mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2025-03-07 17:28:15 +00:00
security: Rename virSecurityManagerRestoreImageLabel to *Disk*
I'm going to add functions that will deal with individual image files rather than whole disks. Rename the security function to make room for the new one.
This commit is contained in:
Peter Krempa
parent
74d52fe809
commit
23a8646a89
@ -911,8 +911,8 @@ virSecurityManagerPreFork;
|
||||
virSecurityManagerReleaseLabel;
|
||||
virSecurityManagerReserveLabel;
|
||||
virSecurityManagerRestoreAllLabel;
|
||||
virSecurityManagerRestoreDiskLabel;
|
||||
virSecurityManagerRestoreHostdevLabel;
|
||||
virSecurityManagerRestoreImageLabel;
|
||||
virSecurityManagerRestoreSavedStateLabel;
|
||||
virSecurityManagerSetAllLabel;
|
||||
virSecurityManagerSetChildProcessLabel;
|
||||
|
||||
@ -12096,8 +12096,8 @@ qemuDomainPrepareDiskChainElement(virQEMUDriverPtr driver,
|
||||
disk->readonly = mode == VIR_DISK_CHAIN_READ_ONLY;
|
||||
|
||||
if (mode == VIR_DISK_CHAIN_NO_ACCESS) {
|
||||
if (virSecurityManagerRestoreImageLabel(driver->securityManager,
|
||||
vm->def, disk) < 0)
|
||||
if (virSecurityManagerRestoreDiskLabel(driver->securityManager,
|
||||
vm->def, disk) < 0)
|
||||
VIR_WARN("Unable to restore security label on %s", disk->src->path);
|
||||
if (qemuTeardownDiskCgroup(vm, disk) < 0)
|
||||
VIR_WARN("Failed to teardown cgroup for disk path %s",
|
||||
|
||||
@ -161,8 +161,8 @@ int qemuDomainChangeEjectableMedia(virQEMUDriverPtr driver,
|
||||
if (ret < 0)
|
||||
goto error;
|
||||
|
||||
if (virSecurityManagerRestoreImageLabel(driver->securityManager,
|
||||
vm->def, origdisk) < 0)
|
||||
if (virSecurityManagerRestoreDiskLabel(driver->securityManager,
|
||||
vm->def, origdisk) < 0)
|
||||
VIR_WARN("Unable to restore security label on ejected image %s",
|
||||
virDomainDiskGetSource(origdisk));
|
||||
|
||||
@ -182,8 +182,8 @@ int qemuDomainChangeEjectableMedia(virQEMUDriverPtr driver,
|
||||
return ret;
|
||||
|
||||
error:
|
||||
if (virSecurityManagerRestoreImageLabel(driver->securityManager,
|
||||
vm->def, disk) < 0)
|
||||
if (virSecurityManagerRestoreDiskLabel(driver->securityManager,
|
||||
vm->def, disk) < 0)
|
||||
VIR_WARN("Unable to restore security label on new media %s", src);
|
||||
|
||||
if (virDomainLockDiskDetach(driver->lockManager, vm, disk) < 0)
|
||||
@ -347,8 +347,8 @@ qemuDomainAttachVirtioDiskDevice(virConnectPtr conn,
|
||||
if (releaseaddr)
|
||||
qemuDomainReleaseDeviceAddress(vm, &disk->info, src);
|
||||
|
||||
if (virSecurityManagerRestoreImageLabel(driver->securityManager,
|
||||
vm->def, disk) < 0)
|
||||
if (virSecurityManagerRestoreDiskLabel(driver->securityManager,
|
||||
vm->def, disk) < 0)
|
||||
VIR_WARN("Unable to restore security label on %s", src);
|
||||
|
||||
if (virDomainLockDiskDetach(driver->lockManager, vm, disk) < 0)
|
||||
@ -597,8 +597,8 @@ qemuDomainAttachSCSIDisk(virConnectPtr conn,
|
||||
return ret;
|
||||
|
||||
error:
|
||||
if (virSecurityManagerRestoreImageLabel(driver->securityManager,
|
||||
vm->def, disk) < 0)
|
||||
if (virSecurityManagerRestoreDiskLabel(driver->securityManager,
|
||||
vm->def, disk) < 0)
