From 11d926659b7250cd86841ca70e8d41faedcaa494 Mon Sep 17 00:00:00 2001 From: "Daniel P. Berrange" Date: Tue, 5 Feb 2013 17:54:55 +0000 Subject: [PATCH] Turn virSecurityManager into a virObjectLockable To enable locking to be introduced to the security manager objects later, turn virSecurityManager into a virObjectLockable class Signed-off-by: Daniel P. Berrange --- HACKING | 2 ++ src/libvirt_private.syms | 1 - src/lxc/lxc_controller.c | 2 +- src/lxc/lxc_driver.c | 4 +-- src/qemu/qemu_conf.h | 2 +- src/qemu/qemu_driver.c | 6 ++--- src/security/security_manager.c | 47 ++++++++++++++++++++++++++------- src/security/security_manager.h | 2 -- src/security/security_stack.c | 2 +- tests/seclabeltest.c | 2 +- 10 files changed, 48 insertions(+), 22 deletions(-) diff --git a/HACKING b/HACKING index e1e0b9b3a7..c8833c0bc9 100644 --- a/HACKING +++ b/HACKING @@ -203,6 +203,8 @@ the warning: obj:*/lib*/ld-2.*so* } + + (8) Update tests and/or documentation, particularly if you are adding a new feature or changing the output of a program. diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index a4f41ac0a3..cb81497035 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -1045,7 +1045,6 @@ virSecurityDriverLookup; # security_manager.h virSecurityManagerClearSocketLabel; -virSecurityManagerFree; virSecurityManagerGenLabel; virSecurityManagerGetDOI; virSecurityManagerGetModel; diff --git a/src/lxc/lxc_controller.c b/src/lxc/lxc_controller.c index aa70481fda..15aa3340d8 100644 --- a/src/lxc/lxc_controller.c +++ b/src/lxc/lxc_controller.c @@ -258,7 +258,7 @@ static void virLXCControllerFree(virLXCControllerPtr ctrl) virLXCControllerStopInit(ctrl); - virSecurityManagerFree(ctrl->securityManager); + virObjectUnref(ctrl->securityManager); for (i = 0 ; i < ctrl->nveths ; i++) VIR_FREE(ctrl->veths[i]); diff --git a/src/lxc/lxc_driver.c b/src/lxc/lxc_driver.c index f07ce1466f..f136df23b0 100644 --- a/src/lxc/lxc_driver.c +++ b/src/lxc/lxc_driver.c @@ -1399,7 +1399,7 @@ lxcSecurityInit(virLXCDriverPtr driver) error: VIR_ERROR(_("Failed to initialize security drivers")); - virSecurityManagerFree(mgr); + virObjectUnref(mgr); return -1; } @@ -1560,7 +1560,7 @@ static int lxcShutdown(void) virLXCProcessAutoDestroyShutdown(lxc_driver); virObjectUnref(lxc_driver->caps); - virSecurityManagerFree(lxc_driver->securityManager); + virObjectUnref(lxc_driver->securityManager); VIR_FREE(lxc_driver->configDir); VIR_FREE(lxc_driver->autostartDir); VIR_FREE(lxc_driver->stateDir); diff --git a/src/qemu/qemu_conf.h b/src/qemu/qemu_conf.h index 9ff1c5a392..d4ec0f7842 100644 --- a/src/qemu/qemu_conf.h +++ b/src/qemu/qemu_conf.h @@ -213,7 +213,7 @@ struct _virQEMUDriver { /* Immutable pointer, lockless APIs*/ virSysinfoDefPtr hostsysinfo; - /* Immutable pointer. XXX check safety */ + /* Immutable pointer. lockless access */ virLockManagerPluginPtr lockManager; /* Immutable pointer. Unsafe APIs. XXX */ diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index 0651bc87e5..4e2700ca55 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -409,8 +409,8 @@ qemuSecurityInit(virQEMUDriverPtr driver) error: VIR_ERROR(_("Failed to initialize security drivers")); - virSecurityManagerFree(stack); - virSecurityManagerFree(mgr); + virObjectUnref(stack); + virObjectUnref(mgr); virObjectUnref(cfg); return -1; } @@ -1005,7 +1005,7 @@ qemuShutdown(void) { VIR_FREE(qemu_driver->qemuImgBinary); - virSecurityManagerFree(qemu_driver->securityManager); + virObjectUnref(qemu_driver->securityManager); ebtablesContextFree(qemu_driver->ebtables); diff --git a/src/security/security_manager.c b/src/security/security_manager.c index 593c00bf56..a3f866972a 100644 --- a/src/security/security_manager.c +++ b/src/security/security_manager.c @@ -28,19 +28,40 @@ #include "security_dac.h" #include "virerror.h" #include "viralloc.h" +#include "virobject.h" #include "virlog.h" #define VIR_FROM_THIS VIR_FROM_SECURITY struct _virSecurityManager { + virObjectLockable parent; + virSecurityDriverPtr drv; bool allowDiskFormatProbing; bool defaultConfined; bool requireConfined; const char *virtDriver; + void *privateData; }; +static virClassPtr virSecurityManagerClass; + +static void virSecurityManagerDispose(void *obj); + +static int virSecurityManagerOnceInit(void) +{ + if (!