mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2024-12-26 03:21:44 +03:00
security: selinux: Add is_toplevel to SetImageLabelInternal
This will simplify future patches and make the logic easier to follow Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Cole Robinson <crobinso@redhat.com>
This commit is contained in:
parent
65181d419e
commit
a36d3b88d6
@ -1826,6 +1826,7 @@ virSecuritySELinuxSetImageLabelInternal(virSecurityManagerPtr mgr,
|
||||
virSecurityDeviceLabelDefPtr parent_seclabel = NULL;
|
||||
char *use_label = NULL;
|
||||
bool remember;
|
||||
bool is_toplevel = parent == src;
|
||||
int ret;
|
||||
|
||||
if (!src->path || !virStorageSourceIsLocalStorage(src))
|
||||
@ -1847,7 +1848,7 @@ virSecuritySELinuxSetImageLabelInternal(virSecurityManagerPtr mgr,
|
||||
* but the top layer, or read only image, or disk explicitly
|
||||
* marked as shared.
|
||||
*/
|
||||
remember = src == parent && !src->readonly && !src->shared;
|
||||
remember = is_toplevel && !src->readonly && !src->shared;
|
||||
|
||||
disk_seclabel = virStorageSourceGetSecurityLabelDef(src,
|
||||
SECURITY_SELINUX_NAME);
|
||||
@ -1864,7 +1865,7 @@ virSecuritySELinuxSetImageLabelInternal(virSecurityManagerPtr mgr,
|
||||
return 0;
|
||||
|
||||
use_label = parent_seclabel->label;
|
||||
} else if (parent == src) {
|
||||
} else if (is_toplevel) {
|
||||
if (src->shared) {
|
||||
use_label = data->file_context;
|
||||
} else if (src->readonly) {
|
||||
|
Loading…
Reference in New Issue
Block a user