[libvirt] [PATCH 1/4] Turn virSecurityManager into a virObjectLockable

Daniel P. Berrange berrange at redhat.com
Thu Feb 7 17:46:35 UTC 2013


From: "Daniel P. Berrange" <berrange at redhat.com>

To enable locking to be introduced to the security manager
objects later, turn virSecurityManager into a virObjectLockable
class

Signed-off-by: Daniel P. Berrange <berrange at redhat.com>
---
 src/lxc/lxc_controller.c        |  2 +-
 src/lxc/lxc_driver.c            |  4 ++--
 src/qemu/qemu_conf.h            |  2 +-
 src/qemu/qemu_driver.c          |  6 +++---
 src/security/security_manager.c | 47 ++++++++++++++++++++++++++++++++---------
 src/security/security_manager.h |  2 --
 src/security/security_stack.c   |  2 +-
 tests/seclabeltest.c            |  2 +-
 8 files changed, 46 insertions(+), 21 deletions(-)

diff --git a/src/lxc/lxc_controller.c b/src/lxc/lxc_controller.c
index aa70481..15aa334 100644
--- a/src/lxc/lxc_controller.c
+++ b/src/lxc/lxc_controller.c
@@ -258,7 +258,7 @@ static void virLXCControllerFree(virLXCControllerPtr ctrl)
 
     virLXCControllerStopInit(ctrl);
 
-    virSecurityManagerFree(ctrl->securityManager);
+    virObjectUnref(ctrl->securityManager);
 
     for (i = 0 ; i < ctrl->nveths ; i++)
         VIR_FREE(ctrl->veths[i]);
diff --git a/src/lxc/lxc_driver.c b/src/lxc/lxc_driver.c
index f07ce14..f136df2 100644
--- a/src/lxc/lxc_driver.c
+++ b/src/lxc/lxc_driver.c
@@ -1399,7 +1399,7 @@ lxcSecurityInit(virLXCDriverPtr driver)
 
 error:
     VIR_ERROR(_("Failed to initialize security drivers"));
-    virSecurityManagerFree(mgr);
+    virObjectUnref(mgr);
     return -1;
 }
 
@@ -1560,7 +1560,7 @@ static int lxcShutdown(void)
     virLXCProcessAutoDestroyShutdown(lxc_driver);
 
     virObjectUnref(lxc_driver->caps);
-    virSecurityManagerFree(lxc_driver->securityManager);
+    virObjectUnref(lxc_driver->securityManager);
     VIR_FREE(lxc_driver->configDir);
     VIR_FREE(lxc_driver->autostartDir);
     VIR_FREE(lxc_driver->stateDir);
diff --git a/src/qemu/qemu_conf.h b/src/qemu/qemu_conf.h
index 9ff1c5a..d4ec0f7 100644
--- a/src/qemu/qemu_conf.h
+++ b/src/qemu/qemu_conf.h
@@ -213,7 +213,7 @@ struct _virQEMUDriver {
     /* Immutable pointer, lockless APIs*/
     virSysinfoDefPtr hostsysinfo;
 
-    /* Immutable pointer. XXX check safety */
+    /* Immutable pointer. lockless access */
     virLockManagerPluginPtr lockManager;
 
     /* Immutable pointer. Unsafe APIs. XXX */
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index 14dc43e..e94227e 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -409,8 +409,8 @@ qemuSecurityInit(virQEMUDriverPtr driver)
 
 error:
     VIR_ERROR(_("Failed to initialize security drivers"));
-    virSecurityManagerFree(stack);
-    virSecurityManagerFree(mgr);
+    virObjectUnref(stack);
+    virObjectUnref(mgr);
     virObjectUnref(cfg);
     return -1;
 }
@@ -1005,7 +1005,7 @@ qemuShutdown(void) {
 
     VIR_FREE(qemu_driver->qemuImgBinary);
 
-    virSecurityManagerFree(qemu_driver->securityManager);
+    virObjectUnref(qemu_driver->securityManager);
 
     ebtablesContextFree(qemu_driver->ebtables);
 
diff --git a/src/security/security_manager.c b/src/security/security_manager.c
index 593c00b..a3f8669 100644
--- a/src/security/security_manager.c
+++ b/src/security/security_manager.c
@@ -28,19 +28,40 @@
 #include "security_dac.h"
 #include "virerror.h"
 #include "viralloc.h"
+#include "virobject.h"
 #include "virlog.h"
 
 #define VIR_FROM_THIS VIR_FROM_SECURITY
 
 
 struct _virSecurityManager {
+    virObjectLockable parent;
+
     virSecurityDriverPtr drv;
     bool allowDiskFormatProbing;
     bool defaultConfined;
     bool requireConfined;
     const char *virtDriver;
+    void *privateData;
 };
 
