mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2025-02-20 02:21:26 +00:00
security: Rename virSecurityManagerSetImageLabel to *Disk*
I'm going to add functions that will deal with individual image files rather than whole disks. Rename the security function to make room for the new one.
This commit is contained in:
parent
7c6dae0418
commit
c8e4220515
@ -911,10 +911,10 @@ virSecurityManagerRestoreSavedStateLabel;
|
||||
virSecurityManagerSetAllLabel;
|
||||
virSecurityManagerSetChildProcessLabel;
|
||||
virSecurityManagerSetDaemonSocketLabel;
|
||||
virSecurityManagerSetDiskLabel;
|
||||
virSecurityManagerSetHostdevLabel;
|
||||
virSecurityManagerSetHugepages;
|
||||
virSecurityManagerSetImageFDLabel;
|
||||
virSecurityManagerSetImageLabel;
|
||||
virSecurityManagerSetProcessLabel;
|
||||
virSecurityManagerSetSavedStateLabel;
|
||||
virSecurityManagerSetSocketLabel;
|
||||
|
@ -1727,7 +1727,7 @@ static int virLXCControllerSetupDisk(virLXCControllerPtr ctrl,
|
||||
/* Labelling normally operates on src, but we need
|
||||
* to actually label the dst here, so hack the config */
|
||||
def->src->path = dst;
|
||||
if (virSecurityManagerSetImageLabel(securityDriver, ctrl->def, def) < 0)
|
||||
if (virSecurityManagerSetDiskLabel(securityDriver, ctrl->def, def) < 0)
|
||||
goto cleanup;
|
||||
|
||||
ret = 0;
|
||||
|
@ -3899,8 +3899,8 @@ lxcDomainAttachDeviceMknodHelper(pid_t pid ATTRIBUTE_UNUSED,
|
||||
virDomainDiskDefPtr def = data->def->data.disk;
|
||||
char *tmpsrc = def->src->path;
|
||||
def->src->path = data->file;
|
||||
if (virSecurityManagerSetImageLabel(data->driver->securityManager,
|
||||
data->vm->def, def) < 0) {
|
||||
if (virSecurityManagerSetDiskLabel(data->driver->securityManager,
|
||||
data->vm->def, def) < 0) {
|
||||
def->src->path = tmpsrc;
|
||||
goto cleanup;
|
||||
}
|
||||
|
@ -12098,8 +12098,8 @@ qemuDomainPrepareDiskChainElement(virQEMUDriverPtr driver,
|
||||
} else if (virDomainLockDiskAttach(driver->lockManager, cfg->uri,
|
||||
vm, disk) < 0 ||
|
||||
qemuSetupDiskCgroup(vm, disk) < 0 ||
|
||||
virSecurityManagerSetImageLabel(driver->securityManager,
|
||||
vm->def, disk) < 0) {
|
||||
virSecurityManagerSetDiskLabel(driver->securityManager,
|
||||
vm->def, disk) < 0) {
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
@ -14952,8 +14952,8 @@ qemuDomainBlockPivot(virConnectPtr conn,
|
||||
(virDomainLockDiskAttach(driver->lockManager, cfg->uri,
|
||||
vm, disk) < 0 ||
|
||||
qemuSetupDiskCgroup(vm, disk) < 0 ||
|
||||
virSecurityManagerSetImageLabel(driver->securityManager, vm->def,
|
||||
disk) < 0)) {
|
||||
virSecurityManagerSetDiskLabel(driver->securityManager, vm->def,
|
||||
disk) < 0)) {
|
||||
disk->src->path = oldsrc;
|
||||
disk->src->format = oldformat;
|
||||
disk->src->backingStore = oldchain;
|
||||
|
@ -91,8 +91,8 @@ int qemuDomainChangeEjectableMedia(virQEMUDriverPtr driver,
|
||||
vm, disk) < 0)
|
||||
goto cleanup;
|
||||
|
||||
if (virSecurityManagerSetImageLabel(driver->securityManager,
|
||||
vm->def, disk) < 0) {
|
||||
if (virSecurityManagerSetDiskLabel(driver->securityManager,
|
||||
vm->def, disk) < 0) {
|
||||
if (virDomainLockDiskDetach(driver->lockManager, vm, disk) < 0)
|
||||
VIR_WARN("Unable to release lock on %s",
|
||||
virDomainDiskGetSource(disk));
