5:17 p.m.
As described earlier, this adds strict checking of classname, prefix, and
CCN against the reference of the method call to avoid migrating a domain
for the wrong service.
5:17 p.m.
New subject: [PATCH 1 of 2] Add ref class/prefix compare to misc_util
# HG changeset patch
# User Dan Smith <danms(a)us.ibm.com>
# Date 1201194986 28800
# Node ID b0b9833dfa219a3e9a7898c0b6f5bab7afaf460a
# Parent adf18661f7948a0287a4586d97572793e8e03826
Add ref class/prefix compare to misc_util
Signed-off-by: Dan Smith <danms(a)us.ibm.com>
diff -r adf18661f794 -r b0b9833dfa21 libxkutil/misc_util.c
--- a/libxkutil/misc_util.c Thu Jan 24 12:56:45 2008 +0100
+++ b/libxkutil/misc_util.c Thu Jan 24 09:16:26 2008 -0800
@@ -435,6 +435,60 @@ bool libvirt_cim_init(void)
return virInitialize == 0;
}
+bool check_refs_pfx_match(const CMPIObjectPath *refa,
+ const CMPIObjectPath *refb)
+{
+ bool result = false;
+ const char *refa_cn;
+ const char *refb_cn;
+ const char *ccn;
+ char *refa_pfx = NULL;
+ char *refb_pfx = NULL;
+
+ refa_cn = CLASSNAME(refa);
+ refb_cn = CLASSNAME(refb);
+
+ if ((refa_cn == NULL) || (refb_cn == NULL)) {
+ CU_DEBUG("Error getting ref classes %s:%s",
+ refa_cn, refb_cn);
+ goto out;
+ }
+
+ refa_pfx = class_prefix_name(refa_cn);
+ refb_pfx = class_prefix_name(refb_cn);
+
+ if ((refa_pfx == NULL) || (refb_pfx == NULL)) {
+ CU_DEBUG("Error getting ref prefixes %s:%s %s:%s",
+ refa_pfx, refb_pfx,
+ refa_cn, refb_cn);
+ goto out;
+ }
+
+ if (!STREQC(refa_pfx, refb_pfx)) {
+ CU_DEBUG("Ref mismatch: %s != %s",
+ refa_pfx,
+ refb_pfx);
+ goto out;
+ }
+
+ if (cu_get_str_path(refb, "CreationClassName", &ccn) == CMPI_RC_OK)
{
+ if (!STREQC(ccn, refb_cn)) {
+ CU_DEBUG("ClassName(%s) != CreationClassName(%s)",
+ refb_cn,
+ ccn);
+ goto out;
+ }
+ }
+
+ result = true;
+
+ out:
+ free(refa_pfx);
+ free(refb_pfx);
+
+ return result;
+}
+
/*
* Local Variables:
* mode: C
diff -r adf18661f794 -r b0b9833dfa21 libxkutil/misc_util.h
--- a/libxkutil/misc_util.h Thu Jan 24 12:56:45 2008 +0100
+++ b/libxkutil/misc_util.h Thu Jan 24 09:16:26 2008 -0800
@@ -115,6 +115,8 @@ CMPIInstance *make_reference(const CMPIB
struct std_assoc_info *info,
struct std_assoc *assoc);
+bool check_refs_pfx_match(const CMPIObjectPath *refa,
+ const CMPIObjectPath *refb);
#define LIBVIRT_CIM_DEFAULT_MAKEREF() \
static CMPIInstance* make_ref(const CMPIObjectPath *source_ref, \
5:17 p.m.
New subject: [PATCH 2 of 2] Check CreationClassName in MigrationService
# HG changeset patch
# User Dan Smith <danms(a)us.ibm.com>
# Date 1201194993 28800
# Node ID 3717fb3202ecf289ffb05a94f7d2375658c4191b
# Parent b0b9833dfa219a3e9a7898c0b6f5bab7afaf460a
Check CreationClassName in MigrationService
Signed-off-by: Dan Smith <danms(a)us.ibm.com>
diff -r b0b9833dfa21 -r 3717fb3202ec src/Virt_VSMigrationService.c
--- a/src/Virt_VSMigrationService.c Thu Jan 24 09:16:26 2008 -0800
+++ b/src/Virt_VSMigrationService.c Thu Jan 24 09:16:33 2008 -0800
@@ -204,6 +204,15 @@ static CMPIStatus vs_migratable_host(CMP
return s;
}
+ if (!check_refs_pfx_match(ref, system)) {
+ printf("Classname: %s\n", CLASSNAME(system));
+ cu_statusf(_BROKER, &s,
+ CMPI_RC_ERR_FAILED,
+ "Invalid REF in ComputerSystem");
+ METHOD_RETURN(results, 1);
+ return s;
+ }
+
return vs_migratable(ref, name, dhost, results);
}
@@ -235,6 +244,14 @@ static CMPIStatus vs_migratable_system(C
cu_statusf(_BROKER, &s,
CMPI_RC_ERR_FAILED,
"Missing key (Name) in ComputerSystem");
+ METHOD_RETURN(results, 1);
+ return s;
+ }
+
+ if (!check_refs_pfx_match(ref, sys)) {
+ cu_statusf(_BROKER, &s,
+ CMPI_RC_ERR_FAILED,
+ "Invalid REF in ComputerSystem");
METHOD_RETURN(results, 1);
return s;
}
@@ -549,6 +566,14 @@ static CMPIStatus migrate_vs_host(CMPIMe
return s;
}
+ if (!check_refs_pfx_match(ref, system)) {
+ cu_statusf(_BROKER, &s,
+ CMPI_RC_ERR_FAILED,
+ "Invalid REF in ComputerSystem");
+ METHOD_RETURN(results, 1);
+ return s;
+ }
+
return migrate_do(ref, ctx, name, dhost, results, argsout);
}
@@ -580,6 +605,14 @@ static CMPIStatus migrate_vs_system(CMPI
cu_statusf(_BROKER, &s,
CMPI_RC_ERR_FAILED,
"Missing key (Name) in ComputerSystem");
+ METHOD_RETURN(results, 1);
+ return s;
+ }
+
+ if (!check_refs_pfx_match(ref, sys)) {
+ cu_statusf(_BROKER, &s,
+ CMPI_RC_ERR_FAILED,
+ "Invalid REF in ComputerSystem");
METHOD_RETURN(results, 1);
return s;
}
10:37 p.m.
