[libvirt] [PATCH 12/19] Add ACL checks into the libxl driver
Daniel P. Berrange
berrange at redhat.com
Wed Jun 19 17:00:53 UTC 2013
From: "Daniel P. Berrange" <berrange at redhat.com>
Insert calls to the ACL checking APIs in all libxl driver
entrypoints.
Signed-off-by: Daniel P. Berrange <berrange at redhat.com>
---
src/Makefile.am | 8 +-
src/libxl/libxl_driver.c | 187 ++++++++++++++++++++++++++++++++++++++++++++++-
2 files changed, 189 insertions(+), 6 deletions(-)
diff --git a/src/Makefile.am b/src/Makefile.am
index b3aed10..fd99ee2 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -1045,9 +1045,11 @@ noinst_LTLIBRARIES += libvirt_driver_libxl.la
#libvirt_la_BUILT_LIBADD += libvirt_driver_libxl.la
endif
-libvirt_driver_libxl_impl_la_CFLAGS = $(LIBXL_CFLAGS) \
- -I$(top_srcdir)/src/conf \
- -I$(top_srcdir)/src/xenxs \
+libvirt_driver_libxl_impl_la_CFLAGS = \
+ $(LIBXL_CFLAGS) \
+ -I$(top_srcdir)/src/access \
+ -I$(top_srcdir)/src/conf \
+ -I$(top_srcdir)/src/xenxs \
$(AM_CFLAGS)
libvirt_driver_libxl_impl_la_LDFLAGS = $(AM_LDFLAGS)
libvirt_driver_libxl_impl_la_LIBADD = $(LIBXL_LIBS) libvirt_xenxs.la
diff --git a/src/libxl/libxl_driver.c b/src/libxl/libxl_driver.c
index 9a7cb20..687d8cd 100644
--- a/src/libxl/libxl_driver.c
+++ b/src/libxl/libxl_driver.c
@@ -45,6 +45,7 @@
#include "virtypedparam.h"
#include "viruri.h"
#include "virstring.h"
+#include "viraccessapicheck.h"
#define VIR_FROM_THIS VIR_FROM_LIBXL
@@ -1405,6 +1406,9 @@ libxlConnectOpen(virConnectPtr conn,
}
}
+ if (virConnectOpenEnsureACL(conn) < 0)
+ return VIR_DRV_OPEN_ERROR;
+
conn->privateData = libxl_driver;
return VIR_DRV_OPEN_SUCCESS;
@@ -1418,8 +1422,11 @@ libxlConnectClose(virConnectPtr conn ATTRIBUTE_UNUSED)
}
static const char *
-libxlConnectGetType(virConnectPtr conn ATTRIBUTE_UNUSED)
+libxlConnectGetType(virConnectPtr conn)
{
+ if (virConnectGetTypeEnsureACL(conn) < 0)
+ return NULL;
+
return "Xen";
}
@@ -1428,6 +1435,9 @@ libxlConnectGetVersion(virConnectPtr conn, unsigned long *version)
{
libxlDriverPrivatePtr driver = conn->privateData;
+ if (virConnectGetVersionEnsureACL(conn) < 0)
+ return 0;
+
libxlDriverLock(driver);
*version = driver->version;
libxlDriverUnlock(driver);
@@ -1435,8 +1445,11 @@ libxlConnectGetVersion(virConnectPtr conn, unsigned long *version)
}
-static char *libxlConnectGetHostname(virConnectPtr conn ATTRIBUTE_UNUSED)
+static char *libxlConnectGetHostname(virConnectPtr conn)
{
+ if (virConnectGetHostnameEnsureACL(conn) < 0)
+ return NULL;
+
return virGetHostname();
}
@@ -1447,6 +1460,9 @@ libxlConnectGetMaxVcpus(virConnectPtr conn, const char *type ATTRIBUTE_UNUSED)
int ret;
libxlDriverPrivatePtr driver = conn->privateData;
+ if (virConnectGetMaxVcpusEnsureACL(conn) < 0)
+ return -1;
+
ret = libxl_get_max_cpus(driver->ctx);
/* libxl_get_max_cpus() will return 0 if there were any failures,
e.g. xc_physinfo() failing */
@@ -1459,6 +1475,9 @@ libxlConnectGetMaxVcpus(virConnectPtr conn, const char *type ATTRIBUTE_UNUSED)
static int
libxlNodeGetInfo(virConnectPtr conn, virNodeInfoPtr info)
{
