External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2024-07-17 07:07:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

qemu_security: Introduce qemuSecuritySetTPMLabels()

Browse Source 
Now that we have qemuSecurityRestoreTPMLabels() we might as well
have qemuSecuritySetTPMLabels(). The aim here is to remove
qemuSecurityStartTPMEmulator() which couples two separate things
into a single function call.

Therefore, introduce qemuSecuritySetTPMLabels() which does only
set seclabels on the TPM state.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
This commit is contained in:
Michal Privoznik 2022-12-14 10:27:57 +01:00
parent 51b92836ff
commit bdbb8e7b00
2 changed files with 30 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
src/qemu/qemu_security.c
View File

@ -576,6 +576,32 @@ qemuSecurityStartTPMEmulator(virQEMUDriver *driver,
}
int
qemuSecuritySetTPMLabels(virQEMUDriver *driver,
virDomainObj *vm,
bool setTPMStateLabel)
{
qemuDomainObjPrivate *priv = vm->privateData;
int ret = -1;
if (virSecurityManagerTransactionStart(driver->securityManager) < 0)
goto cleanup;
if (virSecurityManagerSetTPMLabels(driver->securityManager,
vm->def, setTPMStateLabel) < 0)
goto cleanup;
if (virSecurityManagerTransactionCommit(driver->securityManager,
-1, priv->rememberOwner) < 0)
goto cleanup;
ret = 0;
cleanup:
virSecurityManagerTransactionAbort(driver->securityManager);
return ret;
}
int
qemuSecurityRestoreTPMLabels(virQEMUDriver *driver,
virDomainObj *vm,

4
src/qemu/qemu_security.h
View File

@ -94,6 +94,10 @@ int qemuSecurityStartTPMEmulator(virQEMUDriver *driver,
int *exitstatus,
int *cmdret);
int qemuSecuritySetTPMLabels(virQEMUDriver *driver,
virDomainObj *vm,
bool setTPMStateLabel);
int qemuSecurityRestoreTPMLabels(virQEMUDriver *driver,
virDomainObj *vm,
bool restoreTPMStateLabel);