mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2025-01-22 12:35:17 +00:00
security: Rename virSecurityManagerRestoreSavedStateLabel()
The new name is virSecurityManagerDomainRestorePathLabel(). Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Erik Skultety <eskultet@redhat.com>
This commit is contained in:
Michal Privoznik
parent
bd22eec903
commit
4ccbd207f2
@ -1535,6 +1535,7 @@ virSecurityDriverLookup;
|
|||||||
# security/security_manager.h
|
# security/security_manager.h
|
||||||
virSecurityManagerCheckAllLabel;
|
virSecurityManagerCheckAllLabel;
|
||||||
virSecurityManagerClearSocketLabel;
|
virSecurityManagerClearSocketLabel;
|
||||||
|
virSecurityManagerDomainRestorePathLabel;
|
||||||
virSecurityManagerDomainSetPathLabel;
|
virSecurityManagerDomainSetPathLabel;
|
||||||
virSecurityManagerDomainSetPathLabelRO;
|
virSecurityManagerDomainSetPathLabelRO;
|
||||||
virSecurityManagerGenLabel;
|
virSecurityManagerGenLabel;
|
||||||
@ -1558,7 +1559,6 @@ virSecurityManagerRestoreHostdevLabel;
|
|||||||
virSecurityManagerRestoreImageLabel;
|
virSecurityManagerRestoreImageLabel;
|
||||||
virSecurityManagerRestoreInputLabel;
|
virSecurityManagerRestoreInputLabel;
|
||||||
virSecurityManagerRestoreMemoryLabel;
|
virSecurityManagerRestoreMemoryLabel;
|
||||||
virSecurityManagerRestoreSavedStateLabel;
|
|
||||||
virSecurityManagerRestoreTPMLabels;
|
virSecurityManagerRestoreTPMLabels;
|
||||||
virSecurityManagerSetAllLabel;
|
virSecurityManagerSetAllLabel;
|
||||||
virSecurityManagerSetChardevLabel;
|
virSecurityManagerSetChardevLabel;
|
||||||
|
|||||||
@ -629,7 +629,7 @@ qemuSecurityRestoreSavedStateLabel(virQEMUDriverPtr driver,
|
|||||||
if (virSecurityManagerTransactionStart(driver->securityManager) < 0)
|
if (virSecurityManagerTransactionStart(driver->securityManager) < 0)
|
||||||
goto cleanup;
|
goto cleanup;
|
||||||
|
|
||||||
if (virSecurityManagerRestoreSavedStateLabel(driver->securityManager,
|
if (virSecurityManagerDomainRestorePathLabel(driver->securityManager,
|
||||||
vm->def,
|
vm->def,
|
||||||
savefile) < 0)
|
savefile) < 0)
|
||||||
goto cleanup;
|
goto cleanup;
|
||||||
|
|||||||
@ -1069,9 +1069,9 @@ AppArmorSetPathLabel(virSecurityManagerPtr mgr,
|
|||||||
}
|
}
|
||||||
|
|
||||||
static int
|
static int
|
||||||
AppArmorRestoreSavedStateLabel(virSecurityManagerPtr mgr,
|
AppArmorRestorePathLabel(virSecurityManagerPtr mgr,
|
||||||
virDomainDefPtr def,
|
virDomainDefPtr def,
|
||||||
const char *savefile G_GNUC_UNUSED)
|
const char *path G_GNUC_UNUSED)
|
||||||
{
|
{
|
||||||
return reload_profile(mgr, def, NULL, false);
|
return reload_profile(mgr, def, NULL, false);
|
||||||
}
|
}
|
||||||
@ -1157,9 +1157,8 @@ virSecurityDriver virAppArmorSecurityDriver = {
|
|||||||
.domainSetSecurityHostdevLabel = AppArmorSetSecurityHostdevLabel,
|
.domainSetSecurityHostdevLabel = AppArmorSetSecurityHostdevLabel,
|
||||||
.domainRestoreSecurityHostdevLabel = AppArmorRestoreSecurityHostdevLabel,
|
.domainRestoreSecurityHostdevLabel = AppArmorRestoreSecurityHostdevLabel,
|
||||||
|
|