+ if (virNodeGetInfoEnsureACL(conn) < 0)
+ return -1;
+
return libxlDoNodeGetInfo(conn->privateData, info);
}
@@ -1468,6 +1487,9 @@ libxlConnectGetCapabilities(virConnectPtr conn)
libxlDriverPrivatePtr driver = conn->privateData;
char *xml;
+ if (virConnectGetCapabilitiesEnsureACL(conn) < 0)
+ return NULL;
+
libxlDriverLock(driver);
if ((xml = virCapabilitiesFormatXML(driver->caps)) == NULL)
virReportOOMError();
@@ -1482,6 +1504,9 @@ libxlConnectListDomains(virConnectPtr conn, int *ids, int nids)
libxlDriverPrivatePtr driver = conn->privateData;
int n;
+ if (virConnectListDomainsEnsureACL(conn) < 0)
+ return -1;
+
libxlDriverLock(driver);
n = virDomainObjListGetActiveIDs(driver->domains, ids, nids);
libxlDriverUnlock(driver);
@@ -1495,6 +1520,9 @@ libxlConnectNumOfDomains(virConnectPtr conn)
libxlDriverPrivatePtr driver = conn->privateData;
int n;
+ if (virConnectNumOfDomainsEnsureACL(conn) < 0)
+ return -1;
+
libxlDriverLock(driver);
n = virDomainObjListNumOfDomains(driver->domains, 1);
libxlDriverUnlock(driver);
@@ -1519,6 +1547,9 @@ libxlDomainCreateXML(virConnectPtr conn, const char *xml,
VIR_DOMAIN_XML_INACTIVE)))
goto cleanup;
+ if (virDomainCreateXMLEnsureACL(conn, def) < 0)
+ goto cleanup;
+
if (!(vm = virDomainObjListAdd(driver->domains, def,
driver->xmlopt,
VIR_DOMAIN_OBJ_LIST_ADD_CHECK_LIVE,
@@ -1561,6 +1592,9 @@ libxlDomainLookupByID(virConnectPtr conn, int id)
goto cleanup;
}
+ if (virDomainLookupByIDEnsureACL(conn, vm->def) < 0)
+ goto cleanup;
+
dom = virGetDomain(conn, vm->def->name, vm->def->uuid);
if (dom)
dom->id = vm->def->id;
@@ -1587,6 +1621,9 @@ libxlDomainLookupByUUID(virConnectPtr conn, const unsigned char *uuid)
goto cleanup;
}
+ if (virDomainLookupByUUIDEnsureACL(conn, vm->def) < 0)
+ goto cleanup;
+
dom = virGetDomain(conn, vm->def->name, vm->def->uuid);
if (dom)
dom->id = vm->def->id;
@@ -1613,6 +1650,9 @@ libxlDomainLookupByName(virConnectPtr conn, const char *name)
goto cleanup;
}
+ if (virDomainLookupByNameEnsureACL(conn, vm->def) < 0)
+ goto cleanup;
+
dom = virGetDomain(conn, vm->def->name, vm->def->uuid);
if (dom)
dom->id = vm->def->id;
@@ -1643,6 +1683,10 @@ libxlDomainSuspend(virDomainPtr dom)
_("No domain with matching uuid '%s'"), uuidstr);
goto cleanup;
}
+
+ if (virDomainSuspendEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (!virDomainObjIsActive(vm)) {
virReportError(VIR_ERR_OPERATION_INVALID, "%s", _("Domain is not running"));
goto cleanup;
@@ -1702,6 +1746,9 @@ libxlDomainResume(virDomainPtr dom)
goto cleanup;
}
+ if (virDomainResumeEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (!virDomainObjIsActive(vm)) {
virReportError(VIR_ERR_OPERATION_INVALID, "%s", _("Domain is not running"));
goto cleanup;
@@ -1760,6 +1807,9 @@ libxlDomainShutdownFlags(virDomainPtr dom, unsigned int flags)
goto cleanup;
}
+ if (virDomainShutdownFlagsEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (!virDomainObjIsActive(vm)) {
virReportError(VIR_ERR_OPERATION_INVALID,
"%s", _("Domain is not running"));
@@ -1813,6 +1863,9 @@ libxlDomainReboot(virDomainPtr dom, unsigned int flags)
