External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2025-01-03 11:35:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

event: move event filtering to daemon (regression fix)

Browse Source 
https://bugzilla.redhat.com/show_bug.cgi?id=1058839

Commit f9f56340 for CVE-2014-0028 almost had the right idea - we
need to check the ACL rules to filter which events to send.  But
it overlooked one thing: the event dispatch queue is running in
the main loop thread, and therefore does not normally have a
current virIdentityPtr.  But filter checks can be based on current
identity, so when libvirtd.conf contains access_drivers=["polkit"],
we ended up rejecting access for EVERY event due to failure to
look up the current identity, even if it should have been allowed.

Furthermore, even for events that are triggered by API calls, it
is important to remember that the point of events is that they can
be copied across multiple connections, which may have separate
identities and permissions.  So even if events were dispatched
from a context where we have an identity, we must change to the
correct identity of the connection that will be receiving the
event, rather than basing a decision on the context that triggered
the event, when deciding whether to filter an event to a
particular connection.

If there were an easy way to get from virConnectPtr to the
appropriate virIdentityPtr, then object_event.c could adjust the
identity prior to checking whether to dispatch an event.  But
setting up that back-reference is a bit invasive.  Instead, it
is easier to delay the filtering check until lower down the
stack, at the point where we have direct access to the RPC
client object that owns an identity.  As such, this patch ends
up reverting a large portion of the framework of commit f9f56340.
We also have to teach 'make check' to special-case the fact that
the event registration filtering is done at the point of dispatch,
rather than the point of registration.  Note that even though we
don't actually use virConnectDomainEventRegisterCheckACL (because
the RegisterAny variant is sufficient), we still generate the
function for the purposes of documenting that the filtering
takes place.

Also note that I did not entirely delete the notion of a filter
from object_event.c; I still plan on using that for my upcoming
patch series for qemu monitor events in libvirt-qemu.so.  In
other words, while this patch changes ACL filtering to live in
remote.c and therefore we have no current client of the filtering
in object_event.c, the notion of filtering in object_event.c is
still useful down the road.

* src/check-aclrules.pl: Exempt event registration from having to
pass checkACL filter down call stack.
* daemon/remote.c (remoteRelayDomainEventCheckACL)
(remoteRelayNetworkEventCheckACL): New functions.
(remoteRelay*Event*): Use new functions.
* src/conf/domain_event.h (virDomainEventStateRegister)
(virDomainEventStateRegisterID): Drop unused parameter.
* src/conf/network_event.h (virNetworkEventStateRegisterID):
Likewise.
* src/conf/domain_event.c (virDomainEventFilter): Delete unused
function.
* src/conf/network_event.c (virNetworkEventFilter): Likewise.
* src/libxl/libxl_driver.c: Adjust caller.
* src/lxc/lxc_driver.c: Likewise.
* src/network/bridge_driver.c: Likewise.
* src/qemu/qemu_driver.c: Likewise.
* src/remote/remote_driver.c: Likewise.
* src/test/test_driver.c: Likewise.
* src/uml/uml_driver.c: Likewise.
* src/vbox/vbox_tmpl.c: Likewise.
* src/xen/xen_driver.c: Likewise.

Signed-off-by: Eric Blake <eblake@redhat.com>
This commit is contained in:
Eric Blake 2014-01-28 14:50:02 -07:00
parent f9ada9f3d0
commit 11f20e43f1
15 changed files with 188 additions and 181 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

