[libvirt] [PATCH 9/9] vz: add ACL checks to API calls

Nikolay Shirokovskiy nshirokovskiy at virtuozzo.com
Fri Jun 24 14:32:38 UTC 2016


  vzDomainMigrateConfirm3Params is whitelisted. Otherwise we need to
move removing domain from domain list from perform to confirm
step. This would further imply adding a flag and check that migration
is in progress to prohibit mistakenly (maliciously) removing domains
on confirm step. vz version of p2p also need to be fixed to include confirm step.
One would also need to add means to cleanup pending migration
on client disconnect as now is has state across several API
calls.

  On the other hand current version of confirm step is totaly
harmless thus it is easier to whitelist it at the moment.

Signed-off-by: Nikolay Shirokovskiy <nshirokovskiy at virtuozzo.com>
---
 src/Makefile.am              |   5 +-
 src/check-aclrules.pl        |   1 +
 src/remote/remote_protocol.x |   4 +-
 src/vz/vz_driver.c           | 348 +++++++++++++++++++++++++++++++++++++++----
 4 files changed, 330 insertions(+), 28 deletions(-)

diff --git a/src/Makefile.am b/src/Makefile.am
index a14cb3f..8ecec55 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -651,6 +651,7 @@ STATEFUL_DRIVER_SOURCE_FILES = \
 	$(STORAGE_DRIVER_SOURCES) \
 	$(UML_DRIVER_SOURCES) \
 	$(XEN_DRIVER_SOURCES) \
+	$(VZ_DRIVER_SOURCES) \
 	$(NULL)
 
 
@@ -1514,7 +1515,9 @@ else ! WITH_DRIVER_MODULES
 noinst_LTLIBRARIES += libvirt_driver_vz.la
 endif ! WITH_DRIVER_MODULES
 libvirt_driver_vz_impl_la_CFLAGS = \
-		-I$(srcdir)/conf $(AM_CFLAGS) \
+		-I$(srcdir)/conf \
+		-I$(srcdir)/access \
+		$(AM_CFLAGS) \
 		$(PARALLELS_SDK_CFLAGS) $(LIBNL_CFLAGS)
 libvirt_driver_vz_impl_la_SOURCES = $(VZ_DRIVER_SOURCES)
 libvirt_driver_vz_impl_la_LIBADD =  $(PARALLELS_SDK_LIBS) $(LIBNL_LIBS)
diff --git a/src/check-aclrules.pl b/src/check-aclrules.pl
index 9151e6a..8739cda 100755
--- a/src/check-aclrules.pl
+++ b/src/check-aclrules.pl
@@ -73,6 +73,7 @@ my %implwhitelist = (
     "xenUnifiedDomainIsPersistent" => 1,
     "xenUnifiedDomainIsUpdated" => 1,
     "xenUnifiedDomainOpenConsole" => 1,
+    "vzDomainMigrateConfirm3Params" => 1,
     );
 my %filterimplwhitelist = (
     "xenUnifiedConnectListDomains" => 1,
diff --git a/src/remote/remote_protocol.x b/src/remote/remote_protocol.x
index e7a7025..64e4b9e 100644
--- a/src/remote/remote_protocol.x
+++ b/src/remote/remote_protocol.x
@@ -5794,13 +5794,13 @@ enum remote_procedure {
 
     /**
      * @generate: none
-     * @acl: none
+     * @acl: connect:getattr
      */
     REMOTE_PROC_CONNECT_REGISTER_CLOSE_CALLBACK = 360,
 
     /**
      * @generate: none
-     * @acl: none
+     * @acl: connect:getattr
      */
     REMOTE_PROC_CONNECT_UNREGISTER_CLOSE_CALLBACK = 361,
 
diff --git a/src/vz/vz_driver.c b/src/vz/vz_driver.c
index 9fa377e..8e1d039 100644
--- a/src/vz/vz_driver.c
+++ b/src/vz/vz_driver.c
@@ -53,6 +53,7 @@
 #include "virtypedparam.h"
 #include "virhostmem.h"
 #include "virhostcpu.h"
+#include "viraccessapicheck.h"
 
 #include "vz_driver.h"
 #include "vz_utils.h"
@@ -229,6 +230,9 @@ vzConnectGetCapabilities(virConnectPtr conn)
     vzConnPtr privconn = conn->privateData;
     char *xml;
 
+    if (virConnectGetCapabilitiesEnsureACL(conn) < 0)
+        return NULL;
+
     xml = virCapabilitiesFormatXML(privconn->driver->caps);
     return xml;
 }
@@ -375,6 +379,9 @@ vzConnectOpen(virConnectPtr conn,
         return VIR_DRV_OPEN_ERROR;
     }
 
+    if (virConnectOpenEnsureACL(conn) < 0)
+        return VIR_DRV_OPEN_ERROR;
+
     if (!(driver = vzGetDriverConnection()))
         return VIR_DRV_OPEN_ERROR;
 
@@ -432,13 +439,20 @@ static int
 vzConnectGetVersion(virConnectPtr conn, unsigned long *hvVer)
 {
     vzConnPtr privconn = conn->privateData;
+
+    if (virConnectGetVersionEnsureACL(conn) < 0)
+        return -1;
+
     *hvVer = privconn->driver->vzVersion;
     return 0;
 }
 
 
-static char *vzConnectGetHostname(virConnectPtr conn ATTRIBUTE_UNUSED)
+static char *vzConnectGetHostname(virConnectPtr conn)
 {
+    if (virConnectGetHostnameEnsureACL(conn) < 0)
+        return NULL;
+
     return virGetHostname();
 }
 
@@ -451,6 +465,9 @@ vzConnectGetSysinfo(virConnectPtr conn, unsigned int flags)
 
     virCheckFlags(0, NULL);
 
