External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2025-01-23 13:05:27 +00:00
Code Issues Packages Projects Releases Wiki Activity

Convert Xen domain stats/peek driver methods to use virDomainDefPtr

Browse Source 
Introduce use of a virDomainDefPtr in the domain stats &
peek APIs to simplify introduction of ACL security checks.
The virDomainPtr cannot be safely used, since the app
may have supplied mis-matching name/uuid/id fields. eg
the name points to domain X, while the uuid points to
domain Y. Resolving the virDomainPtr to a virDomainDefPtr
ensures a consistent name/uuid/id set.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
This commit is contained in:
Daniel P. Berrange 2013-05-02 11:24:49 +01:00
parent f6e95ac0d9
commit 89d819f285
9 changed files with 77 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/xen/block_stats.c
View File

@ -359,16 +359,16 @@ xenLinuxDomainDeviceID(int domid, const char *path)
int int
xenLinuxDomainBlockStats(xenUnifiedPrivatePtr priv, xenLinuxDomainBlockStats(xenUnifiedPrivatePtr priv,
virDomainPtr dom, virDomainDefPtr def,
const char *path, const char *path,
struct _virDomainBlockStats *stats) struct _virDomainBlockStats *stats)
{ {
int device = xenLinuxDomainDeviceID(dom->id, path); int device = xenLinuxDomainDeviceID(def->id, path);
if (device < 0) if (device < 0)
return -1; return -1;
return read_bd_stats(priv, device, dom->id, stats); return read_bd_stats(priv, device, def->id, stats);
} }
#endif /* __linux__ */ #endif /* __linux__ */

2
src/xen/block_stats.h
View File

@ -28,7 +28,7 @@
# include "xen_driver.h" # include "xen_driver.h"
extern int xenLinuxDomainBlockStats (xenUnifiedPrivatePtr priv, extern int xenLinuxDomainBlockStats (xenUnifiedPrivatePtr priv,
virDomainPtr dom, const char *path, virDomainDefPtr def, const char *path,
struct _virDomainBlockStats *stats); struct _virDomainBlockStats *stats);
extern int xenLinuxDomainDeviceID(int domid, const char *dev); extern int xenLinuxDomainDeviceID(int domid, const char *dev);

37
src/xen/xen_driver.c
View File

@ -1955,14 +1955,34 @@ static int
xenUnifiedDomainBlockStats(virDomainPtr dom, const char *path, xenUnifiedDomainBlockStats(virDomainPtr dom, const char *path,
struct _virDomainBlockStats *stats) struct _virDomainBlockStats *stats)
{ {
return xenHypervisorDomainBlockStats(dom, path, stats); virDomainDefPtr def = NULL;
int ret = -1;
if (!(def = xenGetDomainDefForDom(dom)))
goto cleanup;
ret = xenHypervisorDomainBlockStats(dom->conn, def, path, stats);
cleanup:
virDomainDefFree(def);
return ret;
} }
static int static int
xenUnifiedDomainInterfaceStats(virDomainPtr dom, const char *path, xenUnifiedDomainInterfaceStats(virDomainPtr dom, const char *path,
struct _virDomainInterfaceStats *stats) struct _virDomainInterfaceStats *stats)
{ {
return xenHypervisorDomainInterfaceStats(dom, path, stats); virDomainDefPtr def = NULL;
int ret = -1;
if (!(def = xenGetDomainDefForDom(dom)))
goto cleanup;
ret = xenHypervisorDomainInterfaceStats(def, path, stats);
cleanup:
virDomainDefFree(def);
return ret;
} }
static int static int
@ -1971,13 +1991,22 @@ xenUnifiedDomainBlockPeek(virDomainPtr dom, const char *path,
void *buffer, unsigned int flags) void *buffer, unsigned int flags)
{ {
xenUnifiedPrivatePtr priv = dom->conn->privateData; xenUnifiedPrivatePtr priv = dom->conn->privateData;
virDomainDefPtr def = NULL;
int ret = -1;
virCheckFlags(0, -1); virCheckFlags(0, -1);
if (!(def = xenGetDomainDefForDom(dom)))
goto cleanup;
if (dom->id < 0 && priv->xendConfigVersion < XEND_CONFIG_VERSION_3_0_4) if (dom->id < 0 && priv->xendConfigVersion < XEND_CONFIG_VERSION_3_0_4)
return xenXMDomainBlockPeek(dom, path, offset, size, buffer); ret = xenXMDomainBlockPeek(dom->conn, def, path, offset, size, buffer);
else else
return xenDaemonDomainBlockPeek(dom, path, offset, size, buffer); ret = xenDaemonDomainBlockPeek(dom->conn, def, path, offset, size, buffer);
cleanup:
virDomainDefFree(def);
return ret;
} }
static int static int

