[libvirt] [PATCH v2 00/11] Refactor Xen driver to support ACL work
From: "Daniel P. Berrange" <berrange(a)redhat.com>
The Xen driver currently is a really horrible mess, in particular
with the way iterates over sub-drivers calling each one in turn,
until one magically works. For each operation there is always a
clear rule for which sub-driver must be used. Thus instead of
blindly iterating over all drivers, we can directly invoke the
correct sub-driver. This highlights that quite alot of code is
in fact completely unreachable / used & can be deleted.
The second big issue is that the Xen sub-drivers will randomly
use either the 'id', 'name' or 'uuid' from the virDomainPtr
object.
If the user provides a malicious virDomainPtr instance, it is
possible to have a 'id' referring to domain A, a 'name' referring
to domain B and a 'uuid' referring to domain C. This makes doing
reliable access control checks difficult. To ensure we have a
consistent triple, use the 'uuid' from virDomainPtr to lookup the
guest with the hypervisor and return a virDomainDefPtr where only
the name/id/uuid are filled out. Use this in the all the subdrivers
isolating them from the public virDomainPtr object. The top level
Xen driver will then be able to do access control checks on the
virDomainDefPtr instances.
In v2:
- Merged all patches removing the sub-driver iteration
concept
- Rebased to latest git
Daniel P. Berrange (11):
Convert Xen domain lookup driver methods to use virDomainDefPtr
Convert Xen domain lifecycle driver methods to use virDomainDefPtr
Convert Xen domain property driver methods to use virDomainDefPtr
Convert Xen domain managed save driver methods to use virDomainDefPtr
Convert Xen domain start/migration APIs to use virDomainDefPtr
Convert Xen domain VCPU driver methods to use virDomainDefPtr
Convert Xen domain device hotplug driver methods to use
virDomainDefPtr
Convert Xen domain autostart driver methods to use virDomainDefPtr
Convert Xen domain scheduler driver methods to use virDomainDefPtr
Convert Xen domain stats/peek driver methods to use virDomainDefPtr
Convert Xen domain core dump driver methods to use virDomainDefPtr
src/conf/domain_conf.c | 24 ++
src/conf/domain_conf.h | 4 +
src/libvirt_private.syms | 1 +
src/xen/block_stats.c | 6 +-
src/xen/block_stats.h | 2 +-
src/xen/xen_driver.c | 781 ++++++++++++++++++++++++++++++++++++-----------
src/xen/xen_hypervisor.c | 131 ++++----
src/xen/xen_hypervisor.h | 60 ++--
src/xen/xen_inotify.c | 14 +-
src/xen/xend_internal.c | 469 ++++++++++++++--------------
src/xen/xend_internal.h | 127 +++++---
src/xen/xm_internal.c | 224 +++++++-------
src/xen/xm_internal.h | 71 +++--
13 files changed, 1230 insertions(+), 684 deletions(-)
--
1.8.1.4