257
daemon/remote.c
View File

@ -50,6 +50,9 @@
#include "lxc_protocol.h" #include "lxc_protocol.h"
#include "virstring.h" #include "virstring.h"
#include "object_event.h" #include "object_event.h"
#include "domain_conf.h"
#include "network_conf.h"
#include "viraccessapicheck.h"
#define VIR_FROM_THIS VIR_FROM_RPC #define VIR_FROM_THIS VIR_FROM_RPC
@ -127,16 +130,72 @@ remoteEventCallbackFree(void *opaque)
VIR_FREE(opaque); VIR_FREE(opaque);
} }
static int remoteRelayDomainEventLifecycle(virConnectPtr conn ATTRIBUTE_UNUSED,
virDomainPtr dom, static bool
int event, remoteRelayDomainEventCheckACL(virNetServerClientPtr client,
int detail, virConnectPtr conn, virDomainPtr dom)
void *opaque) {
virDomainDef def;
virIdentityPtr identity = NULL;
bool ret = false;
/* For now, we just create a virDomainDef with enough contents to
* satisfy what viraccessdriverpolkit.c references. This is a bit
* fragile, but I don't know of anything better. */
def.name = dom->name;
memcpy(def.uuid, dom->uuid, VIR_UUID_BUFLEN);
if (!(identity = virNetServerClientGetIdentity(client)))
goto cleanup;
if (virIdentitySetCurrent(identity) < 0)
goto cleanup;
ret = virConnectDomainEventRegisterAnyCheckACL(conn, &def);
cleanup:
ignore_value(virIdentitySetCurrent(NULL));
virObjectUnref(identity);
return ret;
}
static bool
remoteRelayNetworkEventCheckACL(virNetServerClientPtr client,
virConnectPtr conn, virNetworkPtr net)
{
virNetworkDef def;
virIdentityPtr identity = NULL;
bool ret = false;
/* For now, we just create a virNetworkDef with enough contents to
* satisfy what viraccessdriverpolkit.c references. This is a bit
* fragile, but I don't know of anything better. */
def.name = net->name;
memcpy(def.uuid, net->uuid, VIR_UUID_BUFLEN);
if (!(identity = virNetServerClientGetIdentity(client)))
goto cleanup;
if (virIdentitySetCurrent(identity) < 0)
goto cleanup;
ret = virConnectNetworkEventRegisterAnyCheckACL(conn, &def);
cleanup:
ignore_value(virIdentitySetCurrent(NULL));
virObjectUnref(identity);
return ret;
}
static int
remoteRelayDomainEventLifecycle(virConnectPtr conn,
virDomainPtr dom,
int event,
int detail,
void *opaque)
{ {
virNetServerClientPtr client = opaque; virNetServerClientPtr client = opaque;
remote_domain_event_lifecycle_msg data; remote_domain_event_lifecycle_msg data;
if (!client) if (!client || !remoteRelayDomainEventCheckACL(client, conn, dom))
return -1; return -1;
VIR_DEBUG("Relaying domain lifecycle event %d %d", event, detail); VIR_DEBUG("Relaying domain lifecycle event %d %d", event, detail);
@ -154,14 +213,15 @@ static int remoteRelayDomainEventLifecycle(virConnectPtr conn ATTRIBUTE_UNUSED,
return 0; return 0;
} }
static int remoteRelayDomainEventReboot(virConnectPtr conn ATTRIBUTE_UNUSED, static int
virDomainPtr dom, remoteRelayDomainEventReboot(virConnectPtr conn,
void *opaque) virDomainPtr dom,
void *opaque)
{ {
virNetServerClientPtr client = opaque; virNetServerClientPtr client = opaque;
remote_domain_event_reboot_msg data; remote_domain_event_reboot_msg data;
if (!client) if (!client || !remoteRelayDomainEventCheckACL(client, conn, dom))
return -1; return -1;
VIR_DEBUG("Relaying domain reboot event %s %d", dom->name, dom->id); VIR_DEBUG("Relaying domain reboot event %s %d", dom->name, dom->id);
@ -178,15 +238,16 @@ static int remoteRelayDomainEventReboot(virConnectPtr conn ATTRIBUTE_UNUSED,
} }
static int remoteRelayDomainEventRTCChange(virConnectPtr conn ATTRIBUTE_UNUSED, static int
virDomainPtr dom, remoteRelayDomainEventRTCChange(virConnectPtr conn,
long long offset, virDomainPtr dom,
void *opaque) long long offset,
void *opaque)
{ {
virNetServerClientPtr client = opaque; virNetServerClientPtr client = opaque;
remote_domain_event_rtc_change_msg data; remote_domain_event_rtc_change_msg data;
if (!client) if (!client || !remoteRelayDomainEventCheckACL(client, conn, dom))
return -1; return -1;
VIR_DEBUG("Relaying domain rtc change event %s %d %lld", dom->name, dom->id, offset); VIR_DEBUG("Relaying domain rtc change event %s %d %lld", dom->name, dom->id, offset);
@ -204,15 +265,16 @@ static int remoteRelayDomainEventRTCChange(virConnectPtr conn ATTRIBUTE_UNUSED,
} }
static int remoteRelayDomainEventWatchdog(virConnectPtr conn ATTRIBUTE_UNUSED, static int
virDomainPtr dom, remoteRelayDomainEventWatchdog(virConnectPtr conn,
int action, virDomainPtr dom,
void *opaque) int action,
void *opaque)
{ {
virNetServerClientPtr client = opaque; virNetServerClientPtr client = opaque;
remote_domain_event_watchdog_msg data; remote_domain_event_watchdog_msg data;
if (!client) if (!client || !remoteRelayDomainEventCheckACL(client, conn, dom))
return -1; return -1;
VIR_DEBUG("Relaying domain watchdog event %s %d %d", dom->name, dom->id, action); VIR_DEBUG("Relaying domain watchdog event %s %d %d", dom->name, dom->id, action);
@ -230,17 +292,18 @@ static int remoteRelayDomainEventWatchdog(virConnectPtr conn ATTRIBUTE_UNUSED,
} }
static int remoteRelayDomainEventIOError(virConnectPtr conn ATTRIBUTE_UNUSED, static int
virDomainPtr dom, remoteRelayDomainEventIOError(virConnectPtr conn,
const char *srcPath, virDomainPtr dom,
const char *devAlias, const char *srcPath,
int action, const char *devAlias,
void *opaque) int action,
void *opaque)
{ {
virNetServerClientPtr client = opaque; virNetServerClientPtr client = opaque;
