mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2024-12-26 03:21:44 +03:00
qemu: security: Replace and remove qemuSecurity[Set|Restore]DiskLabel
The same can be achieved by using qemuSecurity[Set|Restore]ImageLabel. Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: John Ferlan <jferlan@redhat.com>
This commit is contained in:
Peter Krempa
parent
81594afb05
commit
787e4a3dc8
@ -17170,7 +17170,7 @@ qemuDomainBlockPivot(virQEMUDriverPtr driver,
|
|||||||
disk->mirror->format != VIR_STORAGE_FILE_RAW &&
|
disk->mirror->format != VIR_STORAGE_FILE_RAW &&
|
||||||
(qemuDomainNamespaceSetupDisk(vm, disk->src) < 0 ||
|
(qemuDomainNamespaceSetupDisk(vm, disk->src) < 0 ||
|
||||||
qemuSetupImageChainCgroup(vm, disk->src) < 0 ||
|
qemuSetupImageChainCgroup(vm, disk->src) < 0 ||
|
||||||
qemuSecuritySetDiskLabel(driver, vm, disk) < 0))
|
qemuSecuritySetImageLabel(driver, vm, disk->src, true) < 0))
|
||||||
goto cleanup;
|
goto cleanup;
|
||||||
|
|
||||||
disk->src = oldsrc;
|
disk->src = oldsrc;
|
||||||
|
|||||||
@ -113,7 +113,7 @@ qemuHotplugPrepareDiskAccess(virQEMUDriverPtr driver,
|
|||||||
if (qemuDomainNamespaceSetupDisk(vm, disk->src) < 0)
|
if (qemuDomainNamespaceSetupDisk(vm, disk->src) < 0)
|
||||||
goto rollback_lock;
|
goto rollback_lock;
|
||||||
|
|
||||||
if (qemuSecuritySetDiskLabel(driver, vm, disk) < 0)
|
if (qemuSecuritySetImageLabel(driver, vm, disk->src, true) < 0)
|
||||||
goto rollback_namespace;
|
goto rollback_namespace;
|
||||||
|
|
||||||
if (qemuSetupImageChainCgroup(vm, disk->src) < 0)
|
if (qemuSetupImageChainCgroup(vm, disk->src) < 0)
|
||||||
@ -127,7 +127,7 @@ qemuHotplugPrepareDiskAccess(virQEMUDriverPtr driver,
|
|||||||
VIR_WARN("Unable to tear down cgroup access on %s",
|
VIR_WARN("Unable to tear down cgroup access on %s",
|
||||||
NULLSTR(virDomainDiskGetSource(disk)));
|
NULLSTR(virDomainDiskGetSource(disk)));
|
||||||
rollback_label:
|
rollback_label:
|
||||||
if (qemuSecurityRestoreDiskLabel(driver, vm, disk) < 0)
|
if (qemuSecurityRestoreImageLabel(driver, vm, disk->src, true) < 0)
|
||||||
VIR_WARN("Unable to restore security label on %s",
|
VIR_WARN("Unable to restore security label on %s",
|
||||||
NULLSTR(virDomainDiskGetSource(disk)));
|
NULLSTR(virDomainDiskGetSource(disk)));
|
||||||
|
|
||||||
|
|||||||
@ -92,68 +92,6 @@ qemuSecurityRestoreAllLabel(virQEMUDriverPtr driver,
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
int
|
|
||||||
qemuSecuritySetDiskLabel(virQEMUDriverPtr driver,
|
|
||||||
virDomainObjPtr vm,
|
|
||||||
virDomainDiskDefPtr disk)
|
|
||||||
{
|
|
||||||
qemuDomainObjPrivatePtr priv = vm->privateData;
|
|
||||||
pid_t pid = -1;
|
|
||||||
int ret = -1;
|
|
||||||
|
|
||||||
if (qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT))
|
|
||||||
pid = vm->pid;
|
|
||||||
|
|
||||||
if (virSecurityManagerTransactionStart(driver->securityManager) < 0)
|
|
||||||
goto cleanup;
|
|
||||||
|
|
||||||
if (virSecurityManagerSetDiskLabel(driver->securityManager,
|
|
||||||
vm->def,
|
|
||||||
disk) < 0)
|
|
||||||
goto cleanup;
|
|
||||||
|
|
||||||
if (virSecurityManagerTransactionCommit(driver->securityManager,
|
|
||||||
pid, priv->rememberOwner) < 0)
|
|
||||||
goto cleanup;
|
|
||||||
|
|
||||||
ret = 0;
|
|
||||||
cleanup:
|
|
||||||
virSecurityManagerTransactionAbort(driver->securityManager);
|
|
||||||
return ret;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
int
|
|
||||||
qemuSecurityRestoreDiskLabel(virQEMUDriverPtr driver,
|
|
||||||
virDomainObjPtr vm,
|
|
||||||
virDomainDiskDefPtr disk)
|
|
||||||
{
|
|
||||||
qemuDomainObjPrivatePtr priv = vm->privateData;
|
|
||||||
pid_t pid = -1;
|
|
||||||
int ret = -1;
|
|
||||||
|
|
||||||
if (qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT))
|
|
||||||
pid = vm->pid;
|
|
||||||
|
|
||||||
if (virSecurityManagerTransactionStart(driver->securityManager) < 0)
|
|
||||||
goto cleanup;
|
|
||||||
|
|
||||||
if (virSecurityManagerRestoreDiskLabel(driver->securityManager,
|
|
||||||
vm->def,
|
|
||||||
disk) < 0)
|
|
||||||
goto cleanup;
|
|
||||||
|
|
||||||
if (virSecurityManagerTransactionCommit(driver->securityManager,
|
|
||||||
pid, priv->rememberOwner) < 0)
|
|
||||||
goto cleanup;
|
|
||||||
|
|
||||||
ret = 0;
|
|
||||||
cleanup:
|
|
||||||
virSecurityManagerTransactionAbort(driver->securityManager);
|
|
||||||
return ret;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
int
|
int
|
||||||
qemuSecuritySetImageLabel(virQEMUDriverPtr driver,
|
qemuSecuritySetImageLabel(virQEMUDriverPtr driver,
|
||||||
virDomainObjPtr vm,
|
virDomainObjPtr vm,
|
||||||
|
|||||||
@ -34,14 +34,6 @@ void qemuSecurityRestoreAllLabel(virQEMUDriverPtr driver,
|
|||||||
virDomainObjPtr vm,
|
virDomainObjPtr vm,
|
||||||
bool migrated);
|
bool migrated);
|
||||||
|
|
||||||
int qemuSecuritySetDiskLabel(virQEMUDriverPtr driver,
|
|
||||||
virDomainObjPtr vm,
|
|
||||||
virDomainDiskDefPtr disk);
|
|
||||||
|
|
||||||
int qemuSecurityRestoreDiskLabel(virQEMUDriverPtr driver,
|
|
||||||
virDomainObjPtr vm,
|
|
||||||
virDomainDiskDefPtr disk);
|
|
||||||
|
|
||||||
int qemuSecuritySetImageLabel(virQEMUDriverPtr driver,
|
int qemuSecuritySetImageLabel(virQEMUDriverPtr driver,
|
||||||
virDomainObjPtr vm,
|
virDomainObjPtr vm,
|
||||||
virStorageSourcePtr src,
|
virStorageSourcePtr src,
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user