[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[libvirt] [PATCH 02/20] Secret manipulation step 2: Internal API



Adds a new driver type.
---
 include/libvirt/virterror.h |    2 +
 src/datatypes.h             |    1 +
 src/driver.h                |   61 +++++++++++++++++++++++++++++++++++++++++++
 src/libvirt.c               |   55 ++++++++++++++++++++++++++++++++++++++
 src/virterror.c             |    9 ++++++
 5 files changed, 128 insertions(+), 0 deletions(-)

diff --git a/include/libvirt/virterror.h b/include/libvirt/virterror.h
index e4d013f..64e0143 100644
--- a/include/libvirt/virterror.h
+++ b/include/libvirt/virterror.h
@@ -67,6 +67,7 @@ typedef enum {
     VIR_FROM_ONE,       /* Error from OpenNebula driver */
     VIR_FROM_ESX,       /* Error from ESX driver */
     VIR_FROM_PHYP,      /* Error from IBM power hypervisor */
+    VIR_FROM_SECRET,    /* Error from secret storage */
 } virErrorDomain;
 
 
@@ -166,6 +167,7 @@ typedef enum {
     VIR_ERR_NO_INTERFACE, /* interface driver not running */
     VIR_ERR_INVALID_INTERFACE, /* invalid interface object */
     VIR_ERR_MULTIPLE_INTERFACES, /* more than one matching interface found */
+    VIR_WAR_NO_SECRET, /* failed to start secret storage */
 } virErrorNumber;
 
 /**
diff --git a/src/datatypes.h b/src/datatypes.h
index da83e02..58a6d32 100644
--- a/src/datatypes.h
+++ b/src/datatypes.h
@@ -119,6 +119,7 @@ struct _virConnect {
     virInterfaceDriverPtr interfaceDriver;
     virStorageDriverPtr storageDriver;
     virDeviceMonitorPtr  deviceMonitor;
+    virSecretDriverPtr secretDriver;
 
     /* Private data pointer which can be used by driver and
      * network driver as they wish.
diff --git a/src/driver.h b/src/driver.h
index 79d46ff..e411212 100644
--- a/src/driver.h
+++ b/src/driver.h
@@ -6,6 +6,9 @@
 #ifndef __VIR_DRIVER_H__
 #define __VIR_DRIVER_H__
 
+#include "config.h"
+#include <stdbool.h>
+
 #include <libxml/uri.h>
 
 #include "internal.h"
@@ -799,6 +802,63 @@ struct _virDeviceMonitor {
     virDrvNodeDeviceDestroy deviceDestroy;
 };
 
+typedef char *
+    (*virDrvSecretAllocateID)                (virConnectPtr conn);
+typedef int
+    (*virDrvSecretSetXML)                    (virConnectPtr conn,
+                                              const char *secret_id,
+                                              const char *xml);
+typedef char *
+    (*virDrvSecretGetXML)                    (virConnectPtr conn,
+                                              const char *secret_id);
+typedef int
+    (*virDrvSecretSetValue)                  (virConnectPtr conn,
+                                              const char *secret_id,
+                                              const void *secret,
+                                              size_t secret_size);
+typedef void *
+    (*virDrvSecretGetValue)                  (virConnectPtr conn,
+                                              const char *secret_id,
+                                              size_t *secret_size,
+                                              bool libvirt_internal_call);
+typedef int
+    (*virDrvSecretDelete)                    (virConnectPtr conn,
+                                              const char *secret_id);
+typedef int
+    (*virDrvSecretNumOfSecrets)              (virConnectPtr conn);
+typedef int
+    (*virDrvSecretListSecrets)               (virConnectPtr conn,
+                                              char **ids,
+                                              int maxids);
+
+typedef struct _virSecretDriver virSecretDriver;
+typedef virSecretDriver *virSecretDriverPtr;
+
+/**
+ * _virSecretDriver:
+ *
+ * Structure associated to a driver for storing secrets, defining the various
+ * entry points for it.
+ *
+ * All drivers must support the following fields/methods:
+ *  - open
+ *  - close
+ */
+struct _virSecretDriver {
+    const char *name;
+    virDrvOpen open;
+    virDrvClose close;
+
+    virDrvSecretAllocateID allocateID;
+    virDrvSecretSetXML setXML;
+    virDrvSecretGetXML getXML;
+    virDrvSecretSetValue setValue;
+    virDrvSecretGetValue getValue;
+    virDrvSecretDelete delete;
+    virDrvSecretNumOfSecrets numOfSecrets;
+    virDrvSecretListSecrets listSecrets;
+};
+
 /*
  * Registration
  * TODO: also need ways to (des)activate a given driver
@@ -809,6 +869,7 @@ int virRegisterNetworkDriver(virNetworkDriverPtr);
 int virRegisterInterfaceDriver(virInterfaceDriverPtr);
 int virRegisterStorageDriver(virStorageDriverPtr);
 int virRegisterDeviceMonitor(virDeviceMonitorPtr);
+int virRegisterSecretDriver(virSecretDriverPtr);
 #ifdef WITH_LIBVIRTD
 int virRegisterStateDriver(virStateDriverPtr);
 #endif
diff --git a/src/libvirt.c b/src/libvirt.c
index 889f77f..22bc34c 100644
--- a/src/libvirt.c
+++ b/src/libvirt.c
@@ -86,6 +86,8 @@ static virStorageDriverPtr virStorageDriverTab[MAX_DRIVERS];
 static int virStorageDriverTabCount = 0;
 static virDeviceMonitorPtr virDeviceMonitorTab[MAX_DRIVERS];
 static int virDeviceMonitorTabCount = 0;
+static virSecretDriverPtr virSecretDriverTab[MAX_DRIVERS];
+static int virSecretDriverTabCount = 0;
 #ifdef WITH_LIBVIRTD
 static virStateDriverPtr virStateDriverTab[MAX_DRIVERS];
 static int virStateDriverTabCount = 0;
@@ -701,6 +703,37 @@ virRegisterDeviceMonitor(virDeviceMonitorPtr driver)
 }
 
