virSecurityLabelDef: substitute 'norelabel' with 'relabel'

This negation in names of boolean variables is driving me insane. The
code is much more readable if we drop the 'no-' prefix. Well, at least
for me.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>

src/conf/domain_conf.c

@@ -4576,9 +4576,9 @@ virSecurityLabelDefParseXML(xmlXPathContextPtr ctxt,
                             VIR_SECURITY_LABEL_BUFLEN-1, ctxt);
     if (p != NULL) {
         if (STREQ(p, "yes")) {
-            def->norelabel = false;
+            def->relabel = true;
         } else if (STREQ(p, "no")) {
-            def->norelabel = true;
+            def->relabel = false;
         } else {
             virReportError(VIR_ERR_XML_ERROR,
                            _("invalid security relabel value %s"), p);
@@ -4587,13 +4587,13 @@ virSecurityLabelDefParseXML(xmlXPathContextPtr ctxt,
         }
         VIR_FREE(p);
         if (def->type == VIR_DOMAIN_SECLABEL_DYNAMIC &&
-            def->norelabel) {
+            !def->relabel) {
             virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
                            "%s", _("dynamic label type must use resource relabeling"));
             goto error;
         }
         if (def->type == VIR_DOMAIN_SECLABEL_NONE &&
-            !def->norelabel) {
+            def->relabel) {
             virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
                            "%s", _("resource relabeling is not compatible with 'none' label type"));
             goto error;
@@ -4601,9 +4601,9 @@ virSecurityLabelDefParseXML(xmlXPathContextPtr ctxt,
     } else {
         if (def->type == VIR_DOMAIN_SECLABEL_STATIC ||
             def->type == VIR_DOMAIN_SECLABEL_NONE)
-            def->norelabel = true;
+            def->relabel = false;
         else
-            def->norelabel = false;
+            def->relabel = true;
     }
 
     /* Always parse model */
@@ -4635,7 +4635,7 @@ virSecurityLabelDefParseXML(xmlXPathContextPtr ctxt,
     }
 
     /* Only parse imagelabel, if requested live XML with relabeling */
-    if (!def->norelabel &&
+    if (def->relabel &&
         (!(flags & VIR_DOMAIN_XML_INACTIVE) &&
          def->type != VIR_DOMAIN_SECLABEL_NONE)) {
         p = virXPathStringLimit("string(./imagelabel[1])",
@@ -4793,7 +4793,7 @@ virSecurityDeviceLabelDefParseXML(virSecurityDeviceLabelDefPtr **seclabels_rtn,
         }
 
         /* Can't use overrides if top-level doesn't allow relabeling.  */
-        if (vmDef && vmDef->norelabel) {
+        if (vmDef && !vmDef->relabel) {
             virReportError(VIR_ERR_XML_ERROR, "%s",
                            _("label overrides require relabeling to be "
                              "enabled at the domain level"));
@@ -14708,14 +14708,14 @@ virSecurityLabelDefFormat(virBufferPtr buf,
     }
 
     virBufferAsprintf(buf, " relabel='%s'",
-                      def->norelabel ? "no" : "yes");
+                      def->relabel ? "yes" : "no");
 
     if (def->label || def->imagelabel || def->baselabel) {
         virBufferAddLit(buf, ">\n");
         virBufferAdjustIndent(buf, 2);
         virBufferEscapeString(buf, "<label>%s</label>\n",
                               def->label);
-        if (!def->norelabel)
+        if (def->relabel)
             virBufferEscapeString(buf, "<imagelabel>%s</imagelabel>\n",
                                   def->imagelabel);
         if (def->type == VIR_DOMAIN_SECLABEL_DYNAMIC)

src/security/security_apparmor.c

@@ -281,7 +281,7 @@ reload_profile(virSecurityManagerPtr mgr,
     if (!secdef)
         return rc;
 
-    if (secdef->norelabel)
+    if (!secdef->relabel)
         return 0;
 
     if ((profile_name = get_profile_name(def)) == NULL)
@@ -481,7 +481,7 @@ AppArmorSetSecurityAllLabel(virSecurityManagerPtr mgr,
     if (!secdef)
         return -1;
 
-    if (secdef->norelabel)
+    if (!secdef->relabel)
         return 0;
 
     /* Reload the profile if stdin_path is specified. Note that
@@ -718,7 +718,7 @@ AppArmorSetSecurityImageLabel(virSecurityManagerPtr mgr,
     if (!(secdef = virDomainDefGetSecurityLabelDef(def, SECURITY_APPARMOR_NAME)))
         return -1;
 
-    if (secdef->norelabel)
+    if (!secdef->relabel)
         return 0;
 
     if (secdef->imagelabel) {
@@ -805,7 +805,7 @@ AppArmorSetSecurityHostdevLabel(virSecurityManagerPtr mgr,
     if (!secdef)
         return -1;
 
