- 25 6月, 2013 15 次提交
-
-
由 Jiri Denemark 提交于
This patch implements extensible variants of all internal migration APIs used for v3 migration.
-
由 Jiri Denemark 提交于
To be used by new migration APIs with extensible set of parameters.
-
由 Jiri Denemark 提交于
-
由 Jiri Denemark 提交于
-
由 Jiri Denemark 提交于
All APIs that take typed parameters are only using params address in their entry point debug messages. With the new VIR_TYPED_PARAMS_DEBUG macro, all functions can easily log all individual typed parameters passed to them.
-
由 Jiri Denemark 提交于
-
由 Jiri Denemark 提交于
This API is useful for checking whether only a specific subset of supported typed parameters were passed.
-
由 Jiri Denemark 提交于
When unsupported parameter is passed to virTypedParamsValidate, VIR_ERR_ARGUMENT_UNSUPPORTED should be returned rather than VIR_ERR_INVALID_ARG, which is more appropriate for supported parameters used incorrectly.
-
由 Jiri Denemark 提交于
-
由 Jiri Denemark 提交于
-
由 Laine Stump 提交于
virPCIDeviceDetach would previously sometimes consume the input device object (to put it on the inactive list) and sometimes not. Avoiding memory leaks required checking beforehand to see if the device was already on the list, and freeing the device object in the caller only if there wasn't already an identical object on the inactive list. This patch makes it consistent - virPCIDeviceDetach will *never* consume the input virPCIDevice object; if it needs to put one on the inactive list, it will create a copy and put *that* on the list. This way the caller knows that it is always their responsibility to free the device object they created.
-
由 Laine Stump 提交于
virPCIDeviceReattach was making the assumption that the dev object given to it was one and the same with the dev object on the inactiveDevs list. If that had been the case, it would not need to free the dev object it removed from the inactive list, because the caller of virPCIDeviceReattach always frees the dev object that it passes in. Since the dev object passed in is *never* the same object that's on the list (it is a different object with the same name and attributes, created just for the purpose of searching for the actual object), simply doing a "ListSteal" to remove the object from the list results in one leaked object; we need to actually free the object after removing it from the list.
-
由 Laine Stump 提交于
* virPCIDeviceFindByIDs - find a device on a list w/o creating an object This makes searching for an existing device on a list lighter weight. * virPCIDeviceCopy - make a copy of an existing virPCIDevice object. * virPCIDeviceGetDriverPathAndName - construct new strings containing 1) the name of the driver bound to this device. 2) the full path to the sysfs config for that driver. (This code was lifted from virPCIDeviceUnbindFromStub, and replaced there with a call to this new function).
-
由 Laine Stump 提交于
Previously stubDriver was always set from a string literal, so it was okay to use a const char * that wasn't freed when the virPCIDevice was freed. This will not be the case in the near future, so it is now a char* that is allocated in virPCIDeviceSetStubDriver() and freed during virPCIDeviceFree().
-
由 Laine Stump 提交于
add it to the syntax-check list and fix the one offending caller.
-
- 24 6月, 2013 23 次提交
-
-
由 Jim Fehlig 提交于
libxl supports the LIBXL_DISK_BACKEND_QDISK disk backend, where qemu is used to provide the disk backend. This patch simply maps the existing <driver name='qemu'/> to LIBXL_DISK_BACKEND_QDISK.
-
由 Jim Fehlig 提交于
Specifying an unsupported disk format with the tap driver resulted in a less than helpful error message error: Failed to start domain test-hvm error: internal error libxenlight does not support disk driver qed Change the message to state that the qed format is not supported by the tap driver, e.g. error: Failed to start domain test-hvm error: internal error libxenlight does not support disk format qed with disk driver tap While at it, check for unsupported formats in the other driver backends.
-
由 Daniel P. Berrange 提交于
Add a script which parses the driver API code and validates that every API registered in a virNNNDriverPtr table contains an ACL check matching the API name. NB this currently whitelists a few xen driver functions which are temporarily lacking in access control checks. The xen driver is considered insecure until these are fixed. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
When creating a virIdentityPtr for the system identity, include the current process ID as an attribute.