goto cleanup;
}
+ if (virDomainRebootEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (!virDomainObjIsActive(vm)) {
virReportError(VIR_ERR_OPERATION_INVALID,
"%s", _("Domain is not running"));
@@ -1856,6 +1909,9 @@ libxlDomainDestroyFlags(virDomainPtr dom,
goto cleanup;
}
+ if (virDomainDestroyFlagsEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (!virDomainObjIsActive(vm)) {
virReportError(VIR_ERR_OPERATION_INVALID,
"%s", _("Domain is not running"));
@@ -1911,7 +1967,11 @@ libxlDomainGetOSType(virDomainPtr dom)
goto cleanup;
}
- ignore_value(VIR_STRDUP(type, vm->def->os.type));
+ if (virDomainGetOSTypeEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
+ if (VIR_STRDUP(type, vm->def->os.type) < 0)
+ goto cleanup;
cleanup:
if (vm)
@@ -1934,6 +1994,10 @@ libxlDomainGetMaxMemory(virDomainPtr dom)
virReportError(VIR_ERR_NO_DOMAIN, "%s", _("no domain with matching uuid"));
goto cleanup;
}
+
+ if (virDomainGetMaxMemoryEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
ret = vm->def->mem.max_balloon;
cleanup:
@@ -1966,6 +2030,9 @@ libxlDomainSetMemoryFlags(virDomainPtr dom, unsigned long newmem,
goto cleanup;
}
+ if (virDomainSetMemoryFlagsEnsureACL(dom->conn, vm->def, flags) < 0)
+ goto cleanup;
+
isActive = virDomainObjIsActive(vm);
if (flags == VIR_DOMAIN_MEM_CURRENT) {
@@ -2088,6 +2155,9 @@ libxlDomainGetInfo(virDomainPtr dom, virDomainInfoPtr info)
goto cleanup;
}
+ if (virDomainGetInfoEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (!virDomainObjIsActive(vm)) {
info->cpuTime = 0;
info->memory = vm->def->mem.cur_balloon;
@@ -2135,6 +2205,9 @@ libxlDomainGetState(virDomainPtr dom,
goto cleanup;
}
+ if (virDomainGetStateEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
*state = virDomainObjGetState(vm, reason);
ret = 0;
@@ -2247,6 +2320,9 @@ libxlDomainSaveFlags(virDomainPtr dom, const char *to, const char *dxml,
goto cleanup;
}
+ if (virDomainSaveFlagsEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (!virDomainObjIsActive(vm)) {
virReportError(VIR_ERR_OPERATION_INVALID, "%s", _("Domain is not running"));
goto cleanup;
@@ -2299,6 +2375,9 @@ libxlDomainRestoreFlags(virConnectPtr conn, const char *from,
if (fd < 0)
goto cleanup;
+ if (virDomainRestoreFlagsEnsureACL(conn, def) < 0)
+ goto cleanup;
+
if (!(vm = virDomainObjListAdd(driver->domains, def,
driver->xmlopt,
VIR_DOMAIN_OBJ_LIST_ADD_LIVE |
@@ -2354,6 +2433,9 @@ libxlDomainCoreDump(virDomainPtr dom, const char *to, unsigned int flags)
goto cleanup;
}
+ if (virDomainCoreDumpEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (!virDomainObjIsActive(vm)) {
virReportError(VIR_ERR_OPERATION_INVALID, "%s", _("Domain is not running"));
goto cleanup;
@@ -2444,6 +2526,9 @@ libxlDomainManagedSave(virDomainPtr dom, unsigned int flags)
goto cleanup;
}
+ if (virDomainManagedSaveEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (!virDomainObjIsActive(vm)) {
virReportError(VIR_ERR_OPERATION_INVALID, "%s", _("Domain is not running"));
goto cleanup;
