Convert Xen domain lifecycle driver methods to use virDomainDefPtr

Introduce use of a virDomainDefPtr in the domain lifecycle
APIs to simplify introduction of ACL security checks.
The virDomainPtr cannot be safely used, since the app
may have supplied mis-matching name/uuid/id fields. eg
the name points to domain X, while the uuid points to
domain Y. Resolving the virDomainPtr to a virDomainDefPtr
ensures a consistent name/uuid/id set.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
This commit is contained in:
Daniel P. Berrange 2013-05-01 10:54:30 +01:00
parent 5ed5783bc7
commit f547c520bf
4 changed files with 103 additions and 42 deletions

View File

@ -136,6 +136,13 @@ static virDomainDefPtr xenGetDomainDefForUUID(virConnectPtr conn, const unsigned
} }
static virDomainDefPtr xenGetDomainDefForDom(virDomainPtr dom)
{
/* UUID lookup is more efficient than name lookup */
return xenGetDomainDefForUUID(dom->conn, dom->uuid);
}
/** /**
* xenNumaInit: * xenNumaInit:
* @conn: pointer to the hypervisor connection * @conn: pointer to the hypervisor connection
@ -779,22 +786,52 @@ xenUnifiedDomainIsUpdated(virDomainPtr dom ATTRIBUTE_UNUSED)
static int static int
xenUnifiedDomainSuspend(virDomainPtr dom) xenUnifiedDomainSuspend(virDomainPtr dom)
{ {
return xenDaemonDomainSuspend(dom); int ret = -1;
virDomainDefPtr def;
if (!(def = xenGetDomainDefForDom(dom)))
goto cleanup;
ret = xenDaemonDomainSuspend(dom->conn, def);
cleanup:
virDomainDefFree(def);
return ret;
} }
static int static int
xenUnifiedDomainResume(virDomainPtr dom) xenUnifiedDomainResume(virDomainPtr dom)
{ {
return xenDaemonDomainResume(dom); int ret = -1;
virDomainDefPtr def;
if (!(def = xenGetDomainDefForDom(dom)))
goto cleanup;
ret = xenDaemonDomainResume(dom->conn, def);
cleanup:
virDomainDefFree(def);
return ret;
} }
static int static int
xenUnifiedDomainShutdownFlags(virDomainPtr dom, xenUnifiedDomainShutdownFlags(virDomainPtr dom,
unsigned int flags) unsigned int flags)
{ {
int ret = -1;
virDomainDefPtr def;
virCheckFlags(0, -1); virCheckFlags(0, -1);
return xenDaemonDomainShutdown(dom); if (!(def = xenGetDomainDefForDom(dom)))
goto cleanup;
ret = xenDaemonDomainShutdown(dom->conn, def);
cleanup:
virDomainDefFree(def);
return ret;
} }
static int static int
@ -806,18 +843,38 @@ xenUnifiedDomainShutdown(virDomainPtr dom)
static int static int
xenUnifiedDomainReboot(virDomainPtr dom, unsigned int flags) xenUnifiedDomainReboot(virDomainPtr dom, unsigned int flags)
{ {
int ret = -1;
virDomainDefPtr def;
virCheckFlags(0, -1); virCheckFlags(0, -1);
return xenDaemonDomainReboot(dom); if (!(def = xenGetDomainDefForDom(dom)))
goto cleanup;
ret = xenDaemonDomainReboot(dom->conn, def);
cleanup:
virDomainDefFree(def);
return ret;
} }
static int static int
xenUnifiedDomainDestroyFlags(virDomainPtr dom, xenUnifiedDomainDestroyFlags(virDomainPtr dom,
unsigned int flags) unsigned int flags)
{ {
int ret = -1;
virDomainDefPtr def;
virCheckFlags(0, -1); virCheckFlags(0, -1);
return xenDaemonDomainDestroy(dom); if (!(def = xenGetDomainDefForDom(dom)))
goto cleanup;
ret = xenDaemonDomainDestroy(dom->conn, def);
cleanup:
virDomainDefFree(def);
return ret;
} }
static int static int