(virSecurityManagerClass = virClassNew(virClassForObjectLockable(), + "virSecurityManagerClass", + sizeof(virSecurityManager), + virSecurityManagerDispose))) + return -1; + + return 0; +} + +VIR_ONCE_GLOBAL_INIT(virSecurityManager); + static virSecurityManagerPtr virSecurityManagerNewDriver(virSecurityDriverPtr drv, const char *virtDriver, bool allowDiskFormatProbing, @@ -48,6 +69,10 @@ static virSecurityManagerPtr virSecurityManagerNewDriver(virSecurityDriverPtr dr bool requireConfined) { virSecurityManagerPtr mgr; + char *privateData; + + if (virSecurityManagerInitialize() < 0) + return NULL; VIR_DEBUG("drv=%p (%s) virtDriver=%s allowDiskFormatProbing=%d " "defaultConfined=%d requireConfined=%d", @@ -55,19 +80,25 @@ static virSecurityManagerPtr virSecurityManagerNewDriver(virSecurityDriverPtr dr allowDiskFormatProbing, defaultConfined, requireConfined); - if (VIR_ALLOC_VAR(mgr, char, drv->privateDataLen) < 0) { + if (VIR_ALLOC_N(privateData, drv->privateDataLen) < 0) { virReportOOMError(); return NULL; } + if (!(mgr = virObjectLockableNew(virSecurityManagerClass))) { + VIR_FREE(privateData); + return NULL; + } + mgr->drv = drv; mgr->allowDiskFormatProbing = allowDiskFormatProbing; mgr->defaultConfined = defaultConfined; mgr->requireConfined = requireConfined; mgr->virtDriver = virtDriver; + mgr->privateData = privateData; if (drv->open(mgr) < 0) { - virSecurityManagerFree(mgr); + virObjectUnref(mgr); return NULL; } @@ -163,21 +194,17 @@ virSecurityManagerPtr virSecurityManagerNew(const char *name, void *virSecurityManagerGetPrivateData(virSecurityManagerPtr mgr) { - /* This accesses the memory just beyond mgr, which was allocated - * via VIR_ALLOC_VAR earlier. */ - return mgr + 1; + return mgr->privateData; } -void virSecurityManagerFree(virSecurityManagerPtr mgr) +static void virSecurityManagerDispose(void *obj) { - if (!mgr) - return; + virSecurityManagerPtr mgr = obj; if (mgr->drv->close) mgr->drv->close(mgr); - - VIR_FREE(mgr); + VIR_FREE(mgr->privateData); } const char * diff --git a/src/security/security_manager.h b/src/security/security_manager.h index dc09c7cbb5..4d4dc73181 100644 --- a/src/security/security_manager.h +++ b/src/security/security_manager.h @@ -48,8 +48,6 @@ virSecurityManagerPtr virSecurityManagerNewDAC(const char *virtDriver, void *virSecurityManagerGetPrivateData(virSecurityManagerPtr mgr); -void virSecurityManagerFree(virSecurityManagerPtr mgr); - const char *virSecurityManagerGetDriver(virSecurityManagerPtr mgr); const char *virSecurityManagerGetDOI(virSecurityManagerPtr mgr); const char *virSecurityManagerGetModel(virSecurityManagerPtr mgr); diff --git a/src/security/security_stack.c b/src/security/security_stack.c index 8e1e5f9a4f..e2d0b1db75 100644 --- a/src/security/security_stack.c +++ b/src/security/security_stack.c @@ -93,7 +93,7 @@ virSecurityStackClose(virSecurityManagerPtr mgr) while (item) { next = item->next; - virSecurityManagerFree(item->securityManager); + virObjectUnref(item->securityManager); VIR_FREE(item); item = next; } diff --git a/tests/seclabeltest.c b/tests/seclabeltest.c index 7033293eee..93b4902da3 100644 --- a/tests/seclabeltest.c +++ b/tests/seclabeltest.c @@ -39,7 +39,7 @@ main(int argc ATTRIBUTE_UNUSED, char **argv ATTRIBUTE_UNUSED) exit(EXIT_FAILURE); } - virSecurityManagerFree(mgr); + virObjectUnref(mgr); return 0; }