remote_domain_event_io_error_msg data; remote_domain_event_io_error_msg data;
if (!client) if (!client || !remoteRelayDomainEventCheckACL(client, conn, dom))
return -1; return -1;
VIR_DEBUG("Relaying domain io error %s %d %s %s %d", dom->name, dom->id, srcPath, devAlias, action); VIR_DEBUG("Relaying domain io error %s %d %s %s %d", dom->name, dom->id, srcPath, devAlias, action);
@ -265,18 +328,19 @@ error:
} }
static int remoteRelayDomainEventIOErrorReason(virConnectPtr conn ATTRIBUTE_UNUSED, static int
virDomainPtr dom, remoteRelayDomainEventIOErrorReason(virConnectPtr conn,
const char *srcPath, virDomainPtr dom,
const char *devAlias, const char *srcPath,
int action, const char *devAlias,
const char *reason, int action,
void *opaque) const char *reason,
void *opaque)
{ {
virNetServerClientPtr client = opaque; virNetServerClientPtr client = opaque;
remote_domain_event_io_error_reason_msg data; remote_domain_event_io_error_reason_msg data;
if (!client) if (!client || !remoteRelayDomainEventCheckACL(client, conn, dom))
return -1; return -1;
VIR_DEBUG("Relaying domain io error %s %d %s %s %d %s", VIR_DEBUG("Relaying domain io error %s %d %s %s %d %s",
@ -306,20 +370,21 @@ error:
} }
static int remoteRelayDomainEventGraphics(virConnectPtr conn ATTRIBUTE_UNUSED, static int
virDomainPtr dom, remoteRelayDomainEventGraphics(virConnectPtr conn,
int phase, virDomainPtr dom,
virDomainEventGraphicsAddressPtr local, int phase,
virDomainEventGraphicsAddressPtr remote, virDomainEventGraphicsAddressPtr local,
const char *authScheme, virDomainEventGraphicsAddressPtr remote,
virDomainEventGraphicsSubjectPtr subject, const char *authScheme,
void *opaque) virDomainEventGraphicsSubjectPtr subject,
void *opaque)
{ {
virNetServerClientPtr client = opaque; virNetServerClientPtr client = opaque;
remote_domain_event_graphics_msg data; remote_domain_event_graphics_msg data;
size_t i; size_t i;
if (!client) if (!client || !remoteRelayDomainEventCheckACL(client, conn, dom))
return -1; return -1;
VIR_DEBUG("Relaying domain graphics event %s %d %d - %d %s %s - %d %s %s - %s", dom->name, dom->id, phase, VIR_DEBUG("Relaying domain graphics event %s %d %d - %d %s %s - %d %s %s - %s", dom->name, dom->id, phase,
@ -377,17 +442,18 @@ error:
return -1; return -1;
} }
static int remoteRelayDomainEventBlockJob(virConnectPtr conn ATTRIBUTE_UNUSED, static int
virDomainPtr dom, remoteRelayDomainEventBlockJob(virConnectPtr conn,
const char *path, virDomainPtr dom,
int type, const char *path,
int status, int type,
void *opaque) int status,
void *opaque)
{ {
virNetServerClientPtr client = opaque; virNetServerClientPtr client = opaque;
remote_domain_event_block_job_msg data; remote_domain_event_block_job_msg data;
if (!client) if (!client || !remoteRelayDomainEventCheckACL(client, conn, dom))
return -1; return -1;
VIR_DEBUG("Relaying domain block job event %s %d %s %i, %i", VIR_DEBUG("Relaying domain block job event %s %d %s %i, %i",
@ -412,14 +478,15 @@ error:
} }
static int remoteRelayDomainEventControlError(virConnectPtr conn ATTRIBUTE_UNUSED, static int
virDomainPtr dom, remoteRelayDomainEventControlError(virConnectPtr conn,
void *opaque) virDomainPtr dom,
void *opaque)
{ {
virNetServerClientPtr client = opaque; virNetServerClientPtr client = opaque;
remote_domain_event_control_error_msg data; remote_domain_event_control_error_msg data;
if (!client) if (!client || !remoteRelayDomainEventCheckACL(client, conn, dom))
return -1; return -1;
VIR_DEBUG("Relaying domain control error %s %d", dom->name, dom->id); VIR_DEBUG("Relaying domain control error %s %d", dom->name, dom->id);
@ -436,19 +503,20 @@ static int remoteRelayDomainEventControlError(virConnectPtr conn ATTRIBUTE_UNUSE
} }
static int remoteRelayDomainEventDiskChange(virConnectPtr conn ATTRIBUTE_UNUSED, static int
virDomainPtr dom, remoteRelayDomainEventDiskChange(virConnectPtr conn,
const char *oldSrcPath, virDomainPtr dom,
const char *newSrcPath, const char *oldSrcPath,
const char *devAlias, const char *newSrcPath,
int reason, const char *devAlias,
void *opaque) int reason,
void *opaque)
{ {
virNetServerClientPtr client = opaque; virNetServerClientPtr client = opaque;
remote_domain_event_disk_change_msg data; remote_domain_event_disk_change_msg data;
char **oldSrcPath_p = NULL, **newSrcPath_p = NULL; char **oldSrcPath_p = NULL, **newSrcPath_p = NULL;
if (!client) if (!client || !remoteRelayDomainEventCheckACL(client, conn, dom))
return -1; return -1;
VIR_DEBUG("Relaying domain %s %d disk change %s %s %s %d", VIR_DEBUG("Relaying domain %s %d disk change %s %s %s %d",
@ -487,15 +555,17 @@ error:
} }
static int remoteRelayDomainEventTrayChange(virConnectPtr conn ATTRIBUTE_UNUSED, static int
virDomainPtr dom, remoteRelayDomainEventTrayChange(virConnectPtr conn,
const char *devAlias, virDomainPtr dom,
int reason, const char *devAlias,
void *opaque) { int reason,
void *opaque)
{
virNetServerClientPtr client = opaque; virNetServerClientPtr client = opaque;
remote_domain_event_tray_change_msg data; remote_domain_event_tray_change_msg data;
if (!client) if (!client || !remoteRelayDomainEventCheckACL(client, conn, dom))
return -1; return -1;
VIR_DEBUG("Relaying domain %s %d tray change devAlias: %s reason: %d", VIR_DEBUG("Relaying domain %s %d tray change devAlias: %s reason: %d",
