From b9a055a4093724602ac3dd2486a94a7f3ef9b16f Mon Sep 17 00:00:00 2001
From: Cole Robinson <crobinso@redhat.com>
Date: Tue, 8 Oct 2019 12:11:18 -0400
Subject: [PATCH] security: apparmor: Label externalDataStore

Teach virt-aa-helper how to label a qcow2 data_file, tracked internally
as externalDataStore. It should be treated the same as its sibling
disk image

Reviewed-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
Signed-off-by: Cole Robinson <crobinso@redhat.com>
---
 src/security/virt-aa-helper.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c
index c93dddb228..f623ff965f 100644
--- a/src/security/virt-aa-helper.c
+++ b/src/security/virt-aa-helper.c
@@ -918,6 +918,10 @@ storage_source_add_files(virStorageSourcePtr src,
         if (add_file_path(tmp, depth, buf) < 0)
             return -1;
 
+        if (tmp->externalDataStore &&
+            storage_source_add_files(tmp->externalDataStore, buf, depth) < 0)
+            return -1;
+
         depth++;
     }