|
||||
@ -270,8 +270,8 @@ qemuDomainAttachVirtioDiskDevice(virConnectPtr conn,
|
||||
vm, disk) < 0)
|
||||
goto cleanup;
|
||||
|
||||
if (virSecurityManagerSetImageLabel(driver->securityManager,
|
||||
vm->def, disk) < 0) {
|
||||
if (virSecurityManagerSetDiskLabel(driver->securityManager,
|
||||
vm->def, disk) < 0) {
|
||||
if (virDomainLockDiskDetach(driver->lockManager, vm, disk) < 0)
|
||||
VIR_WARN("Unable to release lock on %s", src);
|
||||
goto cleanup;
|
||||
@ -509,8 +509,8 @@ qemuDomainAttachSCSIDisk(virConnectPtr conn,
|
||||
vm, disk) < 0)
|
||||
goto cleanup;
|
||||
|
||||
if (virSecurityManagerSetImageLabel(driver->securityManager,
|
||||
vm->def, disk) < 0) {
|
||||
if (virSecurityManagerSetDiskLabel(driver->securityManager,
|
||||
vm->def, disk) < 0) {
|
||||
if (virDomainLockDiskDetach(driver->lockManager, vm, disk) < 0)
|
||||
VIR_WARN("Unable to release lock on %s", src);
|
||||
goto cleanup;
|
||||
@ -634,8 +634,8 @@ qemuDomainAttachUSBMassstorageDevice(virConnectPtr conn,
|
||||
vm, disk) < 0)
|
||||
goto cleanup;
|
||||
|
||||
if (virSecurityManagerSetImageLabel(driver->securityManager,
|
||||
vm->def, disk) < 0) {
|
||||
if (virSecurityManagerSetDiskLabel(driver->securityManager,
|
||||
vm->def, disk) < 0) {
|
||||
if (virDomainLockDiskDetach(driver->lockManager, vm, disk) < 0)
|
||||
VIR_WARN("Unable to release lock on %s", src);
|
||||
goto cleanup;
|
||||
|
@ -696,8 +696,8 @@ AppArmorRestoreSecurityImageLabel(virSecurityManagerPtr mgr,
|
||||
|
||||
/* Called when hotplugging */
|
||||
static int
|
||||
AppArmorSetSecurityImageLabel(virSecurityManagerPtr mgr,
|
||||
virDomainDefPtr def, virDomainDiskDefPtr disk)
|
||||
AppArmorSetSecurityDiskLabel(virSecurityManagerPtr mgr,
|
||||
virDomainDefPtr def, virDomainDiskDefPtr disk)
|
||||
{
|
||||
int rc = -1;
|
||||
char *profile_name = NULL;
|
||||
@ -972,7 +972,7 @@ virSecurityDriver virAppArmorSecurityDriver = {
|
||||
|
||||
.domainSecurityVerify = AppArmorSecurityVerify,
|
||||
|
||||
.domainSetSecurityImageLabel = AppArmorSetSecurityImageLabel,
|
||||
.domainSetSecurityDiskLabel = AppArmorSetSecurityDiskLabel,
|
||||
.domainRestoreSecurityImageLabel = AppArmorRestoreSecurityImageLabel,
|
||||
|
||||
.domainSetSecurityDaemonSocketLabel = AppArmorSetSecurityDaemonSocketLabel,
|
||||
|
@ -321,9 +321,9 @@ virSecurityDACSetSecurityFileLabel(virDomainDiskDefPtr disk,
|
||||
|
||||
|
||||
static int
|
||||
virSecurityDACSetSecurityImageLabel(virSecurityManagerPtr mgr,
|
||||
virDomainDefPtr def,
|
||||
virDomainDiskDefPtr disk)
|
||||
virSecurityDACSetSecurityDiskLabel(virSecurityManagerPtr mgr,
|
||||
virDomainDefPtr def,
|
||||
virDomainDiskDefPtr disk)
|
||||
|
||||
{
|
||||
virSecurityDACDataPtr priv = virSecurityManagerGetPrivateData(mgr);
|
||||
@ -967,9 +967,9 @@ virSecurityDACSetSecurityAllLabel(virSecurityManagerPtr mgr,
|
||||
/* XXX fixme - we need to recursively label the entire tree :-( */
|
||||
if (virDomainDiskGetType(def->disks[i]) == VIR_STORAGE_TYPE_DIR)
|
||||
continue;
|
||||
if (virSecurityDACSetSecurityImageLabel(mgr,
|
||||
def,
|
||||
def->disks[i]) < 0)
|
||||
if (virSecurityDACSetSecurityDiskLabel(mgr,
|
||||
def,
|
||||
def->disks[i]) < 0)
|
||||
return -1;
|
||||
}
|
||||
for (i = 0; i < def->nhostdevs; i++) {