@ -517,14 +587,16 @@ static int remoteRelayDomainEventTrayChange(virConnectPtr conn ATTRIBUTE_UNUSED,
return 0; return 0;
} }
static int remoteRelayDomainEventPMWakeup(virConnectPtr conn ATTRIBUTE_UNUSED, static int
virDomainPtr dom, remoteRelayDomainEventPMWakeup(virConnectPtr conn,
int reason ATTRIBUTE_UNUSED, virDomainPtr dom,
void *opaque) { int reason ATTRIBUTE_UNUSED,
void *opaque)
{
virNetServerClientPtr client = opaque; virNetServerClientPtr client = opaque;
remote_domain_event_pmwakeup_msg data; remote_domain_event_pmwakeup_msg data;
if (!client) if (!client || !remoteRelayDomainEventCheckACL(client, conn, dom))
return -1; return -1;
VIR_DEBUG("Relaying domain %s %d system pmwakeup", dom->name, dom->id); VIR_DEBUG("Relaying domain %s %d system pmwakeup", dom->name, dom->id);
@ -540,14 +612,16 @@ static int remoteRelayDomainEventPMWakeup(virConnectPtr conn ATTRIBUTE_UNUSED,
return 0; return 0;
} }
static int remoteRelayDomainEventPMSuspend(virConnectPtr conn ATTRIBUTE_UNUSED, static int
virDomainPtr dom, remoteRelayDomainEventPMSuspend(virConnectPtr conn,
int reason ATTRIBUTE_UNUSED, virDomainPtr dom,
void *opaque) { int reason ATTRIBUTE_UNUSED,
void *opaque)
{
virNetServerClientPtr client = opaque; virNetServerClientPtr client = opaque;
remote_domain_event_pmsuspend_msg data; remote_domain_event_pmsuspend_msg data;
if (!client) if (!client || !remoteRelayDomainEventCheckACL(client, conn, dom))
return -1; return -1;
VIR_DEBUG("Relaying domain %s %d system pmsuspend", dom->name, dom->id); VIR_DEBUG("Relaying domain %s %d system pmsuspend", dom->name, dom->id);
@ -564,7 +638,7 @@ static int remoteRelayDomainEventPMSuspend(virConnectPtr conn ATTRIBUTE_UNUSED,
} }
static int static int
remoteRelayDomainEventBalloonChange(virConnectPtr conn ATTRIBUTE_UNUSED, remoteRelayDomainEventBalloonChange(virConnectPtr conn,
virDomainPtr dom, virDomainPtr dom,
unsigned long long actual, unsigned long long actual,
void *opaque) void *opaque)
@ -572,7 +646,7 @@ remoteRelayDomainEventBalloonChange(virConnectPtr conn ATTRIBUTE_UNUSED,
virNetServerClientPtr client = opaque; virNetServerClientPtr client = opaque;
remote_domain_event_balloon_change_msg data; remote_domain_event_balloon_change_msg data;
if (!client) if (!client || !remoteRelayDomainEventCheckACL(client, conn, dom))
return -1; return -1;
VIR_DEBUG("Relaying domain balloon change event %s %d %lld", dom->name, dom->id, actual); VIR_DEBUG("Relaying domain balloon change event %s %d %lld", dom->name, dom->id, actual);
@ -590,14 +664,16 @@ remoteRelayDomainEventBalloonChange(virConnectPtr conn ATTRIBUTE_UNUSED,
} }
static int remoteRelayDomainEventPMSuspendDisk(virConnectPtr conn ATTRIBUTE_UNUSED, static int
virDomainPtr dom, remoteRelayDomainEventPMSuspendDisk(virConnectPtr conn,
int reason ATTRIBUTE_UNUSED, virDomainPtr dom,
void *opaque) { int reason ATTRIBUTE_UNUSED,
void *opaque)
{
virNetServerClientPtr client = opaque; virNetServerClientPtr client = opaque;
remote_domain_event_pmsuspend_disk_msg data; remote_domain_event_pmsuspend_disk_msg data;
if (!client) if (!client || !remoteRelayDomainEventCheckACL(client, conn, dom))
return -1; return -1;
VIR_DEBUG("Relaying domain %s %d system pmsuspend-disk", dom->name, dom->id); VIR_DEBUG("Relaying domain %s %d system pmsuspend-disk", dom->name, dom->id);
@ -614,7 +690,7 @@ static int remoteRelayDomainEventPMSuspendDisk(virConnectPtr conn ATTRIBUTE_UNUS
} }
static int static int
remoteRelayDomainEventDeviceRemoved(virConnectPtr conn ATTRIBUTE_UNUSED, remoteRelayDomainEventDeviceRemoved(virConnectPtr conn,
virDomainPtr dom, virDomainPtr dom,
const char *devAlias, const char *devAlias,
void *opaque) void *opaque)
@ -622,7 +698,7 @@ remoteRelayDomainEventDeviceRemoved(virConnectPtr conn ATTRIBUTE_UNUSED,
virNetServerClientPtr client = opaque; virNetServerClientPtr client = opaque;
remote_domain_event_device_removed_msg data; remote_domain_event_device_removed_msg data;
if (!client) if (!client || !remoteRelayDomainEventCheckACL(client, conn, dom))
return -1; return -1;
VIR_DEBUG("Relaying domain device removed event %s %d %s", VIR_DEBUG("Relaying domain device removed event %s %d %s",
@ -667,7 +743,7 @@ static virConnectDomainEventGenericCallback domainEventCallbacks[] = {
verify(ARRAY_CARDINALITY(domainEventCallbacks) == VIR_DOMAIN_EVENT_ID_LAST); verify(ARRAY_CARDINALITY(domainEventCallbacks) == VIR_DOMAIN_EVENT_ID_LAST);
static int static int
remoteRelayNetworkEventLifecycle(virConnectPtr conn ATTRIBUTE_UNUSED, remoteRelayNetworkEventLifecycle(virConnectPtr conn,
virNetworkPtr net, virNetworkPtr net,
int event, int event,
int detail, int detail,
@ -676,7 +752,8 @@ remoteRelayNetworkEventLifecycle(virConnectPtr conn ATTRIBUTE_UNUSED,
daemonClientEventCallbackPtr callback = opaque; daemonClientEventCallbackPtr callback = opaque;
remote_network_event_lifecycle_msg data; remote_network_event_lifecycle_msg data;
if (callback->callbackID < 0) if (callback->callbackID < 0 ||
!remoteRelayNetworkEventCheckACL(callback->client, conn, net))
return -1; return -1;
VIR_DEBUG("Relaying network lifecycle event %d, detail %d, callback %d", VIR_DEBUG("Relaying network lifecycle event %d, detail %d, callback %d",

