---
src/Makefile.am | 5 ++--
src/bhyve/bhyve_driver.c | 63 ++++++++++++++++++++++++++++++++++++++++++++----
2 files changed, 61 insertions(+), 7 deletions(-)
diff --git a/src/Makefile.am b/src/Makefile.am
index 3567d13..d0aa18d 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -1330,8 +1330,9 @@ noinst_LTLIBRARIES += libvirt_driver_bhyve.la
endif ! WITH_DRIVER_MODULES
libvirt_driver_bhyve_impl_la_CFLAGS = \
- -I$(top_srcdir)/src/conf \
- $(AM_CFLAGS)
+ -I$(top_srcdir)/src/access \
+ -I$(top_srcdir)/src/conf \
+ $(AM_CFLAGS)
libvirt_driver_bhyve_impl_la_LDFLAGS = $(AM_LDFLAGS)
libvirt_driver_bhyve_impl_la_SOURCES = $(BHYVE_DRIVER_SOURCES)
endif WITH_BHYVE
diff --git a/src/bhyve/bhyve_driver.c b/src/bhyve/bhyve_driver.c
index e8e082b..2d2e54e 100644
--- a/src/bhyve/bhyve_driver.c
+++ b/src/bhyve/bhyve_driver.c
@@ -47,6 +47,7 @@
#include "virrandom.h"
#include "virstring.h"
#include "cpu/cpu.h"
+#include "viraccessapicheck.h"
#include "bhyve_driver.h"
#include "bhyve_process.h"
@@ -101,6 +102,9 @@ bhyveConnectGetCapabilities(virConnectPtr conn)
bhyveConnPtr privconn = conn->privateData;
char *xml;
+ if (virConnectGetCapabilitiesEnsureACL(conn) < 0)
+ return NULL;
+
bhyveDriverLock(privconn);
if ((xml = virCapabilitiesFormatXML(privconn->caps)) == NULL)
virReportOOMError();
@@ -157,6 +161,9 @@ bhyveConnectOpen(virConnectPtr conn,
return VIR_DRV_OPEN_ERROR;
}
+ if (virConnectOpenEnsureACL(conn) < 0)
+ return VIR_DRV_OPEN_ERROR;
+
conn->privateData = bhyve_driver;
return VIR_DRV_OPEN_SUCCESS;
@@ -173,6 +180,9 @@ bhyveConnectClose(virConnectPtr conn)
static char *
bhyveConnectGetHostname(virConnectPtr conn ATTRIBUTE_UNUSED)
{
+ if (virConnectGetHostnameEnsureACL(conn) < 0)
+ return NULL;
+
return virGetHostname();
}
@@ -181,6 +191,9 @@ bhyveConnectGetVersion(virConnectPtr conn ATTRIBUTE_UNUSED, unsigned long *versi
{
struct utsname ver;
+ if (virConnectGetVersionEnsureACL(conn) < 0)
+ return -1;
+
uname(&ver);
if (virParseVersionString(ver.release, version, true) < 0) {
@@ -201,6 +214,9 @@ bhyveDomainGetInfo(virDomainPtr domain, virDomainInfoPtr info)
if (!(vm = bhyveDomObjFromDomain(domain)))
goto cleanup;
+ if (virDomainGetInfoEnsureACL(domain->conn, vm->def) < 0)
+ goto cleanup;
+
info->state = virDomainObjGetState(vm, NULL);
info->maxMem = vm->def->mem.max_balloon;
info->nrVirtCpu = vm->def->vcpus;
@@ -226,6 +242,9 @@ bhyveDomainGetState(virDomainPtr domain,
if (!(vm = bhyveDomObjFromDomain(domain)))
goto cleanup;
+ if (virDomainGetStateEnsureACL(domain->conn, vm->def) < 0)
+ goto cleanup;
+
*state = virDomainObjGetState(vm, reason);
ret = 0;
@@ -244,6 +263,9 @@ bhyveDomainGetXMLDesc(virDomainPtr domain, unsigned int flags)
if (!(vm = bhyveDomObjFromDomain(domain)))
goto cleanup;
+ if (virDomainGetXMLDescEnsureACL(domain->conn, vm->def, flags) < 0)
+ goto cleanup;
+
ret = virDomainDefFormat(vm->def, flags);
cleanup:
@@ -269,6 +291,9 @@ bhyveDomainDefineXML(virConnectPtr conn, const char *xml)
goto cleanup;
}
+ if (virDomainDefineXMLEnsureACL(conn, def) < 0)