|
||||
@ -1273,7 +1273,7 @@ virSecurityDriver virSecurityDriverDAC = {
|
||||
|
||||
.domainSecurityVerify = virSecurityDACVerify,
|
||||
|
||||
.domainSetSecurityImageLabel = virSecurityDACSetSecurityImageLabel,
|
||||
.domainSetSecurityDiskLabel = virSecurityDACSetSecurityDiskLabel,
|
||||
.domainRestoreSecurityImageLabel = virSecurityDACRestoreSecurityImageLabel,
|
||||
|
||||
.domainSetSecurityDaemonSocketLabel = virSecurityDACSetDaemonSocketLabel,
|
||||
|
@ -60,9 +60,9 @@ typedef int (*virSecurityDomainSetSocketLabel) (virSecurityManagerPtr mgr,
|
||||
virDomainDefPtr def);
|
||||
typedef int (*virSecurityDomainClearSocketLabel)(virSecurityManagerPtr mgr,
|
||||
virDomainDefPtr def);
|
||||
typedef int (*virSecurityDomainSetImageLabel) (virSecurityManagerPtr mgr,
|
||||
virDomainDefPtr def,
|
||||
virDomainDiskDefPtr disk);
|
||||
typedef int (*virSecurityDomainSetDiskLabel) (virSecurityManagerPtr mgr,
|
||||
virDomainDefPtr def,
|
||||
virDomainDiskDefPtr disk);
|
||||
typedef int (*virSecurityDomainRestoreHostdevLabel) (virSecurityManagerPtr mgr,
|
||||
virDomainDefPtr def,
|
||||
virDomainHostdevDefPtr dev,
|
||||
@ -127,7 +127,7 @@ struct _virSecurityDriver {
|
||||
|
||||
virSecurityDomainSecurityVerify domainSecurityVerify;
|
||||
|
||||
virSecurityDomainSetImageLabel domainSetSecurityImageLabel;
|
||||
virSecurityDomainSetDiskLabel domainSetSecurityDiskLabel;
|
||||
virSecurityDomainRestoreImageLabel domainRestoreSecurityImageLabel;
|
||||
|
||||
virSecurityDomainSetDaemonSocketLabel domainSetSecurityDaemonSocketLabel;
|
||||
|
@ -367,14 +367,14 @@ int virSecurityManagerClearSocketLabel(virSecurityManagerPtr mgr,
|
||||
return -1;
|
||||
}
|
||||
|
||||
int virSecurityManagerSetImageLabel(virSecurityManagerPtr mgr,
|
||||
virDomainDefPtr vm,
|
||||
virDomainDiskDefPtr disk)
|
||||
int virSecurityManagerSetDiskLabel(virSecurityManagerPtr mgr,
|
||||
virDomainDefPtr vm,
|
||||
virDomainDiskDefPtr disk)
|
||||
{
|
||||
if (mgr->drv->domainSetSecurityImageLabel) {
|
||||
if (mgr->drv->domainSetSecurityDiskLabel) {
|
||||
int ret;
|
||||
virObjectLock(mgr);
|
||||
ret = mgr->drv->domainSetSecurityImageLabel(mgr, vm, disk);
|
||||
ret = mgr->drv->domainSetSecurityDiskLabel(mgr, vm, disk);
|
||||
virObjectUnlock(mgr);
|
||||
return ret;
|
||||
}
|
||||
|
@ -70,9 +70,9 @@ int virSecurityManagerSetSocketLabel(virSecurityManagerPtr mgr,
|
||||
virDomainDefPtr def);
|
||||
int virSecurityManagerClearSocketLabel(virSecurityManagerPtr mgr,
|
||||
virDomainDefPtr def);
|
||||
int virSecurityManagerSetImageLabel(virSecurityManagerPtr mgr,
|
||||
virDomainDefPtr def,
|
||||
virDomainDiskDefPtr disk);
|
||||
int virSecurityManagerSetDiskLabel(virSecurityManagerPtr mgr,
|
||||
virDomainDefPtr def,
|
||||
virDomainDiskDefPtr disk);
|
||||
int virSecurityManagerRestoreHostdevLabel(virSecurityManagerPtr mgr,
|
||||
virDomainDefPtr def,
|
||||
virDomainHostdevDefPtr dev,
|
||||
|
@ -75,9 +75,9 @@ static int virSecurityDomainClearSocketLabelNop(virSecurityManagerPtr mgr ATTRIB
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int virSecurityDomainSetImageLabelNop(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
|
||||
virDomainDefPtr vm ATTRIBUTE_UNUSED,
|
||||
virDomainDiskDefPtr disk ATTRIBUTE_UNUSED)
|
||||