||||||
.domainRestoreSavedStateLabel = AppArmorRestoreSavedStateLabel,
|
|
||||||
|
|
||||||
.domainSetPathLabel = AppArmorSetPathLabel,
|
.domainSetPathLabel = AppArmorSetPathLabel,
|
||||||
|
.domainRestorePathLabel = AppArmorRestorePathLabel,
|
||||||
|
|
||||||
.domainSetSecurityChardevLabel = AppArmorSetChardevLabel,
|
.domainSetSecurityChardevLabel = AppArmorSetChardevLabel,
|
||||||
.domainRestoreSecurityChardevLabel = AppArmorRestoreChardevLabel,
|
.domainRestoreSecurityChardevLabel = AppArmorRestoreChardevLabel,
|
||||||
|
|||||||
@ -2257,20 +2257,6 @@ virSecurityDACSetAllLabel(virSecurityManagerPtr mgr,
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static int
|
|
||||||
virSecurityDACRestoreSavedStateLabel(virSecurityManagerPtr mgr,
|
|
||||||
virDomainDefPtr def G_GNUC_UNUSED,
|
|
||||||
const char *savefile)
|
|
||||||
{
|
|
||||||
virSecurityDACDataPtr priv = virSecurityManagerGetPrivateData(mgr);
|
|
||||||
|
|
||||||
if (!priv->dynamicOwnership)
|
|
||||||
return 0;
|
|
||||||
|
|
||||||
return virSecurityDACRestoreFileLabel(mgr, savefile);
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
static int
|
static int
|
||||||
virSecurityDACSetProcessLabel(virSecurityManagerPtr mgr,
|
virSecurityDACSetProcessLabel(virSecurityManagerPtr mgr,
|
||||||
virDomainDefPtr def)
|
virDomainDefPtr def)
|
||||||
@ -2570,6 +2556,15 @@ virSecurityDACDomainSetPathLabel(virSecurityManagerPtr mgr,
|
|||||||
return virSecurityDACSetOwnership(mgr, NULL, path, user, group, true);
|
return virSecurityDACSetOwnership(mgr, NULL, path, user, group, true);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static int
|
||||||
|
virSecurityDACDomainRestorePathLabel(virSecurityManagerPtr mgr,
|
||||||
|
virDomainDefPtr def G_GNUC_UNUSED,
|
||||||
|
const char *path)
|
||||||
|
{
|
||||||
|
return virSecurityDACRestoreFileLabel(mgr, path);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
virSecurityDriver virSecurityDriverDAC = {
|
virSecurityDriver virSecurityDriverDAC = {
|
||||||
.privateDataLen = sizeof(virSecurityDACData),
|
.privateDataLen = sizeof(virSecurityDACData),
|
||||||
.name = SECURITY_DAC_NAME,
|
.name = SECURITY_DAC_NAME,
|
||||||
@ -2616,8 +2611,6 @@ virSecurityDriver virSecurityDriverDAC = {
|
|||||||
.domainSetSecurityHostdevLabel = virSecurityDACSetHostdevLabel,
|
.domainSetSecurityHostdevLabel = virSecurityDACSetHostdevLabel,
|
||||||
.domainRestoreSecurityHostdevLabel = virSecurityDACRestoreHostdevLabel,
|
.domainRestoreSecurityHostdevLabel = virSecurityDACRestoreHostdevLabel,
|
||||||
|
|
||||||
.domainRestoreSavedStateLabel = virSecurityDACRestoreSavedStateLabel,
|
|
||||||
|
|
||||||
.domainSetSecurityImageFDLabel = virSecurityDACSetImageFDLabel,
|
.domainSetSecurityImageFDLabel = virSecurityDACSetImageFDLabel,
|
||||||
.domainSetSecurityTapFDLabel = virSecurityDACSetTapFDLabel,
|
.domainSetSecurityTapFDLabel = virSecurityDACSetTapFDLabel,
|
||||||
|
|
||||||
@ -2626,6 +2619,7 @@ virSecurityDriver virSecurityDriverDAC = {
|
|||||||
.getBaseLabel = virSecurityDACGetBaseLabel,