@@ -2519,6 +2604,9 @@ libxlDomainHasManagedSaveImage(virDomainPtr dom, unsigned int flags)
goto cleanup;
}
+ if (virDomainHasManagedSaveImageEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
ret = vm->hasManagedSave;
cleanup:
@@ -2548,6 +2636,9 @@ libxlDomainManagedSaveRemove(virDomainPtr dom, unsigned int flags)
goto cleanup;
}
+ if (virDomainManagedSaveRemoveEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
name = libxlDomainManagedSavePath(driver, vm);
if (name == NULL)
goto cleanup;
@@ -2606,6 +2697,9 @@ libxlDomainSetVcpusFlags(virDomainPtr dom, unsigned int nvcpus,
goto cleanup;
}
+ if (virDomainSetVcpusFlagsEnsureACL(dom->conn, vm->def, flags) < 0)
+ goto cleanup;
+
if (!virDomainObjIsActive(vm) && (flags & VIR_DOMAIN_VCPU_LIVE)) {
virReportError(VIR_ERR_OPERATION_INVALID, "%s",
_("cannot set vcpus on an inactive domain"));
@@ -2725,6 +2819,9 @@ libxlDomainGetVcpusFlags(virDomainPtr dom, unsigned int flags)
goto cleanup;
}
+ if (virDomainGetVcpusFlagsEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
active = virDomainObjIsActive(vm);
if ((flags & (VIR_DOMAIN_VCPU_LIVE | VIR_DOMAIN_VCPU_CONFIG)) == 0) {
@@ -2782,6 +2879,9 @@ libxlDomainPinVcpu(virDomainPtr dom, unsigned int vcpu, unsigned char *cpumap,
goto cleanup;
}
+ if (virDomainPinVcpuEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (!virDomainObjIsActive(vm)) {
virReportError(VIR_ERR_OPERATION_INVALID, "%s",
_("cannot pin vcpus on an inactive domain"));
@@ -2849,6 +2949,9 @@ libxlDomainGetVcpus(virDomainPtr dom, virVcpuInfoPtr info, int maxinfo,
goto cleanup;
}
+ if (virDomainGetVcpusEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (!virDomainObjIsActive(vm)) {
virReportError(VIR_ERR_OPERATION_INVALID, "%s", _("Domain is not running"));
goto cleanup;
@@ -2913,6 +3016,9 @@ libxlDomainGetXMLDesc(virDomainPtr dom, unsigned int flags)
goto cleanup;
}
+ if (virDomainGetXMLDescEnsureACL(dom->conn, vm->def, flags) < 0)
+ goto cleanup;
+
ret = virDomainDefFormat(vm->def, flags);
cleanup:
@@ -2934,6 +3040,9 @@ libxlConnectDomainXMLFromNative(virConnectPtr conn, const char * nativeFormat,
virCheckFlags(0, NULL);
+ if (virConnectDomainXMLFromNativeEnsureACL(conn) < 0)
+ goto cleanup;
+
if (STRNEQ(nativeFormat, LIBXL_CONFIG_FORMAT_XM)) {
virReportError(VIR_ERR_INVALID_ARG,
_("unsupported config type %s"), nativeFormat);
@@ -2977,6 +3086,9 @@ libxlConnectDomainXMLToNative(virConnectPtr conn, const char * nativeFormat,
virCheckFlags(0, NULL);
+ if (virConnectDomainXMLToNativeEnsureACL(conn) < 0)
+ goto cleanup;
+
if (STRNEQ(nativeFormat, LIBXL_CONFIG_FORMAT_XM)) {
virReportError(VIR_ERR_INVALID_ARG,
_("unsupported config type %s"), nativeFormat);
@@ -3020,6 +3132,9 @@ libxlConnectListDefinedDomains(virConnectPtr conn,
libxlDriverPrivatePtr driver = conn->privateData;
int n;
+ if (virConnectListDefinedDomainsEnsureACL(conn) < 0)
+ return -1;
+
libxlDriverLock(driver);
n = virDomainObjListGetInactiveNames(driver->domains, names, nnames);
libxlDriverUnlock(driver);
@@ -3032,6 +3147,9 @@ libxlConnectNumOfDefinedDomains(virConnectPtr conn)