static int virSecurityDomainSetDiskLabelNop(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
|
||||
virDomainDefPtr vm ATTRIBUTE_UNUSED,
|
||||
virDomainDiskDefPtr disk ATTRIBUTE_UNUSED)
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
@ -206,7 +206,7 @@ virSecurityDriver virSecurityDriverNop = {
|
||||
|
||||
.domainSecurityVerify = virSecurityDomainVerifyNop,
|
||||
|
||||
.domainSetSecurityImageLabel = virSecurityDomainSetImageLabelNop,
|
||||
.domainSetSecurityDiskLabel = virSecurityDomainSetDiskLabelNop,
|
||||
.domainRestoreSecurityImageLabel = virSecurityDomainRestoreImageLabelNop,
|
||||
|
||||
.domainSetSecurityDaemonSocketLabel = virSecurityDomainSetDaemonSocketLabelNop,
|
||||
|
@ -1243,9 +1243,9 @@ virSecuritySELinuxSetSecurityFileLabel(virDomainDiskDefPtr disk,
|
||||
}
|
||||
|
||||
static int
|
||||
virSecuritySELinuxSetSecurityImageLabel(virSecurityManagerPtr mgr,
|
||||
virDomainDefPtr def,
|
||||
virDomainDiskDefPtr disk)
|
||||
virSecuritySELinuxSetSecurityDiskLabel(virSecurityManagerPtr mgr,
|
||||
virDomainDefPtr def,
|
||||
virDomainDiskDefPtr disk)
|
||||
|
||||
{
|
||||
virSecuritySELinuxCallbackData cbdata;
|
||||
@ -2240,7 +2240,7 @@ virSecuritySELinuxSetSecurityAllLabel(virSecurityManagerPtr mgr,
|
||||
def->disks[i]->dst);
|
||||
continue;
|
||||
}
|
||||
if (virSecuritySELinuxSetSecurityImageLabel(mgr,
|
||||
if (virSecuritySELinuxSetSecurityDiskLabel(mgr,
|
||||
def, def->disks[i]) < 0)
|
||||
return -1;
|
||||
}
|
||||
@ -2426,7 +2426,7 @@ virSecurityDriver virSecurityDriverSELinux = {
|
||||
|
||||
.domainSecurityVerify = virSecuritySELinuxSecurityVerify,
|
||||
|
||||
.domainSetSecurityImageLabel = virSecuritySELinuxSetSecurityImageLabel,
|
||||
.domainSetSecurityDiskLabel = virSecuritySELinuxSetSecurityDiskLabel,
|
||||
.domainRestoreSecurityImageLabel = virSecuritySELinuxRestoreSecurityImageLabel,
|
||||
|
||||
.domainSetSecurityDaemonSocketLabel = virSecuritySELinuxSetSecurityDaemonSocketLabel,
|
||||
|
@ -222,16 +222,16 @@ virSecurityStackReserveLabel(virSecurityManagerPtr mgr,
|
||||
|
||||
|
||||
static int
|
||||
virSecurityStackSetSecurityImageLabel(virSecurityManagerPtr mgr,
|
||||
virDomainDefPtr vm,
|
||||
virDomainDiskDefPtr disk)
|
||||
virSecurityStackSetSecurityDiskLabel(virSecurityManagerPtr mgr,
|
||||
virDomainDefPtr vm,
|
||||
virDomainDiskDefPtr disk)
|
||||
{
|
||||
virSecurityStackDataPtr priv = virSecurityManagerGetPrivateData(mgr);
|
||||
virSecurityStackItemPtr item = priv->itemsHead;
|
||||
int rc = 0;
|
||||
|
||||
for (; item; item = item->next) {
|
||||
if (virSecurityManagerSetImageLabel(item->securityManager, vm, disk) < 0)
|
||||
if (virSecurityManagerSetDiskLabel(item->securityManager, vm, disk) < 0)
|
||||
rc = -1;
|
||||
}
|
||||
|
||||
@ -578,7 +578,7 @@ virSecurityDriver virSecurityDriverStack = {
|
||||
|
||||
.domainSecurityVerify = virSecurityStackVerify,
|
||||
|
||||
.domainSetSecurityImageLabel = virSecurityStackSetSecurityImageLabel,
|
||||
.domainSetSecurityDiskLabel = virSecurityStackSetSecurityDiskLabel,
|
||||
.domainRestoreSecurityImageLabel = virSecurityStackRestoreSecurityImageLabel,
|
||||
|
||||
.domainSetSecurityDaemonSocketLabel = virSecurityStackSetDaemonSocketLabel,
|
||||
|
Loading…
x
Reference in New Issue
Block a user