7
src/check-aclrules.pl
View File

@ -1,6 +1,6 @@
#!/usr/bin/perl #!/usr/bin/perl
# #
# Copyright (C) 2013 Red Hat, Inc. # Copyright (C) 2013-2014 Red Hat, Inc.
# #
# This library is free software; you can redistribute it and/or # This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public # modify it under the terms of the GNU Lesser General Public
@ -140,7 +140,10 @@ while (<PROTO>) {
} elsif ($filtered && } elsif ($filtered &&
m,REMOTE_PROC_(.*)\s+=\s*\d+,) { m,REMOTE_PROC_(.*)\s+=\s*\d+,) {
my $api = name_to_ProcName($1); my $api = name_to_ProcName($1);
$filtered{$api} = 1; # Event filtering is handled in daemon/remote.c instead of drivers
if (! m,_EVENT_REGISTER,) {
$filtered{$api} = 1;
}
$incomment = 0; $incomment = 0;
} }
} }

35
src/conf/domain_event.c
View File

@ -360,30 +360,6 @@ virDomainEventDeviceRemovedDispose(void *obj)
} }
/**
* virDomainEventFilter:
* @conn: pointer to the connection
* @event: the event to check
* @opaque: opaque data holding ACL filter to use
*
* Internal function to run ACL filtering before dispatching an event
*/
static bool
virDomainEventFilter(virConnectPtr conn, virObjectEventPtr event, void *opaque)
{
virDomainDef dom;
virDomainObjListFilter filter = opaque;
/* For now, we just create a virDomainDef with enough contents to
* satisfy what viraccessdriverpolkit.c references. This is a bit
* fragile, but I don't know of anything better. */
dom.name = event->meta.name;
memcpy(dom.uuid, event->meta.uuid, VIR_UUID_BUFLEN);
return (filter)(conn, &dom);
}
static void * static void *
virDomainEventNew(virClassPtr klass, virDomainEventNew(virClassPtr klass,
int eventID, int eventID,
@ -1289,7 +1265,6 @@ cleanup:
* virDomainEventStateRegister: * virDomainEventStateRegister:
* @conn: connection to associate with callback * @conn: connection to associate with callback
* @state: object event state * @state: object event state
* @filter: optional ACL filter to limit which events can be sent
* @callback: the callback to add * @callback: the callback to add
* @opaque: data blob to pass to @callback * @opaque: data blob to pass to @callback
* @freecb: callback to free @opaque * @freecb: callback to free @opaque
@ -1302,7 +1277,6 @@ cleanup:
int int
virDomainEventStateRegister(virConnectPtr conn, virDomainEventStateRegister(virConnectPtr conn,
virObjectEventStatePtr state, virObjectEventStatePtr state,
virDomainObjListFilter filter,
virConnectDomainEventCallback callback, virConnectDomainEventCallback callback,
void *opaque, void *opaque,
virFreeCallback freecb) virFreeCallback freecb)
@ -1311,8 +1285,7 @@ virDomainEventStateRegister(virConnectPtr conn,
return -1; return -1;
return virObjectEventStateRegisterID(conn, state, NULL, return virObjectEventStateRegisterID(conn, state, NULL,
filter ? virDomainEventFilter : NULL, NULL, NULL, virDomainEventClass,
filter, virDomainEventClass,
VIR_DOMAIN_EVENT_ID_LIFECYCLE, VIR_DOMAIN_EVENT_ID_LIFECYCLE,
VIR_OBJECT_EVENT_CALLBACK(callback), VIR_OBJECT_EVENT_CALLBACK(callback),
opaque, freecb, NULL, false); opaque, freecb, NULL, false);
@ -1323,7 +1296,6 @@ virDomainEventStateRegister(virConnectPtr conn,
* virDomainEventStateRegisterID: * virDomainEventStateRegisterID:
* @conn: connection to associate with callback * @conn: connection to associate with callback
* @state: object event state * @state: object event state
* @filter: optional ACL filter to limit which events can be sent
* @dom: optional domain for filtering the event * @dom: optional domain for filtering the event
* @eventID: ID of the event type to register for * @eventID: ID of the event type to register for
* @cb: function to invoke when event fires * @cb: function to invoke when event fires
@ -1340,7 +1312,6 @@ virDomainEventStateRegister(virConnectPtr conn,
int int
virDomainEventStateRegisterID(virConnectPtr conn, virDomainEventStateRegisterID(virConnectPtr conn,
virObjectEventStatePtr state, virObjectEventStatePtr state,
virDomainObjListFilter filter,
virDomainPtr dom, virDomainPtr dom,
int eventID, int eventID,
virConnectDomainEventGenericCallback cb, virConnectDomainEventGenericCallback cb,
@ -1352,8 +1323,8 @@ virDomainEventStateRegisterID(virConnectPtr conn,
return -1; return -1;
return virObjectEventStateRegisterID(conn, state, dom ? dom->uuid : NULL, return virObjectEventStateRegisterID(conn, state, dom ? dom->uuid : NULL,
filter ? virDomainEventFilter : NULL, NULL, NULL,
filter, virDomainEventClass, eventID, virDomainEventClass, eventID,
VIR_OBJECT_EVENT_CALLBACK(cb), VIR_OBJECT_EVENT_CALLBACK(cb),
opaque, freecb, callbackID, false); opaque, freecb, callbackID, false);
} }