11
src/xen/xen_hypervisor.c
View File

@ -1370,17 +1370,18 @@ xenHypervisorSetSchedulerParameters(virConnectPtr conn,
int int
xenHypervisorDomainBlockStats(virDomainPtr dom, xenHypervisorDomainBlockStats(virConnectPtr conn,
virDomainDefPtr def,
const char *path, const char *path,
struct _virDomainBlockStats *stats) struct _virDomainBlockStats *stats)
{ {
#ifdef __linux__ #ifdef __linux__
xenUnifiedPrivatePtr priv = dom->conn->privateData; xenUnifiedPrivatePtr priv = conn->privateData;
int ret; int ret;
xenUnifiedLock(priv); xenUnifiedLock(priv);
/* Need to lock because it hits the xenstore handle :-( */ /* Need to lock because it hits the xenstore handle :-( */
ret = xenLinuxDomainBlockStats(priv, dom, path, stats); ret = xenLinuxDomainBlockStats(priv, def, path, stats);
xenUnifiedUnlock(priv); xenUnifiedUnlock(priv);
return ret; return ret;
#else #else
@ -1398,7 +1399,7 @@ xenHypervisorDomainBlockStats(virDomainPtr dom,
* virNetwork interface, as yet not decided. * virNetwork interface, as yet not decided.
*/ */
int int
xenHypervisorDomainInterfaceStats(virDomainPtr dom, xenHypervisorDomainInterfaceStats(virDomainDefPtr def,
const char *path, const char *path,
struct _virDomainInterfaceStats *stats) struct _virDomainInterfaceStats *stats)
{ {
@ -1413,7 +1414,7 @@ xenHypervisorDomainInterfaceStats(virDomainPtr dom,
_("invalid path, should be vif<domid>.<n>.")); _("invalid path, should be vif<domid>.<n>."));
return -1; return -1;
} }
if (rqdomid != dom->id) { if (rqdomid != def->id) {
virReportError(VIR_ERR_INVALID_ARG, "%s", virReportError(VIR_ERR_INVALID_ARG, "%s",
_("invalid path, vif<domid> should match this domain ID")); _("invalid path, vif<domid> should match this domain ID"));
return -1; return -1;

9
src/xen/xen_hypervisor.h
View File

@ -122,13 +122,14 @@ int xenHypervisorSetSchedulerParameters(virConnectPtr conn,
int nparams) int nparams)
ATTRIBUTE_NONNULL (1); ATTRIBUTE_NONNULL (1);
int xenHypervisorDomainBlockStats (virDomainPtr domain, int xenHypervisorDomainBlockStats (virConnectPtr conn,
virDomainDefPtr def,
const char *path, const char *path,
struct _virDomainBlockStats *stats) struct _virDomainBlockStats *stats)
ATTRIBUTE_NONNULL (1); ATTRIBUTE_NONNULL (1);
int xenHypervisorDomainInterfaceStats (virDomainPtr domain, int xenHypervisorDomainInterfaceStats (virDomainDefPtr def,
const char *path, const char *path,
struct _virDomainInterfaceStats *stats) struct _virDomainInterfaceStats *stats)
ATTRIBUTE_NONNULL (1); ATTRIBUTE_NONNULL (1);
int xenHypervisorNodeGetCellsFreeMemory(virConnectPtr conn, int xenHypervisorNodeGetCellsFreeMemory(virConnectPtr conn,

