shaba/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2024-12-26 03:21:44 +03:00
Code Releases Activity

conf: move seclabel for chardev source to the correct sturcture

Browse Source 
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
This commit is contained in:
Pavel Hrdina 2017-05-26 17:53:09 +02:00
parent 6451b55ec3
commit 1763a2e7e2
5 changed files with 49 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
src/conf/domain_conf.c
View File

@ -2142,12 +2142,21 @@ virDomainChrSourceDefCopy(virDomainChrSourceDefPtr dest,
void virDomainChrSourceDefFree(virDomainChrSourceDefPtr def)
{
size_t i;
if (!def)
return;
virDomainChrSourceDefClear(def);
virObjectUnref(def->privateData);
if (def->seclabels) {
for (i = 0; i < def->nseclabels; i++)
virSecurityDeviceLabelDefFree(def->seclabels[i]);
VIR_FREE(def->seclabels);
}
VIR_FREE(def);
}
@ -2216,8 +2225,6 @@ virDomainChrSourceDefIsEqual(const virDomainChrSourceDef *src,
void virDomainChrDefFree(virDomainChrDefPtr def)
{
size_t i;
if (!def)
return;
@ -2242,12 +2249,6 @@ void virDomainChrDefFree(virDomainChrDefPtr def)
virDomainChrSourceDefFree(def->source);
virDomainDeviceInfoClear(&def->info);
if (def->seclabels) {
for (i = 0; i < def->nseclabels; i++)
virSecurityDeviceLabelDefFree(def->seclabels[i]);
VIR_FREE(def->seclabels);
}
VIR_FREE(def);
}
@ -10819,8 +10820,8 @@ virDomainChrSourceDefParseXML(virDomainChrSourceDefPtr def,
if (chr_def) {
xmlNodePtr saved_node = ctxt->node;
ctxt->node = cur;
if (virSecurityDeviceLabelDefParseXML(&chr_def->seclabels,
&chr_def->nseclabels,
if (virSecurityDeviceLabelDefParseXML(&def->seclabels,
&def->nseclabels,
vmSeclabels,
nvmSeclabels,
ctxt,
@ -22625,19 +22626,11 @@ virDomainNetDefFormat(virBufferPtr buf,
* output at " type='type'>". */
static int
virDomainChrSourceDefFormat(virBufferPtr buf,
virDomainChrDefPtr chr_def,
virDomainChrSourceDefPtr def,
bool tty_compat,
unsigned int flags)
{
const char *type = virDomainChrTypeToString(def->type);
size_t nseclabels = 0;
virSecurityDeviceLabelDefPtr *seclabels = NULL;
if (chr_def) {
nseclabels = chr_def->nseclabels;
seclabels = chr_def->seclabels;
}
if (!type) {
virReportError(VIR_ERR_INTERNAL_ERROR,
@ -22675,7 +22668,8 @@ virDomainChrSourceDefFormat(virBufferPtr buf,
def->data.file.append != VIR_TRISTATE_SWITCH_ABSENT)
