mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2024-10-30 18:03:32 +00:00
interface: allow opening with interface:///system and interface:///session URIs
Allow the possibility of opening a connection to only the interface driver, by defining interface:///system and interface:///session URIs and registering a fake hypervisor driver that supports them. The hypervisor drivers can now directly open a interface driver connection at time of need, instead of having to pass around a virConnectPtr through many functions. This will facilitate the later change to support separate daemons for each driver. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
This commit is contained in:
parent
1292de7ef1
commit
3bd64d3306
@ -46,6 +46,7 @@ typedef struct
|
|||||||
{
|
{
|
||||||
virObjectLockable parent;
|
virObjectLockable parent;
|
||||||
struct netcf *netcf;
|
struct netcf *netcf;
|
||||||
|
bool privileged;
|
||||||
} virNetcfDriverState, *virNetcfDriverStatePtr;
|
} virNetcfDriverState, *virNetcfDriverStatePtr;
|
||||||
|
|
||||||
static virClassPtr virNetcfDriverStateClass;
|
static virClassPtr virNetcfDriverStateClass;
|
||||||
@ -78,7 +79,7 @@ virNetcfDriverStateDispose(void *obj)
|
|||||||
|
|
||||||
|
|
||||||
static int
|
static int
|
||||||
netcfStateInitialize(bool privileged ATTRIBUTE_UNUSED,
|
netcfStateInitialize(bool privileged,
|
||||||
virStateInhibitCallback callback ATTRIBUTE_UNUSED,
|
virStateInhibitCallback callback ATTRIBUTE_UNUSED,
|
||||||
void *opaque ATTRIBUTE_UNUSED)
|
void *opaque ATTRIBUTE_UNUSED)
|
||||||
{
|
{
|
||||||
@ -88,6 +89,8 @@ netcfStateInitialize(bool privileged ATTRIBUTE_UNUSED,
|
|||||||
if (!(driver = virObjectLockableNew(virNetcfDriverStateClass)))
|
if (!(driver = virObjectLockableNew(virNetcfDriverStateClass)))
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
|
driver->privileged = privileged;
|
||||||
|
|
||||||
/* open netcf */
|
/* open netcf */
|
||||||
if (ncf_init(&driver->netcf, NULL) != 0) {
|
if (ncf_init(&driver->netcf, NULL) != 0) {
|
||||||
virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
|
||||||
@ -148,6 +151,81 @@ netcfStateReload(void)
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
static virDrvOpenStatus
|
||||||
|
netcfConnectOpen(virConnectPtr conn,
|
||||||
|
virConnectAuthPtr auth ATTRIBUTE_UNUSED,
|
||||||
|
virConfPtr conf ATTRIBUTE_UNUSED,
|
||||||
|
unsigned int flags)
|
||||||
|
{
|
||||||
|
virCheckFlags(VIR_CONNECT_RO, VIR_DRV_OPEN_ERROR);
|
||||||
|
|
||||||
|
/* Verify uri was specified */
|
||||||
|
if (conn->uri == NULL) {
|
||||||
|
/* Only hypervisor drivers are permitted to auto-open on NULL uri */
|
||||||
|
return VIR_DRV_OPEN_DECLINED;
|
||||||
|
} else {
|
||||||
|
if (STRNEQ_NULLABLE(conn->uri->scheme, "interface"))
|
||||||
|
return VIR_DRV_OPEN_DECLINED;
|
||||||
|
|
||||||
|
/* Leave for remote driver */
|
||||||
|
if (conn->uri->server != NULL)
|
||||||
|
return VIR_DRV_OPEN_DECLINED;
|
||||||
|
|
||||||
|
if (driver == NULL) {
|
||||||
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
|
||||||
|
_("interface state driver is not active"));
|
||||||
|
return VIR_DRV_OPEN_ERROR;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (driver->privileged) {
|
||||||
|
if (STRNEQ(conn->uri->path, "/system")) {
|
||||||
|
virReportError(VIR_ERR_INTERNAL_ERROR,
|
||||||
|
_("unexpected interface URI path '%s', try interface:///system"),
|
||||||
|
conn->uri->path);
|
||||||
|
return VIR_DRV_OPEN_ERROR;
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
if (STRNEQ(conn->uri->path, "/session")) {
|
||||||
|
virReportError(VIR_ERR_INTERNAL_ERROR,
|
||||||
|
_("unexpected interface URI path '%s', try interface:///session"),
|
||||||
|
conn->uri->path);
|
||||||
|
return VIR_DRV_OPEN_ERROR;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (virConnectOpenEnsureACL(conn) < 0)
|
||||||
|
return VIR_DRV_OPEN_ERROR;
|
||||||
|
|
||||||
|
return VIR_DRV_OPEN_SUCCESS;
|
||||||
|
}
|
||||||
|
|
||||||
|
static int netcfConnectClose(virConnectPtr conn ATTRIBUTE_UNUSED)
|
||||||
|
{
