1. Patchew
  2. Libvirt
  3. [libvirt] [PATCH 00/30] storagefile, security: qcow2 data_file support
  4. View patch

[libvirt] [PATCH 28/30] security: selinux: Restore image label for externalDataStore

Cole Robinson posted 30 patches 6 years, 4 months ago
[libvirt] [PATCH 28/30] security: selinux: Restore image label for externalDataStore
Posted by Cole Robinson 6 years, 4 months ago 
Rename the existing virSecuritySELinuxRestoreImageLabelInt
to virSecuritySELinuxRestoreImageLabelSingle, and extend the new
ImageLabelInt handle externalDataStore

Signed-off-by: Cole Robinson <crobinso@redhat.com>
---
 src/security/security_selinux.c | 28 ++++++++++++++++++++++++----
 1 file changed, 24 insertions(+), 4 deletions(-)

diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
index fd7dd080c1..c0bfb581e3 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -1747,10 +1747,10 @@ virSecuritySELinuxRestoreTPMFileLabelInt(virSecurityManagerPtr mgr,
 
 
 static int
-virSecuritySELinuxRestoreImageLabelInt(virSecurityManagerPtr mgr,
-                                       virDomainDefPtr def,
-                                       virStorageSourcePtr src,
-                                       bool migrated)
+virSecuritySELinuxRestoreImageLabelSingle(virSecurityManagerPtr mgr,
+                                          virDomainDefPtr def,
+                                          virStorageSourcePtr src,
+                                          bool migrated)
 {
     virSecurityLabelDefPtr seclabel;
     virSecurityDeviceLabelDefPtr disk_seclabel;
@@ -1802,6 +1802,26 @@ virSecuritySELinuxRestoreImageLabelInt(virSecurityManagerPtr mgr,
 }
 
 
+static int
+virSecuritySELinuxRestoreImageLabelInt(virSecurityManagerPtr mgr,
+                                       virDomainDefPtr def,
+                                       virStorageSourcePtr src,
+                                       bool migrated)
+{
+    if (virSecuritySELinuxRestoreImageLabelSingle(mgr, def, src, migrated) < 0)
+        return -1;
+
+    if (src->externalDataStore &&
+        virSecuritySELinuxRestoreImageLabelSingle(mgr,
+                                                  def,
+                                                  src->externalDataStore,
+                                                  migrated) < 0)
+        return -1;
+
+    return 0;
+}
+
+
 static int
 virSecuritySELinuxRestoreImageLabel(virSecurityManagerPtr mgr,
                                     virDomainDefPtr def,
-- 
2.23.0

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 28/30] security: selinux: Restore image label for externalDataStore
Posted by Daniel Henrique Barboza 6 years, 4 months ago 

On 10/7/19 6:49 PM, Cole Robinson wrote:
> Rename the existing virSecuritySELinuxRestoreImageLabelInt
> to virSecuritySELinuxRestoreImageLabelSingle, and extend the new
> ImageLabelInt handle externalDataStore
>
> Signed-off-by: Cole Robinson <crobinso@redhat.com>
> ---

Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>

>   src/security/security_selinux.c | 28 ++++++++++++++++++++++++----
>   1 file changed, 24 insertions(+), 4 deletions(-)
>
> diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
> index fd7dd080c1..c0bfb581e3 100644
> --- a/src/security/security_selinux.c
> +++ b/src/security/security_selinux.c
> @@ -1747,10 +1747,10 @@ virSecuritySELinuxRestoreTPMFileLabelInt(virSecurityManagerPtr mgr,
>   
>   
>   static int
> -virSecuritySELinuxRestoreImageLabelInt(virSecurityManagerPtr mgr,
> -                                       virDomainDefPtr def,
> -                                       virStorageSourcePtr src,
> -                                       bool migrated)
> +virSecuritySELinuxRestoreImageLabelSingle(virSecurityManagerPtr mgr,
> +                                          virDomainDefPtr def,
> +                                          virStorageSourcePtr src,
> +                                          bool migrated)
>   {
>       virSecurityLabelDefPtr seclabel;
>       virSecurityDeviceLabelDefPtr disk_seclabel;
> @@ -1802,6 +1802,26 @@ virSecuritySELinuxRestoreImageLabelInt(virSecurityManagerPtr mgr,
>   }
>   
>   
> +static int
> +virSecuritySELinuxRestoreImageLabelInt(virSecurityManagerPtr mgr,
> +                                       virDomainDefPtr def,
> +                                       virStorageSourcePtr src,
> +                                       bool migrated)
> +{
> +    if (virSecuritySELinuxRestoreImageLabelSingle(mgr, def, src, migrated) < 0)
> +        return -1;
> +
> +    if (src->externalDataStore &&
> +        virSecuritySELinuxRestoreImageLabelSingle(mgr,
> +                                                  def,
> +                                                  src->externalDataStore,
> +                                                  migrated) < 0)
> +        return -1;
> +
> +    return 0;
> +}
> +
> +
>   static int
>   virSecuritySELinuxRestoreImageLabel(virSecurityManagerPtr mgr,
>                                       virDomainDefPtr def,

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Patchew 2.1-devel-b67e4c2

© 2016 - 2026 Red Hat, Inc.