-
由 Daniel P. Berrange 提交于
Insert calls to the ACL checking APIs in all secrets driver entrypoints. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Insert calls to the ACL checking APIs in all nwfilter driver entrypoints. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Insert calls to the ACL checking APIs in all node device driver entrypoints. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Insert calls to the ACL checking APIs in all interface driver entrypoints. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Insert calls to the ACL checking APIs in all network driver entrypoints. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Insert calls to the ACL checking APIs in all storage driver entrypoints. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Insert calls to the ACL checking APIs in all libxl driver entrypoints. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Insert calls to the ACL checking APIs in all Xen driver entrypoints. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Insert calls to the ACL checking APIs in all UML driver entrypoints. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Insert calls to the ACL checking APIs in all LXC driver entrypoints. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Insert calls to the ACL checking APIs in all QEMU driver entrypoints. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Extend the 'gendispatch.pl' script to be able to generate three new types of file. - 'aclheader' - defines signatures of helper APIs for doing authorization checks. There is one helper API for each API requiring an auth check. Any @acl annotations result in a method being generated with a suffix of 'EnsureACL'. If the ACL check requires examination of flags, an extra 'flags' param will be present. Some examples extern int virConnectBaselineCPUEnsureACL(void); extern int virConnectDomainEventDeregisterEnsureACL(virDomainDefPtr domain); extern int virDomainAttachDeviceFlagsEnsureACL(virDomainDefPtr domain, unsigned int flags); Any @aclfilter annotations resuilt in a method being generated with a suffix of 'CheckACL'. extern int virConnectListAllDomainsCheckACL(virDomainDefPtr domain); These are used for filtering individual objects from APIs which return a list of objects - 'aclbody' - defines the actual implementation of the methods described above. This calls into the access manager APIs. A complex example: /* Returns: -1 on error (denied==error), 0 on allowed */ int virDomainAttachDeviceFlagsEnsureACL(virConnectPtr conn, virDomainDefPtr domain, unsigned int flags) { virAccessManagerPtr mgr; int rv; if (!(mgr = virAccessManagerGetDefault())) return -1; if ((rv = virAccessManagerCheckDomain(mgr, conn->driver->name, domain, VIR_ACCESS_PERM_DOMAIN_WRITE)) <= 0) { virObjectUnref(mgr); if (rv == 0) virReportError(VIR_ERR_ACCESS_DENIED, NULL); return -1; } if (((flags & (VIR_DOMAIN_AFFECT_CONFIG|VIR_DOMAIN_AFFECT_LIVE)) == 0) && (rv = virAccessManagerCheckDomain(mgr, conn->driver->name, domain, VIR_ACCESS_PERM_DOMAIN_SAVE)) <= 0) { virObjectUnref(mgr); if (rv == 0) virReportError(VIR_ERR_ACCESS_DENIED, NULL); return -1; } if (((flags & (VIR_DOMAIN_AFFECT_CONFIG)) == (VIR_DOMAIN_AFFECT_CONFIG)) && (rv = virAccessManagerCheckDomain(mgr, conn->driver->name, domain, VIR_ACCESS_PERM_DOMAIN_SAVE)) <= 0) { virObjectUnref(mgr); if (rv == 0) virReportError(VIR_ERR_ACCESS_DENIED, NULL); return -1; } virObjectUnref(mgr); return 0; } - 'aclsyms' - generates a linker script to export the APIs to drivers. Some examples virConnectBaselineCPUEnsureACL; virConnectCompareCPUEnsureACL; Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Introduce annotations to all RPC messages to declare what access control checks are required. There are two new annotations defined: @acl: <object>:<permission> @acl: <object>:<permission>:<flagname> Declare the access control requirements for the API. May be repeated multiple times, if multiple rules are required. <object> is one of 'connect', 'domain', 'network', 'storagepool', 'interface', 'nodedev', 'secret'. <permission> is one of the permissions in access/viraccessperm.h <flagname> indicates the rule only applies if the named flag is set in the API call @aclfilter: <object>:<permission> Declare an access control filter that will be applied to a list of objects being returned by an API. This allows the returned list to be filtered to only show those the user has permissions against Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Add an access control driver that uses the pkcheck command to check authorization requests. This is fairly inefficient, particularly for cases where an API returns a list of objects and needs to check permission for each object. It would be desirable to use the polkit API but this links to glib with abort-on-OOM behaviour, so can't be used. The other alternative is to speak to dbus directly Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Add a new 'access_drivers' config parameter to the libvirtd.conf configuration file. This allows admins to setup the default access control drivers to use for API authorization. The same driver is to be used by all internal drivers & APIs Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
The access control checks in the 'connectOpen' driver method will require 'conn->driver' to be non-NULL. Set this before running the 'connectOpen' method and NULL-ify it again on failure. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
This patch introduces the virAccessManagerPtr class as the interface between virtualization drivers and the access control drivers. The viraccessperm.h file defines the various permissions that will be used for each type of object libvirt manages Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Ján Tomko 提交于
We can only pass values up to LLONG_MAX through JSON and QEMU checks if the int64_t number is not negative at startup since 1.5.0. https://bugzilla.redhat.com/show_bug.cgi?id=974010
-
- 22 6月, 2013 2 次提交
-
-
由 Jim Fehlig 提交于
virConnectGetSysinfo was never implemented in the legacy xen driver. This patch provides an implementation based on the qemu driver.