[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt] [PATCH 07/19] Auto-generate helpers for checking access control rules



On 19.06.2013 19:00, Daniel P. Berrange wrote:
> From: "Daniel P. Berrange" <berrange redhat com>
> 
> Extend the 'gendispatch.pl' script to be able to generate
> three new types of file.
> 
> - 'aclheader' - defines signatures of helper APIs for
>   doing authorization checks. There is one helper API
>   for each API requiring an auth check. Any @acl
>   annotations result in a method being generated with
>   a suffix of 'EnsureACL'. If the ACL check requires
>   examination of flags, an extra 'flags' param will be
>   present. Some examples
> 
>   extern int virConnectBaselineCPUEnsureACL(void);
>   extern int virConnectDomainEventDeregisterEnsureACL(virDomainDefPtr domain);
>   extern int virDomainAttachDeviceFlagsEnsureACL(virDomainDefPtr domain, unsigned int flags);
> 
>   Any @aclfilter annotations resuilt in a method being
>   generated with a suffix of 'CheckACL'.
> 
>   extern int virConnectListAllDomainsCheckACL(virDomainDefPtr domain);
> 
>   These are used for filtering individual objects from APIs
>   which return a list of objects
> 
> - 'aclbody' - defines the actual implementation of the
>   methods described above. This calls into the access
>   manager APIs. A complex example:
> 
>     /* Returns: -1 on error (denied==error), 0 on allowed */
>     int virDomainAttachDeviceFlagsEnsureACL(virConnectPtr conn,
>                                             virDomainDefPtr domain,
>                                             unsigned int flags)
>     {
>         virAccessManagerPtr mgr;
>         int rv;
> 
>         if (!(mgr = virAccessManagerGetDefault()))
>             return -1;

The virAccessManagerGetDefault increments the refcount on @mgr. However,
you are not decrementing it anywhere.

> 
>         if ((rv = virAccessManagerCheckDomain(mgr,
>                                               conn->driver->name,
>                                               domain,
>                                               VIR_ACCESS_PERM_DOMAIN_WRITE)) <= 0) {
>             if (rv == 0)
>                 virReportError(VIR_ERR_ACCESS_DENIED, NULL);
>             return -1;
>         }
>         if (((flags & (VIR_DOMAIN_AFFECT_CONFIG|VIR_DOMAIN_AFFECT_LIVE)) == 0) &&
>             (rv = virAccessManagerCheckDomain(mgr,
>                                               conn->driver->name,
>                                               domain,
>                                               VIR_ACCESS_PERM_DOMAIN_SAVE)) <= 0) {
>             if (rv == 0)
>                 virReportError(VIR_ERR_ACCESS_DENIED, NULL);
>             return -1;
>         }
>         if (((flags & (VIR_DOMAIN_AFFECT_CONFIG)) == (VIR_DOMAIN_AFFECT_CONFIG)) &&
>             (rv = virAccessManagerCheckDomain(mgr,
>                                               conn->driver->name,
>                                               domain,
>                                               VIR_ACCESS_PERM_DOMAIN_SAVE)) <= 0) {
>             if (rv == 0)
>                 virReportError(VIR_ERR_ACCESS_DENIED, NULL);
>             return -1;
>         }
>         return 0;
>     }
> 
> - 'aclsyms' - generates a linker script to export the
>    APIs to drivers. Some examples
> 
>   virConnectBaselineCPUEnsureACL;
>   virConnectCompareCPUEnsureACL;
> 
> Signed-off-by: Daniel P. Berrange <berrange redhat com>
> ---
>  .gitignore             |   9 +++
>  src/Makefile.am        |  55 ++++++++++++-
>  src/rpc/gendispatch.pl | 209 ++++++++++++++++++++++++++++++++++++++++++++++++-
>  3 files changed, 268 insertions(+), 5 deletions(-)
> 

Michal


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]