+    if (virConnectGetSysinfoEnsureACL(conn) < 0)
+        return NULL;
+
     if (!driver->hostsysinfo) {
         virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
                        _("Host SMBIOS information is not available"));
@@ -471,8 +488,11 @@ vzConnectListDomains(virConnectPtr conn, int *ids, int maxids)
     vzConnPtr privconn = conn->privateData;
     int n;
 
+    if (virConnectListDomainsEnsureACL(conn) < 0)
+        return -1;
+
     n = virDomainObjListGetActiveIDs(privconn->driver->domains, ids, maxids,
-                                     NULL, NULL);
+                                     virConnectListDomainsCheckACL, conn);
 
     return n;
 }
@@ -483,8 +503,11 @@ vzConnectNumOfDomains(virConnectPtr conn)
     vzConnPtr privconn = conn->privateData;
     int count;
 
+    if (virConnectNumOfDomainsEnsureACL(conn) < 0)
+        return -1;
+
     count = virDomainObjListNumOfDomains(privconn->driver->domains, true,
-                                         NULL, NULL);
+                                         virConnectNumOfDomainsCheckACL, conn);
 
     return count;
 }
@@ -495,9 +518,14 @@ vzConnectListDefinedDomains(virConnectPtr conn, char **const names, int maxnames
     vzConnPtr privconn = conn->privateData;
     int n;
 
+    if (virConnectListDefinedDomainsEnsureACL(conn) < 0)
+        return -1;
+
     memset(names, 0, sizeof(*names) * maxnames);
     n = virDomainObjListGetInactiveNames(privconn->driver->domains, names,
-                                         maxnames, NULL, NULL);
+                                         maxnames,
+                                         virConnectListDefinedDomainsCheckACL,
+                                         conn);
 
     return n;
 }
@@ -508,8 +536,12 @@ vzConnectNumOfDefinedDomains(virConnectPtr conn)
     vzConnPtr privconn = conn->privateData;
     int count;
 
+    if (virConnectNumOfDefinedDomainsEnsureACL(conn) < 0)
+        return -1;
+
     count = virDomainObjListNumOfDomains(privconn->driver->domains, false,
-                                         NULL, NULL);
+                                         virConnectNumOfDefinedDomainsCheckACL,
+                                         conn);
     return count;
 }
 
@@ -522,8 +554,12 @@ vzConnectListAllDomains(virConnectPtr conn,
     int ret = -1;
 
     virCheckFlags(VIR_CONNECT_LIST_DOMAINS_FILTERS_ALL, -1);
+
+    if (virConnectListAllDomainsEnsureACL(conn) < 0)
+        return -1;
+
     ret = virDomainObjListExport(privconn->driver->domains, conn, domains,
-                                 NULL, flags);
+                                 virConnectListAllDomainsCheckACL, flags);
 
     return ret;
 }
@@ -532,7 +568,7 @@ static virDomainPtr
 vzDomainLookupByID(virConnectPtr conn, int id)
 {
     vzConnPtr privconn = conn->privateData;
-    virDomainPtr ret;
+    virDomainPtr ret = NULL;
     virDomainObjPtr dom;
 
     dom = virDomainObjListFindByID(privconn->driver->domains, id);
@@ -542,10 +578,14 @@ vzDomainLookupByID(virConnectPtr conn, int id)
         return NULL;
     }
 
+    if (virDomainLookupByIDEnsureACL(conn, dom->def) < 0)
+        goto cleanup;
+
     ret = virGetDomain(conn, dom->def->name, dom->def->uuid);
     if (ret)
         ret->id = dom->def->id;
 
+ cleanup:
     virObjectUnlock(dom);
     return ret;
 }
@@ -554,7 +594,7 @@ static virDomainPtr
 vzDomainLookupByUUID(virConnectPtr conn, const unsigned char *uuid)
 {
     vzConnPtr privconn = conn->privateData;
-    virDomainPtr ret;
+    virDomainPtr ret = NULL;
     virDomainObjPtr dom;
 
     dom = virDomainObjListFindByUUID(privconn->driver->domains, uuid);
@@ -567,10 +607,14 @@ vzDomainLookupByUUID(virConnectPtr conn, const unsigned char *uuid)
         return NULL;
     }
 
+    if (virDomainLookupByUUIDEnsureACL(conn, dom->def) < 0)
+        goto cleanup;
+
     ret = virGetDomain(conn, dom->def->name, dom->def->uuid);
     if (ret)
         ret->id = dom->def->id;
 
+ cleanup:
     virObjectUnlock(dom);
     return ret;
 }
@@ -579,7 +623,7 @@ static virDomainPtr
 vzDomainLookupByName(virConnectPtr conn, const char *name)
 {
     vzConnPtr privconn = conn->privateData;
-    virDomainPtr ret;
+    virDomainPtr ret = NULL;
     virDomainObjPtr dom;
 
     dom = virDomainObjListFindByName(privconn->driver->domains, name);
@@ -590,10 +634,14 @@ vzDomainLookupByName(virConnectPtr conn, const char *name)
         return NULL;
     }
 
+    if (virDomainLookupByNameEnsureACL(conn, dom->def) < 0)
+        goto cleanup;
+
     ret = virGetDomain(conn, dom->def->name, dom->def->uuid);
     if (ret)
         ret->id = dom->def->id;
 
+ cleanup:
     virDomainObjEndAPI(&dom);
     return ret;
 }
@@ -607,6 +655,9 @@ vzDomainGetInfo(virDomainPtr domain, virDomainInfoPtr info)
     if (!(dom = vzDomObjFromDomainRef(domain)))
         goto cleanup;
 
+    if (virDomainGetInfoEnsureACL(domain->conn, dom->def) < 0)
+        goto cleanup;
+
     info->state = virDomainObjGetState(dom, NULL);
     info->memory = dom->def->mem.cur_balloon;
     info->maxMem = virDomainDefGetMemoryTotal(dom->def);
@@ -645,8 +696,12 @@ vzDomainGetOSType(virDomainPtr domain)
     if (!(dom = vzDomObjFromDomain(domain)))
         return NULL;
 