8
src/conf/domain_event.h
View File

@ -177,24 +177,20 @@ virDomainEventDeviceRemovedNewFromDom(virDomainPtr dom,
int int
virDomainEventStateRegister(virConnectPtr conn, virDomainEventStateRegister(virConnectPtr conn,
virObjectEventStatePtr state, virObjectEventStatePtr state,
virDomainObjListFilter filter,
virConnectDomainEventCallback callback, virConnectDomainEventCallback callback,
void *opaque, void *opaque,
virFreeCallback freecb) virFreeCallback freecb)
ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(4); ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(3);
int int
virDomainEventStateRegisterID(virConnectPtr conn, virDomainEventStateRegisterID(virConnectPtr conn,
virObjectEventStatePtr state, virObjectEventStatePtr state,
virDomainObjListFilter filter,
virDomainPtr dom, virDomainPtr dom,
int eventID, int eventID,
virConnectDomainEventGenericCallback cb, virConnectDomainEventGenericCallback cb,
void *opaque, void *opaque,
virFreeCallback freecb, virFreeCallback freecb,
int *callbackID) int *callbackID)
ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(6); ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(5);
int int
virDomainEventStateDeregister(virConnectPtr conn, virDomainEventStateDeregister(virConnectPtr conn,
virObjectEventStatePtr state, virObjectEventStatePtr state,

31
src/conf/network_event.c
View File

@ -121,36 +121,10 @@ cleanup:
} }
/**
* virNetworkEventFilter:
* @conn: pointer to the connection
* @event: the event to check
* @opaque: opaque data holding ACL filter to use
*
* Internal function to run ACL filtering before dispatching an event
*/
static bool
virNetworkEventFilter(virConnectPtr conn, virObjectEventPtr event,
void *opaque)
{
virNetworkDef net;
virNetworkObjListFilter filter = opaque;
/* For now, we just create a virNetworkDef with enough contents to
* satisfy what viraccessdriverpolkit.c references. This is a bit
* fragile, but I don't know of anything better. */
net.name = event->meta.name;
memcpy(net.uuid, event->meta.uuid, VIR_UUID_BUFLEN);
return (filter)(conn, &net);
}
/** /**
* virNetworkEventStateRegisterID: * virNetworkEventStateRegisterID:
* @conn: connection to associate with callback * @conn: connection to associate with callback
* @state: object event state * @state: object event state
* @filter: optional ACL filter to limit which events can be sent
* @net: network to filter on or NULL for all networks * @net: network to filter on or NULL for all networks
* @eventID: ID of the event type to register for * @eventID: ID of the event type to register for
* @cb: function to invoke when event occurs * @cb: function to invoke when event occurs
@ -167,7 +141,6 @@ virNetworkEventFilter(virConnectPtr conn, virObjectEventPtr event,
int int
virNetworkEventStateRegisterID(virConnectPtr conn, virNetworkEventStateRegisterID(virConnectPtr conn,
virObjectEventStatePtr state, virObjectEventStatePtr state,
virNetworkObjListFilter filter,
virNetworkPtr net, virNetworkPtr net,
int eventID, int eventID,
virConnectNetworkEventGenericCallback cb, virConnectNetworkEventGenericCallback cb,
@ -179,8 +152,8 @@ virNetworkEventStateRegisterID(virConnectPtr conn,
return -1; return -1;
return virObjectEventStateRegisterID(conn, state, net ? net->uuid : NULL, return virObjectEventStateRegisterID(conn, state, net ? net->uuid : NULL,
filter ? virNetworkEventFilter : NULL, NULL, NULL,
filter, virNetworkEventClass, eventID, virNetworkEventClass, eventID,
VIR_OBJECT_EVENT_CALLBACK(cb), VIR_OBJECT_EVENT_CALLBACK(cb),
opaque, freecb, callbackID, false); opaque, freecb, callbackID, false);
} }