+ goto cleanup;
+
if (!(vm = virDomainObjListAdd(privconn->domains, def,
privconn->xmlopt,
0, &oldDef)))
@@ -296,8 +321,11 @@ bhyveConnectListDomains(virConnectPtr conn, int *ids, int maxids)
bhyveConnPtr privconn = conn->privateData;
int n;
+ if (virConnectListDomainsEnsureACL(conn) < 0)
+ return -1;
+
n = virDomainObjListGetActiveIDs(privconn->domains, ids, maxids,
- NULL, NULL);
+ virConnectListDomainsCheckACL, conn);
return n;
}
@@ -308,8 +336,11 @@ bhyveConnectNumOfDomains(virConnectPtr conn)
bhyveConnPtr privconn = conn->privateData;
int count;
+ if (virConnectNumOfDomainsEnsureACL(conn) < 0)
+ return -1;
+
count = virDomainObjListNumOfDomains(privconn->domains, true,
- NULL, NULL);
+ virConnectNumOfDomainsCheckACL, conn);
return count;
}
@@ -321,9 +352,12 @@ bhyveConnectListDefinedDomains(virConnectPtr conn, char **const names,
bhyveConnPtr privconn = conn->privateData;
int n;
+ if (virConnectListDefinedDomainsEnsureACL(conn) < 0)
+ return -1;
+
memset(names, 0, sizeof(*names) * maxnames);
n = virDomainObjListGetInactiveNames(privconn->domains, names,
- maxnames, NULL, NULL);
+ maxnames, virConnectListDefinedDomainsCheckACL, conn);
return n;
}
@@ -334,8 +368,11 @@ bhyveConnectNumOfDefinedDomains(virConnectPtr conn)
bhyveConnPtr privconn = conn->privateData;
int count;
+ if (virConnectNumOfDefinedDomainsEnsureACL(conn) < 0)
+ return -1;
+
count = virDomainObjListNumOfDomains(privconn->domains, false,
- NULL, NULL);
+ virConnectNumOfDefinedDomainsCheckACL, conn);
return count;
}
@@ -350,8 +387,11 @@ bhyveConnectListAllDomains(virConnectPtr conn,
virCheckFlags(VIR_CONNECT_LIST_DOMAINS_FILTERS_ALL, -1);
+ if (virConnectListAllDomainsEnsureACL(conn) < 0)
+ return -1;
+
ret = virDomainObjListExport(privconn->domains, conn, domains,
- NULL, flags);
+ virConnectListAllDomainsCheckACL, flags);
return ret;
}
@@ -374,6 +414,9 @@ bhyveDomainLookupByUUID(virConnectPtr conn,
goto cleanup;
}
+ if (virDomainLookupByUUIDEnsureACL(conn, vm->def) < 0)
+ goto cleanup;
+
dom = virGetDomain(conn, vm->def->name, vm->def->uuid);
if (dom)
dom->id = vm->def->id;
@@ -398,6 +441,10 @@ static virDomainPtr bhyveDomainLookupByName(virConnectPtr conn,
_("no domain with matching name '%s'"), name);
goto cleanup;
}
+
+ if (virDomainLookupByNameEnsureACL(conn, vm->def) < 0)
+ goto cleanup;
+
dom = virGetDomain(conn, vm->def->name, vm->def->uuid);
if (dom)
dom->id = vm->def->id;
@@ -418,6 +465,9 @@ bhyveDomainCreate(virDomainPtr dom)
if (!(vm = bhyveDomObjFromDomain(dom)))
goto cleanup;
+ if (virDomainCreateEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (virDomainObjIsActive(vm)) {
virReportError(VIR_ERR_OPERATION_INVALID,
"%s", _("Domain is already running"));
@@ -443,6 +493,9 @@ bhyveDomainDestroy(virDomainPtr dom)
if (!(vm = bhyveDomObjFromDomain(dom)))
goto cleanup;
+ if (virDomainDestroyEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
ret = virBhyveProcessStop(privconn, vm, VIR_DOMAIN_SHUTOFF_DESTROYED);
cleanup:
--
1.8.4.3
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list