+    if (virDomainGetOSTypeEnsureACL(domain->conn, dom->def) < 0)
+        goto cleanup;
+
     ignore_value(VIR_STRDUP(ret, virDomainOSTypeToString(dom->def->os.type)));
 
+ cleanup:
     virObjectUnlock(dom);
     return ret;
 }
@@ -655,12 +710,19 @@ static int
 vzDomainIsPersistent(virDomainPtr domain)
 {
     virDomainObjPtr dom;
+    int ret = -1;
 
     if (!(dom = vzDomObjFromDomain(domain)))
         return -1;
 
+    if (virDomainIsPersistentEnsureACL(domain->conn, dom->def) < 0)
+        goto cleanup;
+
+    ret = 1;
+
+ cleanup:
     virObjectUnlock(dom);
-    return 1;
+    return ret;
 }
 
 static int
@@ -668,16 +730,22 @@ vzDomainGetState(virDomainPtr domain,
                  int *state, int *reason, unsigned int flags)
 {
     virDomainObjPtr dom;
+    int ret = -1;
 
     virCheckFlags(0, -1);
 
     if (!(dom = vzDomObjFromDomain(domain)))
         return -1;
 
+    if (virDomainGetStateEnsureACL(domain->conn, dom->def) < 0)
+        goto cleanup;
+
     *state = virDomainObjGetState(dom, reason);
+    ret = 0;
 
+ cleanup:
     virObjectUnlock(dom);
-    return 0;
+    return ret;
 }
 
 static char *
@@ -693,11 +761,15 @@ vzDomainGetXMLDesc(virDomainPtr domain, unsigned int flags)
     if (!(dom = vzDomObjFromDomain(domain)))
         return NULL;
 
+    if (virDomainGetXMLDescEnsureACL(domain->conn, dom->def, flags) < 0)
+        goto cleanup;
+
     def = (flags & VIR_DOMAIN_XML_INACTIVE) &&
         dom->newDef ? dom->newDef : dom->def;
 
     ret = virDomainDefFormat(def, privconn->driver->caps, flags);
 
+ cleanup:
     virObjectUnlock(dom);
     return ret;
 }
@@ -706,14 +778,20 @@ static int
 vzDomainGetAutostart(virDomainPtr domain, int *autostart)
 {
     virDomainObjPtr dom;
+    int ret = -1;
 
     if (!(dom = vzDomObjFromDomain(domain)))
         return -1;
 
+    if (virDomainGetAutostartEnsureACL(domain->conn, dom->def) < 0)
+        goto cleanup;
+
     *autostart = dom->autostart;
+    ret = 0;
 
+ cleanup:
     virObjectUnlock(dom);
-    return 0;
+    return ret;
 }
 
 static bool
@@ -752,6 +830,9 @@ vzDomainDefineXMLFlags(virConnectPtr conn, const char *xml, unsigned int flags)
                                        parse_flags)) == NULL)
         goto cleanup;
 
+    if (virDomainDefineXMLFlagsEnsureACL(conn, def) < 0)
+        goto cleanup;
+
     dom = virDomainObjListFindByUUIDRef(driver->domains, def->uuid);
     if (dom == NULL) {
         virResetLastError();
@@ -829,9 +910,12 @@ vzDomainDefineXML(virConnectPtr conn, const char *xml)
 
 
 static int
-vzNodeGetInfo(virConnectPtr conn ATTRIBUTE_UNUSED,
+vzNodeGetInfo(virConnectPtr conn,
               virNodeInfoPtr nodeinfo)
 {
+    if (virNodeGetInfoEnsureACL(conn) < 0)
+        return -1;
+
     return nodeGetInfo(nodeinfo);
 }
 
@@ -854,13 +938,16 @@ static int vzConnectIsAlive(virConnectPtr conn ATTRIBUTE_UNUSED)
 
 
 static char *
-vzConnectBaselineCPU(virConnectPtr conn ATTRIBUTE_UNUSED,
+vzConnectBaselineCPU(virConnectPtr conn,
                      const char **xmlCPUs,
                      unsigned int ncpus,
                      unsigned int flags)
 {
     virCheckFlags(VIR_CONNECT_BASELINE_CPU_EXPAND_FEATURES, NULL);
 
+    if (virConnectBaselineCPUEnsureACL(conn) < 0)
+        return NULL;
+
     return cpuBaselineXML(xmlCPUs, ncpus, NULL, 0, flags);
 }
 
@@ -879,6 +966,9 @@ vzDomainGetVcpus(virDomainPtr domain,
     if (!(dom = vzDomObjFromDomainRef(domain)))
         return -1;
 
+    if (virDomainGetVcpusEnsureACL(domain->conn, dom->def) < 0)
+        goto cleanup;
+
     if (!virDomainObjIsActive(dom)) {
         virReportError(VIR_ERR_OPERATION_INVALID,
                        "%s",
@@ -922,6 +1012,9 @@ vzNodeGetCPUMap(virConnectPtr conn ATTRIBUTE_UNUSED,
                 unsigned int *online,
                 unsigned int flags)
 {
+    if (virNodeGetCPUMapEnsureACL(conn) < 0)
+        return -1;
+
     return virHostCPUGetMap(cpumap, online, flags);
 }
 
@@ -935,6 +1028,10 @@ vzConnectDomainEventRegisterAny(virConnectPtr conn,
 {
     int ret = -1;
     vzConnPtr privconn = conn->privateData;
+
+    if (virConnectDomainEventRegisterAnyEnsureACL(conn) < 0)
+        return -1;
+
     if (virDomainEventStateRegisterID(conn,
                                       privconn->driver->domainEventState,
                                       domain, eventID,
@@ -949,6 +1046,9 @@ vzConnectDomainEventDeregisterAny(virConnectPtr conn,
 {
     vzConnPtr privconn = conn->privateData;
 
