shaba/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2024-12-26 03:21:44 +03:00
Code Releases Activity

security: Try to lock only paths with remember == true

Browse Source 
So far all items on the chown/setfilecon list have the same
.remember value.  But this will change shortly. Therefore, don't
try to lock paths which we won't manipulate XATTRs for.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Cole Robinson <crobinso@redhat.com>
This commit is contained in:
Michal Privoznik 2019-10-01 10:30:05 +02:00
parent 4dfc4d525e
commit 1a84a1ced1
2 changed files with 8 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/security/security_dac.c
View File

@ -232,9 +232,11 @@ virSecurityDACTransactionRun(pid_t pid ATTRIBUTE_UNUSED,
return -1;
for (i = 0; i < list->nItems; i++) {
const char *p = list->items[i]->path;
virSecurityDACChownItemPtr item = list->items[i];
const char *p = item->path;
VIR_APPEND_ELEMENT_COPY_INPLACE(paths, npaths, p);
if (item->remember)
VIR_APPEND_ELEMENT_COPY_INPLACE(paths, npaths, p);
}
if (!(state = virSecurityManagerMetadataLock(list->manager, paths, npaths)))

6
src/security/security_selinux.c
View File

@ -266,9 +266,11 @@ virSecuritySELinuxTransactionRun(pid_t pid ATTRIBUTE_UNUSED,
return -1;
for (i = 0; i < list->nItems; i++) {
const char *p = list->items[i]->path;
virSecuritySELinuxContextItemPtr item = list->items[i];
const char *p = item->path;
VIR_APPEND_ELEMENT_COPY_INPLACE(paths, npaths, p);
if (item->remember)
VIR_APPEND_ELEMENT_COPY_INPLACE(paths, npaths, p);
}
if (!(state = virSecurityManagerMetadataLock(list->manager, paths, npaths)))