virBufferAsprintf(buf, " append='%s'",
virTristateSwitchTypeToString(def->data.file.append));
virDomainSourceDefFormatSeclabel(buf, nseclabels, seclabels, flags);
virDomainSourceDefFormatSeclabel(buf, def->nseclabels,
def->seclabels, flags);
}
break;
@ -22730,7 +22724,8 @@ virDomainChrSourceDefFormat(virBufferPtr buf,
virBufferAsprintf(buf, "<source mode='%s'",
def->data.nix.listen ? "bind" : "connect");
virBufferEscapeString(buf, " path='%s'", def->data.nix.path);
virDomainSourceDefFormatSeclabel(buf, nseclabels, seclabels, flags);
virDomainSourceDefFormatSeclabel(buf, def->nseclabels,
def->seclabels, flags);
}
break;
@ -22779,7 +22774,7 @@ virDomainChrDefFormat(virBufferPtr buf,
def->source->type == VIR_DOMAIN_CHR_TYPE_PTY &&
!(flags & VIR_DOMAIN_DEF_FORMAT_INACTIVE) &&
def->source->data.file.path);
if (virDomainChrSourceDefFormat(buf, def, def->source, tty_compat, flags) < 0)
if (virDomainChrSourceDefFormat(buf, def->source, tty_compat, flags) < 0)
return -1;
/* Format <target> block */
@ -22901,7 +22896,7 @@ virDomainSmartcardDefFormat(virBufferPtr buf,
break;
case VIR_DOMAIN_SMARTCARD_TYPE_PASSTHROUGH:
if (virDomainChrSourceDefFormat(buf, NULL, def->data.passthru, false,
if (virDomainChrSourceDefFormat(buf, def->data.passthru, false,
flags) < 0)
return -1;
break;
@ -23224,7 +23219,7 @@ virDomainRNGDefFormat(virBufferPtr buf,
case VIR_DOMAIN_RNG_BACKEND_EGD:
virBufferAdjustIndent(buf, 2);
if (virDomainChrSourceDefFormat(buf, NULL, def->source.chardev,
if (virDomainChrSourceDefFormat(buf, def->source.chardev,
false, flags) < 0)
return -1;
virBufferAdjustIndent(buf, -2);
@ -24070,7 +24065,7 @@ virDomainRedirdevDefFormat(virBufferPtr buf,
virBufferAsprintf(buf, "<redirdev bus='%s'", bus);
virBufferAdjustIndent(buf, 2);
if (virDomainChrSourceDefFormat(buf, NULL, def->source, false, flags) < 0)
if (virDomainChrSourceDefFormat(buf, def->source, false, flags) < 0)
return -1;
if (virDomainDeviceInfoFormat(buf, &def->info,
flags | VIR_DOMAIN_DEF_FORMAT_ALLOW_BOOT) < 0)
@ -26473,7 +26468,8 @@ virDomainDefGetSecurityLabelDef(virDomainDefPtr def, const char *model)
virSecurityDeviceLabelDefPtr
virDomainChrDefGetSecurityLabelDef(virDomainChrDefPtr def, const char *model)
virDomainChrSourceDefGetSecurityLabelDef(virDomainChrSourceDefPtr def,
const char *model)
{
size_t i;