+    if (virConnectDomainEventDeregisterAnyEnsureACL(conn) < 0)
+        return -1;
+
     if (virObjectEventStateDeregisterID(conn,
                                         privconn->driver->domainEventState,
                                         callbackID) < 0)
@@ -968,6 +1068,9 @@ vzDomainSuspend(virDomainPtr domain)
     if (!(dom = vzDomObjFromDomainRef(domain)))
         return -1;
 
+    if (virDomainSuspendEnsureACL(domain->conn, dom->def) < 0)
+        goto cleanup;
+
     if (vzDomainObjBeginJob(dom) < 0)
         goto cleanup;
     job = true;
@@ -1002,6 +1105,9 @@ vzDomainResume(virDomainPtr domain)
     if (!(dom = vzDomObjFromDomainRef(domain)))
         return -1;
 
+    if (virDomainResumeEnsureACL(domain->conn, dom->def) < 0)
+        goto cleanup;
+
     if (vzDomainObjBeginJob(dom) < 0)
         goto cleanup;
     job = true;
@@ -1038,6 +1144,9 @@ vzDomainCreateWithFlags(virDomainPtr domain, unsigned int flags)
     if (!(dom = vzDomObjFromDomainRef(domain)))
         return -1;
 
+    if (virDomainCreateWithFlagsEnsureACL(domain->conn, dom->def) < 0)
+        goto cleanup;
+
     if (vzDomainObjBeginJob(dom) < 0)
         goto cleanup;
     job = true;
@@ -1074,6 +1183,9 @@ vzDomainDestroyFlags(virDomainPtr domain, unsigned int flags)
     if (!(dom = vzDomObjFromDomainRef(domain)))
         return -1;
 
+    if (virDomainDestroyFlagsEnsureACL(domain->conn, dom->def) < 0)
+        goto cleanup;
+
     if (vzDomainObjBeginJob(dom) < 0)
         goto cleanup;
     job = true;
@@ -1116,6 +1228,9 @@ vzDomainShutdownFlags(virDomainPtr domain, unsigned int flags)
     if (!(dom = vzDomObjFromDomainRef(domain)))
         return -1;
 
+    if (virDomainShutdownFlagsEnsureACL(domain->conn, dom->def, flags) < 0)
+        goto cleanup;
+
     if (vzDomainObjBeginJob(dom) < 0)
         goto cleanup;
     job = true;
@@ -1157,6 +1272,9 @@ vzDomainReboot(virDomainPtr domain, unsigned int flags)
     if (!(dom = vzDomObjFromDomainRef(domain)))
         return -1;
 
+    if (virDomainRebootEnsureACL(domain->conn, dom->def, flags) < 0)
+        goto cleanup;
+
     if (vzDomainObjBeginJob(dom) < 0)
         goto cleanup;
     job = true;
@@ -1188,7 +1306,12 @@ static int vzDomainIsActive(virDomainPtr domain)
     if (!(dom = vzDomObjFromDomain(domain)))
         return -1;
 
+    if (virDomainIsActiveEnsureACL(domain->conn, dom->def) < 0)
+        goto cleanup;
+
     ret = virDomainObjIsActive(dom);
+
+ cleanup:
     virObjectUnlock(dom);
 
     return ret;
@@ -1215,6 +1338,9 @@ vzDomainUndefineFlags(virDomainPtr domain,
     if (!(dom = vzDomObjFromDomainRef(domain)))
         return -1;
 
+    if (virDomainUndefineFlagsEnsureACL(domain->conn, dom->def) < 0)
+        goto cleanup;
+
     if (vzDomainObjBeginJob(dom) < 0)
         goto cleanup;
     job = true;
@@ -1244,16 +1370,23 @@ vzDomainHasManagedSaveImage(virDomainPtr domain, unsigned int flags)
 {
     virDomainObjPtr dom = NULL;
     int state, reason;
-    int ret = 0;
+    int ret = -1;
 
     virCheckFlags(0, -1);
 
     if (!(dom = vzDomObjFromDomain(domain)))
         return -1;
 
+    if (virDomainHasManagedSaveImageEnsureACL(domain->conn, dom->def) < 0)
+        goto cleanup;
+
     state = virDomainObjGetState(dom, &reason);
     if (state == VIR_DOMAIN_SHUTOFF && reason == VIR_DOMAIN_SHUTOFF_SAVED)
         ret = 1;
+    else
+        ret = 0;
+
+ cleanup:
     virObjectUnlock(dom);
 
     return ret;
@@ -1274,6 +1407,9 @@ vzDomainManagedSave(virDomainPtr domain, unsigned int flags)
     if (!(dom = vzDomObjFromDomainRef(domain)))
         return -1;
 
+    if (virDomainManagedSaveEnsureACL(domain->conn, dom->def) < 0)
+        goto cleanup;
+
     if (vzDomainObjBeginJob(dom) < 0)
         goto cleanup;
     job = true;
@@ -1314,6 +1450,9 @@ vzDomainManagedSaveRemove(virDomainPtr domain, unsigned int flags)
     if (!(dom = vzDomObjFromDomainRef(domain)))
         return -1;
 
+    if (virDomainManagedSaveRemoveEnsureACL(domain->conn, dom->def) < 0)
+        goto cleanup;
+
     state = virDomainObjGetState(dom, &reason);
 
     if (!(state == VIR_DOMAIN_SHUTOFF && reason == VIR_DOMAIN_SHUTOFF_SAVED))
@@ -1366,6 +1505,9 @@ static int vzDomainAttachDeviceFlags(virDomainPtr domain, const char *xml,
     if (vzCheckConfigUpdateFlags(dom, &flags) < 0)
         goto cleanup;
 