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
static int netcfConnectIsSecure(virConnectPtr conn ATTRIBUTE_UNUSED)
|
||||||
|
{
|
||||||
|
/* Trivially secure, since always inside the daemon */
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
static int netcfConnectIsEncrypted(virConnectPtr conn ATTRIBUTE_UNUSED)
|
||||||
|
{
|
||||||
|
/* Not encrypted, but remote driver takes care of that */
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
static int netcfConnectIsAlive(virConnectPtr conn ATTRIBUTE_UNUSED)
|
||||||
|
{
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Get a minimal virInterfaceDef containing enough metadata
|
* Get a minimal virInterfaceDef containing enough metadata
|
||||||
* for access control checks to be performed. Currently
|
* for access control checks to be performed. Currently
|
||||||
@ -1134,6 +1212,23 @@ static virInterfaceDriver interfaceDriver = {
|
|||||||
#endif /* HAVE_NETCF_TRANSACTIONS */
|
#endif /* HAVE_NETCF_TRANSACTIONS */
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
|
static virHypervisorDriver interfaceHypervisorDriver = {
|
||||||
|
.name = "interface",
|
||||||
|
.connectOpen = netcfConnectOpen, /* 4.1.0 */
|
||||||
|
.connectClose = netcfConnectClose, /* 4.1.0 */
|
||||||
|
.connectIsEncrypted = netcfConnectIsEncrypted, /* 4.1.0 */
|
||||||
|
.connectIsSecure = netcfConnectIsSecure, /* 4.1.0 */
|
||||||
|
.connectIsAlive = netcfConnectIsAlive, /* 4.1.0 */
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
|
static virConnectDriver interfaceConnectDriver = {
|
||||||
|
.hypervisorDriver = &interfaceHypervisorDriver,
|
||||||
|
.interfaceDriver = &interfaceDriver,
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
static virStateDriver interfaceStateDriver = {
|
static virStateDriver interfaceStateDriver = {
|
||||||
.name = INTERFACE_DRIVER_NAME,
|
.name = INTERFACE_DRIVER_NAME,
|
||||||
.stateInitialize = netcfStateInitialize,
|
.stateInitialize = netcfStateInitialize,
|
||||||
@ -1143,6 +1238,8 @@ static virStateDriver interfaceStateDriver = {
|
|||||||
|
|
||||||
int netcfIfaceRegister(void)
|
int netcfIfaceRegister(void)
|
||||||
{
|
{
|
||||||
|
if (virRegisterConnectDriver(&interfaceConnectDriver, false) < 0)
|
||||||
|
return -1;
|
||||||
if (virSetSharedInterfaceDriver(&interfaceDriver) < 0)
|
if (virSetSharedInterfaceDriver(&interfaceDriver) < 0)
|
||||||
return -1;
|
return -1;
|
||||||
if (virRegisterStateDriver(&interfaceStateDriver) < 0)
|
if (virRegisterStateDriver(&interfaceStateDriver) < 0)
|
||||||
|
@ -41,6 +41,7 @@
|
|||||||
|
|
||||||
struct udev_iface_driver {
|
struct udev_iface_driver {
|
||||||
struct udev *udev;
|
struct udev *udev;
|
||||||
|
bool privileged;
|
||||||
};
|
};
|
||||||
|
|
||||||
typedef enum {
|
typedef enum {
|
||||||
@ -1158,7 +1159,7 @@ udevInterfaceIsActive(virInterfacePtr ifinfo)
|
|||||||
|
|
||||||
|
|
||||||
static int
|
static int
|
||||||
udevStateInitialize(bool privileged ATTRIBUTE_UNUSED,
|
udevStateInitialize(bool privileged,
|
||||||
virStateInhibitCallback callback ATTRIBUTE_UNUSED,
|
virStateInhibitCallback callback ATTRIBUTE_UNUSED,
|
||||||
void *opaque ATTRIBUTE_UNUSED)
|
void *opaque ATTRIBUTE_UNUSED)
|
||||||
{
|
{
|
||||||
@ -1173,6 +1174,7 @@ udevStateInitialize(bool privileged ATTRIBUTE_UNUSED,
|
|||||||
_("failed to create udev context"));
|
_("failed to create udev context"));
|
||||||
goto cleanup;
|
goto cleanup;
|
||||||
}
|
}
|
||||||
|
driver->privileged = privileged;
|
||||||
|
|
||||||
ret = 0;
|
ret = 0;
|
||||||
|
|
||||||
@ -1193,6 +1195,81 @@ udevStateCleanup(void)
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
static virDrvOpenStatus
|
||||||
|
udevConnectOpen(virConnectPtr conn,
|
||||||
|
virConnectAuthPtr auth ATTRIBUTE_UNUSED,
|
||||||
|
virConfPtr conf ATTRIBUTE_UNUSED,
|
||||||
|
unsigned int flags)
|
||||||
|
{
|
||||||
|
virCheckFlags(VIR_CONNECT_RO, VIR_DRV_OPEN_ERROR);
|
||||||
|
|
||||||
|
/* Verify uri was specified */
|
||||||
|
if (conn->uri == NULL) {
|
||||||
|
/* Only hypervisor drivers are permitted to auto-open on NULL uri */