|
.getBaseLabel = virSecurityDACGetBaseLabel,
|
||||||
|
|
||||||
.domainSetPathLabel = virSecurityDACDomainSetPathLabel,
|
.domainSetPathLabel = virSecurityDACDomainSetPathLabel,
|
||||||
|
.domainRestorePathLabel = virSecurityDACDomainRestorePathLabel,
|
||||||
|
|
||||||
.domainSetSecurityChardevLabel = virSecurityDACSetChardevLabel,
|
.domainSetSecurityChardevLabel = virSecurityDACSetChardevLabel,
|
||||||
.domainRestoreSecurityChardevLabel = virSecurityDACRestoreChardevLabel,
|
.domainRestoreSecurityChardevLabel = virSecurityDACRestoreChardevLabel,
|
||||||
|
|||||||
@ -67,9 +67,6 @@ typedef int (*virSecurityDomainSetHostdevLabel) (virSecurityManagerPtr mgr,
|
|||||||
virDomainDefPtr def,
|
virDomainDefPtr def,
|
||||||
virDomainHostdevDefPtr dev,
|
virDomainHostdevDefPtr dev,
|
||||||
const char *vroot);
|
const char *vroot);
|
||||||
typedef int (*virSecurityDomainRestoreSavedStateLabel) (virSecurityManagerPtr mgr,
|
|
||||||
virDomainDefPtr def,
|
|
||||||
const char *savefile);
|
|
||||||
typedef int (*virSecurityDomainGenLabel) (virSecurityManagerPtr mgr,
|
typedef int (*virSecurityDomainGenLabel) (virSecurityManagerPtr mgr,
|
||||||
virDomainDefPtr sec);
|
virDomainDefPtr sec);
|
||||||
typedef int (*virSecurityDomainReserveLabel) (virSecurityManagerPtr mgr,
|
typedef int (*virSecurityDomainReserveLabel) (virSecurityManagerPtr mgr,
|
||||||
@ -140,6 +137,9 @@ typedef int (*virSecurityDomainSetPathLabel) (virSecurityManagerPtr mgr,
|
|||||||
typedef int (*virSecurityDomainSetPathLabelRO) (virSecurityManagerPtr mgr,
|
typedef int (*virSecurityDomainSetPathLabelRO) (virSecurityManagerPtr mgr,
|
||||||
virDomainDefPtr def,
|
virDomainDefPtr def,
|
||||||
const char *path);
|
const char *path);
|
||||||
|
typedef int (*virSecurityDomainRestorePathLabel) (virSecurityManagerPtr mgr,
|
||||||
|
virDomainDefPtr def,
|
||||||
|
const char *path);
|
||||||
typedef int (*virSecurityDomainSetChardevLabel) (virSecurityManagerPtr mgr,
|
typedef int (*virSecurityDomainSetChardevLabel) (virSecurityManagerPtr mgr,
|
||||||
virDomainDefPtr def,
|
virDomainDefPtr def,
|
||||||
virDomainChrSourceDefPtr dev_source,
|
virDomainChrSourceDefPtr dev_source,
|
||||||
@ -200,8 +200,6 @@ struct _virSecurityDriver {
|
|||||||
virSecurityDomainSetHostdevLabel domainSetSecurityHostdevLabel;
|
virSecurityDomainSetHostdevLabel domainSetSecurityHostdevLabel;
|
||||||
virSecurityDomainRestoreHostdevLabel domainRestoreSecurityHostdevLabel;
|
virSecurityDomainRestoreHostdevLabel domainRestoreSecurityHostdevLabel;
|
||||||
|
|
||||||
virSecurityDomainRestoreSavedStateLabel domainRestoreSavedStateLabel;
|
|
||||||
|
|
||||||
virSecurityDomainSetImageFDLabel domainSetSecurityImageFDLabel;
|
virSecurityDomainSetImageFDLabel domainSetSecurityImageFDLabel;
|
||||||
virSecurityDomainSetTapFDLabel domainSetSecurityTapFDLabel;
|
virSecurityDomainSetTapFDLabel domainSetSecurityTapFDLabel;
|
||||||
|
|
||||||
@ -211,6 +209,7 @@ struct _virSecurityDriver {
|
|||||||
|
|
||||||
virSecurityDomainSetPathLabel domainSetPathLabel;
|