+    if (virDomainAttachDeviceFlagsEnsureACL(domain->conn, dom->def, flags) < 0)
+        goto cleanup;
+
     dev = virDomainDeviceDefParse(xml, dom->def, privconn->driver->caps,
                                   privconn->driver->xmlopt, VIR_DOMAIN_XML_INACTIVE);
     if (dev == NULL)
@@ -1435,6 +1577,9 @@ static int vzDomainDetachDeviceFlags(virDomainPtr domain, const char *xml,
     if (vzCheckConfigUpdateFlags(dom, &flags) < 0)
         goto cleanup;
 
+    if (virDomainDetachDeviceFlagsEnsureACL(domain->conn, dom->def, flags) < 0)
+        goto cleanup;
+
     dev = virDomainDeviceDefParse(xml, dom->def, privconn->driver->caps,
                                   privconn->driver->xmlopt,
                                   VIR_DOMAIN_XML_INACTIVE |
@@ -1502,6 +1647,9 @@ vzDomainSetUserPassword(virDomainPtr domain,
     if (!(dom = vzDomObjFromDomainRef(domain)))
         return -1;
 
+    if (virDomainSetUserPasswordEnsureACL(domain->conn, dom->def) < 0)
+        goto cleanup;
+
     if (vzDomainObjBeginJob(dom) < 0)
         goto cleanup;
     job = true;
@@ -1527,7 +1675,12 @@ vzDomainGetMaxMemory(virDomainPtr domain)
     if (!(dom = vzDomObjFromDomain(domain)))
         return -1;
 
+    if (virDomainGetMaxMemoryEnsureACL(domain->conn, dom->def) < 0)
+        goto cleanup;
+
     ret = virDomainDefGetMemoryTotal(dom->def);
+
+ cleanup:
     virObjectUnlock(dom);
     return ret;
 }
@@ -1586,6 +1739,9 @@ vzDomainBlockStats(virDomainPtr domain,
     if (!(dom = vzDomObjFromDomainRef(domain)))
         return -1;
 
+    if (virDomainBlockStatsEnsureACL(domain->conn, dom->def) < 0)
+        goto cleanup;
+
     if (vzDomainBlockStatsImpl(dom, path, stats) < 0)
         goto cleanup;
 
@@ -1650,6 +1806,9 @@ vzDomainBlockStatsFlags(virDomainPtr domain,
     if (!(dom = vzDomObjFromDomainRef(domain)))
         return -1;
 
+    if (virDomainBlockStatsFlagsEnsureACL(domain->conn, dom->def) < 0)
+        goto cleanup;
+
     if (vzDomainBlockStatsImpl(dom, path, &stats) < 0)
         goto cleanup;
 
@@ -1671,14 +1830,19 @@ vzDomainInterfaceStats(virDomainPtr domain,
 {
     virDomainObjPtr dom = NULL;
     vzDomObjPtr privdom;
-    int ret;
+    int ret = -1;
 
     if (!(dom = vzDomObjFromDomainRef(domain)))
         return -1;
 
+    if (virDomainInterfaceStatsEnsureACL(domain->conn, dom->def) < 0)
+        goto cleanup;
+
     privdom = dom->privateData;
 
     ret = prlsdkGetNetStats(privdom->stats, privdom->sdkdom, path, stats);
+
+ cleanup:
     virDomainObjEndAPI(&dom);
 
     return ret;
@@ -1698,9 +1862,14 @@ vzDomainMemoryStats(virDomainPtr domain,
     if (!(dom = vzDomObjFromDomainRef(domain)))
         return -1;
 
+    if (virDomainMemoryStatsEnsureACL(domain->conn, dom->def) < 0)
+        goto cleanup;
+
     privdom = dom->privateData;
 
     ret = prlsdkGetMemoryStats(privdom->stats, stats, nr_stats);
+
+ cleanup:
     virDomainObjEndAPI(&dom);
 
     return ret;
@@ -1711,7 +1880,7 @@ vzDomainGetVcpusFlags(virDomainPtr domain,
                       unsigned int flags)
 {
     virDomainObjPtr dom;
-    int ret;
+    int ret = -1;
 
     virCheckFlags(VIR_DOMAIN_AFFECT_LIVE |
                   VIR_DOMAIN_AFFECT_CONFIG |
@@ -1720,11 +1889,15 @@ vzDomainGetVcpusFlags(virDomainPtr domain,
     if (!(dom = vzDomObjFromDomain(domain)))
         return -1;
 
+    if (virDomainGetVcpusFlagsEnsureACL(domain->conn, dom->def, flags) < 0)
+        goto cleanup;
+
     if (flags & VIR_DOMAIN_VCPU_MAXIMUM)
         ret = virDomainDefGetVcpusMax(dom->def);
     else
         ret = virDomainDefGetVcpus(dom->def);
 
+ cleanup:
     virObjectUnlock(dom);
 
     return ret;
@@ -1739,19 +1912,29 @@ static int vzDomainGetMaxVcpus(virDomainPtr domain)
 static int vzDomainIsUpdated(virDomainPtr domain)
 {
     virDomainObjPtr dom;
+    int ret = -1;
 
     /* As far as VZ domains are always updated (e.g. current==persistent),
      * we just check for domain existence */
     if (!(dom = vzDomObjFromDomain(domain)))
         return -1;
 
+    if (virDomainIsUpdatedEnsureACL(domain->conn, dom->def) < 0)
+        goto cleanup;
+
+    ret = 0;
+
+ cleanup:
     virObjectUnlock(dom);
-    return 0;
+    return ret;
 }
 