 /**
+ * virRegisterSecretDriver:
+ * @driver: pointer to a secret driver block
+ *
+ * Register a secret driver
+ *
+ * Returns the driver priority or -1 in case of error.
+ */
+int
+virRegisterSecretDriver(virSecretDriverPtr driver)
+{
+    if (virInitialize() < 0)
+      return -1;
+
+    if (driver == NULL) {
+        virLibConnError(NULL, VIR_ERR_INVALID_ARG, __FUNCTION__);
+        return(-1);
+    }
+
+    if (virSecretDriverTabCount >= MAX_DRIVERS) {
+        virLibConnError(NULL, VIR_ERR_INVALID_ARG, __FUNCTION__);
+        return(-1);
+    }
+
+    DEBUG ("registering %s as secret driver %d",
+           driver->name, virSecretDriverTabCount);
+
+    virSecretDriverTab[virSecretDriverTabCount] = driver;
+    return virSecretDriverTabCount++;
+}
+
+/**
  * virRegisterDriver:
  * @driver: pointer to a driver block
  *
@@ -1113,6 +1146,26 @@ do_open (const char *name,
         }
     }
 
+    /* Secret manipulation driver. Optional */
+    for (i = 0; i < virSecretDriverTabCount; i++) {
+        res = virSecretDriverTab[i]->open (ret, auth, flags);
+        DEBUG("secret driver %d %s returned %s",
+              i, virSecretDriverTab[i]->name,
+              res == VIR_DRV_OPEN_SUCCESS ? "SUCCESS" :
+              (res == VIR_DRV_OPEN_DECLINED ? "DECLINED" :
+               (res == VIR_DRV_OPEN_ERROR ? "ERROR" : "unknown status")));
+        if (res == VIR_DRV_OPEN_ERROR) {
+            if (STREQ(virSecretDriverTab[i]->name, "remote")) {
+                virLibConnWarning (NULL, VIR_WAR_NO_SECRET,
+                                   "Is the daemon running ?");
+            }
+            break;
+         } else if (res == VIR_DRV_OPEN_SUCCESS) {
+            ret->secretDriver = virSecretDriverTab[i];
+            break;
+        }
+    }
+
     return ret;
 
 failed:
@@ -1246,6 +1299,8 @@ virConnectClose(virConnectPtr conn)
         conn->storageDriver->close (conn);
     if (conn->deviceMonitor)
         conn->deviceMonitor->close (conn);
+    if (conn->secretDriver)
+        conn->secretDriver->close (conn);
     conn->driver->close (conn);
 
     if (virUnrefConnect(conn) < 0)
diff --git a/src/virterror.c b/src/virterror.c
index 362d8ef..ba66238 100644
--- a/src/virterror.c
+++ b/src/virterror.c
@@ -169,6 +169,9 @@ static const char *virErrorDomainName(virErrorDomain domain) {
         case VIR_FROM_ESX:
             dom = "ESX ";
             break;
+        case VIR_FROM_SECRET:
+            dom = "Secret Storage ";
+            break;
     }
     return(dom);
 }
@@ -1068,6 +1071,12 @@ virErrorMsg(virErrorNumber error, const char *info)
             else
                 errmsg = _("multiple matching interfaces found: %s");
             break;
+        case VIR_WAR_NO_SECRET:
+            if (info == NULL)
+                errmsg = _("Failed to find a secret storage driver");
+            else
+                errmsg = _("Failed to find a secret storage driver: %s");
+            break;
     }
     return (errmsg);
 }
-- 
1.6.2.5


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]