|
||||
VIR_WARN("Unable to restore security label on %s", src);
|
||||
|
||||
if (virDomainLockDiskDetach(driver->lockManager, vm, disk) < 0)
|
||||
@ -691,8 +691,8 @@ qemuDomainAttachUSBMassstorageDevice(virConnectPtr conn,
|
||||
return ret;
|
||||
|
||||
error:
|
||||
if (virSecurityManagerRestoreImageLabel(driver->securityManager,
|
||||
vm->def, disk) < 0)
|
||||
if (virSecurityManagerRestoreDiskLabel(driver->securityManager,
|
||||
vm->def, disk) < 0)
|
||||
VIR_WARN("Unable to restore security label on %s", src);
|
||||
|
||||
if (virDomainLockDiskDetach(driver->lockManager, vm, disk) < 0)
|
||||
@ -2504,8 +2504,8 @@ qemuDomainRemoveDiskDevice(virQEMUDriverPtr driver,
|
||||
|
||||
qemuDomainReleaseDeviceAddress(vm, &disk->info, src);
|
||||
|
||||
if (virSecurityManagerRestoreImageLabel(driver->securityManager,
|
||||
vm->def, disk) < 0)
|
||||
if (virSecurityManagerRestoreDiskLabel(driver->securityManager,
|
||||
vm->def, disk) < 0)
|
||||
VIR_WARN("Unable to restore security label on %s", src);
|
||||
|
||||
if (qemuTeardownDiskCgroup(vm, disk) < 0)
|
||||
|
||||
@ -684,9 +684,9 @@ AppArmorClearSecuritySocketLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
|
||||
|
||||
/* Called when hotplugging */
|
||||
static int
|
||||
AppArmorRestoreSecurityImageLabel(virSecurityManagerPtr mgr,
|
||||
virDomainDefPtr def,
|
||||
virDomainDiskDefPtr disk)
|
||||
AppArmorRestoreSecurityDiskLabel(virSecurityManagerPtr mgr,
|
||||
virDomainDefPtr def,
|
||||
virDomainDiskDefPtr disk)
|
||||
{
|
||||
if (virDomainDiskGetType(disk) == VIR_STORAGE_TYPE_NETWORK)
|
||||
return 0;
|
||||
@ -973,7 +973,7 @@ virSecurityDriver virAppArmorSecurityDriver = {
|
||||
.domainSecurityVerify = AppArmorSecurityVerify,
|
||||
|
||||
.domainSetSecurityDiskLabel = AppArmorSetSecurityDiskLabel,
|
||||
.domainRestoreSecurityImageLabel = AppArmorRestoreSecurityImageLabel,
|
||||
.domainRestoreSecurityDiskLabel = AppArmorRestoreSecurityDiskLabel,
|
||||
|
||||
.domainSetSecurityDaemonSocketLabel = AppArmorSetSecurityDaemonSocketLabel,
|
||||
.domainSetSecuritySocketLabel = AppArmorSetSecuritySocketLabel,
|
||||
|
||||
@ -410,9 +410,9 @@ virSecurityDACRestoreSecurityImageLabelInt(virSecurityManagerPtr mgr,
|
||||
|
||||
|
||||
static int
|
||||
virSecurityDACRestoreSecurityImageLabel(virSecurityManagerPtr mgr,
|
||||
virDomainDefPtr def,
|
||||
virDomainDiskDefPtr disk)
|
||||
virSecurityDACRestoreSecurityDiskLabel(virSecurityManagerPtr mgr,
|
||||
virDomainDefPtr def,
|
||||
virDomainDiskDefPtr disk)
|
||||
{
|
||||
return virSecurityDACRestoreSecurityImageLabelInt(mgr, def, disk, false);
|
||||
}
|
||||
@ -1274,7 +1274,7 @@ virSecurityDriver virSecurityDriverDAC = {
|
||||
.domainSecurityVerify = virSecurityDACVerify,
|
||||
|
||||
.domainSetSecurityDiskLabel = virSecurityDACSetSecurityDiskLabel,
|
||||
.domainRestoreSecurityImageLabel = virSecurityDACRestoreSecurityImageLabel,
|
||||
.domainRestoreSecurityDiskLabel = virSecurityDACRestoreSecurityDiskLabel,
|
||||
|
||||
.domainSetSecurityDaemonSocketLabel = virSecurityDACSetDaemonSocketLabel,
|
||||
.domainSetSecuritySocketLabel = virSecurityDACSetSocketLabel,
|
||||
|
