mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2024-10-30 09:53:10 +00:00
security: apparmor: Push virStorageSource checks to add_file_path
This mirrors the code layout in security_selinux.c. It will also make it easier to share the checks for qcow2 external data_file support eventually Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Cole Robinson <crobinso@redhat.com>
This commit is contained in:
parent
7c0bf48bc9
commit
c7eea3f559
@ -917,6 +917,10 @@ add_file_path(virStorageSourcePtr src,
|
|||||||
{
|
{
|
||||||
int ret;
|
int ret;
|
||||||
|
|
||||||
|
/* execute the callback only for local storage */
|
||||||
|
if (!src->path || !virStorageSourceIsLocalStorage(src))
|
||||||
|
return 0;
|
||||||
|
|
||||||
if (depth == 0) {
|
if (depth == 0) {
|
||||||
if (src->readonly)
|
if (src->readonly)
|
||||||
ret = vah_add_file(buf, src->path, "rk");
|
ret = vah_add_file(buf, src->path, "rk");
|
||||||
@ -941,12 +945,8 @@ disk_add_files(virDomainDiskDefPtr disk,
|
|||||||
virStorageSourcePtr tmp;
|
virStorageSourcePtr tmp;
|
||||||
|
|
||||||
for (tmp = disk->src; virStorageSourceIsBacking(tmp); tmp = tmp->backingStore) {
|
for (tmp = disk->src; virStorageSourceIsBacking(tmp); tmp = tmp->backingStore) {
|
||||||
/* execute the callback only for local storage */
|
if (add_file_path(tmp, depth, buf) < 0)
|
||||||
if (virStorageSourceIsLocalStorage(tmp) &&
|
return -1;
|
||||||
tmp->path) {
|
|
||||||
if (add_file_path(tmp, depth, buf) < 0)
|
|
||||||
return -1;
|
|
||||||
}
|
|
||||||
|
|
||||||
depth++;
|
depth++;
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user