From nobody Mon Feb 9 01:22:10 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as permitted sender) client-ip=205.139.110.120; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1594376946; cv=none; d=zohomail.com; s=zohoarc; b=NRQSfz6aqpIFfY0w2ujjXGmv8fksZwvmK/AWKkqxliLKWmhVaxLPODeKq9ez20IvZCHtFcZJeSHWSMDzkB+HUBhF3cyOA5mA2JBNSzzsj2uniD9Av53L+v3/rJvF1EDrBOhzv/sXGRfV5kRrZ5j06R40XJI2d3+Qs6Y+bhdcgtU= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1594376946; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=znALihyKb5c6FsewvkauiBC779roL5VIj/oMjZCB+Hk=; b=ca/vc+34G2/x3VB9s2lYDMwL4euDBzHR1R71EzD4KS2CeKEu+MP5MmtWPc3sZ7ICOvvK4sQKVboZU3EGQD/wZxtlBLJnaS5E8dqTxG/OvLmCINr/tBGeyd7HPBqdyRKBeADoYq/DQ9FDZf3OdzCDSmjU8FFHEgv92eoSG8R0sK8= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [205.139.110.120]) by mx.zohomail.com with SMTPS id 1594376946958693.6788414295863; Fri, 10 Jul 2020 03:29:06 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-105-X4U8_7gxOymgGt-2-7SvxQ-1; Fri, 10 Jul 2020 06:28:09 -0400 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 9B6D7106B24E; Fri, 10 Jul 2020 10:28:03 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 784F510016DA; Fri, 10 Jul 2020 10:28:03 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 4749A1809557; Fri, 10 Jul 2020 10:28:03 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 06AAPDVQ009376 for ; Fri, 10 Jul 2020 06:25:13 -0400 Received: by smtp.corp.redhat.com (Postfix) id A679474F52; Fri, 10 Jul 2020 10:25:13 +0000 (UTC) Received: from antique-work.redhat.com (unknown [10.40.194.39]) by smtp.corp.redhat.com (Postfix) with ESMTP id 200E774F44 for ; Fri, 10 Jul 2020 10:25:12 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1594376945; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=znALihyKb5c6FsewvkauiBC779roL5VIj/oMjZCB+Hk=; b=UWIs2AXx+hDUk5UN23YPZvN4c8oxgbQXqdl2GSfiWEUgYuomyXppYbEBhY7sDX8hSVR9hs ZWKdhXldr1yAf1JCBOL9Vh2gFUvHB8gfgE/Cg67MIlr+9taC83BOZS70sLuSF7vWGpv5vz CNm/Ebq73xU0sP7GOD5Lh9088ac8gEQ= X-MC-Unique: X4U8_7gxOymgGt-2-7SvxQ-1 From: Pavel Hrdina To: libvir-list@redhat.com Subject: [libvirt PATCH v2 3/5] m4: virt-secdriver-selinux: drop obsolete function checks Date: Fri, 10 Jul 2020 12:25:04 +0200 Message-Id: <3fd1cdcf143c3a8372466a808979b2b4bb473cdd.1594376575.git.phrdina@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" All of the listed functions are available in libselinux version 2.2. Our supported OSes start with version 2.5 so there is no need to check it. Signed-off-by: Pavel Hrdina Reviewed-by: Daniel P. Berrang=C3=A9 Reviewed-by: J=C3=A1n Tomko --- m4/virt-secdriver-selinux.m4 | 24 ++---------------------- src/security/security_selinux.c | 18 +++--------------- tests/securityselinuxhelper.c | 6 ------ 3 files changed, 5 insertions(+), 43 deletions(-) diff --git a/m4/virt-secdriver-selinux.m4 b/m4/virt-secdriver-selinux.m4 index a48569fc33a..4174249a510 100644 --- a/m4/virt-secdriver-selinux.m4 +++ b/m4/virt-secdriver-selinux.m4 @@ -32,28 +32,8 @@ AC_DEFUN([LIBVIRT_SECDRIVER_CHECK_SELINUX], [ AC_MSG_ERROR([You must install the libselinux development package an= d enable SELinux with the --with-selinux=3Dyes in order to compile libvirt = --with-secdriver-selinux=3Dyes]) fi elif test "$with_secdriver_selinux" !