#include "interface_conf.h"
#include "viralloc.h"
#include "virlog.h"
+#include "virstring.h"
+#include "viraccessapicheck.h"
#define VIR_FROM_THIS VIR_FROM_INTERFACE
virMutexUnlock(&driver->lock);
}
+/*
+ * Get a minimal virInterfaceDef containing enough metadata
+ * for access control checks to be performed. Currently
+ * this implies existance of name and mac address attributes
+ */
+static virInterfaceDef * ATTRIBUTE_NONNULL(1)
+netcfGetMinimalDefForDevice(struct netcf_if *iface)
+{
+ virInterfaceDef *def;
+
+ /* Allocate our interface definition structure */
+ if (VIR_ALLOC(def) < 0) {
+ virReportOOMError();
+ return NULL;
+ }
+
+ if (VIR_STRDUP(def->name, ncf_if_name(iface)) < 0)
+ goto cleanup;
+
+ if (VIR_STRDUP(def->mac, ncf_if_mac_string(iface)) < 0)
+ goto cleanup;
+
+ return def;
+
+cleanup:
+ virInterfaceDefFree(def);
+ return NULL;
+}
+
+
static int netcf_to_vir_err(int netcf_errcode)
{
switch (netcf_errcode)
int count;
struct interface_driver *driver = conn->interfacePrivateData;
+ if (virConnectNumOfInterfacesEnsureACL(conn) < 0)
+ return -1;
+
interfaceDriverLock(driver);
count = ncf_num_of_interfaces(driver->netcf, NETCF_IFACE_ACTIVE);
if (count < 0) {
struct interface_driver *driver = conn->interfacePrivateData;
int count;
+ if (virConnectListInterfacesEnsureACL(conn) < 0)
+ return -1;
+
interfaceDriverLock(driver);
count = ncf_list_interfaces(driver->netcf, nnames, names, NETCF_IFACE_ACTIVE);
int count;
struct interface_driver *driver = conn->interfacePrivateData;
+ if (virConnectNumOfDefinedInterfacesEnsureACL(conn) < 0)
+ return -1;
+
interfaceDriverLock(driver);
count = ncf_num_of_interfaces(driver->netcf, NETCF_IFACE_INACTIVE);
if (count < 0) {
struct interface_driver *driver = conn->interfacePrivateData;
int count;
+ if (virConnectListDefinedInterfacesEnsureACL(conn) < 0)
+ return -1;
+
interfaceDriverLock(driver);
count = ncf_list_interfaces(driver->netcf, nnames, names, NETCF_IFACE_INACTIVE);
virCheckFlags(VIR_CONNECT_LIST_INTERFACES_FILTERS_ACTIVE, -1);
+ if (virConnectListAllInterfacesEnsureACL(conn) < 0)
+ return -1;
+
interfaceDriverLock(driver);
/* List all interfaces, in case of we might support new filter flags
struct interface_driver *driver = conn->interfacePrivateData;
struct netcf_if *iface;
virInterfacePtr ret = NULL;
+ virInterfaceDefPtr def = NULL;
interfaceDriverLock(driver);
iface = ncf_lookup_by_name(driver->netcf, name);
goto cleanup;
}
+ if (!(def = netcfGetMinimalDefForDevice(iface)))
+ goto cleanup;
+
+ if (virInterfaceLookupByNameEnsureACL(conn, def) < 0)
+ goto cleanup;
+
ret = virGetInterface(conn, ncf_if_name(iface), ncf_if_mac_string(iface));
cleanup:
ncf_if_free(iface);
+ virInterfaceDefFree(def);
interfaceDriverUnlock(driver);
return ret;
}
struct netcf_if *iface;
int niface;
virInterfacePtr ret = NULL;
+ virInterfaceDefPtr def = NULL;
interfaceDriverLock(driver);
niface = ncf_lookup_by_mac_string(driver->netcf, macstr, 1, &iface);
goto cleanup;
}
+
+ if (!(def = netcfGetMinimalDefForDevice(iface)))
+ goto cleanup;
+
+ if (virInterfaceLookupByMACStringEnsureACL(conn, def) < 0)
+ goto cleanup;
+
ret = virGetInterface(conn, ncf_if_name(iface), ncf_if_mac_string(iface));
cleanup:
ncf_if_free(iface);
+ virInterfaceDefFree(def);
interfaceDriverUnlock(driver);
return ret;
}
goto cleanup;
}
+ if (virInterfaceGetXMLDescEnsureACL(ifinfo->conn, ifacedef) < 0)
+ goto cleanup;
+
ret = virInterfaceDefFormat(ifacedef);
if (!ret) {
/* error was already reported */
goto cleanup;
}
+ if (virInterfaceDefineXMLEnsureACL(conn, ifacedef) < 0)
+ goto cleanup;
+
xmlstr = virInterfaceDefFormat(ifacedef);
if (!xmlstr) {