-static int vzConnectGetMaxVcpus(virConnectPtr conn ATTRIBUTE_UNUSED,
+static int vzConnectGetMaxVcpus(virConnectPtr conn,
                                 const char *type)
 {
+    if (virConnectGetMaxVcpusEnsureACL(conn) < 0)
+        return -1;
+
     /* As far as we have no limitation for containers
      * we report maximum */
     if (type == NULL || STRCASEEQ(type, "vz") || STRCASEEQ(type, "parallels"))
@@ -1763,38 +1946,51 @@ static int vzConnectGetMaxVcpus(virConnectPtr conn ATTRIBUTE_UNUSED,
 }
 
 static int
-vzNodeGetCPUStats(virConnectPtr conn ATTRIBUTE_UNUSED,
+vzNodeGetCPUStats(virConnectPtr conn,
                   int cpuNum,
                   virNodeCPUStatsPtr params,
                   int *nparams,
                   unsigned int flags)
 {
+    if (virNodeGetCPUStatsEnsureACL(conn) < 0)
+        return -1;
+
     return virHostCPUGetStats(cpuNum, params, nparams, flags);
 }
 
 static int
-vzNodeGetMemoryStats(virConnectPtr conn ATTRIBUTE_UNUSED,
+vzNodeGetMemoryStats(virConnectPtr conn,
                      int cellNum,
                      virNodeMemoryStatsPtr params,
                      int *nparams,
                      unsigned int flags)
 {
+    if (virNodeGetMemoryStatsEnsureACL(conn) < 0)
+        return -1;
+
     return virHostMemGetStats(cellNum, params, nparams, flags);
 }
 
 static int
-vzNodeGetCellsFreeMemory(virConnectPtr conn ATTRIBUTE_UNUSED,
+vzNodeGetCellsFreeMemory(virConnectPtr conn,
                          unsigned long long *freeMems,
                          int startCell,
                          int maxCells)
 {
+    if (virNodeGetCellsFreeMemoryEnsureACL(conn) < 0)
+        return -1;
+
     return virHostMemGetCellsFree(freeMems, startCell, maxCells);
 }
 
 static unsigned long long
-vzNodeGetFreeMemory(virConnectPtr conn ATTRIBUTE_UNUSED)
+vzNodeGetFreeMemory(virConnectPtr conn)
 {
     unsigned long long freeMem;
+
+    if (virNodeGetFreeMemoryEnsureACL(conn) < 0)
+        return -1;
+
     if (virHostMemGetInfo(NULL, &freeMem) < 0)
         return 0;
     return freeMem;
@@ -1809,6 +2005,9 @@ vzConnectRegisterCloseCallback(virConnectPtr conn,
     vzConnPtr privconn = conn->privateData;
     int ret = -1;
 
+    if (virConnectRegisterCloseCallbackEnsureACL(conn) < 0)
+        return -1;
+
     virObjectLock(privconn->driver);
 
     if (virConnectCloseCallbackDataGetCallback(privconn->closeCallback) != NULL) {
@@ -1833,6 +2032,9 @@ vzConnectUnregisterCloseCallback(virConnectPtr conn, virConnectCloseFunc cb)
     vzConnPtr privconn = conn->privateData;
     int ret = -1;
 
+    if (virConnectUnregisterCloseCallbackEnsureACL(conn) < 0)
+        return -1;
+
     virObjectLock(privconn->driver);
 
     if (virConnectCloseCallbackDataGetCallback(privconn->closeCallback) != cb) {
@@ -1866,6 +2068,9 @@ static int vzDomainSetMemoryFlags(virDomainPtr domain, unsigned long memory,
     if (vzCheckConfigUpdateFlags(dom, &flags) < 0)
         goto cleanup;
 
+    if (virDomainSetMemoryFlagsEnsureACL(domain->conn, dom->def, flags) < 0)
+        goto cleanup;
+
     if (vzDomainObjBeginJob(dom) < 0)
         goto cleanup;
     job = true;
@@ -1892,6 +2097,9 @@ static int vzDomainSetMemory(virDomainPtr domain, unsigned long memory)
     if (!(dom = vzDomObjFromDomainRef(domain)))
         return -1;
 
+    if (virDomainSetMemoryEnsureACL(domain->conn, dom->def) < 0)
+        goto cleanup;
+
     if (vzDomainObjBeginJob(dom) < 0)
         goto cleanup;
     job = true;
@@ -1964,6 +2172,9 @@ vzDomainSnapshotNum(virDomainPtr domain, unsigned int flags)
     if (!(dom = vzDomObjFromDomainRef(domain)))
         return -1;
 
+    if (virDomainSnapshotNumEnsureACL(domain->conn, dom->def) < 0)
+        goto cleanup;
+
     if (!(snapshots = prlsdkLoadSnapshots(dom)))
         goto cleanup;
 
@@ -1992,6 +2203,9 @@ vzDomainSnapshotListNames(virDomainPtr domain,
     if (!(dom = vzDomObjFromDomainRef(domain)))
         return -1;
 
+    if (virDomainSnapshotListNamesEnsureACL(domain->conn, dom->def) < 0)
+        goto cleanup;
+
     if (!(snapshots = prlsdkLoadSnapshots(dom)))
         goto cleanup;
 
@@ -2019,6 +2233,9 @@ vzDomainListAllSnapshots(virDomainPtr domain,
     if (!(dom = vzDomObjFromDomainRef(domain)))
         return -1;
 
+    if (virDomainListAllSnapshotsEnsureACL(domain->conn, dom->def) < 0)
+        goto cleanup;
+
     if (!(snapshots = prlsdkLoadSnapshots(dom)))
         goto cleanup;
 
@@ -2046,6 +2263,9 @@ vzDomainSnapshotGetXMLDesc(virDomainSnapshotPtr snapshot, unsigned int flags)
     if (!(dom = vzDomObjFromDomainRef(snapshot->domain)))
         return NULL;
 
+    if (virDomainSnapshotGetXMLDescEnsureACL(snapshot->domain->conn, dom->def, flags) < 0)
+        goto cleanup;
+
     if (!(snapshots = prlsdkLoadSnapshots(dom)))
         goto cleanup;
 
