleanup;
+
ret = xenHypervisorDomainBlockStats(dom->conn, def, path, stats);
cleanup:
@@ -1989,6 +2155,9 @@ xenUnifiedDomainInterfaceStats(virDomainPtr dom, const char *path,
if (!(def = xenGetDomainDefForDom(dom)))
goto cleanup;
+ if (virDomainInterfaceStatsEnsureACL(dom->conn, def) < 0)
+ goto cleanup;
+
ret = xenHypervisorDomainInterfaceStats(def, path, stats);
cleanup:
@@ -2010,6 +2179,9 @@ xenUnifiedDomainBlockPeek(virDomainPtr dom, const char *path,
if (!(def = xenGetDomainDefForDom(dom)))
goto cleanup;
+ if (virDomainBlockPeekEnsureACL(dom->conn, def) < 0)
+ goto cleanup;
+
if (dom->id < 0 && priv->xendConfigVersion < XEND_CONFIG_VERSION_3_0_4)
ret = xenXMDomainBlockPeek(dom->conn, def, path, offset, size, buffer);
else
@@ -2024,6 +2196,9 @@ static int
xenUnifiedNodeGetCellsFreeMemory(virConnectPtr conn, unsigned long long *freeMems,
int startCell, int maxCells)
{
+ if (virNodeGetCellsFreeMemoryEnsureACL(conn) < 0)
+ return 0;
+
return xenHypervisorNodeGetCellsFreeMemory(conn, freeMems,
startCell, maxCells);
}
@@ -2033,6 +2208,9 @@ xenUnifiedNodeGetFreeMemory(virConnectPtr conn)
{
unsigned long long freeMem = 0;
+ if (virNodeGetFreeMemoryEnsureACL(conn) < 0)
+ return 0;
+
if (xenHypervisorNodeGetCellsFreeMemory(conn, &freeMem, -1, 1) < 0)
return 0;
return freeMem;
@@ -2046,8 +2224,11 @@ xenUnifiedConnectDomainEventRegister(virConnectPtr conn,
virFreeCallback freefunc)
{
xenUnifiedPrivatePtr priv = conn->privateData;
-
int ret;
+
+ if (virConnectDomainEventRegisterEnsureACL(conn) < 0)
+ return -1;
+
xenUnifiedLock(priv);
if (priv->xsWatch == -1) {
@@ -2070,6 +2251,10 @@ xenUnifiedConnectDomainEventDeregister(virConnectPtr conn,
{
int ret;
xenUnifiedPrivatePtr priv = conn->privateData;
+
+ if (virConnectDomainEventDeregisterEnsureACL(conn) < 0)
+ return -1;
+
xenUnifiedLock(priv);
if (priv->xsWatch == -1) {
@@ -2096,8 +2281,11 @@ xenUnifiedConnectDomainEventRegisterAny(virConnectPtr conn,
virFreeCallback freefunc)
{
xenUnifiedPrivatePtr priv = conn->privateData;
-
int ret;
+
+ if (virConnectDomainEventRegisterAnyEnsureACL(conn) < 0)
+ return -1;
+
xenUnifiedLock(priv);
if (priv->xsWatch == -1) {
@@ -2121,6 +2309,10 @@ xenUnifiedConnectDomainEventDeregisterAny(virConnectPtr conn,
{
int ret;
xenUnifiedPrivatePtr priv = conn->privateData;
+
+ if (virConnectDomainEventDeregisterAnyEnsureACL(conn) < 0)
+ return -1;
+
xenUnifiedLock(priv);
if (priv->xsWatch == -1) {
@@ -2396,31 +2588,40 @@ cleanup:
}
static int
-xenUnifiedNodeGetMemoryParameters(virConnectPtr conn ATTRIBUTE_UNUSED,
+xenUnifiedNodeGetMemoryParameters(virConnectPtr conn,
virTypedParameterPtr params,
int *nparams,
unsigned int flags)
{
+ if (virNodeGetMemoryParametersEnsureACL(conn) < 0)
+ return -1;
+
return nodeGetMemoryParameters(params, nparams, flags);
}
static int
-xenUnifiedNodeSetMemoryParameters(virConnectPtr conn ATTRIBUTE_UNUSED,
+xenUnifiedNodeSetMemoryParameters(virConnectPtr conn,
virTypedParameterPtr params,
int nparams,
unsigned int flags)
{
+ if (virNodeSetMemoryParametersEnsureACL(conn) < 0)
+ return -1;
+
return nodeSetMemoryParameters(params, nparams, flags);
}
static int
-xenUnifiedNodeSuspendForDuration(virConnectPtr conn ATTRIBUTE_UNUSED,
+xenUnifiedNodeSuspendForDuration(virConnectPtr conn,
unsigned int target,
unsigned long long duration,
unsigned int flags)
{
+ if (virNodeSuspendForDurationEnsureACL(conn) < 0)
+ return -1;
+
return nodeSuspendForDuration(target, duration, flags);
}
--
1.8.1.4
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list