libxlDriverPrivatePtr driver = conn->privateData;
int n;
+ if (virConnectNumOfDefinedDomainsEnsureACL(conn) < 0)
+ return -1;
+
libxlDriverLock(driver);
n = virDomainObjListNumOfDomains(driver->domains, 0);
libxlDriverUnlock(driver);
@@ -3059,6 +3177,9 @@ libxlDomainCreateWithFlags(virDomainPtr dom,
goto cleanup;
}
+ if (virDomainCreateWithFlagsEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (virDomainObjIsActive(vm)) {
virReportError(VIR_ERR_OPERATION_INVALID,
"%s", _("Domain is already running"));
@@ -3096,6 +3217,9 @@ libxlDomainDefineXML(virConnectPtr conn, const char *xml)
VIR_DOMAIN_XML_INACTIVE)))
goto cleanup;
+ if (virDomainDefineXMLEnsureACL(conn, def) < 0)
+ goto cleanup;
+
if (!(vm = virDomainObjListAdd(driver->domains, def,
driver->xmlopt,
0,
@@ -3155,6 +3279,9 @@ libxlDomainUndefineFlags(virDomainPtr dom,
goto cleanup;
}
+ if (virDomainUndefineFlagsEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (!vm->persistent) {
virReportError(VIR_ERR_OPERATION_INVALID,
"%s", _("cannot undefine transient domain"));
@@ -3584,6 +3711,9 @@ libxlDomainAttachDeviceFlags(virDomainPtr dom, const char *xml,
goto cleanup;
}
+ if (virDomainAttachDeviceFlagsEnsureACL(dom->conn, vm->def, flags) < 0)
+ goto cleanup;
+
if (virDomainObjIsActive(vm)) {
if (flags == VIR_DOMAIN_DEVICE_MODIFY_CURRENT)
flags |= VIR_DOMAIN_DEVICE_MODIFY_LIVE;
@@ -3689,6 +3819,9 @@ libxlDomainDetachDeviceFlags(virDomainPtr dom, const char *xml,
goto cleanup;
}
+ if (virDomainDetachDeviceFlagsEnsureACL(dom->conn, vm->def, flags) < 0)
+ goto cleanup;
+
if (virDomainObjIsActive(vm)) {
if (flags == VIR_DOMAIN_DEVICE_MODIFY_CURRENT)
flags |= VIR_DOMAIN_DEVICE_MODIFY_LIVE;
@@ -3794,6 +3927,9 @@ libxlDomainUpdateDeviceFlags(virDomainPtr dom, const char *xml,
goto cleanup;
}
+ if (virDomainUpdateDeviceFlagsEnsureACL(dom->conn, vm->def, flags) < 0)
+ goto cleanup;
+
if (virDomainObjIsActive(vm)) {
if (flags == VIR_DOMAIN_DEVICE_MODIFY_CURRENT)
flags |= VIR_DOMAIN_DEVICE_MODIFY_LIVE;
@@ -3877,6 +4013,9 @@ libxlNodeGetFreeMemory(virConnectPtr conn)
const libxl_version_info* ver_info;
libxlDriverPrivatePtr driver = conn->privateData;
+ if (virNodeGetFreeMemoryEnsureACL(conn) < 0)
+ return 0;
+
if (libxl_get_physinfo(driver->ctx, &phy_info)) {
virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
_("libxl_get_physinfo_info failed"));
@@ -3900,6 +4039,9 @@ libxlConnectDomainEventRegister(virConnectPtr conn,
libxlDriverPrivatePtr driver = conn->privateData;
int ret;
+ if (virConnectDomainEventRegisterEnsureACL(conn) < 0)
+ return -1;
+
libxlDriverLock(driver);
ret = virDomainEventStateRegister(conn,
driver->domainEventState,
@@ -3917,6 +4059,9 @@ libxlConnectDomainEventDeregister(virConnectPtr conn,
libxlDriverPrivatePtr driver = conn->privateData;
int ret;
+ if (virConnectDomainEventDeregisterEnsureACL(conn) < 0)
+ return -1;
+
libxlDriverLock(driver);
ret = virDomainEventStateDeregister(conn,
driver->domainEventState,
@@ -3945,6 +4090,9 @@ libxlDomainGetAutostart(virDomainPtr dom, int *autostart)
goto cleanup;
}