9
src/conf/domain_conf.h
View File

@ -1174,6 +1174,9 @@ struct _virDomainChrSourceDef {
} data;
char *logfile;
int logappend;
size_t nseclabels;
virSecurityDeviceLabelDefPtr *seclabels;
};
/* A complete character device, both host and domain views. */
@ -1196,9 +1199,6 @@ struct _virDomainChrDef {
virDomainChrSourceDefPtr source;
virDomainDeviceInfo info;
size_t nseclabels;
virSecurityDeviceLabelDefPtr *seclabels;
};
typedef enum {
@ -3103,7 +3103,8 @@ virSecurityLabelDefPtr
virDomainDefGetSecurityLabelDef(virDomainDefPtr def, const char *model);
virSecurityDeviceLabelDefPtr
virDomainChrDefGetSecurityLabelDef(virDomainChrDefPtr def, const char *model);
virDomainChrSourceDefGetSecurityLabelDef(virDomainChrSourceDefPtr def,
const char *model);
typedef const char* (*virEventActionToStringFunc)(int type);
typedef int (*virEventActionFromStringFunc)(const char *type);

26
src/security/security_dac.c
View File

@ -1159,7 +1159,6 @@ virSecurityDACRestoreHostdevLabel(virSecurityManagerPtr mgr,
static int
virSecurityDACSetChardevLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def,
virDomainChrDefPtr dev,
virDomainChrSourceDefPtr dev_source)
{
@ -1173,9 +1172,8 @@ virSecurityDACSetChardevLabel(virSecurityManagerPtr mgr,
seclabel = virDomainDefGetSecurityLabelDef(def, SECURITY_DAC_NAME);
if (dev)
chr_seclabel = virDomainChrDefGetSecurityLabelDef(dev,
SECURITY_DAC_NAME);
chr_seclabel = virDomainChrSourceDefGetSecurityLabelDef(dev_source,
SECURITY_DAC_NAME);
if (chr_seclabel && !chr_seclabel->relabel)
return 0;
@ -1245,7 +1243,6 @@ virSecurityDACSetChardevLabel(virSecurityManagerPtr mgr,
static int
virSecurityDACRestoreChardevLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def ATTRIBUTE_UNUSED,
virDomainChrDefPtr dev,
virDomainChrSourceDefPtr dev_source)
{
virSecurityDACDataPtr priv = virSecurityManagerGetPrivateData(mgr);
@ -1253,9 +1250,8 @@ virSecurityDACRestoreChardevLabel(virSecurityManagerPtr mgr,
char *in = NULL, *out = NULL;
int ret = -1;
if (dev)
chr_seclabel = virDomainChrDefGetSecurityLabelDef(dev,
SECURITY_DAC_NAME);
chr_seclabel = virDomainChrSourceDefGetSecurityLabelDef(dev_source,
SECURITY_DAC_NAME);
if (chr_seclabel && !chr_seclabel->relabel)
return 0;
@ -1304,12 +1300,12 @@ virSecurityDACRestoreChardevLabel(virSecurityManagerPtr mgr,
static int
virSecurityDACRestoreChardevCallback(virDomainDefPtr def,
virDomainChrDefPtr dev,
virDomainChrDefPtr dev ATTRIBUTE_UNUSED,
void *opaque)
{
virSecurityManagerPtr mgr = opaque;
return virSecurityDACRestoreChardevLabel(mgr, def, dev, dev->source);
return virSecurityDACRestoreChardevLabel(mgr, def, dev->source);
}
@ -1322,7 +1318,7 @@ virSecurityDACSetTPMFileLabel(virSecurityManagerPtr mgr,
switch (tpm->type) {
case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH:
ret = virSecurityDACSetChardevLabel(mgr, def, NULL,
ret = virSecurityDACSetChardevLabel(mgr, def,
&tpm->data.passthrough.source);
break;
case VIR_DOMAIN_TPM_TYPE_LAST:
@ -1342,8 +1338,8 @@ virSecurityDACRestoreTPMFileLabel(virSecurityManagerPtr mgr,
switch (tpm->type) {
case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH:
ret = virSecurityDACRestoreChardevLabel(mgr, def, NULL,
&tpm->data.passthrough.source);
ret = virSecurityDACRestoreChardevLabel(mgr, def,
&tpm->data.passthrough.source);
break;
case VIR_DOMAIN_TPM_TYPE_LAST:
break;
@ -1506,12 +1502,12 @@ virSecurityDACRestoreAllLabel(virSecurityManagerPtr mgr,
static int
virSecurityDACSetChardevCallback(virDomainDefPtr def,
virDomainChrDefPtr dev,
virDomainChrDefPtr dev ATTRIBUTE_UNUSED,
void *opaque)
{
virSecurityManagerPtr mgr = opaque;
return virSecurityDACSetChardevLabel(mgr, def, dev, dev->source);
return virSecurityDACSetChardevLabel(mgr, def, dev->source);
}

4
src/security/security_manager.c
View File

@ -811,8 +811,8 @@ virSecurityManagerCheckChardevLabel(virSecurityManagerPtr mgr,
{
size_t i;
for (i = 0; i < dev->nseclabels; i++) {
if (virSecurityManagerCheckModel(mgr, dev->seclabels[i]->model) < 0)
for (i = 0; i < dev->source->nseclabels; i++) {
if (virSecurityManagerCheckModel(mgr, dev->source->seclabels[i]->model) < 0)
return -1;
}