View File

@ -1261,7 +1261,8 @@ xenDaemonClose(virConnectPtr conn ATTRIBUTE_UNUSED)
/** /**
* xenDaemonDomainSuspend: * xenDaemonDomainSuspend:
* @domain: pointer to the Domain block * @conn: the connection object
* @def: the domain to suspend
* *
* Pause the domain, the domain is not scheduled anymore though its resources * Pause the domain, the domain is not scheduled anymore though its resources
* are preserved. Use xenDaemonDomainResume() to resume execution. * are preserved. Use xenDaemonDomainResume() to resume execution.
@ -1269,41 +1270,42 @@ xenDaemonClose(virConnectPtr conn ATTRIBUTE_UNUSED)
* Returns 0 in case of success, -1 (with errno) in case of error. * Returns 0 in case of success, -1 (with errno) in case of error.
*/ */
int int
xenDaemonDomainSuspend(virDomainPtr domain) xenDaemonDomainSuspend(virConnectPtr conn, virDomainDefPtr def)
{ {
if (domain->id < 0) { if (def->id < 0) {
virReportError(VIR_ERR_OPERATION_INVALID, virReportError(VIR_ERR_OPERATION_INVALID,
_("Domain %s isn't running."), domain->name); _("Domain %s isn't running."), def->name);
return -1; return -1;
} }
return xend_op(domain->conn, domain->name, "op", "pause", NULL); return xend_op(conn, def->name, "op", "pause", NULL);
} }
/** /**
* xenDaemonDomainResume: * xenDaemonDomainResume:
* @xend: pointer to the Xen Daemon block * @conn: the connection object
* @name: name for the domain * @def: the domain to resume
* *
* Resume the domain after xenDaemonDomainSuspend() has been called * Resume the domain after xenDaemonDomainSuspend() has been called
* *
* Returns 0 in case of success, -1 (with errno) in case of error. * Returns 0 in case of success, -1 (with errno) in case of error.
*/ */
int int
xenDaemonDomainResume(virDomainPtr domain) xenDaemonDomainResume(virConnectPtr conn, virDomainDefPtr def)
{ {
if (domain->id < 0) { if (def->id < 0) {
virReportError(VIR_ERR_OPERATION_INVALID, virReportError(VIR_ERR_OPERATION_INVALID,
_("Domain %s isn't running."), domain->name); _("Domain %s isn't running."), def->name);
return -1; return -1;
} }
return xend_op(domain->conn, domain->name, "op", "unpause", NULL); return xend_op(conn, def->name, "op", "unpause", NULL);
} }
/** /**
* xenDaemonDomainShutdown: * xenDaemonDomainShutdown:
* @domain: pointer to the Domain block * @conn: the connection object
* @def: the domain to shutdown
* *
* Shutdown the domain, the OS is requested to properly shutdown * Shutdown the domain, the OS is requested to properly shutdown
* and the domain may ignore it. It will return immediately * and the domain may ignore it. It will return immediately
@ -1312,20 +1314,21 @@ xenDaemonDomainResume(virDomainPtr domain)
* Returns 0 in case of success, -1 (with errno) in case of error. * Returns 0 in case of success, -1 (with errno) in case of error.
*/ */
int int
xenDaemonDomainShutdown(virDomainPtr domain) xenDaemonDomainShutdown(virConnectPtr conn, virDomainDefPtr def)
{ {
if (domain->id < 0) { if (def->id < 0) {
virReportError(VIR_ERR_OPERATION_INVALID, virReportError(VIR_ERR_OPERATION_INVALID,
_("Domain %s isn't running."), domain->name); _("Domain %s isn't running."), def->name);
return -1; return -1;
} }
return xend_op(domain->conn, domain->name, "op", "shutdown", "reason", "poweroff", NULL); return xend_op(conn, def->name, "op", "shutdown", "reason", "poweroff", NULL);
} }
/** /**
* xenDaemonDomainReboot: * xenDaemonDomainReboot:
* @domain: pointer to the Domain block * @conn: the connection object
* @def: the domain to reboot
* *
* Reboot the domain, the OS is requested to properly shutdown * Reboot the domain, the OS is requested to properly shutdown
* and restart but the domain may ignore it. It will return immediately * and restart but the domain may ignore it. It will return immediately
@ -1334,20 +1337,21 @@ xenDaemonDomainShutdown(virDomainPtr domain)
* Returns 0 in case of success, -1 (with errno) in case of error. * Returns 0 in case of success, -1 (with errno) in case of error.
*/ */
int int
xenDaemonDomainReboot(virDomainPtr domain) xenDaemonDomainReboot(virConnectPtr conn, virDomainDefPtr def)
{ {
if (domain->id < 0) { if (def->id < 0) {
virReportError(VIR_ERR_OPERATION_INVALID, virReportError(VIR_ERR_OPERATION_INVALID,
_("Domain %s isn't running."), domain->name); _("Domain %s isn't running."), def->name);
return -1; return -1;
} }
return xend_op(domain->conn, domain->name, "op", "shutdown", "reason", "reboot", NULL); return xend_op(conn, def->name, "op", "shutdown", "reason", "reboot", NULL);
} }
/** /**
* xenDaemonDomainDestroy: * xenDaemonDomainDestroy:
* @domain: pointer to the Domain block * @conn: the connection object
* @def: the domain to destroy
* *
* Abruptly halt the domain, the OS is not properly shutdown and the * Abruptly halt the domain, the OS is not properly shutdown and the
* resources allocated for the domain are immediately freed, mounted * resources allocated for the domain are immediately freed, mounted
@ -1359,15 +1363,15 @@ xenDaemonDomainReboot(virDomainPtr domain)
* Returns 0 in case of success, -1 (with errno) in case of error. * Returns 0 in case of success, -1 (with errno) in case of error.
*/ */
int int
xenDaemonDomainDestroy(virDomainPtr domain) xenDaemonDomainDestroy(virConnectPtr conn, virDomainDefPtr def)
{ {
if (domain->id < 0) { if (def->id < 0) {
virReportError(VIR_ERR_OPERATION_INVALID, virReportError(VIR_ERR_OPERATION_INVALID,
_("Domain %s isn't running."), domain->name); _("Domain %s isn't running."), def->name);
return -1; return -1;
} }
return xend_op(domain->conn, domain->name, "op", "destroy", NULL); return xend_op(conn, def->name, "op", "destroy", NULL);
} }
/** /**
@ -2170,7 +2174,7 @@ xenDaemonCreateXML(virConnectPtr conn, const char *xmlDesc)
if (xend_wait_for_devices(conn, def->name) < 0) if (xend_wait_for_devices(conn, def->name) < 0)
goto error; goto error;
if (xenDaemonDomainResume(dom) < 0) if (xenDaemonDomainResume(conn, def) < 0)
goto error; goto error;
virDomainDefFree(def); virDomainDefFree(def);
@ -2179,7 +2183,7 @@ xenDaemonCreateXML(virConnectPtr conn, const char *xmlDesc)
error: error:
/* Make sure we don't leave a still-born domain around */ /* Make sure we don't leave a still-born domain around */
if (dom != NULL) { if (dom != NULL) {
xenDaemonDomainDestroy(dom); xenDaemonDomainDestroy(conn, def);
virObjectUnref(dom); virObjectUnref(dom);
} }
virDomainDefFree(def); virDomainDefFree(def);

