首頁 探索 說明
註冊 登入
FangSoftSoft
/
qemu
镜像来自 https://github.com/utmapp/qemu.git
2
0
複刻 0
Files 問題管理 0 Wiki
分支: stable-1.1
分支列表 標籤列表
qemu
/
acl.c

acl.c 4.4 KB
永久連結 文件歷史 原始文件

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184 
  1. /*
    2. 

  2.  * QEMU access control list management
    3. 

  3.  *
    4. 

  4.  * Copyright (C) 2009 Red Hat, Inc
    5. 

  5.  *
    6. 

  6.  * Permission is hereby granted, free of charge, to any person obtaining a copy
    7. 

  7.  * of this software and associated documentation files (the "Software"), to deal
    8. 

  8.  * in the Software without restriction, including without limitation the rights
    9. 

  9.  * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
    10. 

  10.  * copies of the Software, and to permit persons to whom the Software is
    11. 

  11.  * furnished to do so, subject to the following conditions:
    12. 

  12.  *
    13. 

  13.  * The above copyright notice and this permission notice shall be included in
    14. 

  14.  * all copies or substantial portions of the Software.
    15. 

  15.  *
    16. 

  16.  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
    17. 

  17.  * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
    18. 

  18.  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
    19. 

  19.  * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
    20. 

  20.  * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
    21. 

  21.  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
    22. 

  22.  * THE SOFTWARE.
    23. 

  23.  */
    24. 

  24. 

  25. 

  26. #include "qemu-common.h"
    27. 

  27. #include "acl.h"
    28. 

  28. 

  29. #ifdef CONFIG_FNMATCH
    30. 

  30. #include <fnmatch.h>
    31. 

  31. #endif
    32. 

  32. 

  33. 

  34. static unsigned int nacls = 0;
    35. 

  35. static qemu_acl **acls = NULL;
    36. 

  36. 

  37. 

  38. 

  39. qemu_acl *qemu_acl_find(const char *aclname)
    40. 

  40. {
    41. 

  41.     int i;
    42. 

  42.     for (i = 0 ; i < nacls ; i++) {
    43. 

  43.         if (strcmp(acls[i]->aclname, aclname) == 0)
    44. 

  44.             return acls[i];
    45. 

  45.     }
    46. 

  46. 

  47.     return NULL;
    48. 

  48. }
    49. 

  49. 

  50. qemu_acl *qemu_acl_init(const char *aclname)
    51. 

  51. {
    52. 

  52.     qemu_acl *acl;
    53. 

  53. 

  54.     acl = qemu_acl_find(aclname);
    55. 

  55.     if (acl)
    56. 

  56.         return acl;
    57. 

  57. 

  58.     acl = g_malloc(sizeof(*acl));
    59. 

  59.     acl->aclname = g_strdup(aclname);
    60. 

  60.     /* Deny by default, so there is no window of "open
    61. 

  61.      * access" between QEMU starting, and the user setting
    62. 

  62.      * up ACLs in the monitor */
    63. 

  63.     acl->defaultDeny = 1;
    64. 

  64. 

  65.     acl->nentries = 0;
    66. 

  66.     QTAILQ_INIT(&acl->entries);
    67. 

  67. 

  68.     acls = g_realloc(acls, sizeof(*acls) * (nacls +1));
    69. 

  69.     acls[nacls] = acl;
    70. 

  70.     nacls++;
    71. 

  71. 

  72.     return acl;
    73. 

  73. }
    74. 

  74. 

  75. int qemu_acl_party_is_allowed(qemu_acl *acl,
    76. 

  76.                               const char *party)
    77. 

  77. {
    78. 

  78.     qemu_acl_entry *entry;
    79. 

  79. 

  80.     QTAILQ_FOREACH(entry, &acl->entries, next) {
    81. 

  81. #ifdef CONFIG_FNMATCH
    82. 

  82.         if (fnmatch(entry->match, party, 0) == 0)
    83. 

  83.             return entry->deny ? 0 : 1;
    84. 

  84. #else
    85. 

  85.         /* No fnmatch, so fallback to exact string matching
    86. 

  86.          * instead of allowing wildcards */
    87. 