27
src/xen/xend_internal.c
View File

@ -3256,7 +3256,8 @@ error:
/** /**
* xenDaemonDomainBlockPeek: * xenDaemonDomainBlockPeek:
* @domain: domain object * @conn: the hypervisor connection
* @minidef: minimal domain configuration
* @path: path to the file or device * @path: path to the file or device
* @offset: offset * @offset: offset
* @size: size * @size: size
@ -3265,13 +3266,14 @@ error:
* Returns 0 if successful, -1 if error * Returns 0 if successful, -1 if error
*/ */
int int
xenDaemonDomainBlockPeek(virDomainPtr domain, xenDaemonDomainBlockPeek(virConnectPtr conn,
virDomainDefPtr minidef,
const char *path, const char *path,
unsigned long long offset, unsigned long long offset,
size_t size, size_t size,
void *buffer) void *buffer)
{ {
xenUnifiedPrivatePtr priv = domain->conn->privateData; xenUnifiedPrivatePtr priv = conn->privateData;
struct sexpr *root = NULL; struct sexpr *root = NULL;
int fd = -1, ret = -1; int fd = -1, ret = -1;
virDomainDefPtr def; virDomainDefPtr def;
@ -3281,12 +3283,12 @@ xenDaemonDomainBlockPeek(virDomainPtr domain,
const char *actual; const char *actual;
/* Security check: The path must correspond to a block device. */ /* Security check: The path must correspond to a block device. */
if (domain->id > 0) if (minidef->id > 0)
root = sexpr_get(domain->conn, "/xend/domain/%d?detail=1", root = sexpr_get(conn, "/xend/domain/%d?detail=1",
domain->id); minidef->id);
else if (domain->id < 0) else if (minidef->id < 0)
root = sexpr_get(domain->conn, "/xend/domain/%s?detail=1", root = sexpr_get(conn, "/xend/domain/%s?detail=1",
domain->name); minidef->name);
else { else {
/* This call always fails for dom0. */ /* This call always fails for dom0. */
virReportError(VIR_ERR_OPERATION_INVALID, virReportError(VIR_ERR_OPERATION_INVALID,
@ -3301,8 +3303,8 @@ xenDaemonDomainBlockPeek(virDomainPtr domain,
id = xenGetDomIdFromSxpr(root, priv->xendConfigVersion); id = xenGetDomIdFromSxpr(root, priv->xendConfigVersion);
xenUnifiedLock(priv); xenUnifiedLock(priv);
tty = xenStoreDomainGetConsolePath(domain->conn, id); tty = xenStoreDomainGetConsolePath(conn, id);
vncport = xenStoreDomainGetVNCPort(domain->conn, id); vncport = xenStoreDomainGetVNCPort(conn, id);
xenUnifiedUnlock(priv); xenUnifiedUnlock(priv);
if (!(def = xenParseSxpr(root, priv->xendConfigVersion, NULL, tty, if (!(def = xenParseSxpr(root, priv->xendConfigVersion, NULL, tty,
@ -3348,7 +3350,8 @@ xenDaemonDomainBlockPeek(virDomainPtr domain,
/** /**
* virDomainXMLDevID: * virDomainXMLDevID:
* @domain: pointer to domain object * @conn: the hypervisor connection
* @minidef: minimal domain configuration
* @dev: pointer to device config object * @dev: pointer to device config object
* @class: Xen device class "vbd" or "vif" (OUT) * @class: Xen device class "vbd" or "vif" (OUT)
* @ref: Xen device reference (OUT) * @ref: Xen device reference (OUT)

7
src/xen/xend_internal.h
View File

@ -194,7 +194,12 @@ int xenDaemonDomainMigratePerform (virConnectPtr conn,
const char *uri, unsigned long flags, const char *uri, unsigned long flags,
const char *dname, unsigned long resource); const char *dname, unsigned long resource);
int xenDaemonDomainBlockPeek (virDomainPtr domain, const char *path, unsigned long long offset, size_t size, void *buffer); int xenDaemonDomainBlockPeek(virConnectPtr conn,
virDomainDefPtr def,
const char *path,
unsigned long long offset,
size_t size,
void *buffer);
char * xenDaemonGetSchedulerType(virConnectPtr conn, char * xenDaemonGetSchedulerType(virConnectPtr conn,
int *nparams); int *nparams);

3
src/xen/xm_internal.c
View File

@ -1410,7 +1410,8 @@ xenXMDomainDetachDeviceFlags(virConnectPtr conn,
} }
int int
xenXMDomainBlockPeek(virDomainPtr dom ATTRIBUTE_UNUSED, xenXMDomainBlockPeek(virConnectPtr conn ATTRIBUTE_UNUSED,
virDomainDefPtr def ATTRIBUTE_UNUSED,
const char *path ATTRIBUTE_UNUSED, const char *path ATTRIBUTE_UNUSED,
unsigned long long offset ATTRIBUTE_UNUSED, unsigned long long offset ATTRIBUTE_UNUSED,
size_t size ATTRIBUTE_UNUSED, size_t size ATTRIBUTE_UNUSED,

7
src/xen/xm_internal.h
View File

@ -80,7 +80,12 @@ int xenXMDomainCreate(virConnectPtr conn,
int xenXMDomainDefineXML(virConnectPtr con, virDomainDefPtr def); int xenXMDomainDefineXML(virConnectPtr con, virDomainDefPtr def);
int xenXMDomainUndefine(virConnectPtr conn, virDomainDefPtr def); int xenXMDomainUndefine(virConnectPtr conn, virDomainDefPtr def);
int xenXMDomainBlockPeek (virDomainPtr dom, const char *path, unsigned long long offset, size_t size, void *buffer); int xenXMDomainBlockPeek(virConnectPtr conn,
virDomainDefPtr def,
const char *path,
unsigned long long offset,
size_t size,
void *buffer);
int xenXMDomainGetAutostart(virDomainDefPtr def, int xenXMDomainGetAutostart(virDomainDefPtr def,
int *autostart); int *autostart);