+static virClassPtr virSecurityManagerClass;
+
+static void virSecurityManagerDispose(void *obj);
+
+static int virSecurityManagerOnceInit(void)
+{
+    if (!(virSecurityManagerClass = virClassNew(virClassForObjectLockable(),
+                                                "virSecurityManagerClass",
+                                                sizeof(virSecurityManager),
+                                                virSecurityManagerDispose)))
+        return -1;
+
+    return 0;
+}
+
+VIR_ONCE_GLOBAL_INIT(virSecurityManager);
+
 static virSecurityManagerPtr virSecurityManagerNewDriver(virSecurityDriverPtr drv,
                                                          const char *virtDriver,
                                                          bool allowDiskFormatProbing,
@@ -48,6 +69,10 @@ static virSecurityManagerPtr virSecurityManagerNewDriver(virSecurityDriverPtr dr
                                                          bool requireConfined)
 {
     virSecurityManagerPtr mgr;
+    char *privateData;
+
+    if (virSecurityManagerInitialize() < 0)
+        return NULL;
 
     VIR_DEBUG("drv=%p (%s) virtDriver=%s allowDiskFormatProbing=%d "
               "defaultConfined=%d requireConfined=%d",
@@ -55,19 +80,25 @@ static virSecurityManagerPtr virSecurityManagerNewDriver(virSecurityDriverPtr dr
               allowDiskFormatProbing, defaultConfined,
               requireConfined);
 
-    if (VIR_ALLOC_VAR(mgr, char, drv->privateDataLen) < 0) {
+    if (VIR_ALLOC_N(privateData, drv->privateDataLen) < 0) {
         virReportOOMError();
         return NULL;
     }
 
+    if (!(mgr = virObjectLockableNew(virSecurityManagerClass))) {
+        VIR_FREE(privateData);
+        return NULL;
+    }
+
     mgr->drv = drv;
     mgr->allowDiskFormatProbing = allowDiskFormatProbing;
     mgr->defaultConfined = defaultConfined;
     mgr->requireConfined = requireConfined;
     mgr->virtDriver = virtDriver;
+    mgr->privateData = privateData;
 
     if (drv->open(mgr) < 0) {
-        virSecurityManagerFree(mgr);
+        virObjectUnref(mgr);
         return NULL;
     }
 
@@ -163,21 +194,17 @@ virSecurityManagerPtr virSecurityManagerNew(const char *name,
 
 void *virSecurityManagerGetPrivateData(virSecurityManagerPtr mgr)
 {
-    /* This accesses the memory just beyond mgr, which was allocated
-     * via VIR_ALLOC_VAR earlier.  */
-    return mgr + 1;
+    return mgr->privateData;
 }
 
 
-void virSecurityManagerFree(virSecurityManagerPtr mgr)
+static void virSecurityManagerDispose(void *obj)
 {
-    if (!mgr)
-        return;
+    virSecurityManagerPtr mgr = obj;
 
     if (mgr->drv->close)
         mgr->drv->close(mgr);
-
-    VIR_FREE(mgr);
+    VIR_FREE(mgr->privateData);
 }
 
 const char *
diff --git a/src/security/security_manager.h b/src/security/security_manager.h
index dc09c7c..4d4dc73 100644
--- a/src/security/security_manager.h
+++ b/src/security/security_manager.h
@@ -48,8 +48,6 @@ virSecurityManagerPtr virSecurityManagerNewDAC(const char *virtDriver,
 
 void *virSecurityManagerGetPrivateData(virSecurityManagerPtr mgr);
 
-void virSecurityManagerFree(virSecurityManagerPtr mgr);
-
 const char *virSecurityManagerGetDriver(virSecurityManagerPtr mgr);
 const char *virSecurityManagerGetDOI(virSecurityManagerPtr mgr);
 const char *virSecurityManagerGetModel(virSecurityManagerPtr mgr);
diff --git a/src/security/security_stack.c b/src/security/security_stack.c
index 8e1e5f9..e2d0b1d 100644
--- a/src/security/security_stack.c
+++ b/src/security/security_stack.c
@@ -93,7 +93,7 @@ virSecurityStackClose(virSecurityManagerPtr mgr)
 
     while (item) {
         next = item->next;
-        virSecurityManagerFree(item->securityManager);
+        virObjectUnref(item->securityManager);
         VIR_FREE(item);
         item = next;
     }
diff --git a/tests/seclabeltest.c b/tests/seclabeltest.c
index 7033293..93b4902 100644
--- a/tests/seclabeltest.c
+++ b/tests/seclabeltest.c
@@ -39,7 +39,7 @@ main(int argc ATTRIBUTE_UNUSED, char **argv ATTRIBUTE_UNUSED)
         exit(EXIT_FAILURE);
     }
 
-    virSecurityManagerFree(mgr);
+    virObjectUnref(mgr);
 
     return 0;
 }
-- 
1.8.1




More information about the libvir-list mailing list