1
0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2024-12-26 03:21:44 +03:00

security: selinux: Add is_toplevel to SetImageLabelInternal

This will simplify future patches and make the logic easier to follow

Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Cole Robinson <crobinso@redhat.com>
This commit is contained in:
Cole Robinson 2019-10-07 15:55:20 -04:00
parent 65181d419e
commit a36d3b88d6

View File

@ -1826,6 +1826,7 @@ virSecuritySELinuxSetImageLabelInternal(virSecurityManagerPtr mgr,
virSecurityDeviceLabelDefPtr parent_seclabel = NULL;
char *use_label = NULL;
bool remember;
bool is_toplevel = parent == src;
int ret;
if (!src->path || !virStorageSourceIsLocalStorage(src))
@ -1847,7 +1848,7 @@ virSecuritySELinuxSetImageLabelInternal(virSecurityManagerPtr mgr,
* but the top layer, or read only image, or disk explicitly
* marked as shared.
*/
remember = src == parent && !src->readonly && !src->shared;
remember = is_toplevel && !src->readonly && !src->shared;
disk_seclabel = virStorageSourceGetSecurityLabelDef(src,
SECURITY_SELINUX_NAME);
@ -1864,7 +1865,7 @@ virSecuritySELinuxSetImageLabelInternal(virSecurityManagerPtr mgr,
return 0;
use_label = parent_seclabel->label;
} else if (parent == src) {
} else if (is_toplevel) {
if (src->shared) {
use_label = data->file_context;
} else if (src->readonly) {