[v2] Implement support for QCOW2 data files

[PATCH v2 07/13] security: apparmor: handle qcow2 data-file

Posted by Nikolai Barybin via Devel 1 year, 5 months ago

Signed-off-by: Nikolai Barybin <nikolai.barybin@virtuozzo.com>
---
 src/security/virt-aa-helper.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c
index 067a17f331..4e8334eb3e 100644
--- a/src/security/virt-aa-helper.c
+++ b/src/security/virt-aa-helper.c
@@ -877,6 +877,10 @@ storage_source_add_files(virStorageSource *src,
         if (add_file_path(tmp, depth, buf) < 0)
             return -1;
 
+        if (src->dataFileStore &&
+            storage_source_add_files(src->dataFileStore, buf, 0) < 0)
+            return -1;
+
         depth++;
     }
 
-- 
2.43.5

Re: [PATCH v2 07/13] security: apparmor: handle qcow2 data-file

Posted by Peter Krempa 1 year, 3 months ago

On Sat, Sep 07, 2024 at 17:15:29 +0300, Nikolai Barybin via Devel wrote:
> Signed-off-by: Nikolai Barybin <nikolai.barybin@virtuozzo.com>
> ---
>  src/security/virt-aa-helper.c | 4 ++++
>  1 file changed, 4 insertions(+)
> 
> diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c
> index 067a17f331..4e8334eb3e 100644
> --- a/src/security/virt-aa-helper.c
> +++ b/src/security/virt-aa-helper.c
> @@ -877,6 +877,10 @@ storage_source_add_files(virStorageSource *src,
>          if (add_file_path(tmp, depth, buf) < 0)
>              return -1;
>  
> +        if (src->dataFileStore &&
> +            storage_source_add_files(src->dataFileStore, buf, 0) < 0)
> +            return -1;

As this won't ever have backing files and for symetry with the other
security drivers you should use add_file_path here instead as that
doesn't try to iterate the backing chain.