||||
@ -51,9 +51,9 @@ typedef const char *(*virSecurityDriverGetBaseLabel) (virSecurityManagerPtr mgr,
|
||||
|
||||
typedef int (*virSecurityDriverPreFork) (virSecurityManagerPtr mgr);
|
||||
|
||||
typedef int (*virSecurityDomainRestoreImageLabel) (virSecurityManagerPtr mgr,
|
||||
virDomainDefPtr def,
|
||||
virDomainDiskDefPtr disk);
|
||||
typedef int (*virSecurityDomainRestoreDiskLabel) (virSecurityManagerPtr mgr,
|
||||
virDomainDefPtr def,
|
||||
virDomainDiskDefPtr disk);
|
||||
typedef int (*virSecurityDomainSetDaemonSocketLabel)(virSecurityManagerPtr mgr,
|
||||
virDomainDefPtr vm);
|
||||
typedef int (*virSecurityDomainSetSocketLabel) (virSecurityManagerPtr mgr,
|
||||
@ -128,7 +128,7 @@ struct _virSecurityDriver {
|
||||
virSecurityDomainSecurityVerify domainSecurityVerify;
|
||||
|
||||
virSecurityDomainSetDiskLabel domainSetSecurityDiskLabel;
|
||||
virSecurityDomainRestoreImageLabel domainRestoreSecurityImageLabel;
|
||||
virSecurityDomainRestoreDiskLabel domainRestoreSecurityDiskLabel;
|
||||
|
||||
virSecurityDomainSetDaemonSocketLabel domainSetSecurityDaemonSocketLabel;
|
||||
virSecurityDomainSetSocketLabel domainSetSecuritySocketLabel;
|
||||
|
||||
@ -306,14 +306,14 @@ bool virSecurityManagerGetRequireConfined(virSecurityManagerPtr mgr)
|
||||
return mgr->requireConfined;
|
||||
}
|
||||
|
||||
int virSecurityManagerRestoreImageLabel(virSecurityManagerPtr mgr,
|
||||
virDomainDefPtr vm,
|
||||
virDomainDiskDefPtr disk)
|
||||
int virSecurityManagerRestoreDiskLabel(virSecurityManagerPtr mgr,
|
||||
virDomainDefPtr vm,
|
||||
virDomainDiskDefPtr disk)
|
||||
{
|
||||
if (mgr->drv->domainRestoreSecurityImageLabel) {
|
||||
if (mgr->drv->domainRestoreSecurityDiskLabel) {
|
||||
int ret;
|
||||
virObjectLock(mgr);
|
||||
ret = mgr->drv->domainRestoreSecurityImageLabel(mgr, vm, disk);
|
||||
ret = mgr->drv->domainRestoreSecurityDiskLabel(mgr, vm, disk);
|
||||
virObjectUnlock(mgr);
|
||||
return ret;
|
||||
}
|
||||
|
||||
@ -61,9 +61,9 @@ bool virSecurityManagerGetAllowDiskFormatProbing(virSecurityManagerPtr mgr);
|
||||
bool virSecurityManagerGetDefaultConfined(virSecurityManagerPtr mgr);
|
||||
bool virSecurityManagerGetRequireConfined(virSecurityManagerPtr mgr);
|
||||
|
||||
int virSecurityManagerRestoreImageLabel(virSecurityManagerPtr mgr,
|
||||
virDomainDefPtr def,
|
||||
virDomainDiskDefPtr disk);
|
||||
int virSecurityManagerRestoreDiskLabel(virSecurityManagerPtr mgr,
|
||||
virDomainDefPtr def,
|
||||
virDomainDiskDefPtr disk);
|
||||
int virSecurityManagerSetDaemonSocketLabel(virSecurityManagerPtr mgr,
|
||||
virDomainDefPtr vm);
|
||||
int virSecurityManagerSetSocketLabel(virSecurityManagerPtr mgr,
|
||||
|
||||
@ -50,9 +50,9 @@ static const char * virSecurityDriverGetDOINop(virSecurityManagerPtr mgr ATTRIBU
|
||||
return "0";
|
||||
}
|
||||
|
||||
static int virSecurityDomainRestoreImageLabelNop(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
|
||||
virDomainDefPtr vm ATTRIBUTE_UNUSED,
|
||||
virDomainDiskDefPtr disk ATTRIBUTE_UNUSED)
|
||||
static int virSecurityDomainRestoreDiskLabelNop(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
|
||||