-    if (secdef->norelabel)
+    if (!secdef->relabel)
         return 0;
 
     if (dev->mode != VIR_DOMAIN_HOSTDEV_MODE_SUBSYS)
@@ -904,7 +904,7 @@ AppArmorRestoreSecurityHostdevLabel(virSecurityManagerPtr mgr,
     if (!secdef)
         return -1;
 
-    if (secdef->norelabel)
+    if (!secdef->relabel)
         return 0;
 
     return reload_profile(mgr, def, NULL, false);

src/security/security_dac.c

@@ -307,7 +307,7 @@ virSecurityDACSetSecurityImageLabel(virSecurityManagerPtr mgr,
         return 0;
 
     secdef = virDomainDefGetSecurityLabelDef(def, SECURITY_DAC_NAME);
-    if (secdef && secdef->norelabel)
+    if (secdef && !secdef->relabel)
         return 0;
 
     disk_seclabel = virStorageSourceGetSecurityLabelDef(src,
@@ -369,7 +369,7 @@ virSecurityDACRestoreSecurityImageLabelInt(virSecurityManagerPtr mgr,
         return 0;
 
     secdef = virDomainDefGetSecurityLabelDef(def, SECURITY_DAC_NAME);
-    if (secdef && secdef->norelabel)
+    if (secdef && !secdef->relabel)
         return 0;
 
     disk_seclabel = virStorageSourceGetSecurityLabelDef(src,
@@ -477,7 +477,7 @@ virSecurityDACSetSecurityHostdevLabel(virSecurityManagerPtr mgr,
     cbdata.manager = mgr;
     cbdata.secdef = virDomainDefGetSecurityLabelDef(def, SECURITY_DAC_NAME);
 
-    if (cbdata.secdef && cbdata.secdef->norelabel)
+    if (cbdata.secdef && !cbdata.secdef->relabel)
         return 0;
 
     switch ((virDomainHostdevSubsysType) dev->source.subsys.type) {
@@ -601,7 +601,7 @@ virSecurityDACRestoreSecurityHostdevLabel(virSecurityManagerPtr mgr,
 
     secdef = virDomainDefGetSecurityLabelDef(def, SECURITY_DAC_NAME);
 
-    if (!priv->dynamicOwnership || (secdef && secdef->norelabel))
+    if (!priv->dynamicOwnership || (secdef && !secdef->relabel))
         return 0;
 
     if (dev->mode != VIR_DOMAIN_HOSTDEV_MODE_SUBSYS)
@@ -881,7 +881,7 @@ virSecurityDACRestoreSecurityAllLabel(virSecurityManagerPtr mgr,
 
     secdef = virDomainDefGetSecurityLabelDef(def, SECURITY_DAC_NAME);
 
-    if (!priv->dynamicOwnership || (secdef && secdef->norelabel))
+    if (!priv->dynamicOwnership || (secdef && !secdef->relabel))
         return 0;
 
     VIR_DEBUG("Restoring security label on %s migrated=%d",
@@ -955,7 +955,7 @@ virSecurityDACSetSecurityAllLabel(virSecurityManagerPtr mgr,
 
     secdef = virDomainDefGetSecurityLabelDef(def, SECURITY_DAC_NAME);
 
-    if (!priv->dynamicOwnership || (secdef && secdef->norelabel))
+    if (!priv->dynamicOwnership || (secdef && !secdef->relabel))
         return 0;
 
     for (i = 0; i < def->ndisks; i++) {
@@ -1157,7 +1157,7 @@ virSecurityDACGenLabel(virSecurityManagerPtr mgr,
         return rc;
     }
 
-    if (!seclabel->norelabel && !seclabel->imagelabel &&
+    if (seclabel->relabel && !seclabel->imagelabel &&
         VIR_STRDUP(seclabel->imagelabel, seclabel->label) < 0) {
         VIR_FREE(seclabel->label);
         return rc;

src/security/security_manager.c

@@ -616,7 +616,7 @@ virSecurityManagerGenLabel(virSecurityManagerPtr mgr,
                 seclabel->type = VIR_DOMAIN_SECLABEL_DYNAMIC;
             } else {
                 seclabel->type = VIR_DOMAIN_SECLABEL_NONE;
-                seclabel->norelabel = true;
+                seclabel->relabel = false;
             }
         }
 

src/security/security_selinux.c

@@ -1130,7 +1130,7 @@ virSecuritySELinuxRestoreSecurityImageLabelInt(virSecurityManagerPtr mgr,
 
     disk_seclabel = virStorageSourceGetSecurityLabelDef(src,
                                                         SECURITY_SELINUX_NAME);
-    if (seclabel->norelabel || (disk_seclabel && disk_seclabel->norelabel))
+    if (!seclabel->relabel || (disk_seclabel && disk_seclabel->norelabel))
         return 0;
 