6
src/conf/network_event.h
View File

@ -24,7 +24,6 @@
#include "internal.h" #include "internal.h"
#include "object_event.h" #include "object_event.h"
#include "object_event_private.h" #include "object_event_private.h"
#include "network_conf.h"
#ifndef __NETWORK_EVENT_H__ #ifndef __NETWORK_EVENT_H__
# define __NETWORK_EVENT_H__ # define __NETWORK_EVENT_H__
@ -32,15 +31,14 @@
int int
virNetworkEventStateRegisterID(virConnectPtr conn, virNetworkEventStateRegisterID(virConnectPtr conn,
virObjectEventStatePtr state, virObjectEventStatePtr state,
virNetworkObjListFilter filter,
virNetworkPtr net, virNetworkPtr net,
int eventID, int eventID,
virConnectNetworkEventGenericCallback cb, virConnectNetworkEventGenericCallback cb,
void *opaque, void *opaque,
virFreeCallback freecb, virFreeCallback freecb,
int *callbackID) int *callbackID)
ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(6) ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(5)
ATTRIBUTE_NONNULL(9); ATTRIBUTE_NONNULL(8);
int int
virNetworkEventStateRegisterClient(virConnectPtr conn, virNetworkEventStateRegisterClient(virConnectPtr conn,

2
src/libxl/libxl_driver.c
View File

@ -3654,7 +3654,6 @@ libxlConnectDomainEventRegister(virConnectPtr conn,
if (virDomainEventStateRegister(conn, if (virDomainEventStateRegister(conn,
driver->domainEventState, driver->domainEventState,
virConnectDomainEventRegisterCheckACL,
callback, opaque, freecb) < 0) callback, opaque, freecb) < 0)
return -1; return -1;
@ -4257,7 +4256,6 @@ libxlConnectDomainEventRegisterAny(virConnectPtr conn, virDomainPtr dom, int eve
if (virDomainEventStateRegisterID(conn, if (virDomainEventStateRegisterID(conn,
driver->domainEventState, driver->domainEventState,
virConnectDomainEventRegisterAnyCheckACL,
dom, eventID, callback, opaque, dom, eventID, callback, opaque,
freecb, &ret) < 0) freecb, &ret) < 0)
ret = -1; ret = -1;

2
src/lxc/lxc_driver.c
View File

@ -1294,7 +1294,6 @@ lxcConnectDomainEventRegister(virConnectPtr conn,
if (virDomainEventStateRegister(conn, if (virDomainEventStateRegister(conn,
driver->domainEventState, driver->domainEventState,
virConnectDomainEventRegisterCheckACL,
callback, opaque, freecb) < 0) callback, opaque, freecb) < 0)
return -1; return -1;
@ -1336,7 +1335,6 @@ lxcConnectDomainEventRegisterAny(virConnectPtr conn,
if (virDomainEventStateRegisterID(conn, if (virDomainEventStateRegisterID(conn,
driver->domainEventState, driver->domainEventState,
virConnectDomainEventRegisterAnyCheckACL,
dom, eventID, dom, eventID,
callback, opaque, freecb, &ret) < 0) callback, opaque, freecb, &ret) < 0)
ret = -1; ret = -1;

1
src/network/bridge_driver.c
View File

@ -2307,7 +2307,6 @@ networkConnectNetworkEventRegisterAny(virConnectPtr conn,
goto cleanup; goto cleanup;
if (virNetworkEventStateRegisterID(conn, driver->networkEventState, if (virNetworkEventStateRegisterID(conn, driver->networkEventState,
virConnectNetworkEventRegisterAnyCheckACL,
net, eventID, callback, net, eventID, callback,
opaque, freecb, &ret) < 0) opaque, freecb, &ret) < 0)
ret = -1; ret = -1;

2
src/qemu/qemu_driver.c
View File

@ -10346,7 +10346,6 @@ qemuConnectDomainEventRegister(virConnectPtr conn,
if (virDomainEventStateRegister(conn, if (virDomainEventStateRegister(conn,
driver->domainEventState, driver->domainEventState,
virConnectDomainEventRegisterCheckACL,
callback, opaque, freecb) < 0) callback, opaque, freecb) < 0)
goto cleanup; goto cleanup;
@ -10395,7 +10394,6 @@ qemuConnectDomainEventRegisterAny(virConnectPtr conn,
if (virDomainEventStateRegisterID(conn, if (virDomainEventStateRegisterID(conn,
driver->domainEventState, driver->domainEventState,
virConnectDomainEventRegisterAnyCheckACL,
dom, eventID, dom, eventID,
callback, opaque, freecb, &ret) < 0) callback, opaque, freecb, &ret) < 0)
ret = -1; ret = -1;

