mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2025-01-08 22:15:21 +00:00
security: Remove VIR_SECURITY_MANAGER_ALLOW_DISK_PROBE
Nothing is setting that flag now so it can be removed. Note that removing 'mgr' from 'load_profile' in the apparmor driver would create a lot of churn. Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
This commit is contained in:
parent
69d0d15632
commit
10bc2127c3
@ -170,7 +170,7 @@ profile_status_file(const char *str)
|
|||||||
* load (add) a profile. Will create one if necessary
|
* load (add) a profile. Will create one if necessary
|
||||||
*/
|
*/
|
||||||
static int
|
static int
|
||||||
load_profile(virSecurityManagerPtr mgr,
|
load_profile(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
|
||||||
const char *profile,
|
const char *profile,
|
||||||
virDomainDefPtr def,
|
virDomainDefPtr def,
|
||||||
const char *fn,
|
const char *fn,
|
||||||
@ -180,8 +180,6 @@ load_profile(virSecurityManagerPtr mgr,
|
|||||||
bool create = true;
|
bool create = true;
|
||||||
char *xml = NULL;
|
char *xml = NULL;
|
||||||
virCommandPtr cmd = NULL;
|
virCommandPtr cmd = NULL;
|
||||||
const char *probe = virSecurityManagerGetAllowDiskFormatProbing(mgr)
|
|
||||||
? "1" : "0";
|
|
||||||
|
|
||||||
xml = virDomainDefFormat(def, NULL, VIR_DOMAIN_DEF_FORMAT_SECURE);
|
xml = virDomainDefFormat(def, NULL, VIR_DOMAIN_DEF_FORMAT_SECURE);
|
||||||
if (!xml)
|
if (!xml)
|
||||||
@ -190,7 +188,7 @@ load_profile(virSecurityManagerPtr mgr,
|
|||||||
if (profile_status_file(profile) >= 0)
|
if (profile_status_file(profile) >= 0)
|
||||||
create = false;
|
create = false;
|
||||||
|
|
||||||
cmd = virCommandNewArgList(VIRT_AA_HELPER, "-p", probe,
|
cmd = virCommandNewArgList(VIRT_AA_HELPER,
|
||||||
create ? "-c" : "-r",
|
create ? "-c" : "-r",
|
||||||
"-u", profile, NULL);
|
"-u", profile, NULL);
|
||||||
if (!create && fn) {
|
if (!create && fn) {
|
||||||
|
@ -365,13 +365,6 @@ virSecurityManagerGetBaseLabel(virSecurityManagerPtr mgr,
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
bool
|
|
||||||
virSecurityManagerGetAllowDiskFormatProbing(virSecurityManagerPtr mgr)
|
|
||||||
{
|
|
||||||
return mgr->flags & VIR_SECURITY_MANAGER_ALLOW_DISK_PROBE;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
bool
|
bool
|
||||||
virSecurityManagerGetDefaultConfined(virSecurityManagerPtr mgr)
|
virSecurityManagerGetDefaultConfined(virSecurityManagerPtr mgr)
|
||||||
{
|
{
|
||||||
|
@ -31,7 +31,6 @@ typedef struct _virSecurityManager virSecurityManager;
|
|||||||
typedef virSecurityManager *virSecurityManagerPtr;
|
typedef virSecurityManager *virSecurityManagerPtr;
|
||||||
|
|
||||||
typedef enum {
|
typedef enum {
|
||||||
VIR_SECURITY_MANAGER_ALLOW_DISK_PROBE = 1 << 0,
|
|
||||||
VIR_SECURITY_MANAGER_DEFAULT_CONFINED = 1 << 1,
|
VIR_SECURITY_MANAGER_DEFAULT_CONFINED = 1 << 1,
|
||||||
VIR_SECURITY_MANAGER_REQUIRE_CONFINED = 1 << 2,
|
VIR_SECURITY_MANAGER_REQUIRE_CONFINED = 1 << 2,
|
||||||
VIR_SECURITY_MANAGER_PRIVILEGED = 1 << 3,
|
VIR_SECURITY_MANAGER_PRIVILEGED = 1 << 3,
|
||||||
@ -40,8 +39,7 @@ typedef enum {
|
|||||||
} virSecurityManagerNewFlags;
|
} virSecurityManagerNewFlags;
|
||||||
|
|
||||||
# define VIR_SECURITY_MANAGER_NEW_MASK \
|
# define VIR_SECURITY_MANAGER_NEW_MASK \
|
||||||
(VIR_SECURITY_MANAGER_ALLOW_DISK_PROBE | \
|
(VIR_SECURITY_MANAGER_DEFAULT_CONFINED | \
|
||||||
VIR_SECURITY_MANAGER_DEFAULT_CONFINED | \
|
|
||||||
VIR_SECURITY_MANAGER_REQUIRE_CONFINED | \
|
VIR_SECURITY_MANAGER_REQUIRE_CONFINED | \
|
||||||
VIR_SECURITY_MANAGER_PRIVILEGED)
|
VIR_SECURITY_MANAGER_PRIVILEGED)
|
||||||
|
|
||||||
@ -89,7 +87,6 @@ const char *virSecurityManagerGetDOI(virSecurityManagerPtr mgr);
|
|||||||
const char *virSecurityManagerGetModel(virSecurityManagerPtr mgr);
|
const char *virSecurityManagerGetModel(virSecurityManagerPtr mgr);
|
||||||
const char *virSecurityManagerGetBaseLabel(virSecurityManagerPtr mgr, int virtType);
|
const char *virSecurityManagerGetBaseLabel(virSecurityManagerPtr mgr, int virtType);
|
||||||
|
|
||||||
bool virSecurityManagerGetAllowDiskFormatProbing(virSecurityManagerPtr mgr);
|
|
||||||
bool virSecurityManagerGetDefaultConfined(virSecurityManagerPtr mgr);
|
bool virSecurityManagerGetDefaultConfined(virSecurityManagerPtr mgr);
|
||||||
bool virSecurityManagerGetRequireConfined(virSecurityManagerPtr mgr);
|
bool virSecurityManagerGetRequireConfined(virSecurityManagerPtr mgr);
|
||||||
bool virSecurityManagerGetPrivileged(virSecurityManagerPtr mgr);
|
bool virSecurityManagerGetPrivileged(virSecurityManagerPtr mgr);
|
||||||
|
Loading…
Reference in New Issue
Block a user