On 11.01.2016 13:26, Daniel P. Berrange wrote:
On Mon, Jan 11, 2016 at 01:20:38PM +0100, Michal Privoznik wrote:
> On 11.01.2016 13:11, Daniel P. Berrange wrote:
>> On Mon, Jan 11, 2016 at 12:52:36PM +0100, Michal Privoznik wrote:
>>> This API does not change domain state. It's merely like
>>> virDomainGetXMLDesc() - and we don't reject RO connections there.
>>> There's no reason to reject them here.
>>
>> This API can result in talking to the guest agent IIRC, which should
>> be denied for read-only.
>
> Ah, I see. We have the following check in the code:
>
> int
> virDomainGetVcpusFlags(virDomainPtr domain, unsigned int flags)
> {
> /* ... */
> if (flags & VIR_DOMAIN_VCPU_GUEST)
> virCheckReadOnlyGoto(conn->flags, error);
> }
>
> On the other hand, virDomainGetTime() talks to guest agent and is allowed on RO
connection.
>
> So what about the following change instead?
>
> diff --git a/src/libvirt-domain.c b/src/libvirt-domain.c
> index e5af933..95b797a 100644
> --- a/src/libvirt-domain.c
> +++ b/src/libvirt-domain.c
> @@ -11545,7 +11545,8 @@ virDomainInterfaceAddresses(virDomainPtr dom,
> if (ifaces)
> *ifaces = NULL;
> virCheckDomainReturn(dom, -1);
> - virCheckNonNullArgGoto(ifaces, error);
> + if (source == VIR_DOMAIN_INTERFACE_ADDRESSES_SRC_AGENT)
> + virCheckNonNullArgGoto(ifaces, error);
You want to be checking the readonly flag here, not ifaces...
Obviously. My fingers got detached from my eyes when writing the patch
... Fortunately, v2 is not the same case.
Michal