From d73f3f583600dcaf2ac8dd388f721d195fda1e4d Mon Sep 17 00:00:00 2001 From: Michal Privoznik Date: Thu, 21 Mar 2019 15:44:52 +0100 Subject: [PATCH] security_util: Introduce virSecurityMoveRememberedLabel MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit A simple helper function that would be used from DAC and SELinux drivers. Signed-off-by: Michal Privoznik Reviewed-by: Cole Robinson Reviewed-by: Daniel P. Berrangé --- src/security/security_util.c | 63 ++++++++++++++++++++++++++++++++++++ src/security/security_util.h | 5 +++ 2 files changed, 68 insertions(+) diff --git a/src/security/security_util.c b/src/security/security_util.c index 3c24d7cded..ad265b0bc5 100644 --- a/src/security/security_util.c +++ b/src/security/security_util.c @@ -256,3 +256,66 @@ virSecuritySetRememberedLabel(const char *name, VIR_FREE(ref_name); return ret; } + + +int +virSecurityMoveRememberedLabel(const char *name, + const char *src, + const char *dst) +{ + VIR_AUTOFREE(char *) ref_name = NULL; + VIR_AUTOFREE(char *) ref_value = NULL; + VIR_AUTOFREE(char *) attr_name = NULL; + VIR_AUTOFREE(char *) attr_value = NULL; + + if (!(ref_name = virSecurityGetRefCountAttrName(name)) | + !(attr_name = virSecurityGetAttrName(name))) + return -1; + + if (virFileGetXAttrQuiet(src, ref_name, &ref_value) < 0) { + if (errno == ENOSYS || errno == ENOTSUP) { + return -2; + } else if (errno != ENODATA) { + virReportSystemError(errno, + _("Unable to get XATTR %s on %s"), + ref_name, src); + return -1; + } + } + + if (virFileGetXAttrQuiet(src, attr_name, &attr_value) < 0) { + if (errno == ENOSYS || errno == ENOTSUP) { + return -2; + } else if (errno != ENODATA) { + virReportSystemError(errno, + _("Unable to get XATTR %s on %s"), + attr_name, src); + return -1; + } + } + + if (ref_value && + virFileRemoveXAttr(src, ref_name) < 0) { + return -1; + } + + if (attr_value && + virFileRemoveXAttr(src, attr_name) < 0) { + return -1; + } + + if (dst) { + if (ref_value && + virFileSetXAttr(dst, ref_name, ref_value) < 0) { + return -1; + } + + if (attr_value && + virFileSetXAttr(dst, attr_name, attr_value) < 0) { + ignore_value(virFileRemoveXAttr(dst, ref_name)); + return -1; + } + } + + return 0; +} diff --git a/src/security/security_util.h b/src/security/security_util.h index aacac5c64c..91de704e62 100644 --- a/src/security/security_util.h +++ b/src/security/security_util.h @@ -27,3 +27,8 @@ int virSecuritySetRememberedLabel(const char *name, const char *path, const char *label); + +int +virSecurityMoveRememberedLabel(const char *name, + const char *src, + const char *dst);