=3D "no"; then - old_CFLAGS=3D"$CFLAGS" - old_LIBS=3D"$LIBS" - CFLAGS=3D"$CFLAGS $SELINUX_CFLAGS" - LIBS=3D"$CFLAGS $SELINUX_LIBS" - - fail=3D0 - AC_CHECK_FUNC([selinux_virtual_domain_context_path], [], [fail=3D1]) - AC_CHECK_FUNC([selinux_virtual_image_context_path], [], [fail=3D1]) - AC_CHECK_FUNCS([selinux_lxc_contexts_path]) - CFLAGS=3D"$old_CFLAGS" - LIBS=3D"$old_LIBS" - - if test "$fail" =3D "1" ; then - if test "$with_secdriver_selinux" =3D "check" ; then - with_secdriver_selinux=3Dno - else - AC_MSG_ERROR([You must install libselinux development package >=3D= 2.0.82 in order to compile libvirt --with-secdriver-selinux=3Dyes]) - fi - else - with_secdriver_selinux=3Dyes - AC_DEFINE_UNQUOTED([WITH_SECDRIVER_SELINUX], 1, [whether SELinux sec= urity driver is available]) - fi + with_secdriver_selinux=3Dyes + AC_DEFINE_UNQUOTED([WITH_SECDRIVER_SELINUX], 1, [whether SELinux secur= ity driver is available]) fi AM_CONDITIONAL([WITH_SECDRIVER_SELINUX], [test "$with_secdriver_selinux"= !=3D "no"]) ]) diff --git a/src/security/security_selinux.c b/src/security/security_selinu= x.c index f8c1a0a2f1a..67dc6ce09a4 100644 --- a/src/security/security_selinux.c +++ b/src/security/security_selinux.c @@ -639,7 +639,6 @@ virSecuritySELinuxGenNewContext(const char *basecontext, } =20 =20 -#ifdef HAVE_SELINUX_LXC_CONTEXTS_PATH static int virSecuritySELinuxLXCInitialize(virSecurityManagerPtr mgr) { @@ -702,15 +701,6 @@ virSecuritySELinuxLXCInitialize(virSecurityManagerPtr = mgr) virHashFree(data->mcs); return -1; } -#else -static int -virSecuritySELinuxLXCInitialize(virSecurityManagerPtr mgr G_GNUC_UNUSED) -{ - virReportSystemError(ENOSYS, "%s", - _("libselinux does not support LXC contexts path"= )); - return -1; -} -#endif =20 =20 static int @@ -1018,11 +1008,9 @@ virSecuritySELinuxDriverProbe(const char *virtDriver) if (is_selinux_enabled() <=3D 0) return SECURITY_DRIVER_DISABLE; =20 - if (virtDriver && STREQ(virtDriver, "LXC")) { -#if HAVE_SELINUX_LXC_CONTEXTS_PATH - if (!virFileExists(selinux_lxc_contexts_path())) -#endif - return SECURITY_DRIVER_DISABLE; + if (virtDriver && STREQ(virtDriver, "LXC") && + !virFileExists(selinux_lxc_contexts_path())) { + return SECURITY_DRIVER_DISABLE; } =20 return SECURITY_DRIVER_ENABLE; diff --git a/tests/securityselinuxhelper.c b/tests/securityselinuxhelper.c index 0556241fd55..c3d7f8c1cee 100644 --- a/tests/securityselinuxhelper.c +++ b/tests/securityselinuxhelper.c @@ -48,9 +48,7 @@ static int (*real_is_selinux_enabled)(void); static const char *(*real_selinux_virtual_domain_context_path)(void); static const char *(*real_selinux_virtual_image_context_path)(void); =20 -#ifdef HAVE_SELINUX_LXC_CONTEXTS_PATH static const char *(*real_selinux_lxc_contexts_path)(void); -#endif =20 static struct selabel_handle *(*real_selabel_open)(unsigned int backend, const struct selinux_opt= *opts, @@ -73,9 +71,7 @@ static void init_syms(void) VIR_MOCK_REAL_INIT(selinux_virtual_domain_context_path); VIR_MOCK_REAL_INIT(selinux_virtual_image_context_path); =20 -#ifdef HAVE_SELINUX_LXC_CONTEXTS_PATH VIR_MOCK_REAL_INIT(selinux_lxc_contexts_path); -#endif =20 VIR_MOCK_REAL_INIT(selabel_open); VIR_MOCK_REAL_INIT(selabel_close); @@ -273,7 +269,6 @@ const char *selinux_virtual_image_context_path(void) return abs_srcdir "/securityselinuxhelperdata/virtual_image_context"; } =20 -#ifdef HAVE_SELINUX_LXC_CONTEXTS_PATH const char *selinux_lxc_contexts_path(void) { init_syms(); @@ -283,7 +278,6 @@ const char *selinux_lxc_contexts_path(void) =20 return abs_srcdir "/securityselinuxhelperdata/lxc_contexts"; } -#endif =20 struct selabel_handle * selabel_open(unsigned int backend, --=20 2.26.2