From nobody Sun Feb  8 18:03:46 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates
 8.43.85.245 as permitted sender) client-ip=8.43.85.245;
 envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org;
Authentication-Results: mx.zohomail.com;
	dkim=fail;
	spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as
 permitted sender)  smtp.mailfrom=devel-bounces@lists.libvirt.org;
	dmarc=pass(p=reject dis=none)  header.from=lists.libvirt.org
ARC-Seal: i=1; a=rsa-sha256; t=1725719585; cv=none;
	d=zohomail.com; s=zohoarc;
	b=ANfiFLZDKzl/BsXeoQJ92+U1MDM5Fd5KxAJSam/23cVwf4+iTfpEzJO4a98vL++tOvYY5fJGn7IyhwDYKW2E5eet4+q5WRBbWXiSIr0RuwN24KmASosFh/1VdqVxb7HvMHp+ad5eWIjhlDOjXra8ovvnu9ceOutL9JTt+LB+VDM=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1725719585;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:Reply-To:References:Subject:Subject:To:To:Message-Id;
	bh=xx7n3MTp2dBW5osPp3doeOBrY/8eneBhq7bFzNKV890=;
	b=I36Z2HdGJJXyhzgyGhZ5RrsiGDdr+FmAskt8SHdU5ti3dKd6VA/NPKAezJClOQzDoUm9t1RaHPWquqPV7qGOkFpD/38U3KTDu+U608G594RHqKPnEUDoHEcVpcge1+6ol7y4P7jX+/8k5q+D4fLzqYNn/HZaSrXcvpuWt63hu+Y=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=fail;
	spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as
 permitted sender)  smtp.mailfrom=devel-bounces@lists.libvirt.org;
	dmarc=pass header.from=<devel@lists.libvirt.org> (p=reject dis=none)
Return-Path: <devel-bounces@lists.libvirt.org>
Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by
 mx.zohomail.com
	with SMTPS id 17257195859381007.8660670929999;
 Sat, 7 Sep 2024 07:33:05 -0700 (PDT)
Received: by lists.libvirt.org (Postfix, from userid 996)
	id E4D2F18A5; Sat,  7 Sep 2024 10:33:04 -0400 (EDT)
Received: from lists.libvirt.org (localhost [IPv6:::1])
	by lists.libvirt.org (Postfix) with ESMTP id 5F91518F5;
	Sat,  7 Sep 2024 10:31:58 -0400 (EDT)
Received: by lists.libvirt.org (Postfix, from userid 996)
	id D9F671824; Sat,  7 Sep 2024 10:31:53 -0400 (EDT)
Received: from relay.virtuozzo.com (relay.virtuozzo.com [130.117.225.111])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by lists.libvirt.org (Postfix) with ESMTPS id 99A9118B8
	for <devel@lists.libvirt.org>; Sat,  7 Sep 2024 10:31:41 -0400 (EDT)
Received: from [130.117.225.1] (helo=vz9-barybin-2.ch-qa.vzint.dev)
	by relay.virtuozzo.com with esmtp (Exim 4.96)
	(envelope-from <nikolai.barybin@virtuozzo.com>)
	id 1smwQy-001ZxE-2K;
	Sat, 07 Sep 2024 16:31:35 +0200
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on lists.libvirt.org
X-Spam-Level: 
X-Spam-Status: No, score=-3.1 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED,
	MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED,SPF_HELO_NONE
	autolearn=unavailable autolearn_force=no version=3.4.4
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=virtuozzo.com; s=relay; h=MIME-Version:Message-ID:Date:Subject:From:
	Content-Type; bh=HUGjF0l424CQJmbRRIu1g2/lDNxsB1Fglxg/eBTlGac=; b=Kho0i1ItHNQ9
	8VrXaQXjZTpfDeIN4Oq3F44KYnduXXxLD50B3qXheLDogkJTMM1uTC4GBnnTFROa0q5yLic38Nc8s
	SO+NniFh8ypN2ZcQwF9UQ+OA+zNdvb/cdEjkGUiMDnmokoWu9etZWb5bKW/w0v/a5vwvy/AP0Zq0F
	8PCMrCKFLUkSTdYERFXWk9w/OtoFaF5Y7rOH/C4vryGRSrKpk+EK5cYQKC/AJWHbBEpw2CB1kXoMX
	OMfLUNRnlWBz3+wOCAwnYjeQA5Zc/kmRRg5abdJ/+WRy+WQ6wpnU8ofFff4PQXD6O5c347gFttRK9
	Enhe/fKSeCJFxJASJ6NgsQ==;
To: devel@lists.libvirt.org
Subject: [PATCH v2 06/13] security: selinux: handle qcow2 data-file on image
 label set/restore
Date: Sat,  7 Sep 2024 17:15:27 +0300
Message-ID: <20240907143006.50677-13-nikolai.barybin@virtuozzo.com>
X-Mailer: git-send-email 2.43.5
In-Reply-To: <20240907143006.50677-1-nikolai.barybin@virtuozzo.com>
