On 11.01.2016 13:11, Daniel P. Berrange wrote:
On Mon, Jan 11, 2016 at 12:52:36PM +0100, Michal Privoznik wrote:
This API does not change domain state. It's merely like virDomainGetXMLDesc() - and we don't reject RO connections there. There's no reason to reject them here.
This API can result in talking to the guest agent IIRC, which should be denied for read-only.
Ah, I see. We have the following check in the code: int virDomainGetVcpusFlags(virDomainPtr domain, unsigned int flags) { /* ... */ if (flags & VIR_DOMAIN_VCPU_GUEST) virCheckReadOnlyGoto(conn->flags, error); } On the other hand, virDomainGetTime() talks to guest agent and is allowed on RO connection. So what about the following change instead? diff --git a/src/libvirt-domain.c b/src/libvirt-domain.c index e5af933..95b797a 100644 --- a/src/libvirt-domain.c +++ b/src/libvirt-domain.c @@ -11545,7 +11545,8 @@ virDomainInterfaceAddresses(virDomainPtr dom, if (ifaces) *ifaces = NULL; virCheckDomainReturn(dom, -1); - virCheckNonNullArgGoto(ifaces, error); + if (source == VIR_DOMAIN_INTERFACE_ADDRESSES_SRC_AGENT) + virCheckNonNullArgGoto(ifaces, error); if (dom->conn->driver->domainInterfaceAddresses) { int ret; Michal