virSecurityDomainSetPathLabel domainSetPathLabel;
|
||||||
virSecurityDomainSetPathLabelRO domainSetPathLabelRO;
|
virSecurityDomainSetPathLabelRO domainSetPathLabelRO;
|
||||||
|
virSecurityDomainRestorePathLabel domainRestorePathLabel;
|
||||||
|
|
||||||
virSecurityDomainSetChardevLabel domainSetSecurityChardevLabel;
|
virSecurityDomainSetChardevLabel domainSetSecurityChardevLabel;
|
||||||
virSecurityDomainRestoreChardevLabel domainRestoreSecurityChardevLabel;
|
virSecurityDomainRestoreChardevLabel domainRestoreSecurityChardevLabel;
|
||||||
|
|||||||
@ -596,24 +596,6 @@ virSecurityManagerSetHostdevLabel(virSecurityManagerPtr mgr,
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
int
|
|
||||||
virSecurityManagerRestoreSavedStateLabel(virSecurityManagerPtr mgr,
|
|
||||||
virDomainDefPtr vm,
|
|
||||||
const char *savefile)
|
|
||||||
{
|
|
||||||
if (mgr->drv->domainRestoreSavedStateLabel) {
|
|
||||||
int ret;
|
|
||||||
virObjectLock(mgr);
|
|
||||||
ret = mgr->drv->domainRestoreSavedStateLabel(mgr, vm, savefile);
|
|
||||||
virObjectUnlock(mgr);
|
|
||||||
return ret;
|
|
||||||
}
|
|
||||||
|
|
||||||
virReportUnsupportedError();
|
|
||||||
return -1;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
int
|
int
|
||||||
virSecurityManagerGenLabel(virSecurityManagerPtr mgr,
|
virSecurityManagerGenLabel(virSecurityManagerPtr mgr,
|
||||||
virDomainDefPtr vm)
|
virDomainDefPtr vm)
|
||||||
@ -1087,6 +1069,34 @@ virSecurityManagerDomainSetPathLabelRO(virSecurityManagerPtr mgr,
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* virSecurityManagerDomainRestorePathLabel:
|
||||||
|
* @mgr: security manager object
|
||||||
|
* @vm: domain definition object
|
||||||
|
* @path: path to restore labels one
|
||||||
|
*
|
||||||
|
* This function is a counterpart to virSecurityManagerDomainSetPathLabel() and
|
||||||
|
* virSecurityManagerDomainSetPathLabelRO() as it restores any labels set by them.
|
||||||
|
*
|
||||||
|
* Returns: 0 on success, -1 on error.
|
||||||
|
*/
|
||||||
|
int
|
||||||
|
virSecurityManagerDomainRestorePathLabel(virSecurityManagerPtr mgr,
|
||||||
|
virDomainDefPtr vm,
|
||||||
|
const char *path)
|
||||||
|
{
|
||||||
|
if (mgr->drv->domainRestorePathLabel) {
|
||||||
|
int ret;
|
||||||
|
virObjectLock(mgr);
|
||||||
|
ret = mgr->drv->domainRestorePathLabel(mgr, vm, path);
|
||||||
|
virObjectUnlock(mgr);
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* virSecurityManagerSetMemoryLabel:
|
* virSecurityManagerSetMemoryLabel:
|
||||||
|
|||||||
@ -104,9 +104,6 @@ int virSecurityManagerSetHostdevLabel(virSecurityManagerPtr mgr,
|
|||||||
virDomainDefPtr def,
|
virDomainDefPtr def,
|
||||||
virDomainHostdevDefPtr dev,
|
virDomainHostdevDefPtr dev,
|
||||||
const char *vroot);
|
const char *vroot);
|
||||||
int virSecurityManagerRestoreSavedStateLabel(virSecurityManagerPtr mgr,
|
|
||||||
virDomainDefPtr def,
|
|
||||||
const char *savefile);
|
|
||||||
int virSecurityManagerGenLabel(virSecurityManagerPtr mgr,
|
int virSecurityManagerGenLabel(virSecurityManagerPtr mgr,
|
||||||
virDomainDefPtr sec);
|
virDomainDefPtr sec);
|
||||||
int virSecurityManagerReserveLabel(virSecurityManagerPtr mgr,
|
int virSecurityManagerReserveLabel(virSecurityManagerPtr mgr,
|
||||||
@ -190,6 +187,11 @@ int virSecurityManagerDomainSetPathLabelRO(virSecurityManagerPtr mgr,
|
|||||||
virDomainDefPtr vm,
|
virDomainDefPtr vm,
|
||||||
const char *path);
|
const char *path);
|
||||||
|
|
||||||
|
int virSecurityManagerDomainRestorePathLabel(virSecurityManagerPtr mgr,
|
||||||
|
virDomainDefPtr def,
|
||||||
|
const char *path);
|
||||||
|
|
||||||
|
|
||||||
int virSecurityManagerSetChardevLabel(virSecurityManagerPtr mgr,
|
int virSecurityManagerSetChardevLabel(virSecurityManagerPtr mgr,
|
||||||
virDomainDefPtr def,
|
virDomainDefPtr def,
|
||||||
virDomainChrSourceDefPtr dev_source,
|
virDomainChrSourceDefPtr dev_source,
|
||||||
|
|||||||
@ -94,14 +94,6 @@ virSecurityDomainSetHostdevLabelNop(virSecurityManagerPtr mgr G_GNUC_UNUSED,
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int
|
|
||||||
virSecurityDomainRestoreSavedStateLabelNop(virSecurityManagerPtr mgr G_GNUC_UNUSED,
|
|
||||||
virDomainDefPtr vm G_GNUC_UNUSED,
|
|
||||||
const char *savefile G_GNUC_UNUSED)
|
|
||||||
{
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
static int
|
static int
|
||||||
virSecurityDomainGenLabelNop(virSecurityManagerPtr mgr G_GNUC_UNUSED,
|
virSecurityDomainGenLabelNop(virSecurityManagerPtr mgr G_GNUC_UNUSED,
|
||||||
virDomainDefPtr sec G_GNUC_UNUSED)
|
virDomainDefPtr sec G_GNUC_UNUSED)
|
||||||
@ -308,8 +300,6 @@ virSecurityDriver virSecurityDriverNop = {
|
|||||||
.domainSetSecurityHostdevLabel = virSecurityDomainSetHostdevLabelNop,
|
.domainSetSecurityHostdevLabel = virSecurityDomainSetHostdevLabelNop,
|
||||||
.domainRestoreSecurityHostdevLabel = virSecurityDomainRestoreHostdevLabelNop,
|
.domainRestoreSecurityHostdevLabel = virSecurityDomainRestoreHostdevLabelNop,
|
||||||
|
|
||||||
.domainRestoreSavedStateLabel = virSecurityDomainRestoreSavedStateLabelNop,
|
|
||||||
|
|
||||||
.domainSetSecurityImageFDLabel = virSecurityDomainSetFDLabelNop,
|
.domainSetSecurityImageFDLabel = virSecurityDomainSetFDLabelNop,
|
||||||
.domainSetSecurityTapFDLabel = virSecurityDomainSetFDLabelNop,
|
.domainSetSecurityTapFDLabel = virSecurityDomainSetFDLabelNop,
|
||||||
|
|
||||||
|
|||||||
@ -2858,21 +2858,6 @@ virSecuritySELinuxReleaseLabel(virSecurityManagerPtr mgr,
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static int
|
|
||||||
virSecuritySELinuxRestoreSavedStateLabel(virSecurityManagerPtr mgr,
|
|
||||||
virDomainDefPtr def,
|
|
||||||
const char *savefile)
|
|
||||||
{
|
|
||||||
virSecurityLabelDefPtr secdef;
|
|
||||||
|
|
||||||
secdef = virDomainDefGetSecurityLabelDef(def, SECURITY_SELINUX_NAME);
|
|
||||||
if (!secdef || !secdef->relabel)
|
|
||||||
return 0;
|
|
||||||
|
|
||||||
return virSecuritySELinuxRestoreFileLabel(mgr, savefile, true);
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
static int
|
static int
|
||||||
virSecuritySELinuxVerify(virSecurityManagerPtr mgr G_GNUC_UNUSED,
|
virSecuritySELinuxVerify(virSecurityManagerPtr mgr G_GNUC_UNUSED,
|
||||||
virDomainDefPtr def)
|
virDomainDefPtr def)
|
||||||
@ -3428,6 +3413,21 @@ virSecuritySELinuxDomainSetPathLabelRO(virSecurityManagerPtr mgr,
|
|||||||
return virSecuritySELinuxSetFilecon(mgr, path, data->content_context, false);
|
return virSecuritySELinuxSetFilecon(mgr, path, data->content_context, false);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static int
|
||||||
|
virSecuritySELinuxDomainRestorePathLabel(virSecurityManagerPtr mgr,
|
||||||
|
virDomainDefPtr def,
|
||||||
|
const char *path)
|
||||||
|
{
|
||||||
|
virSecurityLabelDefPtr secdef;
|
||||||
|
|
||||||
|
secdef = virDomainDefGetSecurityLabelDef(def, SECURITY_SELINUX_NAME);
|
||||||
|
if (!secdef || !secdef->relabel)
|
||||||
|
return 0;
|
||||||
|
|
||||||
|
return virSecuritySELinuxRestoreFileLabel(mgr, path, true);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* virSecuritySELinuxSetFileLabels:
|
* virSecuritySELinuxSetFileLabels:
|
||||||
*
|
*
|
||||||
@ -3620,8 +3620,6 @@ virSecurityDriver virSecurityDriverSELinux = {
|
|||||||
.domainSetSecurityHostdevLabel = virSecuritySELinuxSetHostdevLabel,
|
.domainSetSecurityHostdevLabel = virSecuritySELinuxSetHostdevLabel,
|
||||||
.domainRestoreSecurityHostdevLabel = virSecuritySELinuxRestoreHostdevLabel,
|
.domainRestoreSecurityHostdevLabel = virSecuritySELinuxRestoreHostdevLabel,
|
||||||
|
|
||||||
.domainRestoreSavedStateLabel = virSecuritySELinuxRestoreSavedStateLabel,
|
|
||||||
|
|
||||||
.domainSetSecurityImageFDLabel = virSecuritySELinuxSetImageFDLabel,
|
.domainSetSecurityImageFDLabel = virSecuritySELinuxSetImageFDLabel,
|
||||||
.domainSetSecurityTapFDLabel = virSecuritySELinuxSetTapFDLabel,
|
.domainSetSecurityTapFDLabel = virSecuritySELinuxSetTapFDLabel,
|
||||||
|
|
||||||
@ -3630,6 +3628,7 @@ virSecurityDriver virSecurityDriverSELinux = {
|
|||||||
|
|
||||||
.domainSetPathLabel = virSecuritySELinuxDomainSetPathLabel,
|
.domainSetPathLabel = virSecuritySELinuxDomainSetPathLabel,
|
||||||
.domainSetPathLabelRO = virSecuritySELinuxDomainSetPathLabelRO,
|
.domainSetPathLabelRO = virSecuritySELinuxDomainSetPathLabelRO,
|
||||||
|
.domainRestorePathLabel = virSecuritySELinuxDomainRestorePathLabel,
|
||||||
|
|
||||||
.domainSetSecurityChardevLabel = virSecuritySELinuxSetChardevLabel,
|
.domainSetSecurityChardevLabel = virSecuritySELinuxSetChardevLabel,
|
||||||
.domainRestoreSecurityChardevLabel = virSecuritySELinuxRestoreChardevLabel,
|
.domainRestoreSecurityChardevLabel = virSecuritySELinuxRestoreChardevLabel,
|
||||||
|
|||||||
@ -394,24 +394,6 @@ virSecurityStackRestoreAllLabel(virSecurityManagerPtr mgr,
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static int
|
|
||||||
virSecurityStackRestoreSavedStateLabel(virSecurityManagerPtr mgr,
|
|
||||||
virDomainDefPtr vm,
|
|
||||||
const char *savefile)
|
|
||||||
{
|
|
||||||
virSecurityStackDataPtr priv = virSecurityManagerGetPrivateData(mgr);
|
|
||||||
virSecurityStackItemPtr item = priv->itemsHead;
|
|
||||||
int rc = 0;
|
|
||||||
|
|
||||||
for (; item; item = item->next) {
|
|
||||||
if (virSecurityManagerRestoreSavedStateLabel(item->securityManager, vm, savefile) < 0)
|
|
||||||
rc = -1;
|
|
||||||
}
|
|
||||||
|
|
||||||
return rc;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
static int
|
static int
|
||||||
virSecurityStackSetProcessLabel(virSecurityManagerPtr mgr,
|
virSecurityStackSetProcessLabel(virSecurityManagerPtr mgr,
|
||||||
virDomainDefPtr vm)
|
virDomainDefPtr vm)
|
||||||
@ -814,6 +796,25 @@ virSecurityStackDomainSetPathLabelRO(virSecurityManagerPtr mgr,
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
static int
|
||||||
|
virSecurityStackDomainRestorePathLabel(virSecurityManagerPtr mgr,
|
||||||
|
virDomainDefPtr vm,
|
||||||
|
const char *path)
|
||||||
|
{
|
||||||
|
virSecurityStackDataPtr priv = virSecurityManagerGetPrivateData(mgr);
|
||||||
|
virSecurityStackItemPtr item = priv->itemsHead;
|
||||||
|
int rc = 0;
|
||||||
|
|
||||||
|
for (; item; item = item->next) {
|
||||||
|
if (virSecurityManagerDomainRestorePathLabel(item->securityManager,
|
||||||
|
vm, path) < 0)
|
||||||
|
rc = -1;
|
||||||
|
}
|
||||||
|
|
||||||
|
return rc;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
static int
|
static int
|
||||||
virSecurityStackDomainSetChardevLabel(virSecurityManagerPtr mgr,
|
virSecurityStackDomainSetChardevLabel(virSecurityManagerPtr mgr,
|
||||||
virDomainDefPtr def,
|
virDomainDefPtr def,
|
||||||
@ -963,8 +964,6 @@ virSecurityDriver virSecurityDriverStack = {
|
|||||||
.domainSetSecurityHostdevLabel = virSecurityStackSetHostdevLabel,
|
.domainSetSecurityHostdevLabel = virSecurityStackSetHostdevLabel,
|
||||||
.domainRestoreSecurityHostdevLabel = virSecurityStackRestoreHostdevLabel,
|
.domainRestoreSecurityHostdevLabel = virSecurityStackRestoreHostdevLabel,
|
||||||
|
|
||||||
.domainRestoreSavedStateLabel = virSecurityStackRestoreSavedStateLabel,
|
|
||||||
|
|
||||||
.domainSetSecurityImageFDLabel = virSecurityStackSetImageFDLabel,
|
.domainSetSecurityImageFDLabel = virSecurityStackSetImageFDLabel,
|
||||||
.domainSetSecurityTapFDLabel = virSecurityStackSetTapFDLabel,
|
.domainSetSecurityTapFDLabel = virSecurityStackSetTapFDLabel,
|
||||||
|
|
||||||
@ -974,6 +973,7 @@ virSecurityDriver virSecurityDriverStack = {
|
|||||||
|
|
||||||
.domainSetPathLabel = virSecurityStackDomainSetPathLabel,
|
.domainSetPathLabel = virSecurityStackDomainSetPathLabel,
|
||||||
.domainSetPathLabelRO = virSecurityStackDomainSetPathLabelRO,
|
.domainSetPathLabelRO = virSecurityStackDomainSetPathLabelRO,
|
||||||
|
.domainRestorePathLabel = virSecurityStackDomainRestorePathLabel,
|
||||||
|
|
||||||
.domainSetSecurityChardevLabel = virSecurityStackDomainSetChardevLabel,
|
.domainSetSecurityChardevLabel = virSecurityStackDomainSetChardevLabel,
|
||||||
.domainRestoreSecurityChardevLabel = virSecurityStackDomainRestoreChardevLabel,
|
.domainRestoreSecurityChardevLabel = virSecurityStackDomainRestoreChardevLabel,
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user