/* error was already reported */
static int netcfInterfaceUndefine(virInterfacePtr ifinfo) {
struct interface_driver *driver = ifinfo->conn->interfacePrivateData;
struct netcf_if *iface = NULL;
+ virInterfaceDefPtr def = NULL;
int ret = -1;
interfaceDriverLock(driver);
goto cleanup;
}
+
+ if (!(def = netcfGetMinimalDefForDevice(iface)))
+ goto cleanup;
+
+ if (virInterfaceUndefineEnsureACL(ifinfo->conn, def) < 0)
+ goto cleanup;
+
ret = ncf_if_undefine(iface);
if (ret < 0) {
const char *errmsg, *details;
cleanup:
ncf_if_free(iface);
+ virInterfaceDefFree(def);
interfaceDriverUnlock(driver);
return ret;
}
{
struct interface_driver *driver = ifinfo->conn->interfacePrivateData;
struct netcf_if *iface = NULL;
+ virInterfaceDefPtr def = NULL;
int ret = -1;
virCheckFlags(0, -1);
goto cleanup;
}
+
+ if (!(def = netcfGetMinimalDefForDevice(iface)))
+ goto cleanup;
+
+ if (virInterfaceCreateEnsureACL(ifinfo->conn, def) < 0)
+ goto cleanup;
+
ret = ncf_if_up(iface);
if (ret < 0) {
const char *errmsg, *details;
cleanup:
ncf_if_free(iface);
+ virInterfaceDefFree(def);
interfaceDriverUnlock(driver);
return ret;
}
{
struct interface_driver *driver = ifinfo->conn->interfacePrivateData;
struct netcf_if *iface = NULL;
+ virInterfaceDefPtr def = NULL;
int ret = -1;
virCheckFlags(0, -1);
goto cleanup;
}
+
+ if (!(def = netcfGetMinimalDefForDevice(iface)))
+ goto cleanup;
+
+ if (virInterfaceDestroyEnsureACL(ifinfo->conn, def) < 0)
+ goto cleanup;
+
ret = ncf_if_down(iface);
if (ret < 0) {
const char *errmsg, *details;
cleanup:
ncf_if_free(iface);
+ virInterfaceDefFree(def);
interfaceDriverUnlock(driver);
return ret;
}
struct interface_driver *driver = ifinfo->conn->interfacePrivateData;
struct netcf_if *iface = NULL;
unsigned int flags = 0;
+ virInterfaceDefPtr def = NULL;
int ret = -1;
interfaceDriverLock(driver);
goto cleanup;
}
+
+ if (!(def = netcfGetMinimalDefForDevice(iface)))
+ goto cleanup;
+
+ if (virInterfaceIsActiveEnsureACL(ifinfo->conn, def) < 0)
+ goto cleanup;
+
if (ncf_if_status(iface, &flags) < 0) {
const char *errmsg, *details;
int errcode = ncf_error(driver->netcf, &errmsg, &details);
cleanup:
ncf_if_free(iface);
+ virInterfaceDefFree(def);
interfaceDriverUnlock(driver);
return ret;
}
virCheckFlags(0, -1); /* currently flags must be 0 */
+ if (virInterfaceChangeBeginEnsureACL(conn) < 0)
+ return -1;
+
interfaceDriverLock(driver);
ret = ncf_change_begin(driver->netcf, 0);
virCheckFlags(0, -1); /* currently flags must be 0 */
+ if (virInterfaceChangeCommitEnsureACL(conn) < 0)
+ return -1;
+
interfaceDriverLock(driver);
ret = ncf_change_commit(driver->netcf, 0);
virCheckFlags(0, -1); /* currently flags must be 0 */
+ if (virInterfaceChangeRollbackEnsureACL(conn) < 0)
+ return -1;
+
interfaceDriverLock(driver);
ret = ncf_change_rollback(driver->netcf, 0);
#include "interface_conf.h"
#include "viralloc.h"
#include "virstring.h"
+#include "viraccessapicheck.h"
#define VIR_FROM_THIS VIR_FROM_INTERFACE
return "";
}
+/*
+ * Get a minimal virInterfaceDef containing enough metadata
+ * for access control checks to be performed. Currently
+ * this implies existance of name and mac address attributes
+ */
+static virInterfaceDef * ATTRIBUTE_NONNULL(1)
+udevGetMinimalDefForDevice(struct udev_device *dev)
+{
+ virInterfaceDef *def;
+
+ /* Allocate our interface definition structure */
+ if (VIR_ALLOC(def) < 0) {
+ virReportOOMError();
+ return NULL;
+ }
+
+ if (VIR_STRDUP(def->name, udev_device_get_sysname(dev)) < 0)
+ goto cleanup;
+
+ if (VIR_STRDUP(def->mac, udev_device_get_sysattr_value(dev, "address")) < 0)
+ goto cleanup;
+
+ return def;
+
+cleanup:
+ virInterfaceDefFree(def);
+ return NULL;
+}
+
+
static struct udev_enumerate * ATTRIBUTE_NONNULL(1)
udevGetDevices(struct udev *udev, virUdevStatus status)
{
static int
udevConnectNumOfInterfaces(virConnectPtr conn)
{
+ if (virConnectNumOfInterfacesEnsureACL(conn) < 0)
+ return -1;
+
return udevNumOfInterfacesByStatus(conn, VIR_UDEV_IFACE_ACTIVE);
}
char **const names,
int names_len)
{
+ if (virConnectListInterfacesEnsureACL(conn) < 0)
+ return -1;
+
return udevListInterfacesByStatus(conn, names, names_len,
VIR_UDEV_IFACE_ACTIVE);
}
static int
udevConnectNumOfDefinedInterfaces(virConnectPtr conn)
{
+ if (virConnectNumOfDefinedInterfacesEnsureACL(conn) < 0)
+ return -1;
+
return udevNumOfInterfacesByStatus(conn, VIR_UDEV_IFACE_INACTIVE);
}
char **const names,
int names_len)
{
+ if (virConnectListDefinedInterfacesEnsureACL(conn) < 0)
+ return -1;
+
return udevListInterfacesByStatus(conn, names, names_len,
VIR_UDEV_IFACE_INACTIVE);
}
virCheckFlags(VIR_CONNECT_LIST_INTERFACES_FILTERS_ACTIVE, -1);
+ if (virConnectListAllInterfacesEnsureACL(conn) < 0)
+ return -1;
+
/* Grab a udev reference */
udev = udev_ref(driverState->udev);
struct udev_iface_driver *driverState = conn->interfacePrivateData;
struct udev *udev = udev_ref(driverState->udev);
struct udev_device *dev;
- const char *macaddr;
virInterfacePtr ret = NULL;
+ virInterfaceDefPtr def = NULL;
/* get a device reference based on the device name */
dev = udev_device_new_from_subsystem_sysname(udev, "net", name);
goto cleanup;
}
- macaddr = udev_device_get_sysattr_value(dev, "address");
- ret = virGetInterface(conn, name, macaddr);
+ if (!(def = udevGetMinimalDefForDevice(dev)))
+ goto cleanup;
+
+ if (virInterfaceLookupByNameEnsureACL(conn, def) < 0)
+ goto cleanup;
+
+ ret = virGetInterface(conn, def->name, def->mac);
udev_device_unref(dev);
cleanup:
udev_unref(udev);
+ virInterfaceDefFree(def);
return ret;
}
struct udev_enumerate *enumerate = NULL;
struct udev_list_entry *dev_entry;
struct udev_device *dev;
- const char *name;
+ virInterfaceDefPtr def = NULL;
virInterfacePtr ret = NULL;
enumerate = udevGetDevices(udev, VIR_UDEV_IFACE_ALL);
}
dev = udev_device_new_from_syspath(udev, udev_list_entry_get_name(dev_entry));
- name = udev_device_get_sysname(dev);
- ret = virGetInterface(conn, name, macstr);
+
+ if (!(def = udevGetMinimalDefForDevice(dev)))
+ goto cleanup;
+
+ if (virInterfaceLookupByMACStringEnsureACL(conn, def) < 0)
+ goto cleanup;
+
+ ret = virGetInterface(conn, def->name, def->mac);
udev_device_unref(dev);
cleanup:
if (enumerate)
udev_enumerate_unref(enumerate);
udev_unref(udev);
+ virInterfaceDefFree(def);
return ret;
}
if (!ifacedef)
goto cleanup;
+ if (virInterfaceGetXMLDescEnsureACL(ifinfo->conn, ifacedef) < 0)
+ goto cleanup;
+
xmlstr = virInterfaceDefFormat(ifacedef);
virInterfaceDefFree(ifacedef);
struct udev_iface_driver *driverState = ifinfo->conn->interfacePrivateData;
struct udev *udev = udev_ref(driverState->udev);
struct udev_device *dev;
- int status;
+ virInterfaceDefPtr def = NULL;
+ int status = -1;
dev = udev_device_new_from_subsystem_sysname(udev, "net",
ifinfo->name);
virReportError(VIR_ERR_NO_INTERFACE,
_("couldn't find interface named '%s'"),
ifinfo->name);
- status = -1;
goto cleanup;
}
+ if (!(def = udevGetMinimalDefForDevice(dev)))
+ goto cleanup;
+
+ if (virInterfaceIsActiveEnsureACL(ifinfo->conn, def) < 0)
+ goto cleanup;
+
/* Check if it's active or not */
status = STREQ(udev_device_get_sysattr_value(dev, "operstate"), "up");
cleanup:
udev_unref(udev);
+ virInterfaceDefFree(def);
return status;
}
projects / people / dariof / libvirt.git / commitdiff