From b955fca6299dce1b57c169e0002067ee1e0599f6 Mon Sep 17 00:00:00 2001
From: Michal Privoznik <mprivozn@redhat.com>
Date: Wed, 21 Aug 2019 11:47:56 +0200
Subject: [PATCH] qemu: Obtain @caps only after ACL check in
 qemuNodeGetSecurityModel
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Even though we are getting driver capabilities with
refresh=false (so that it is not expensive), we still should do
ACL check first because there is no point in bothering with the
capabilities if caller doesn't have permissions to call the API.
Also, this way the comment makes more sense.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
---
 src/qemu/qemu_driver.c | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index a9e8f660c7..96ec84bd1c 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -5934,14 +5934,12 @@ static int qemuNodeGetSecurityModel(virConnectPtr conn,
 
     memset(secmodel, 0, sizeof(*secmodel));
 
-    if (!(caps = virQEMUDriverGetCapabilities(driver, false)))
-        return 0;
-
     if (virNodeGetSecurityModelEnsureACL(conn) < 0)
         return 0;
 
     /* We treat no driver as success, but simply return no data in *secmodel */
-    if (caps->host.nsecModels == 0 ||
+    if (!(caps = virQEMUDriverGetCapabilities(driver, false)) ||
+        caps->host.nsecModels == 0 ||
         caps->host.secModels[0].model == NULL)
         return 0;