     /* If labelskip is true and there are no backing files, then we
@@ -1202,7 +1202,7 @@ virSecuritySELinuxSetSecurityImageLabelInternal(virSecurityManagerPtr mgr,
         return 0;
 
     secdef = virDomainDefGetSecurityLabelDef(def, SECURITY_SELINUX_NAME);
-    if (!secdef || secdef->norelabel)
+    if (!secdef || !secdef->relabel)
         return 0;
 
     disk_seclabel = virStorageSourceGetSecurityLabelDef(src,
@@ -1456,7 +1456,7 @@ virSecuritySELinuxSetSecurityHostdevLabel(virSecurityManagerPtr mgr ATTRIBUTE_UN
     virSecurityLabelDefPtr secdef;
 
     secdef = virDomainDefGetSecurityLabelDef(def, SECURITY_SELINUX_NAME);
-    if (!secdef || secdef->norelabel)
+    if (!secdef || !secdef->relabel)
         return 0;
 
     switch (dev->mode) {
@@ -1641,7 +1641,7 @@ virSecuritySELinuxRestoreSecurityHostdevLabel(virSecurityManagerPtr mgr,
     virSecurityLabelDefPtr secdef;
 
     secdef = virDomainDefGetSecurityLabelDef(def, SECURITY_SELINUX_NAME);
-    if (!secdef || secdef->norelabel)
+    if (!secdef || !secdef->relabel)
         return 0;
 
     switch (dev->mode) {
@@ -1670,7 +1670,7 @@ virSecuritySELinuxSetSecurityChardevLabel(virDomainDefPtr def,
     int ret = -1;
 
     seclabel = virDomainDefGetSecurityLabelDef(def, SECURITY_SELINUX_NAME);
-    if (!seclabel || seclabel->norelabel)
+    if (!seclabel || !seclabel->relabel)
         return 0;
 
     if (dev)
@@ -1741,7 +1741,7 @@ virSecuritySELinuxRestoreSecurityChardevLabel(virSecurityManagerPtr mgr,
     int ret = -1;
 
     seclabel = virDomainDefGetSecurityLabelDef(def, SECURITY_SELINUX_NAME);
-    if (!seclabel || seclabel->norelabel)
+    if (!seclabel || !seclabel->relabel)
         return 0;
 
     if (dev)
@@ -1866,10 +1866,8 @@ virSecuritySELinuxRestoreSecurityAllLabel(virSecurityManagerPtr mgr,
     VIR_DEBUG("Restoring security label on %s", def->name);
 
     secdef = virDomainDefGetSecurityLabelDef(def, SECURITY_SELINUX_NAME);
-    if (secdef == NULL)
-        return 0;
 
-    if (secdef->norelabel || data->skipAllLabel)
+    if (!secdef || !secdef->relabel || data->skipAllLabel)
         return 0;
 
     if (def->tpm) {
@@ -1956,7 +1954,7 @@ virSecuritySELinuxSetSavedStateLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
     virSecurityLabelDefPtr secdef;
 
     secdef = virDomainDefGetSecurityLabelDef(def, SECURITY_SELINUX_NAME);
-    if (!secdef || secdef->norelabel)
+    if (!secdef || !secdef->relabel)
         return 0;
 
     return virSecuritySELinuxSetFilecon(savefile, secdef->imagelabel);
@@ -1971,7 +1969,7 @@ virSecuritySELinuxRestoreSavedStateLabel(virSecurityManagerPtr mgr,
     virSecurityLabelDefPtr secdef;
 
     secdef = virDomainDefGetSecurityLabelDef(def, SECURITY_SELINUX_NAME);
-    if (!secdef || secdef->norelabel)
+    if (!secdef || !secdef->relabel)
         return 0;
 
     return virSecuritySELinuxRestoreSecurityFileLabel(mgr, savefile);
@@ -2245,10 +2243,8 @@ virSecuritySELinuxSetSecurityAllLabel(virSecurityManagerPtr mgr,
     virSecurityLabelDefPtr secdef;
 
     secdef = virDomainDefGetSecurityLabelDef(def, SECURITY_SELINUX_NAME);
-    if (secdef == NULL)
-        return 0;
 
-    if (secdef->norelabel || data->skipAllLabel)
+    if (!secdef || !secdef->relabel || data->skipAllLabel)
         return 0;
 
     for (i = 0; i < def->ndisks; i++) {

src/util/virseclabel.c

@@ -64,6 +64,8 @@ virSecurityLabelDefNew(const char *model)
         seclabel = NULL;
     }
 
+    seclabel->relabel = true;
+
     return seclabel;
 }
 

src/util/virseclabel.h

@@ -40,7 +40,7 @@ struct _virSecurityLabelDef {
     char *imagelabel;   /* security image label string */
     char *baselabel;    /* base name of label string */
     int type;           /* virDomainSeclabelType */
-    bool norelabel;
+    bool relabel;       /* true (default) for allowing relabels */
     bool implicit;      /* true if seclabel is auto-added */
 };