|
||||||
|
return VIR_DRV_OPEN_DECLINED;
|
||||||
|
} else {
|
||||||
|
if (STRNEQ_NULLABLE(conn->uri->scheme, "interface"))
|
||||||
|
return VIR_DRV_OPEN_DECLINED;
|
||||||
|
|
||||||
|
/* Leave for remote driver */
|
||||||
|
if (conn->uri->server != NULL)
|
||||||
|
return VIR_DRV_OPEN_DECLINED;
|
||||||
|
|
||||||
|
if (driver == NULL) {
|
||||||
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
|
||||||
|
_("interface state driver is not active"));
|
||||||
|
return VIR_DRV_OPEN_ERROR;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (driver->privileged) {
|
||||||
|
if (STRNEQ(conn->uri->path, "/system")) {
|
||||||
|
virReportError(VIR_ERR_INTERNAL_ERROR,
|
||||||
|
_("unexpected interface URI path '%s', try interface:///system"),
|
||||||
|
conn->uri->path);
|
||||||
|
return VIR_DRV_OPEN_ERROR;
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
if (STRNEQ(conn->uri->path, "/session")) {
|
||||||
|
virReportError(VIR_ERR_INTERNAL_ERROR,
|
||||||
|
_("unexpected interface URI path '%s', try interface:///session"),
|
||||||
|
conn->uri->path);
|
||||||
|
return VIR_DRV_OPEN_ERROR;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (virConnectOpenEnsureACL(conn) < 0)
|
||||||
|
return VIR_DRV_OPEN_ERROR;
|
||||||
|
|
||||||
|
return VIR_DRV_OPEN_SUCCESS;
|
||||||
|
}
|
||||||
|
|
||||||
|
static int udevConnectClose(virConnectPtr conn ATTRIBUTE_UNUSED)
|
||||||
|
{
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
static int udevConnectIsSecure(virConnectPtr conn ATTRIBUTE_UNUSED)
|
||||||
|
{
|
||||||
|
/* Trivially secure, since always inside the daemon */
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
static int udevConnectIsEncrypted(virConnectPtr conn ATTRIBUTE_UNUSED)
|
||||||
|
{
|
||||||
|
/* Not encrypted, but remote driver takes care of that */
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
static int udevConnectIsAlive(virConnectPtr conn ATTRIBUTE_UNUSED)
|
||||||
|
{
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
static virInterfaceDriver udevIfaceDriver = {
|
static virInterfaceDriver udevIfaceDriver = {
|
||||||
.name = "udev",
|
.name = "udev",
|
||||||
.connectNumOfInterfaces = udevConnectNumOfInterfaces, /* 1.0.0 */
|
.connectNumOfInterfaces = udevConnectNumOfInterfaces, /* 1.0.0 */
|
||||||
@ -1206,6 +1283,23 @@ static virInterfaceDriver udevIfaceDriver = {
|
|||||||
.interfaceGetXMLDesc = udevInterfaceGetXMLDesc, /* 1.0.0 */
|
.interfaceGetXMLDesc = udevInterfaceGetXMLDesc, /* 1.0.0 */
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
|
static virHypervisorDriver udevHypervisorDriver = {
|
||||||
|
.name = "interface",
|
||||||
|
.connectOpen = udevConnectOpen, /* 4.1.0 */
|
||||||
|
.connectClose = udevConnectClose, /* 4.1.0 */
|
||||||
|
.connectIsEncrypted = udevConnectIsEncrypted, /* 4.1.0 */
|
||||||
|
.connectIsSecure = udevConnectIsSecure, /* 4.1.0 */
|
||||||
|
.connectIsAlive = udevConnectIsAlive, /* 4.1.0 */
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
|
static virConnectDriver udevConnectDriver = {
|
||||||
|
.hypervisorDriver = &udevHypervisorDriver,
|
||||||
|
.interfaceDriver = &udevIfaceDriver,
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
static virStateDriver interfaceStateDriver = {
|
static virStateDriver interfaceStateDriver = {
|
||||||
.name = "udev",
|
.name = "udev",
|
||||||
.stateInitialize = udevStateInitialize,
|
.stateInitialize = udevStateInitialize,
|
||||||
@ -1215,6 +1309,8 @@ static virStateDriver interfaceStateDriver = {
|
|||||||
int
|
int
|
||||||
udevIfaceRegister(void)
|
udevIfaceRegister(void)
|
||||||
{
|
{
|
||||||
|
if (virRegisterConnectDriver(&udevConnectDriver, false) < 0)
|
||||||
|
return -1;
|
||||||
if (virSetSharedInterfaceDriver(&udevIfaceDriver) < 0) {
|
if (virSetSharedInterfaceDriver(&udevIfaceDriver) < 0) {
|
||||||
virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
|
||||||
_("failed to register udev interface driver"));
|
_("failed to register udev interface driver"));
|
||||||
|
Loading…
Reference in New Issue
Block a user