References: <20240907143006.50677-1-nikolai.barybin@virtuozzo.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Message-ID-Hash: UZGNWTUT2N7VBHMYF3UYOUTLKXKYQJAL
X-Message-ID-Hash: UZGNWTUT2N7VBHMYF3UYOUTLKXKYQJAL
X-MailFrom: nikolai.barybin@virtuozzo.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency;
 loop; banned-address; member-moderation; header-match-config-1;
 header-match-config-2; header-match-config-3;
 header-match-devel.lists.libvirt.org-0; nonmember-moderation; administrivia;
 implicit-dest; max-recipients; max-size; news-moderation; no-subject;
 suspicious-header
CC: den@openvz.org, Nikolai Barybin <nikolai.barybin@virtuozzo.com>
X-Mailman-Version: 3.2.2
Precedence: list
List-Id: Development discussions about the libvirt library & tools
 <devel.lists.libvirt.org>
Archived-At: 
 <https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/message/UZGNWTUT2N7VBHMYF3UYOUTLKXKYQJAL/>
List-Archive: 
 <https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/>
List-Help: <mailto:devel-request@lists.libvirt.org?subject=help>
List-Post: <mailto:devel@lists.libvirt.org>
List-Subscribe: <mailto:devel-join@lists.libvirt.org>
List-Unsubscribe: <mailto:devel-leave@lists.libvirt.org>
From: Nikolai Barybin via Devel <devel@lists.libvirt.org>
Reply-To: Nikolai Barybin <nikolai.barybin@virtuozzo.com>
X-ZohoMail-DKIM: fail (Header signature does not verify)
X-ZM-MESSAGEID: 1725719586990116600
Content-Type: text/plain; charset="utf-8"

Signed-off-by: Nikolai Barybin <nikolai.barybin@virtuozzo.com>
---
 src/security/security_selinux.c | 20 ++++++++++++++++----
 1 file changed, 16 insertions(+), 4 deletions(-)

diff --git a/src/security/security_selinux.c b/src/security/security_selinu=
x.c
index 31df4d22db..6d0611fe50 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -1871,7 +1871,12 @@ virSecuritySELinuxRestoreImageLabel(virSecurityManag=
er *mgr,
                                     virStorageSource *src,
                                     virSecurityDomainImageLabelFlags flags=
 G_GNUC_UNUSED)
 {
-    return virSecuritySELinuxRestoreImageLabelInt(mgr, def, src, false);
+    int rc =3D virSecuritySELinuxRestoreImageLabelInt(mgr, def, src, false=
);
+
+    if (rc =3D=3D 0 && src->dataFileStore)
+        rc =3D virSecuritySELinuxRestoreImageLabelInt(mgr, def, src->dataF=
ileStore, false);
+
+    return rc;
 }
=20
=20
@@ -1996,6 +2001,10 @@ virSecuritySELinuxSetImageLabel(virSecurityManager *=
mgr,
         if (virSecuritySELinuxSetImageLabelInternal(mgr, def, n, parent, i=
sChainTop) < 0)
             return -1;
=20
+        if (n->dataFileStore &&
+            virSecuritySELinuxSetImageLabelInternal(mgr, def, n->dataFileS=
tore, parent, isChainTop) < 0)
+            return -1;
+
         if (!(flags & VIR_SECURITY_DOMAIN_IMAGE_LABEL_BACKING_CHAIN))
             break;
=20
@@ -2843,9 +2852,12 @@ virSecuritySELinuxRestoreAllLabel(virSecurityManager=
 *mgr,
=20
     for (i =3D 0; i < def->ndisks; i++) {
         virDomainDiskDef *disk =3D def->disks[i];
-
-        if (virSecuritySELinuxRestoreImageLabelInt(mgr, def, disk->src,
-                                                   migrated) < 0)
+        int ret =3D virSecuritySELinuxRestoreImageLabelInt(mgr, def, disk-=
>src,
+                                                         migrated);
+        if (ret =3D=3D 0 && disk->src->dataFileStore)
+            ret =3D virSecuritySELinuxRestoreImageLabelInt(mgr, def, disk-=
>src->dataFileStore,
+                                                         migrated);
+        if (ret < 0)
             rc =3D -1;
     }
=20
--=20
2.43.5