  87.         if (strcmp(entry->match, party) == 0)
    88. 

  88.             return entry->deny ? 0 : 1;
    89. 

  89. #endif
    90. 

  90.     }
    91. 

  91. 

  92.     return acl->defaultDeny ? 0 : 1;
    93. 

  93. }
    94. 

  94. 

  95. 

  96. void qemu_acl_reset(qemu_acl *acl)
    97. 

  97. {
    98. 

  98.     qemu_acl_entry *entry, *next_entry;
    99. 

  99. 

  100.     /* Put back to deny by default, so there is no window
    101. 

  101.      * of "open access" while the user re-initializes the
    102. 

  102.      * access control list */
    103. 

  103.     acl->defaultDeny = 1;
    104. 

  104.     QTAILQ_FOREACH_SAFE(entry, &acl->entries, next, next_entry) {
    105. 

  105.         QTAILQ_REMOVE(&acl->entries, entry, next);
    106. 

  106.         free(entry->match);
    107. 

  107.         free(entry);
    108. 

  108.     }
    109. 

  109.     acl->nentries = 0;
    110. 

  110. }
    111. 

  111. 

  112. 

  113. int qemu_acl_append(qemu_acl *acl,
    114. 

  114.                     int deny,
    115. 

  115.                     const char *match)
    116. 

  116. {
    117. 

  117.     qemu_acl_entry *entry;
    118. 

  118. 

  119.     entry = g_malloc(sizeof(*entry));
    120. 

  120.     entry->match = g_strdup(match);
    121. 

  121.     entry->deny = deny;
    122. 

  122. 

  123.     QTAILQ_INSERT_TAIL(&acl->entries, entry, next);
    124. 

  124.     acl->nentries++;
    125. 

  125. 

  126.     return acl->nentries;
    127. 

  127. }
    128. 

  128. 

  129. 

  130. int qemu_acl_insert(qemu_acl *acl,
    131. 

  131.                     int deny,
    132. 

  132.                     const char *match,
    133. 

  133.                     int index)
    134. 

  134. {
    135. 

  135.     qemu_acl_entry *entry;
    136. 

  136.     qemu_acl_entry *tmp;
    137. 

  137.     int i = 0;
    138. 

  138. 

  139.     if (index <= 0)
    140. 

  140.         return -1;
    141. 

  141.     if (index >= acl->nentries)
    142. 

  142.         return qemu_acl_append(acl, deny, match);
    143. 

  143. 

  144. 

  145.     entry = g_malloc(sizeof(*entry));
    146. 

  146.     entry->match = g_strdup(match);
    147. 

  147.     entry->deny = deny;
    148. 

  148. 

  149.     QTAILQ_FOREACH(tmp, &acl->entries, next) {
    150. 

  150.         i++;
    151. 

  151.         if (i == index) {
    152. 

  152.             QTAILQ_INSERT_BEFORE(tmp, entry, next);
    153. 

  153.             acl->nentries++;
    154. 

  154.             break;
    155. 

  155.         }
    156. 

  156.     }
    157. 

  157. 

  158.     return i;
    159. 

  159. }
    160. 

  160. 

  161. int qemu_acl_remove(qemu_acl *acl,
    162. 

  162.                     const char *match)
    163. 

  163. {
    164. 

  164.     qemu_acl_entry *entry;
    165. 

  165.     int i = 0;
    166. 

  166. 

  167.     QTAILQ_FOREACH(entry, &acl->entries, next) {
    168. 

  168.         i++;
    169. 

  169.         if (strcmp(entry->match, match) == 0) {
    170. 

  170.             QTAILQ_REMOVE(&acl->entries, entry, next);
    171. 

  171.             return i;
    172. 

  172.         }
    173. 

  173.     }
    174. 

  174.     return -1;
    175. 

  175. }
    176. 

  176. 

  177. 

  178. /*
    179. 

  179.  * Local variables:
    180. 

  180.  *  c-indent-level: 4
    181. 

  181.  *  c-basic-offset: 4
    182. 

  182.  *  tab-width: 8
    183. 

  183.  * End:
    184. 

  184.  */
    185.