+ if (virDomainGetAutostartEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
*autostart = vm->autostart;
ret = 0;
@@ -3973,6 +4121,9 @@ libxlDomainSetAutostart(virDomainPtr dom, int autostart)
goto cleanup;
}
+ if (virDomainSetAutostartEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (!vm->persistent) {
virReportError(VIR_ERR_OPERATION_INVALID,
"%s", _("cannot set autostart for transient domain"));
@@ -4042,6 +4193,9 @@ libxlDomainGetSchedulerType(virDomainPtr dom, int *nparams)
goto cleanup;
}
+ if (virDomainGetSchedulerTypeEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (!virDomainObjIsActive(vm)) {
virReportError(VIR_ERR_OPERATION_INVALID, "%s", _("Domain is not running"));
goto cleanup;
@@ -4107,6 +4261,9 @@ libxlDomainGetSchedulerParametersFlags(virDomainPtr dom,
goto cleanup;
}
+ if (virDomainGetSchedulerParametersFlagsEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
if (!virDomainObjIsActive(vm)) {
virReportError(VIR_ERR_OPERATION_INVALID, "%s",
_("Domain is not running"));
@@ -4189,6 +4346,9 @@ libxlDomainSetSchedulerParametersFlags(virDomainPtr dom,
goto cleanup;
}
+ if (virDomainSetSchedulerParametersFlagsEnsureACL(dom->conn, vm->def, flags) < 0)
+ goto cleanup;
+
if (!virDomainObjIsActive(vm)) {
virReportError(VIR_ERR_OPERATION_INVALID, "%s", _("Domain is not running"));
goto cleanup;
@@ -4257,6 +4417,10 @@ libxlDomainIsActive(virDomainPtr dom)
virReportError(VIR_ERR_NO_DOMAIN, NULL);
goto cleanup;
}
+
+ if (virDomainIsActiveEnsureACL(dom->conn, obj->def) < 0)
+ goto cleanup;
+
ret = virDomainObjIsActive(obj);
cleanup:
@@ -4279,6 +4443,10 @@ libxlDomainIsPersistent(virDomainPtr dom)
virReportError(VIR_ERR_NO_DOMAIN, NULL);
goto cleanup;
}
+
+ if (virDomainIsPersistentEnsureACL(dom->conn, obj->def) < 0)
+ goto cleanup;
+
ret = obj->persistent;
cleanup:
@@ -4301,6 +4469,10 @@ libxlDomainIsUpdated(virDomainPtr dom)
virReportError(VIR_ERR_NO_DOMAIN, NULL);
goto cleanup;
}
+
+ if (virDomainIsUpdatedEnsureACL(dom->conn, vm->def) < 0)
+ goto cleanup;
+
ret = vm->updated;
cleanup:
@@ -4317,6 +4489,9 @@ libxlConnectDomainEventRegisterAny(virConnectPtr conn, virDomainPtr dom, int eve
libxlDriverPrivatePtr driver = conn->privateData;
int ret;
+ if (virConnectDomainEventRegisterAnyEnsureACL(conn) < 0)
+ return -1;
+
libxlDriverLock(driver);
if (virDomainEventStateRegisterID(conn,
driver->domainEventState,
@@ -4335,6 +4510,9 @@ libxlConnectDomainEventDeregisterAny(virConnectPtr conn, int callbackID)
libxlDriverPrivatePtr driver = conn->privateData;
int ret;
+ if (virConnectDomainEventDeregisterAnyEnsureACL(conn) < 0)
+ return -1;
+
libxlDriverLock(driver);
ret = virDomainEventStateDeregisterID(conn,
driver->domainEventState,
@@ -4361,6 +4539,9 @@ libxlConnectListAllDomains(virConnectPtr conn,
virCheckFlags(VIR_CONNECT_LIST_DOMAINS_FILTERS_ALL, -1);
+ if (virConnectListAllDomainsEnsureACL(conn) < 0)
+ return -1;
+
libxlDriverLock(driver);
ret = virDomainObjListExport(driver->domains, conn, domains, flags);
libxlDriverUnlock(driver);
--
1.8.1.4
More information about the libvir-list
mailing list