virDomainDefPtr vm ATTRIBUTE_UNUSED,
|
||||
virDomainDiskDefPtr disk ATTRIBUTE_UNUSED)
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
@ -207,7 +207,7 @@ virSecurityDriver virSecurityDriverNop = {
|
||||
.domainSecurityVerify = virSecurityDomainVerifyNop,
|
||||
|
||||
.domainSetSecurityDiskLabel = virSecurityDomainSetDiskLabelNop,
|
||||
.domainRestoreSecurityImageLabel = virSecurityDomainRestoreImageLabelNop,
|
||||
.domainRestoreSecurityDiskLabel = virSecurityDomainRestoreDiskLabelNop,
|
||||
|
||||
.domainSetSecurityDaemonSocketLabel = virSecurityDomainSetDaemonSocketLabelNop,
|
||||
.domainSetSecuritySocketLabel = virSecurityDomainSetSocketLabelNop,
|
||||
|
||||
@ -1182,9 +1182,9 @@ virSecuritySELinuxRestoreSecurityImageLabelInt(virSecurityManagerPtr mgr,
|
||||
|
||||
|
||||
static int
|
||||
virSecuritySELinuxRestoreSecurityImageLabel(virSecurityManagerPtr mgr,
|
||||
virDomainDefPtr def,
|
||||
virDomainDiskDefPtr disk)
|
||||
virSecuritySELinuxRestoreSecurityDiskLabel(virSecurityManagerPtr mgr,
|
||||
virDomainDefPtr def,
|
||||
virDomainDiskDefPtr disk)
|
||||
{
|
||||
return virSecuritySELinuxRestoreSecurityImageLabelInt(mgr, def, disk, false);
|
||||
}
|
||||
@ -2427,7 +2427,7 @@ virSecurityDriver virSecurityDriverSELinux = {
|
||||
.domainSecurityVerify = virSecuritySELinuxSecurityVerify,
|
||||
|
||||
.domainSetSecurityDiskLabel = virSecuritySELinuxSetSecurityDiskLabel,
|
||||
.domainRestoreSecurityImageLabel = virSecuritySELinuxRestoreSecurityImageLabel,
|
||||
.domainRestoreSecurityDiskLabel = virSecuritySELinuxRestoreSecurityDiskLabel,
|
||||
|
||||
.domainSetSecurityDaemonSocketLabel = virSecuritySELinuxSetSecurityDaemonSocketLabel,
|
||||
.domainSetSecuritySocketLabel = virSecuritySELinuxSetSecuritySocketLabel,
|
||||
|
||||
@ -240,16 +240,16 @@ virSecurityStackSetSecurityDiskLabel(virSecurityManagerPtr mgr,
|
||||
|
||||
|
||||
static int
|
||||
virSecurityStackRestoreSecurityImageLabel(virSecurityManagerPtr mgr,
|
||||
virDomainDefPtr vm,
|
||||
virDomainDiskDefPtr disk)
|
||||
virSecurityStackRestoreSecurityDiskLabel(virSecurityManagerPtr mgr,
|
||||
virDomainDefPtr vm,
|
||||
virDomainDiskDefPtr disk)
|
||||
{
|
||||
virSecurityStackDataPtr priv = virSecurityManagerGetPrivateData(mgr);
|
||||
virSecurityStackItemPtr item = priv->itemsHead;
|
||||
int rc = 0;
|
||||
|
||||
for (; item; item = item->next) {
|
||||
if (virSecurityManagerRestoreImageLabel(item->securityManager, vm, disk) < 0)
|
||||
if (virSecurityManagerRestoreDiskLabel(item->securityManager, vm, disk) < 0)
|
||||
rc = -1;
|
||||
}
|
||||
|
||||
@ -579,7 +579,7 @@ virSecurityDriver virSecurityDriverStack = {
|
||||
.domainSecurityVerify = virSecurityStackVerify,
|
||||
|
||||
.domainSetSecurityDiskLabel = virSecurityStackSetSecurityDiskLabel,
|
||||
.domainRestoreSecurityImageLabel = virSecurityStackRestoreSecurityImageLabel,
|
||||
.domainRestoreSecurityDiskLabel = virSecurityStackRestoreSecurityDiskLabel,
|
||||
|
||||
.domainSetSecurityDaemonSocketLabel = virSecurityStackSetDaemonSocketLabel,
|
||||
.domainSetSecuritySocketLabel = virSecurityStackSetSocketLabel,
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user