View File

@ -94,11 +94,11 @@ int xenDaemonOpen(virConnectPtr conn, virConnectAuthPtr auth,
int xenDaemonClose(virConnectPtr conn); int xenDaemonClose(virConnectPtr conn);
int xenDaemonNodeGetInfo(virConnectPtr conn, virNodeInfoPtr info); int xenDaemonNodeGetInfo(virConnectPtr conn, virNodeInfoPtr info);
int xenDaemonNodeGetTopology(virConnectPtr conn, virCapsPtr caps); int xenDaemonNodeGetTopology(virConnectPtr conn, virCapsPtr caps);
int xenDaemonDomainSuspend(virDomainPtr domain); int xenDaemonDomainSuspend(virConnectPtr conn, virDomainDefPtr def);
int xenDaemonDomainResume(virDomainPtr domain); int xenDaemonDomainResume(virConnectPtr conn, virDomainDefPtr def);
int xenDaemonDomainShutdown(virDomainPtr domain); int xenDaemonDomainShutdown(virConnectPtr conn, virDomainDefPtr def);
int xenDaemonDomainReboot(virDomainPtr domain); int xenDaemonDomainReboot(virConnectPtr conn, virDomainDefPtr def);
int xenDaemonDomainDestroy(virDomainPtr domain); int xenDaemonDomainDestroy(virConnectPtr conn, virDomainDefPtr def);
int xenDaemonDomainSave(virDomainPtr domain, const char *filename); int xenDaemonDomainSave(virDomainPtr domain, const char *filename);
int xenDaemonDomainCoreDump(virDomainPtr domain, const char *filename, int xenDaemonDomainCoreDump(virDomainPtr domain, const char *filename,
unsigned int flags); unsigned int flags);

View File

@ -895,7 +895,7 @@ xenXMDomainCreate(virDomainPtr domain)
int ret = -1; int ret = -1;
xenUnifiedPrivatePtr priv= domain->conn->privateData; xenUnifiedPrivatePtr priv= domain->conn->privateData;
const char *filename; const char *filename;
xenXMConfCachePtr entry; xenXMConfCachePtr entry = NULL;
xenUnifiedLock(priv); xenUnifiedLock(priv);
@ -921,15 +921,15 @@ xenXMDomainCreate(virDomainPtr domain)
if (xend_wait_for_devices(domain->conn, domain->name) < 0) if (xend_wait_for_devices(domain->conn, domain->name) < 0)
goto error; goto error;
if (xenDaemonDomainResume(domain) < 0) if (xenDaemonDomainResume(domain->conn, entry->def) < 0)
goto error; goto error;
xenUnifiedUnlock(priv); xenUnifiedUnlock(priv);
return 0; return 0;
error: error:
if (domain->id != -1) { if (domain->id != -1 && entry) {
xenDaemonDomainDestroy(domain); xenDaemonDomainDestroy(domain->conn, entry->def);
domain->id = -1; domain->id = -1;
} }
xenUnifiedUnlock(priv); xenUnifiedUnlock(priv);