New subject: [PATCH 2 of 2] Check CreationClassName in MigrationService
Dan Smith wrote:
# HG changeset patch
# User Dan Smith <danms(a)us.ibm.com>
# Date 1201194993 28800
# Node ID 3717fb3202ecf289ffb05a94f7d2375658c4191b
# Parent b0b9833dfa219a3e9a7898c0b6f5bab7afaf460a
Check CreationClassName in MigrationService
Signed-off-by: Dan Smith <danms(a)us.ibm.com>
diff -r b0b9833dfa21 -r 3717fb3202ec src/Virt_VSMigrationService.c
--- a/src/Virt_VSMigrationService.c Thu Jan 24 09:16:26 2008 -0800
+++ b/src/Virt_VSMigrationService.c Thu Jan 24 09:16:33 2008 -0800
@@ -204,6 +204,15 @@ static CMPIStatus vs_migratable_host(CMP
return s;
}
+ if (!check_refs_pfx_match(ref, system)) {
+ printf("Classname: %s\n", CLASSNAME(system));
This should be a CU_DEBUG().
I was also going to comment that the check_refs_pfx_match() name is a
bit misleading since we also check the classname. But it never hurts to
verify the classname (even if you just want to verify the prefix), so
the function name is fine.
--
Kaitlin Rupert
IBM Linux Technology Center
kaitlin(a)linux.vnet.ibm.com
10:48 p.m.
New subject: [PATCH 2 of 2] Check CreationClassName in MigrationService
Kaitlin Rupert wrote:
Dan Smith wrote:
> # HG changeset patch
> # User Dan Smith <danms(a)us.ibm.com>
> # Date 1201194993 28800
> # Node ID 3717fb3202ecf289ffb05a94f7d2375658c4191b
> # Parent b0b9833dfa219a3e9a7898c0b6f5bab7afaf460a
> Check CreationClassName in MigrationService
>
> Signed-off-by: Dan Smith <danms(a)us.ibm.com>
>
> diff -r b0b9833dfa21 -r 3717fb3202ec src/Virt_VSMigrationService.c
> --- a/src/Virt_VSMigrationService.c Thu Jan 24 09:16:26 2008 -0800
> +++ b/src/Virt_VSMigrationService.c Thu Jan 24 09:16:33 2008 -0800
> @@ -204,6 +204,15 @@ static CMPIStatus vs_migratable_host(CMP
> return s;
> }
>
> + if (!check_refs_pfx_match(ref, system)) {
> + printf("Classname: %s\n", CLASSNAME(system));
This should be a CU_DEBUG().
I think she's got a Thunderbird plugin that makes CU_DEBUG show up as
32-point, blood red text. I think that's like the fourth one I've gone
right past that she's got. :)
--
-Jay
3:57 p.m.
New subject: [PATCH 2 of 2] Check CreationClassName in MigrationService
Jay Gagnon wrote:
Kaitlin Rupert wrote:
> Dan Smith wrote:
>> # HG changeset patch
>> # User Dan Smith <danms(a)us.ibm.com>
>> # Date 1201194993 28800
>> # Node ID 3717fb3202ecf289ffb05a94f7d2375658c4191b
>> # Parent b0b9833dfa219a3e9a7898c0b6f5bab7afaf460a
>> Check CreationClassName in MigrationService
>>
>> Signed-off-by: Dan Smith <danms(a)us.ibm.com>
>>
>> diff -r b0b9833dfa21 -r 3717fb3202ec src/Virt_VSMigrationService.c
>> --- a/src/Virt_VSMigrationService.c Thu Jan 24 09:16:26 2008 -0800
>> +++ b/src/Virt_VSMigrationService.c Thu Jan 24 09:16:33 2008 -0800
>> @@ -204,6 +204,15 @@ static CMPIStatus vs_migratable_host(CMP
>> return s;
>> }
>>
>> + if (!check_refs_pfx_match(ref, system)) {
>> + printf("Classname: %s\n", CLASSNAME(system));
> This should be a CU_DEBUG().
>
>
I think she's got a Thunderbird plugin that makes CU_DEBUG show up as
32-point, blood red text. I think that's like the fourth one I've gone
right past that she's got. :)
*laugh* Yeah, it seems to be one of the few things I can catch in a
patch =)
--
Kaitlin Rupert
IBM Linux Technology Center
kaitlin(a)linux.vnet.ibm.com
11:10 p.m.
New subject: [PATCH 2 of 2] Check CreationClassName in MigrationService
KR> This should be a CU_DEBUG().
Actually, it should be removed. That was left in there from debugging
(as is usually the case when you catch me :))
I'll resend shortly...
--
Dan Smith
IBM Linux Technology Center
Open Hypervisor Team
email: danms(a)us.ibm.com
6079
days inactive
6080
days old
7 comments
3 participants
participants (3)
-
Dan Smith -
Jay Gagnon -
Kaitlin Rupert