24
src/security/security_selinux.c
View File

@ -2179,7 +2179,6 @@ virSecuritySELinuxRestoreHostdevLabel(virSecurityManagerPtr mgr,
static int
virSecuritySELinuxSetChardevLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def,
virDomainChrDefPtr dev,
virDomainChrSourceDefPtr dev_source)
{
@ -2193,9 +2192,8 @@ virSecuritySELinuxSetChardevLabel(virSecurityManagerPtr mgr,
if (!seclabel || !seclabel->relabel)
return 0;
if (dev)
chr_seclabel = virDomainChrDefGetSecurityLabelDef(dev,
SECURITY_SELINUX_NAME);
chr_seclabel = virDomainChrSourceDefGetSecurityLabelDef(dev_source,
SECURITY_SELINUX_NAME);
if (chr_seclabel && !chr_seclabel->relabel)
return 0;
@ -2254,7 +2252,6 @@ virSecuritySELinuxSetChardevLabel(virSecurityManagerPtr mgr,
static int
virSecuritySELinuxRestoreChardevLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def,
virDomainChrDefPtr dev,
virDomainChrSourceDefPtr dev_source)
{
@ -2267,9 +2264,8 @@ virSecuritySELinuxRestoreChardevLabel(virSecurityManagerPtr mgr,
if (!seclabel || !seclabel->relabel)
return 0;
if (dev)
chr_seclabel = virDomainChrDefGetSecurityLabelDef(dev,
SECURITY_SELINUX_NAME);
chr_seclabel = virDomainChrSourceDefGetSecurityLabelDef(dev_source,
SECURITY_SELINUX_NAME);
if (chr_seclabel && !chr_seclabel->relabel)
return 0;
@ -2318,12 +2314,12 @@ virSecuritySELinuxRestoreChardevLabel(virSecurityManagerPtr mgr,
static int
virSecuritySELinuxRestoreSecurityChardevCallback(virDomainDefPtr def,
virDomainChrDefPtr dev,
virDomainChrDefPtr dev ATTRIBUTE_UNUSED,
void *opaque)
{
virSecurityManagerPtr mgr = opaque;
return virSecuritySELinuxRestoreChardevLabel(mgr, def, dev, dev->source);
return virSecuritySELinuxRestoreChardevLabel(mgr, def, dev->source);
}
@ -2346,7 +2342,7 @@ virSecuritySELinuxRestoreSecuritySmartcardCallback(virDomainDefPtr def,
return virSecuritySELinuxRestoreFileLabel(mgr, database);
case VIR_DOMAIN_SMARTCARD_TYPE_PASSTHROUGH:
return virSecuritySELinuxRestoreChardevLabel(mgr, def, NULL, dev->data.passthru);
return virSecuritySELinuxRestoreChardevLabel(mgr, def, dev->data.passthru);
default:
virReportError(VIR_ERR_INTERNAL_ERROR,
@ -2707,12 +2703,12 @@ virSecuritySELinuxClearSocketLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
static int
virSecuritySELinuxSetSecurityChardevCallback(virDomainDefPtr def,
virDomainChrDefPtr dev,
virDomainChrDefPtr dev ATTRIBUTE_UNUSED,
void *opaque)
{
virSecurityManagerPtr mgr = opaque;
return virSecuritySELinuxSetChardevLabel(mgr, def, dev, dev->source);
return virSecuritySELinuxSetChardevLabel(mgr, def, dev->source);
}
@ -2736,7 +2732,7 @@ virSecuritySELinuxSetSecuritySmartcardCallback(virDomainDefPtr def,
return virSecuritySELinuxSetFilecon(mgr, database, data->content_context);
case VIR_DOMAIN_SMARTCARD_TYPE_PASSTHROUGH:
return virSecuritySELinuxSetChardevLabel(mgr, def, NULL,
return virSecuritySELinuxSetChardevLabel(mgr, def,
dev->data.passthru);
default: