External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2024-07-31 14:07:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

security_selinux: remove extra Security from function names

Browse Source 
Many of the functions follow the pattern:
virSecurity.*Security.*Label

Remove the second 'Security' from the names, it should be obvious
that the virSecurity* functions deal with security labels even
without it.
This commit is contained in:
Ján Tomko 2015-12-09 14:34:34 +01:00
parent be33e96533
commit ba9285b3a3
1 changed files with 183 additions and 192 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

375
src/security/security_selinux.c
View File

@ -81,9 +81,9 @@ struct _virSecuritySELinuxCallbackData {
#define SECURITY_SELINUX_NAME "selinux"
static int
virSecuritySELinuxRestoreSecurityTPMFileLabelInt(virSecurityManagerPtr mgr,
virDomainDefPtr def,
virDomainTPMDefPtr tpm);
virSecuritySELinuxRestoreTPMFileLabelInt(virSecurityManagerPtr mgr,
virDomainDefPtr def,
virDomainTPMDefPtr tpm);
/*
@ -570,8 +570,8 @@ virSecuritySELinuxInitialize(virSecurityManagerPtr mgr)
static int
virSecuritySELinuxGenSecurityLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def)
virSecuritySELinuxGenLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def)
{
int rc = -1;
char *mcs = NULL;
@ -729,9 +729,9 @@ virSecuritySELinuxGenSecurityLabel(virSecurityManagerPtr mgr,
}
static int
virSecuritySELinuxReserveSecurityLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def,
pid_t pid)
virSecuritySELinuxReserveLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def,
pid_t pid)
{
security_context_t pctx;
context_t ctx = NULL;
@ -845,10 +845,10 @@ virSecuritySELinuxSecurityGetDOI(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED)
}
static int
virSecuritySELinuxGetSecurityProcessLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
virDomainDefPtr def ATTRIBUTE_UNUSED,
pid_t pid,
virSecurityLabelPtr sec)
virSecuritySELinuxGetProcessLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
virDomainDefPtr def ATTRIBUTE_UNUSED,
pid_t pid,
virSecurityLabelPtr sec)
{
security_context_t ctx;
@ -1015,8 +1015,8 @@ getContext(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
/* This method shouldn't raise errors, since they'll overwrite
* errors that the caller(s) are already dealing with */
static int
virSecuritySELinuxRestoreSecurityFileLabel(virSecurityManagerPtr mgr,
const char *path)
virSecuritySELinuxRestoreFileLabel(virSecurityManagerPtr mgr,
const char *path)
{
struct stat buf;
security_context_t fcon = NULL;
@ -1098,8 +1098,7 @@ virSecuritySELinuxRestoreInputLabel(virSecurityManagerPtr mgr,
switch ((virDomainInputType) input->type) {
case VIR_DOMAIN_INPUT_TYPE_PASSTHROUGH:
rc = virSecuritySELinuxRestoreSecurityFileLabel(mgr,
input->source.evdev);
rc = virSecuritySELinuxRestoreFileLabel(mgr, input->source.evdev);
break;
case VIR_DOMAIN_INPUT_TYPE_MOUSE:
@ -1114,9 +1113,9 @@ virSecuritySELinuxRestoreInputLabel(virSecurityManagerPtr mgr,
static int
virSecuritySELinuxSetSecurityTPMFileLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def,
virDomainTPMDefPtr tpm)
virSecuritySELinuxSetTPMFileLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def,
virDomainTPMDefPtr tpm)
{
int rc;
virSecurityLabelDefPtr seclabel;
@ -1140,8 +1139,7 @@ virSecuritySELinuxSetSecurityTPMFileLabel(virSecurityManagerPtr mgr,
seclabel->imagelabel);
VIR_FREE(cancel_path);
if (rc < 0) {
virSecuritySELinuxRestoreSecurityTPMFileLabelInt(mgr, def,
tpm);
virSecuritySELinuxRestoreTPMFileLabelInt(mgr, def, tpm);
return -1;
}
} else {
@ -1157,9 +1155,9 @@ virSecuritySELinuxSetSecurityTPMFileLabel(virSecurityManagerPtr mgr,
static int
virSecuritySELinuxRestoreSecurityTPMFileLabelInt(virSecurityManagerPtr mgr,
virDomainDefPtr def,
virDomainTPMDefPtr tpm)
virSecuritySELinuxRestoreTPMFileLabelInt(virSecurityManagerPtr mgr,
virDomainDefPtr def,
virDomainTPMDefPtr tpm)
{
int rc = 0;
virSecurityLabelDefPtr seclabel;
@ -1173,11 +1171,10 @@ virSecuritySELinuxRestoreSecurityTPMFileLabelInt(virSecurityManagerPtr mgr,
switch (tpm->type) {
case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH:
tpmdev = tpm->data.passthrough.source.data.file.path;
rc = virSecuritySELinuxRestoreSecurityFileLabel(mgr, tpmdev);
rc = virSecuritySELinuxRestoreFileLabel(mgr, tpmdev);
if ((cancel_path = virTPMCreateCancelPath(tpmdev)) != NULL) {
if (virSecuritySELinuxRestoreSecurityFileLabel(mgr,
cancel_path) < 0)
if (virSecuritySELinuxRestoreFileLabel(mgr, cancel_path) < 0)
rc = -1;
VIR_FREE(cancel_path);
}
@ -1191,10 +1188,10 @@ virSecuritySELinuxRestoreSecurityTPMFileLabelInt(virSecurityManagerPtr mgr,
static int
virSecuritySELinuxRestoreSecurityImageLabelInt(virSecurityManagerPtr mgr,
virDomainDefPtr def,
virStorageSourcePtr src,
bool migrated)
virSecuritySELinuxRestoreImageLabelInt(virSecurityManagerPtr mgr,
virDomainDefPtr def,
virStorageSourcePtr src,
bool migrated)
{
virSecurityLabelDefPtr seclabel;
virSecurityDeviceLabelDefPtr disk_seclabel;
@ -1242,34 +1239,34 @@ virSecuritySELinuxRestoreSecurityImageLabelInt(virSecurityManagerPtr mgr,
}
}
return virSecuritySELinuxRestoreSecurityFileLabel(mgr, src->path);
return virSecuritySELinuxRestoreFileLabel(mgr, src->path);
}
static int
virSecuritySELinuxRestoreSecurityDiskLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def,
virDomainDiskDefPtr disk)
virSecuritySELinuxRestoreDiskLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def,
virDomainDiskDefPtr disk)
{
return virSecuritySELinuxRestoreSecurityImageLabelInt(mgr, def, disk->src,
false);
return virSecuritySELinuxRestoreImageLabelInt(mgr, def, disk->src,
false);
}
static int
virSecuritySELinuxRestoreSecurityImageLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def,
virStorageSourcePtr src)
virSecuritySELinuxRestoreImageLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def,
virStorageSourcePtr src)
{
return virSecuritySELinuxRestoreSecurityImageLabelInt(mgr, def, src, false);
return virSecuritySELinuxRestoreImageLabelInt(mgr, def, src, false);
}
static int
virSecuritySELinuxSetSecurityImageLabelInternal(virSecurityManagerPtr mgr,
virDomainDefPtr def,
virStorageSourcePtr src,
bool first)
virSecuritySELinuxSetImageLabelInternal(virSecurityManagerPtr mgr,
virDomainDefPtr def,
virStorageSourcePtr src,
bool first)
{
virSecuritySELinuxDataPtr data = virSecurityManagerGetPrivateData(mgr);
virSecurityLabelDefPtr secdef;
@ -1333,26 +1330,25 @@ virSecuritySELinuxSetSecurityImageLabelInternal(virSecurityManagerPtr mgr,
static int
virSecuritySELinuxSetSecurityImageLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def,
virStorageSourcePtr src)
virSecuritySELinuxSetImageLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def,
virStorageSourcePtr src)
{
return virSecuritySELinuxSetSecurityImageLabelInternal(mgr, def, src, true);
return virSecuritySELinuxSetImageLabelInternal(mgr, def, src, true);
}
static int
virSecuritySELinuxSetSecurityDiskLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def,
virDomainDiskDefPtr disk)
virSecuritySELinuxSetDiskLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def,
virDomainDiskDefPtr disk)
{
bool first = true;
virStorageSourcePtr next;
for (next = disk->src; next; next = next->backingStore) {
if (virSecuritySELinuxSetSecurityImageLabelInternal(mgr, def, next,
first) < 0)
if (virSecuritySELinuxSetImageLabelInternal(mgr, def, next, first) < 0)
return -1;
first = false;
@ -1362,7 +1358,7 @@ virSecuritySELinuxSetSecurityDiskLabel(virSecurityManagerPtr mgr,
}
static int
virSecuritySELinuxSetSecurityHostdevLabelHelper(const char *file, void *opaque)
virSecuritySELinuxSetHostdevLabelHelper(const char *file, void *opaque)
{
virSecurityLabelDefPtr secdef;
virSecuritySELinuxCallbackDataPtr data = opaque;
@ -1376,22 +1372,22 @@ virSecuritySELinuxSetSecurityHostdevLabelHelper(const char *file, void *opaque)
}
static int
virSecuritySELinuxSetSecurityPCILabel(virPCIDevicePtr dev ATTRIBUTE_UNUSED,
const char *file, void *opaque)
virSecuritySELinuxSetPCILabel(virPCIDevicePtr dev ATTRIBUTE_UNUSED,
const char *file, void *opaque)
{
return virSecuritySELinuxSetSecurityHostdevLabelHelper(file, opaque);
return virSecuritySELinuxSetHostdevLabelHelper(file, opaque);
}
static int
virSecuritySELinuxSetSecurityUSBLabel(virUSBDevicePtr dev ATTRIBUTE_UNUSED,
const char *file, void *opaque)
virSecuritySELinuxSetUSBLabel(virUSBDevicePtr dev ATTRIBUTE_UNUSED,
const char *file, void *opaque)
{
return virSecuritySELinuxSetSecurityHostdevLabelHelper(file, opaque);
return virSecuritySELinuxSetHostdevLabelHelper(file, opaque);
}
static int
virSecuritySELinuxSetSecuritySCSILabel(virSCSIDevicePtr dev,
const char *file, void *opaque)
virSecuritySELinuxSetSCSILabel(virSCSIDevicePtr dev,
const char *file, void *opaque)
{
virSecurityLabelDefPtr secdef;
virSecuritySELinuxCallbackDataPtr ptr = opaque;
@ -1414,10 +1410,10 @@ virSecuritySELinuxSetSecuritySCSILabel(virSCSIDevicePtr dev,
}
static int
virSecuritySELinuxSetSecurityHostdevSubsysLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def,
virDomainHostdevDefPtr dev,
const char *vroot)
virSecuritySELinuxSetHostdevSubsysLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def,
virDomainHostdevDefPtr dev,
const char *vroot)
{
virDomainHostdevSubsysUSBPtr usbsrc = &dev->source.subsys.u.usb;
@ -1427,7 +1423,7 @@ virSecuritySELinuxSetSecurityHostdevSubsysLabel(virSecurityManagerPtr mgr,
int ret = -1;
/* Like virSecuritySELinuxSetSecurityImageLabelInternal() for a networked
/* Like virSecuritySELinuxSetImageLabelInternal() for a networked
* disk, do nothing for an iSCSI hostdev
*/
if (dev->source.subsys.type == VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_SCSI &&
@ -1447,7 +1443,7 @@ virSecuritySELinuxSetSecurityHostdevSubsysLabel(virSecurityManagerPtr mgr,
if (!usb)
goto done;
ret = virUSBDeviceFileIterate(usb, virSecuritySELinuxSetSecurityUSBLabel, &data);
ret = virUSBDeviceFileIterate(usb, virSecuritySELinuxSetUSBLabel, &data);
virUSBDeviceFree(usb);
break;
}
@ -1467,10 +1463,10 @@ virSecuritySELinuxSetSecurityHostdevSubsysLabel(virSecurityManagerPtr mgr,
virPCIDeviceFree(pci);
goto done;
}
ret = virSecuritySELinuxSetSecurityPCILabel(pci, vfioGroupDev, &data);
ret = virSecuritySELinuxSetPCILabel(pci, vfioGroupDev, &data);
VIR_FREE(vfioGroupDev);
} else {
ret = virPCIDeviceFileIterate(pci, virSecuritySELinuxSetSecurityPCILabel, &data);
ret = virPCIDeviceFileIterate(pci, virSecuritySELinuxSetPCILabel, &data);
}
virPCIDeviceFree(pci);
break;
@ -1489,7 +1485,7 @@ virSecuritySELinuxSetSecurityHostdevSubsysLabel(virSecurityManagerPtr mgr,
goto done;
ret = virSCSIDeviceFileIterate(scsi,
virSecuritySELinuxSetSecuritySCSILabel,
virSecuritySELinuxSetSCSILabel,
&data);
virSCSIDeviceFree(scsi);
@ -1507,10 +1503,10 @@ virSecuritySELinuxSetSecurityHostdevSubsysLabel(virSecurityManagerPtr mgr,
static int
virSecuritySELinuxSetSecurityHostdevCapsLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def,
virDomainHostdevDefPtr dev,
const char *vroot)
virSecuritySELinuxSetHostdevCapsLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def,
virDomainHostdevDefPtr dev,
const char *vroot)
{
int ret = -1;
virSecurityLabelDefPtr secdef;
@ -1559,10 +1555,10 @@ virSecuritySELinuxSetSecurityHostdevCapsLabel(virSecurityManagerPtr mgr,
static int
virSecuritySELinuxSetSecurityHostdevLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def,
virDomainHostdevDefPtr dev,
const char *vroot)
virSecuritySELinuxSetHostdevLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def,
virDomainHostdevDefPtr dev,
const char *vroot)
{
virSecurityLabelDefPtr secdef;
@ -1573,12 +1569,10 @@ virSecuritySELinuxSetSecurityHostdevLabel(virSecurityManagerPtr mgr,
switch (dev->mode) {
case VIR_DOMAIN_HOSTDEV_MODE_SUBSYS:
return virSecuritySELinuxSetSecurityHostdevSubsysLabel(mgr, def,
dev, vroot);
return virSecuritySELinuxSetHostdevSubsysLabel(mgr, def, dev, vroot);
case VIR_DOMAIN_HOSTDEV_MODE_CAPABILITIES:
return virSecuritySELinuxSetSecurityHostdevCapsLabel(mgr, def,
dev, vroot);
return virSecuritySELinuxSetHostdevCapsLabel(mgr, def, dev, vroot);
default:
return 0;
@ -1586,30 +1580,30 @@ virSecuritySELinuxSetSecurityHostdevLabel(virSecurityManagerPtr mgr,
}
static int
virSecuritySELinuxRestoreSecurityPCILabel(virPCIDevicePtr dev ATTRIBUTE_UNUSED,
const char *file,
void *opaque)
virSecuritySELinuxRestorePCILabel(virPCIDevicePtr dev ATTRIBUTE_UNUSED,
const char *file,
void *opaque)
{
virSecurityManagerPtr mgr = opaque;
return virSecuritySELinuxRestoreSecurityFileLabel(mgr, file);
return virSecuritySELinuxRestoreFileLabel(mgr, file);
}
static int
virSecuritySELinuxRestoreSecurityUSBLabel(virUSBDevicePtr dev ATTRIBUTE_UNUSED,
const char *file,
void *opaque)
virSecuritySELinuxRestoreUSBLabel(virUSBDevicePtr dev ATTRIBUTE_UNUSED,
const char *file,
void *opaque)
{
virSecurityManagerPtr mgr = opaque;
return virSecuritySELinuxRestoreSecurityFileLabel(mgr, file);
return virSecuritySELinuxRestoreFileLabel(mgr, file);
}
static int
virSecuritySELinuxRestoreSecuritySCSILabel(virSCSIDevicePtr dev,
const char *file,
void *opaque)
virSecuritySELinuxRestoreSCSILabel(virSCSIDevicePtr dev,
const char *file,
void *opaque)
{
virSecurityManagerPtr mgr = opaque;
@ -1619,13 +1613,13 @@ virSecuritySELinuxRestoreSecuritySCSILabel(virSCSIDevicePtr dev,
if (virSCSIDeviceGetShareable(dev) || virSCSIDeviceGetReadonly(dev))
return 0;
return virSecuritySELinuxRestoreSecurityFileLabel(mgr, file);
return virSecuritySELinuxRestoreFileLabel(mgr, file);
}
static int
virSecuritySELinuxRestoreSecurityHostdevSubsysLabel(virSecurityManagerPtr mgr,
virDomainHostdevDefPtr dev,
const char *vroot)
virSecuritySELinuxRestoreHostdevSubsysLabel(virSecurityManagerPtr mgr,
virDomainHostdevDefPtr dev,
const char *vroot)
{
virDomainHostdevSubsysUSBPtr usbsrc = &dev->source.subsys.u.usb;
@ -1633,7 +1627,7 @@ virSecuritySELinuxRestoreSecurityHostdevSubsysLabel(virSecurityManagerPtr mgr,
virDomainHostdevSubsysSCSIPtr scsisrc = &dev->source.subsys.u.scsi;
int ret = -1;
/* Like virSecuritySELinuxRestoreSecurityImageLabelInt() for a networked
/* Like virSecuritySELinuxRestoreImageLabelInt() for a networked
* disk, do nothing for an iSCSI hostdev
*/
if (dev->source.subsys.type == VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_SCSI &&
@ -1653,7 +1647,7 @@ virSecuritySELinuxRestoreSecurityHostdevSubsysLabel(virSecurityManagerPtr mgr,
if (!usb)
goto done;
ret = virUSBDeviceFileIterate(usb, virSecuritySELinuxRestoreSecurityUSBLabel, mgr);
ret = virUSBDeviceFileIterate(usb, virSecuritySELinuxRestoreUSBLabel, mgr);
virUSBDeviceFree(usb);
break;
@ -1674,10 +1668,10 @@ virSecuritySELinuxRestoreSecurityHostdevSubsysLabel(virSecurityManagerPtr mgr,
virPCIDeviceFree(pci);
goto done;
}
ret = virSecuritySELinuxRestoreSecurityPCILabel(pci, vfioGroupDev, mgr);
ret = virSecuritySELinuxRestorePCILabel(pci, vfioGroupDev, mgr);
VIR_FREE(vfioGroupDev);
} else {
ret = virPCIDeviceFileIterate(pci, virSecuritySELinuxRestoreSecurityPCILabel, mgr);
ret = virPCIDeviceFileIterate(pci, virSecuritySELinuxRestorePCILabel, mgr);
}
virPCIDeviceFree(pci);
break;
@ -1694,7 +1688,7 @@ virSecuritySELinuxRestoreSecurityHostdevSubsysLabel(virSecurityManagerPtr mgr,
if (!scsi)
goto done;
ret = virSCSIDeviceFileIterate(scsi, virSecuritySELinuxRestoreSecuritySCSILabel, mgr);
ret = virSCSIDeviceFileIterate(scsi, virSecuritySELinuxRestoreSCSILabel, mgr);
virSCSIDeviceFree(scsi);
break;
@ -1711,9 +1705,9 @@ virSecuritySELinuxRestoreSecurityHostdevSubsysLabel(virSecurityManagerPtr mgr,
static int
virSecuritySELinuxRestoreSecurityHostdevCapsLabel(virSecurityManagerPtr mgr,
virDomainHostdevDefPtr dev,
const char *vroot)
virSecuritySELinuxRestoreHostdevCapsLabel(virSecurityManagerPtr mgr,
virDomainHostdevDefPtr dev,
const char *vroot)
{
int ret = -1;
char *path;
@ -1728,7 +1722,7 @@ virSecuritySELinuxRestoreSecurityHostdevCapsLabel(virSecurityManagerPtr mgr,
if (VIR_STRDUP(path, dev->source.caps.u.storage.block) < 0)
return -1;
}
ret = virSecuritySELinuxRestoreSecurityFileLabel(mgr, path);
ret = virSecuritySELinuxRestoreFileLabel(mgr, path);
VIR_FREE(path);
break;
}
@ -1742,7 +1736,7 @@ virSecuritySELinuxRestoreSecurityHostdevCapsLabel(virSecurityManagerPtr mgr,
if (VIR_STRDUP(path, dev->source.caps.u.misc.chardev) < 0)
return -1;
}
ret = virSecuritySELinuxRestoreSecurityFileLabel(mgr, path);
ret = virSecuritySELinuxRestoreFileLabel(mgr, path);
VIR_FREE(path);
break;
}
@ -1757,10 +1751,10 @@ virSecuritySELinuxRestoreSecurityHostdevCapsLabel(virSecurityManagerPtr mgr,
static int
virSecuritySELinuxRestoreSecurityHostdevLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def,
virDomainHostdevDefPtr dev,
const char *vroot)
virSecuritySELinuxRestoreHostdevLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def,
virDomainHostdevDefPtr dev,
const char *vroot)
{
virSecurityLabelDefPtr secdef;
@ -1771,10 +1765,10 @@ virSecuritySELinuxRestoreSecurityHostdevLabel(virSecurityManagerPtr mgr,
switch (dev->mode) {
case VIR_DOMAIN_HOSTDEV_MODE_SUBSYS:
return virSecuritySELinuxRestoreSecurityHostdevSubsysLabel(mgr, dev, vroot);
return virSecuritySELinuxRestoreHostdevSubsysLabel(mgr, dev, vroot);
case VIR_DOMAIN_HOSTDEV_MODE_CAPABILITIES:
return virSecuritySELinuxRestoreSecurityHostdevCapsLabel(mgr, dev, vroot);
return virSecuritySELinuxRestoreHostdevCapsLabel(mgr, dev, vroot);
default:
return 0;
@ -1783,10 +1777,10 @@ virSecuritySELinuxRestoreSecurityHostdevLabel(virSecurityManagerPtr mgr,
static int
virSecuritySELinuxSetSecurityChardevLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def,
virDomainChrDefPtr dev,
virDomainChrSourceDefPtr dev_source)
virSecuritySELinuxSetChardevLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def,
virDomainChrDefPtr dev,
virDomainChrSourceDefPtr dev_source)
{
virSecurityLabelDefPtr seclabel;
@ -1858,10 +1852,10 @@ virSecuritySELinuxSetSecurityChardevLabel(virSecurityManagerPtr mgr,
}
static int
virSecuritySELinuxRestoreSecurityChardevLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def,
virDomainChrDefPtr dev,
virDomainChrSourceDefPtr dev_source)
virSecuritySELinuxRestoreChardevLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def,
virDomainChrDefPtr dev,
virDomainChrSourceDefPtr dev_source)
{
virSecurityLabelDefPtr seclabel;
@ -1882,14 +1876,14 @@ virSecuritySELinuxRestoreSecurityChardevLabel(virSecurityManagerPtr mgr,
switch (dev_source->type) {
case VIR_DOMAIN_CHR_TYPE_DEV:
case VIR_DOMAIN_CHR_TYPE_FILE:
if (virSecuritySELinuxRestoreSecurityFileLabel(mgr, dev_source->data.file.path) < 0)
if (virSecuritySELinuxRestoreFileLabel(mgr, dev_source->data.file.path) < 0)
goto done;
ret = 0;
break;
case VIR_DOMAIN_CHR_TYPE_UNIX:
if (!dev_source->data.nix.listen) {
if (virSecuritySELinuxRestoreSecurityFileLabel(mgr, dev_source->data.file.path) < 0)
if (virSecuritySELinuxRestoreFileLabel(mgr, dev_source->data.file.path) < 0)
goto done;
}
ret = 0;
@ -1900,11 +1894,11 @@ virSecuritySELinuxRestoreSecurityChardevLabel(virSecurityManagerPtr mgr,
(virAsprintf(&in, "%s.in", dev_source->data.file.path) < 0))
goto done;
if (virFileExists(in) && virFileExists(out)) {
if ((virSecuritySELinuxRestoreSecurityFileLabel(mgr, out) < 0) ||
(virSecuritySELinuxRestoreSecurityFileLabel(mgr, in) < 0)) {
if ((virSecuritySELinuxRestoreFileLabel(mgr, out) < 0) ||
(virSecuritySELinuxRestoreFileLabel(mgr, in) < 0)) {
goto done;
}
} else if (virSecuritySELinuxRestoreSecurityFileLabel(mgr, dev_source->data.file.path) < 0) {
} else if (virSecuritySELinuxRestoreFileLabel(mgr, dev_source->data.file.path) < 0) {
goto done;
}
ret = 0;
@ -1934,8 +1928,7 @@ virSecuritySELinuxRestoreSecurityChardevCallback(virDomainDefPtr def,
dev->targetType == VIR_DOMAIN_CHR_CONSOLE_TARGET_TYPE_SERIAL)
return 0;
return virSecuritySELinuxRestoreSecurityChardevLabel(mgr, def, dev,
&dev->source);
return virSecuritySELinuxRestoreChardevLabel(mgr, def, dev, &dev->source);
}
@ -1955,10 +1948,10 @@ virSecuritySELinuxRestoreSecuritySmartcardCallback(virDomainDefPtr def,
database = dev->data.cert.database;
if (!database)
database = VIR_DOMAIN_SMARTCARD_DEFAULT_DATABASE;
return virSecuritySELinuxRestoreSecurityFileLabel(mgr, database);
return virSecuritySELinuxRestoreFileLabel(mgr, database);
case VIR_DOMAIN_SMARTCARD_TYPE_PASSTHROUGH:
return virSecuritySELinuxRestoreSecurityChardevLabel(mgr, def, NULL, &dev->data.passthru);
return virSecuritySELinuxRestoreChardevLabel(mgr, def, NULL, &dev->data.passthru);
default:
virReportError(VIR_ERR_INTERNAL_ERROR,
@ -1983,9 +1976,9 @@ virSecuritySELinuxGetBaseLabel(virSecurityManagerPtr mgr, int virtType)
static int
virSecuritySELinuxRestoreSecurityAllLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def,
bool migrated)
virSecuritySELinuxRestoreAllLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def,
bool migrated)
{
virSecurityLabelDefPtr secdef;
virSecuritySELinuxDataPtr data = virSecurityManagerGetPrivateData(mgr);
@ -2000,16 +1993,15 @@ virSecuritySELinuxRestoreSecurityAllLabel(virSecurityManagerPtr mgr,
return 0;
if (def->tpm) {
if (virSecuritySELinuxRestoreSecurityTPMFileLabelInt(mgr, def,
def->tpm) < 0)
if (virSecuritySELinuxRestoreTPMFileLabelInt(mgr, def, def->tpm) < 0)
rc = -1;
}
for (i = 0; i < def->nhostdevs; i++) {
if (virSecuritySELinuxRestoreSecurityHostdevLabel(mgr,
def,
def->hostdevs[i],
NULL) < 0)
if (virSecuritySELinuxRestoreHostdevLabel(mgr,
def,
def->hostdevs[i],
NULL) < 0)
rc = -1;
}
@ -2021,8 +2013,8 @@ virSecuritySELinuxRestoreSecurityAllLabel(virSecurityManagerPtr mgr,
for (i = 0; i < def->ndisks; i++) {
virDomainDiskDefPtr disk = def->disks[i];
if (virSecuritySELinuxRestoreSecurityImageLabelInt(mgr, def, disk->src,
migrated) < 0)
if (virSecuritySELinuxRestoreImageLabelInt(mgr, def, disk->src,
migrated) < 0)
rc = -1;
}
@ -2039,27 +2031,27 @@ virSecuritySELinuxRestoreSecurityAllLabel(virSecurityManagerPtr mgr,
rc = -1;
if (def->os.loader && def->os.loader->nvram &&
virSecuritySELinuxRestoreSecurityFileLabel(mgr, def->os.loader->nvram) < 0)
virSecuritySELinuxRestoreFileLabel(mgr, def->os.loader->nvram) < 0)
rc = -1;
if (def->os.kernel &&
virSecuritySELinuxRestoreSecurityFileLabel(mgr, def->os.kernel) < 0)
virSecuritySELinuxRestoreFileLabel(mgr, def->os.kernel) < 0)
rc = -1;
if (def->os.initrd &&
virSecuritySELinuxRestoreSecurityFileLabel(mgr, def->os.initrd) < 0)
virSecuritySELinuxRestoreFileLabel(mgr, def->os.initrd) < 0)
rc = -1;
if (def->os.dtb &&
virSecuritySELinuxRestoreSecurityFileLabel(mgr, def->os.dtb) < 0)
virSecuritySELinuxRestoreFileLabel(mgr, def->os.dtb) < 0)
rc = -1;
return rc;
}
static int
virSecuritySELinuxReleaseSecurityLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def)
virSecuritySELinuxReleaseLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def)
{
virSecurityLabelDefPtr secdef;
@ -2111,7 +2103,7 @@ virSecuritySELinuxRestoreSavedStateLabel(virSecurityManagerPtr mgr,
if (!secdef || !secdef->relabel)
return 0;
return virSecuritySELinuxRestoreSecurityFileLabel(mgr, savefile);
return virSecuritySELinuxRestoreFileLabel(mgr, savefile);
}
@ -2145,8 +2137,8 @@ virSecuritySELinuxSecurityVerify(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
}
static int
virSecuritySELinuxSetSecurityProcessLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
virDomainDefPtr def)
virSecuritySELinuxSetProcessLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
virDomainDefPtr def)
{
/* TODO: verify DOI */
virSecurityLabelDefPtr secdef;
@ -2178,9 +2170,9 @@ virSecuritySELinuxSetSecurityProcessLabel(virSecurityManagerPtr mgr ATTRIBUTE_UN
}
static int
virSecuritySELinuxSetSecurityChildProcessLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
virDomainDefPtr def,
virCommandPtr cmd)
virSecuritySELinuxSetChildProcessLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
virDomainDefPtr def,
virCommandPtr cmd)
{
/* TODO: verify DOI */
virSecurityLabelDefPtr secdef;
@ -2206,8 +2198,8 @@ virSecuritySELinuxSetSecurityChildProcessLabel(virSecurityManagerPtr mgr ATTRIBU
}
static int
virSecuritySELinuxSetSecurityDaemonSocketLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
virDomainDefPtr def)
virSecuritySELinuxSetDaemonSocketLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
virDomainDefPtr def)
{
/* TODO: verify DOI */
virSecurityLabelDefPtr secdef;
@ -2256,8 +2248,8 @@ virSecuritySELinuxSetSecurityDaemonSocketLabel(virSecurityManagerPtr mgr ATTRIBU
}
static int
virSecuritySELinuxSetSecuritySocketLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
virDomainDefPtr vm)
virSecuritySELinuxSetSocketLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
virDomainDefPtr vm)
{
virSecurityLabelDefPtr secdef;
int rc = -1;
@ -2294,8 +2286,8 @@ virSecuritySELinuxSetSecuritySocketLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNU
}
static int
virSecuritySELinuxClearSecuritySocketLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
virDomainDefPtr def)
virSecuritySELinuxClearSocketLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
virDomainDefPtr def)
{
/* TODO: verify DOI */
virSecurityLabelDefPtr secdef;
@ -2337,7 +2329,7 @@ virSecuritySELinuxSetSecurityChardevCallback(virDomainDefPtr def,
dev->targetType == VIR_DOMAIN_CHR_CONSOLE_TARGET_TYPE_SERIAL)
return 0;
return virSecuritySELinuxSetSecurityChardevLabel(mgr, def, dev, &dev->source);
return virSecuritySELinuxSetChardevLabel(mgr, def, dev, &dev->source);
}
@ -2361,8 +2353,8 @@ virSecuritySELinuxSetSecuritySmartcardCallback(virDomainDefPtr def,
return virSecuritySELinuxSetFilecon(mgr, database, data->content_context);
case VIR_DOMAIN_SMARTCARD_TYPE_PASSTHROUGH:
return virSecuritySELinuxSetSecurityChardevLabel(mgr, def, NULL,
&dev->data.passthru);
return virSecuritySELinuxSetChardevLabel(mgr, def, NULL,
&dev->data.passthru);
default:
virReportError(VIR_ERR_INTERNAL_ERROR,
@ -2376,9 +2368,9 @@ virSecuritySELinuxSetSecuritySmartcardCallback(virDomainDefPtr def,
static int
virSecuritySELinuxSetSecurityAllLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def,
const char *stdin_path)
virSecuritySELinuxSetAllLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def,
const char *stdin_path)
{
size_t i;
virSecuritySELinuxDataPtr data = virSecurityManagerGetPrivateData(mgr);
@ -2397,17 +2389,17 @@ virSecuritySELinuxSetSecurityAllLabel(virSecurityManagerPtr mgr,
def->disks[i]->dst);
continue;
}
if (virSecuritySELinuxSetSecurityDiskLabel(mgr,
def, def->disks[i]) < 0)
if (virSecuritySELinuxSetDiskLabel(mgr,
def, def->disks[i]) < 0)
return -1;
}
/* XXX fixme process def->fss if relabel == true */
for (i = 0; i < def->nhostdevs; i++) {
if (virSecuritySELinuxSetSecurityHostdevLabel(mgr,
def,
def->hostdevs[i],
NULL) < 0)
if (virSecuritySELinuxSetHostdevLabel(mgr,
def,
def->hostdevs[i],
NULL) < 0)
return -1;
}
@ -2417,8 +2409,7 @@ virSecuritySELinuxSetSecurityAllLabel(virSecurityManagerPtr mgr,
}
if (def->tpm) {
if (virSecuritySELinuxSetSecurityTPMFileLabel(mgr, def,
def->tpm) < 0)
if (virSecuritySELinuxSetTPMFileLabel(mgr, def, def->tpm) < 0)
return -1;
}
@ -2632,29 +2623,29 @@ virSecurityDriver virSecurityDriverSELinux = {
.domainSecurityVerify = virSecuritySELinuxSecurityVerify,
.domainSetSecurityDiskLabel = virSecuritySELinuxSetSecurityDiskLabel,
.domainRestoreSecurityDiskLabel = virSecuritySELinuxRestoreSecurityDiskLabel,
.domainSetSecurityDiskLabel = virSecuritySELinuxSetDiskLabel,
.domainRestoreSecurityDiskLabel = virSecuritySELinuxRestoreDiskLabel,
.domainSetSecurityImageLabel = virSecuritySELinuxSetSecurityImageLabel,
.domainRestoreSecurityImageLabel = virSecuritySELinuxRestoreSecurityImageLabel,
.domainSetSecurityImageLabel = virSecuritySELinuxSetImageLabel,
.domainRestoreSecurityImageLabel = virSecuritySELinuxRestoreImageLabel,
.domainSetSecurityDaemonSocketLabel = virSecuritySELinuxSetSecurityDaemonSocketLabel,
.domainSetSecuritySocketLabel = virSecuritySELinuxSetSecuritySocketLabel,
.domainClearSecuritySocketLabel = virSecuritySELinuxClearSecuritySocketLabel,
.domainSetSecurityDaemonSocketLabel = virSecuritySELinuxSetDaemonSocketLabel,
.domainSetSecuritySocketLabel = virSecuritySELinuxSetSocketLabel,
.domainClearSecuritySocketLabel = virSecuritySELinuxClearSocketLabel,
.domainGenSecurityLabel = virSecuritySELinuxGenSecurityLabel,
.domainReserveSecurityLabel = virSecuritySELinuxReserveSecurityLabel,
.domainReleaseSecurityLabel = virSecuritySELinuxReleaseSecurityLabel,
.domainGenSecurityLabel = virSecuritySELinuxGenLabel,
.domainReserveSecurityLabel = virSecuritySELinuxReserveLabel,
.domainReleaseSecurityLabel = virSecuritySELinuxReleaseLabel,
.domainGetSecurityProcessLabel = virSecuritySELinuxGetSecurityProcessLabel,
.domainSetSecurityProcessLabel = virSecuritySELinuxSetSecurityProcessLabel,
.domainSetSecurityChildProcessLabel = virSecuritySELinuxSetSecurityChildProcessLabel,
.domainGetSecurityProcessLabel = virSecuritySELinuxGetProcessLabel,
.domainSetSecurityProcessLabel = virSecuritySELinuxSetProcessLabel,
.domainSetSecurityChildProcessLabel = virSecuritySELinuxSetChildProcessLabel,
.domainSetSecurityAllLabel = virSecuritySELinuxSetSecurityAllLabel,
.domainRestoreSecurityAllLabel = virSecuritySELinuxRestoreSecurityAllLabel,
.domainSetSecurityAllLabel = virSecuritySELinuxSetAllLabel,
.domainRestoreSecurityAllLabel = virSecuritySELinuxRestoreAllLabel,
.domainSetSecurityHostdevLabel = virSecuritySELinuxSetSecurityHostdevLabel,
.domainRestoreSecurityHostdevLabel = virSecuritySELinuxRestoreSecurityHostdevLabel,
.domainSetSecurityHostdevLabel = virSecuritySELinuxSetHostdevLabel,
.domainRestoreSecurityHostdevLabel = virSecuritySELinuxRestoreHostdevLabel,
.domainSetSavedStateLabel = virSecuritySELinuxSetSavedStateLabel,
.domainRestoreSavedStateLabel = virSecuritySELinuxRestoreSavedStateLabel,