1. Patchew
  2. Libvirt
  3. [libvirt] [PATCH 00/11] qemu: Big namespace cleanup
  4. View patch

[libvirt] [PATCH 10/11] qemu_security: Introduce ImageLabel APIs

Michal Privoznik posted 11 patches 9 years ago
[libvirt] [PATCH 10/11] qemu_security: Introduce ImageLabel APIs
Posted by Michal Privoznik 9 years ago 
Just like we need wrappers over other virSecurityManager APIs, we
need one for virSecurityManagerSetImageLabel and
virSecurityManagerRestoreImageLabel.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
---
 src/qemu/qemu_domain.c   | 7 +++----
 src/qemu/qemu_security.c | 3 +++
 src/qemu/qemu_security.h | 8 ++++++++
 3 files changed, 14 insertions(+), 4 deletions(-)

diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index 9e34d73be..a4ee652db 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -31,6 +31,7 @@
 #include "qemu_parse_command.h"
 #include "qemu_capabilities.h"
 #include "qemu_migration.h"
+#include "qemu_security.h"
 #include "viralloc.h"
 #include "virlog.h"
 #include "virerror.h"
@@ -5094,8 +5095,7 @@ qemuDomainDiskChainElementRevoke(virQEMUDriverPtr driver,
         VIR_WARN("Failed to teardown cgroup for disk path %s",
                  NULLSTR(elem->path));
 
-    if (virSecurityManagerRestoreImageLabel(driver->securityManager,
-                                            vm->def, elem) < 0)
+    if (qemuSecurityRestoreImageLabel(driver, vm, elem) < 0)
         VIR_WARN("Unable to restore security label on %s", NULLSTR(elem->path));
 
     if (qemuDomainNamespaceTeardownDisk(driver, vm, elem) < 0)
@@ -5135,8 +5135,7 @@ qemuDomainDiskChainElementPrepare(virQEMUDriverPtr driver,
     if (qemuSetupImageCgroup(vm, elem) < 0)
         goto cleanup;
 
-    if (virSecurityManagerSetImageLabel(driver->securityManager, vm->def,
-                                        elem) < 0)
+    if (qemuSecuritySetImageLabel(driver, vm, elem) < 0)
         goto cleanup;
 
     ret = 0;
diff --git a/src/qemu/qemu_security.c b/src/qemu/qemu_security.c
index 06bff2470..131be6e4b 100644
--- a/src/qemu/qemu_security.c
+++ b/src/qemu/qemu_security.c
@@ -95,5 +95,8 @@ qemuSecurityRestoreAllLabel(virQEMUDriverPtr driver,
 WRAP1(SetDiskLabel, virDomainDiskDefPtr)
 WRAP1(RestoreDiskLabel, virDomainDiskDefPtr)
 
+WRAP1(SetImageLabel, virStorageSourcePtr)
+WRAP1(RestoreImageLabel, virStorageSourcePtr)
+
 WRAP2(SetHostdevLabel, virDomainHostdevDefPtr)
 WRAP2(RestoreHostdevLabel, virDomainHostdevDefPtr)
diff --git a/src/qemu/qemu_security.h b/src/qemu/qemu_security.h
index cc373b3e1..54638908d 100644
--- a/src/qemu/qemu_security.h
+++ b/src/qemu/qemu_security.h
@@ -45,6 +45,14 @@ int qemuSecurityRestoreDiskLabel(virQEMUDriverPtr driver,
                                  virDomainObjPtr vm,
                                  virDomainDiskDefPtr disk);
 
+int qemuSecuritySetImageLabel(virQEMUDriverPtr driver,
+                              virDomainObjPtr vm,
+                              virStorageSourcePtr src);
+
+int qemuSecurityRestoreImageLabel(virQEMUDriverPtr driver,
+                                  virDomainObjPtr vm,
+                                  virStorageSourcePtr src);
+
 int qemuSecuritySetHostdevLabel(virQEMUDriverPtr driver,
                                 virDomainObjPtr vm,
                                 virDomainHostdevDefPtr hostdev);
-- 
2.11.0

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 10/11] qemu_security: Introduce ImageLabel APIs
Posted by Peter Krempa 9 years ago 
On Wed, Feb 08, 2017 at 11:37:13 +0100, Michal Privoznik wrote:
> Just like we need wrappers over other virSecurityManager APIs, we
> need one for virSecurityManagerSetImageLabel and
> virSecurityManagerRestoreImageLabel.
> 
> Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
> ---
>  src/qemu/qemu_domain.c   | 7 +++----
>  src/qemu/qemu_security.c | 3 +++
>  src/qemu/qemu_security.h | 8 ++++++++
>  3 files changed, 14 insertions(+), 4 deletions(-)
>

[...]

> diff --git a/src/qemu/qemu_security.c b/src/qemu/qemu_security.c
> index 06bff2470..131be6e4b 100644
> --- a/src/qemu/qemu_security.c
> +++ b/src/qemu/qemu_security.c
> @@ -95,5 +95,8 @@ qemuSecurityRestoreAllLabel(virQEMUDriverPtr driver,
>  WRAP1(SetDiskLabel, virDomainDiskDefPtr)
>  WRAP1(RestoreDiskLabel, virDomainDiskDefPtr)
>  
> +WRAP1(SetImageLabel, virStorageSourcePtr)
> +WRAP1(RestoreImageLabel, virStorageSourcePtr)
> +
>  WRAP2(SetHostdevLabel, virDomainHostdevDefPtr)
>  WRAP2(RestoreHostdevLabel, virDomainHostdevDefPtr)

Obviously NACK to this.
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Patchew 2.1-devel-b67e4c2

© 2016 - 2026 Red Hat, Inc.