@@ -2079,6 +2299,9 @@ vzDomainSnapshotNumChildren(virDomainSnapshotPtr snapshot, unsigned int flags)
     if (!(dom = vzDomObjFromDomainRef(snapshot->domain)))
         return -1;
 
+    if (virDomainSnapshotNumChildrenEnsureACL(snapshot->domain->conn, dom->def) < 0)
+        goto cleanup;
+
     if (!(snapshots = prlsdkLoadSnapshots(dom)))
         goto cleanup;
 
@@ -2111,6 +2334,9 @@ vzDomainSnapshotListChildrenNames(virDomainSnapshotPtr snapshot,
     if (!(dom = vzDomObjFromDomainRef(snapshot->domain)))
         return -1;
 
+    if (virDomainSnapshotListChildrenNamesEnsureACL(snapshot->domain->conn, dom->def) < 0)
+        goto cleanup;
+
     if (!(snapshots = prlsdkLoadSnapshots(dom)))
         goto cleanup;
 
@@ -2142,6 +2368,9 @@ vzDomainSnapshotListAllChildren(virDomainSnapshotPtr snapshot,
     if (!(dom = vzDomObjFromDomainRef(snapshot->domain)))
         return -1;
 
+    if (virDomainSnapshotListAllChildrenEnsureACL(snapshot->domain->conn, dom->def) < 0)
+        goto cleanup;
+
     if (!(snapshots = prlsdkLoadSnapshots(dom)))
         goto cleanup;
 
@@ -2172,6 +2401,9 @@ vzDomainSnapshotLookupByName(virDomainPtr domain,
     if (!(dom = vzDomObjFromDomainRef(domain)))
         return NULL;
 
+    if (virDomainSnapshotLookupByNameEnsureACL(domain->conn, dom->def) < 0)
+        goto cleanup;
+
     if (!(snapshots = prlsdkLoadSnapshots(dom)))
         goto cleanup;
 
@@ -2199,6 +2431,9 @@ vzDomainHasCurrentSnapshot(virDomainPtr domain, unsigned int flags)
     if (!(dom = vzDomObjFromDomainRef(domain)))
         return -1;
 
+    if (virDomainHasCurrentSnapshotEnsureACL(domain->conn, dom->def) < 0)
+        goto cleanup;
+
     if (!(snapshots = prlsdkLoadSnapshots(dom)))
         goto cleanup;
 
@@ -2224,6 +2459,9 @@ vzDomainSnapshotGetParent(virDomainSnapshotPtr snapshot, unsigned int flags)
     if (!(dom = vzDomObjFromDomainRef(snapshot->domain)))
         return NULL;
 
+    if (virDomainSnapshotGetParentEnsureACL(snapshot->domain->conn, dom->def) < 0)
+        goto cleanup;
+
     if (!(snapshots = prlsdkLoadSnapshots(dom)))
         goto cleanup;
 
@@ -2259,6 +2497,9 @@ vzDomainSnapshotCurrent(virDomainPtr domain, unsigned int flags)
     if (!(dom = vzDomObjFromDomainRef(domain)))
         return NULL;
 
+    if (virDomainSnapshotCurrentEnsureACL(domain->conn, dom->def) < 0)
+        goto cleanup;
+
     if (!(snapshots = prlsdkLoadSnapshots(dom)))
         goto cleanup;
 
@@ -2290,6 +2531,9 @@ vzDomainSnapshotIsCurrent(virDomainSnapshotPtr snapshot, unsigned int flags)
     if (!(dom = vzDomObjFromDomainRef(snapshot->domain)))
         return -1;
 
+    if (virDomainSnapshotIsCurrentEnsureACL(snapshot->domain->conn, dom->def) < 0)
+        goto cleanup;
+
     if (!(snapshots = prlsdkLoadSnapshots(dom)))
         goto cleanup;
 
@@ -2317,6 +2561,9 @@ vzDomainSnapshotHasMetadata(virDomainSnapshotPtr snapshot,
     if (!(dom = vzDomObjFromDomainRef(snapshot->domain)))
         return -1;
 
+    if (virDomainSnapshotHasMetadataEnsureACL(snapshot->domain->conn, dom->def) < 0)
+        goto cleanup;
+
     if (!(snapshots = prlsdkLoadSnapshots(dom)))
         goto cleanup;
 
@@ -2352,6 +2599,9 @@ vzDomainSnapshotCreateXML(virDomainPtr domain,
     if (!(dom = vzDomObjFromDomainRef(domain)))
         return NULL;
 
+    if (virDomainSnapshotCreateXMLEnsureACL(domain->conn, dom->def, flags) < 0)
+        goto cleanup;
+
     if (!(def = virDomainSnapshotDefParseString(xmlDesc, driver->caps,
                                                 driver->xmlopt, parse_flags)))
         goto cleanup;
@@ -2412,9 +2662,13 @@ vzDomainSnapshotDelete(virDomainSnapshotPtr snapshot, unsigned int flags)
     if (!(dom = vzDomObjFromDomainRef(snapshot->domain)))
         return -1;
 
+    if (virDomainSnapshotDeleteEnsureACL(snapshot->domain->conn, dom->def) < 0)
+        goto cleanup;
+
     ret = prlsdkDeleteSnapshot(dom, snapshot->name,
                                flags & VIR_DOMAIN_SNAPSHOT_DELETE_CHILDREN);
 
+ cleanup:
     virDomainObjEndAPI(&dom);
 
     return ret;
@@ -2432,6 +2686,9 @@ vzDomainRevertToSnapshot(virDomainSnapshotPtr snapshot, unsigned int flags)
     if (!(dom = vzDomObjFromDomain(snapshot->domain)))
         return -1;
 