4
src/remote/remote_driver.c
View File

@ -4427,7 +4427,7 @@ remoteConnectDomainEventRegister(virConnectPtr conn,
remoteDriverLock(priv); remoteDriverLock(priv);
if ((count = virDomainEventStateRegister(conn, priv->eventState, NULL, if ((count = virDomainEventStateRegister(conn, priv->eventState,
callback, opaque, freecb)) < 0) callback, opaque, freecb)) < 0)
goto done; goto done;
@ -5245,7 +5245,7 @@ remoteConnectDomainEventRegisterAny(virConnectPtr conn,
remoteDriverLock(priv); remoteDriverLock(priv);
if ((count = virDomainEventStateRegisterID(conn, priv->eventState, NULL, if ((count = virDomainEventStateRegisterID(conn, priv->eventState,
dom, eventID, dom, eventID,
callback, opaque, freecb, callback, opaque, freecb,
&callbackID)) < 0) &callbackID)) < 0)

6
src/test/test_driver.c
View File

@ -6145,7 +6145,7 @@ testConnectDomainEventRegister(virConnectPtr conn,
int ret = 0; int ret = 0;
testDriverLock(driver); testDriverLock(driver);
if (virDomainEventStateRegister(conn, driver->eventState, NULL, if (virDomainEventStateRegister(conn, driver->eventState,
callback, opaque, freecb) < 0) callback, opaque, freecb) < 0)
ret = -1; ret = -1;
testDriverUnlock(driver); testDriverUnlock(driver);
@ -6183,7 +6183,7 @@ testConnectDomainEventRegisterAny(virConnectPtr conn,
int ret; int ret;
testDriverLock(driver); testDriverLock(driver);
if (virDomainEventStateRegisterID(conn, driver->eventState, NULL, if (virDomainEventStateRegisterID(conn, driver->eventState,
dom, eventID, dom, eventID,
callback, opaque, freecb, &ret) < 0) callback, opaque, freecb, &ret) < 0)
ret = -1; ret = -1;
@ -6221,7 +6221,7 @@ testConnectNetworkEventRegisterAny(virConnectPtr conn,
int ret; int ret;
testDriverLock(driver); testDriverLock(driver);
if (virNetworkEventStateRegisterID(conn, driver->eventState, NULL, if (virNetworkEventStateRegisterID(conn, driver->eventState,
net, eventID, callback, net, eventID, callback,
opaque, freecb, &ret) < 0) opaque, freecb, &ret) < 0)
ret = -1; ret = -1;

2
src/uml/uml_driver.c
View File

@ -2621,7 +2621,6 @@ umlConnectDomainEventRegister(virConnectPtr conn,
umlDriverLock(driver); umlDriverLock(driver);
if (virDomainEventStateRegister(conn, if (virDomainEventStateRegister(conn,
driver->domainEventState, driver->domainEventState,
virConnectDomainEventRegisterCheckACL,
callback, opaque, freecb) < 0) callback, opaque, freecb) < 0)
ret = -1; ret = -1;
umlDriverUnlock(driver); umlDriverUnlock(driver);
@ -2666,7 +2665,6 @@ umlConnectDomainEventRegisterAny(virConnectPtr conn,
umlDriverLock(driver); umlDriverLock(driver);
if (virDomainEventStateRegisterID(conn, if (virDomainEventStateRegisterID(conn,
driver->domainEventState, driver->domainEventState,
virConnectDomainEventRegisterAnyCheckACL,
dom, eventID, dom, eventID,
callback, opaque, freecb, &ret) < 0) callback, opaque, freecb, &ret) < 0)
ret = -1; ret = -1;

4
src/vbox/vbox_tmpl.c
View File

@ -7332,7 +7332,7 @@ vboxConnectDomainEventRegister(virConnectPtr conn,
* later you can iterate over them * later you can iterate over them
*/ */
ret = virDomainEventStateRegister(conn, data->domainEvents, NULL, ret = virDomainEventStateRegister(conn, data->domainEvents,
callback, opaque, freecb); callback, opaque, freecb);
VIR_DEBUG("virObjectEventStateRegister (ret = %d) (conn: %p, " VIR_DEBUG("virObjectEventStateRegister (ret = %d) (conn: %p, "
"callback: %p, opaque: %p, " "callback: %p, opaque: %p, "
@ -7429,7 +7429,7 @@ static int vboxConnectDomainEventRegisterAny(virConnectPtr conn,
* later you can iterate over them * later you can iterate over them
*/ */
if (virDomainEventStateRegisterID(conn, data->domainEvents, NULL, if (virDomainEventStateRegisterID(conn, data->domainEvents,
dom, eventID, dom, eventID,
callback, opaque, freecb, &ret) < 0) callback, opaque, freecb, &ret) < 0)
ret = -1; ret = -1;

2
src/xen/xen_driver.c
View File

@ -2323,7 +2323,6 @@ xenUnifiedConnectDomainEventRegister(virConnectPtr conn,
} }
if (virDomainEventStateRegister(conn, priv->domainEvents, if (virDomainEventStateRegister(conn, priv->domainEvents,
virConnectDomainEventRegisterCheckACL,
callback, opaque, freefunc) < 0) callback, opaque, freefunc) < 0)
ret = -1; ret = -1;
@ -2383,7 +2382,6 @@ xenUnifiedConnectDomainEventRegisterAny(virConnectPtr conn,
} }
if (virDomainEventStateRegisterID(conn, priv->domainEvents, if (virDomainEventStateRegisterID(conn, priv->domainEvents,
virConnectDomainEventRegisterAnyCheckACL,
dom, eventID, dom, eventID,
callback, opaque, freefunc, &ret) < 0) callback, opaque, freefunc, &ret) < 0)
ret = -1; ret = -1;