+    if (virDomainRevertToSnapshotEnsureACL(snapshot->domain->conn, dom->def) < 0)
+        goto cleanup;
+
     if (vzDomainObjBeginJob(dom) < 0)
         goto cleanup;
     job = true;
@@ -2648,6 +2905,9 @@ vzDomainMigrateBegin3Params(virDomainPtr domain,
     if (!(dom = vzDomObjFromDomain(domain)))
         goto cleanup;
 
+    if (virDomainMigrateBegin3ParamsEnsureACL(domain->conn, dom->def) < 0)
+        goto cleanup;
+
     xml = vzDomainMigrateBeginStep(dom, privconn->driver, params, nparams,
                                    cookieout, cookieoutlen);
 
@@ -2694,8 +2954,11 @@ vzDomainMigratePrepare3Params(virConnectPtr conn,
                               unsigned int flags)
 {
     vzConnPtr privconn = conn->privateData;
+    vzDriverPtr driver = privconn->driver;
     const char *miguri = NULL;
     const char *dname = NULL;
+    const char *dom_xml = NULL;
+    virDomainDefPtr def = NULL;
     int ret = -1;
 
     virCheckFlags(VZ_MIGRATION_FLAGS, -1);
@@ -2706,6 +2969,8 @@ vzDomainMigratePrepare3Params(virConnectPtr conn,
     if (virTypedParamsGetString(params, nparams,
                                 VIR_MIGRATE_PARAM_URI, &miguri) < 0 ||
         virTypedParamsGetString(params, nparams,
+                                VIR_MIGRATE_PARAM_DEST_XML, &dom_xml) < 0 ||
+        virTypedParamsGetString(params, nparams,
                                 VIR_MIGRATE_PARAM_DEST_NAME, &dname) < 0)
         goto cleanup;
 
@@ -2722,15 +2987,32 @@ vzDomainMigratePrepare3Params(virConnectPtr conn,
                      | VZ_MIGRATION_COOKIE_DOMAIN_NAME) < 0)
         goto cleanup;
 
+    if (!(def = virDomainDefParseString(dom_xml, driver->caps, driver->xmlopt,
+                                        VIR_DOMAIN_DEF_PARSE_INACTIVE)))
+        goto cleanup;
+
+    if (dname) {
+        VIR_FREE(def->name);
+        if (VIR_STRDUP(def->name, dname) < 0)
+            goto cleanup;
+    }
+
+    if (virDomainMigratePrepare3ParamsEnsureACL(conn, def) < 0)
+        goto cleanup;
+
     ret = 0;
 
  cleanup:
+    virDomainDefFree(def);
     return ret;
 }
 
 static int
 vzConnectSupportsFeature(virConnectPtr conn ATTRIBUTE_UNUSED, int feature)
 {
+    if (virConnectSupportsFeatureEnsureACL(conn) < 0)
+        return -1;
+
     switch (feature) {
     case VIR_DRV_FEATURE_MIGRATION_PARAMS:
     case VIR_DRV_FEATURE_MIGRATION_P2P:
@@ -2947,7 +3229,7 @@ vzDomainMigratePerform3Params(virDomainPtr domain,
                               int *cookieoutlen ATTRIBUTE_UNUSED,
                               unsigned int flags)
 {
-    int ret;
+    int ret = -1;
     virDomainObjPtr dom;
     vzConnPtr privconn = domain->conn->privateData;
 
@@ -2959,6 +3241,9 @@ vzDomainMigratePerform3Params(virDomainPtr domain,
     if (!(dom = vzDomObjFromDomainRef(domain)))
         return -1;
 
+    if (virDomainMigratePerform3ParamsEnsureACL(domain->conn, dom->def) < 0)
+        goto cleanup;
+
     if (flags & VIR_MIGRATE_PEER2PEER)
         ret = vzDomainMigratePerformP2P(dom, privconn->driver, dconnuri,
                                         params, nparams, flags);
@@ -2966,6 +3251,7 @@ vzDomainMigratePerform3Params(virDomainPtr domain,
         ret = vzDomainMigratePerformStep(dom, privconn->driver, params, nparams,
                                          cookiein, cookieinlen, flags);
 
+ cleanup:
     virDomainObjEndAPI(&dom);
 
     return ret;
@@ -3003,6 +3289,11 @@ vzDomainMigrateFinish3Params(virConnectPtr dconn,
     if (!(dom = prlsdkAddDomainByName(driver, name)))
         goto cleanup;
 
+    /* At first glace at may look strange that we add domain and
+     * then check ACL but we touch only cache and not real system state */
+    if (virDomainMigrateFinish3ParamsEnsureACL(dconn, dom->def) < 0)
+        goto cleanup;
+
     domain = virGetDomain(dconn, dom->def->name, dom->def->uuid);
     if (domain)
         domain->id = dom->def->id;
@@ -3060,13 +3351,17 @@ static int
 vzDomainGetJobInfo(virDomainPtr domain, virDomainJobInfoPtr info)
 {
     virDomainObjPtr dom;
-    int ret;
+    int ret = -1;
 
     if (!(dom = vzDomObjFromDomain(domain)))
         return -1;
 
+    if (virDomainGetJobInfoEnsureACL(domain->conn, dom->def) < 0)
+        goto cleanup;
+
     ret = vzDomainGetJobInfoImpl(dom, info);
 
+ cleanup:
     virObjectUnlock(dom);
     return ret;
 }
@@ -3122,6 +3417,9 @@ vzDomainGetJobStats(virDomainPtr domain,
     if (!(dom = vzDomObjFromDomain(domain)))
         return -1;
 
+    if (virDomainGetJobStatsEnsureACL(domain->conn, dom->def) < 0)
+        goto cleanup;
+
     if (vzDomainGetJobInfoImpl(dom, &info) < 0)
         goto cleanup;
 
-- 
1.8.3.1




More information about the libvir-list mailing list