mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2024-07-11 12:25:52 +00:00
security: Rename virSecurityManagerSetImageLabel to *Disk*
I'm going to add functions that will deal with individual image files rather than whole disks. Rename the security function to make room for the new one.
This commit is contained in:
parent
7c6dae0418
commit
c8e4220515
@ -911,10 +911,10 @@ virSecurityManagerRestoreSavedStateLabel;
|
||||
virSecurityManagerSetAllLabel;
|
||||
virSecurityManagerSetChildProcessLabel;
|
||||
virSecurityManagerSetDaemonSocketLabel;
|
||||
virSecurityManagerSetDiskLabel;
|
||||
virSecurityManagerSetHostdevLabel;
|
||||
virSecurityManagerSetHugepages;
|
||||
virSecurityManagerSetImageFDLabel;
|
||||
virSecurityManagerSetImageLabel;
|
||||
virSecurityManagerSetProcessLabel;
|
||||
virSecurityManagerSetSavedStateLabel;
|
||||
virSecurityManagerSetSocketLabel;
|
||||
|
@ -1727,7 +1727,7 @@ static int virLXCControllerSetupDisk(virLXCControllerPtr ctrl,
|
||||
/* Labelling normally operates on src, but we need
|
||||
* to actually label the dst here, so hack the config */
|
||||
def->src->path = dst;
|
||||
if (virSecurityManagerSetImageLabel(securityDriver, ctrl->def, def) < 0)
|
||||
if (virSecurityManagerSetDiskLabel(securityDriver, ctrl->def, def) < 0)
|
||||
goto cleanup;
|
||||
|
||||
ret = 0;
|
||||
|
@ -3899,7 +3899,7 @@ lxcDomainAttachDeviceMknodHelper(pid_t pid ATTRIBUTE_UNUSED,
|
||||
virDomainDiskDefPtr def = data->def->data.disk;
|
||||
char *tmpsrc = def->src->path;
|
||||
def->src->path = data->file;
|
||||
if (virSecurityManagerSetImageLabel(data->driver->securityManager,
|
||||
if (virSecurityManagerSetDiskLabel(data->driver->securityManager,
|
||||
data->vm->def, def) < 0) {
|
||||
def->src->path = tmpsrc;
|
||||
goto cleanup;
|
||||
|
@ -12098,7 +12098,7 @@ qemuDomainPrepareDiskChainElement(virQEMUDriverPtr driver,
|
||||
} else if (virDomainLockDiskAttach(driver->lockManager, cfg->uri,
|
||||
vm, disk) < 0 ||
|
||||
qemuSetupDiskCgroup(vm, disk) < 0 ||
|
||||
virSecurityManagerSetImageLabel(driver->securityManager,
|
||||
virSecurityManagerSetDiskLabel(driver->securityManager,
|
||||
vm->def, disk) < 0) {
|
||||
goto cleanup;
|
||||
}
|
||||
@ -14952,7 +14952,7 @@ qemuDomainBlockPivot(virConnectPtr conn,
|
||||
(virDomainLockDiskAttach(driver->lockManager, cfg->uri,
|
||||
vm, disk) < 0 ||
|
||||
qemuSetupDiskCgroup(vm, disk) < 0 ||
|
||||
virSecurityManagerSetImageLabel(driver->securityManager, vm->def,
|
||||
virSecurityManagerSetDiskLabel(driver->securityManager, vm->def,
|
||||
disk) < 0)) {
|
||||
disk->src->path = oldsrc;
|
||||
disk->src->format = oldformat;
|
||||
|
@ -91,7 +91,7 @@ int qemuDomainChangeEjectableMedia(virQEMUDriverPtr driver,
|
||||
vm, disk) < 0)
|
||||
goto cleanup;
|
||||
|
||||
if (virSecurityManagerSetImageLabel(driver->securityManager,
|
||||
if (virSecurityManagerSetDiskLabel(driver->securityManager,
|
||||
vm->def, disk) < 0) {
|
||||
if (virDomainLockDiskDetach(driver->lockManager, vm, disk) < 0)
|
||||
VIR_WARN("Unable to release lock on %s",
|
||||
@ -270,7 +270,7 @@ qemuDomainAttachVirtioDiskDevice(virConnectPtr conn,
|
||||
vm, disk) < 0)
|
||||
goto cleanup;
|
||||
|
||||
if (virSecurityManagerSetImageLabel(driver->securityManager,
|
||||
if (virSecurityManagerSetDiskLabel(driver->securityManager,
|
||||
vm->def, disk) < 0) {
|
||||
if (virDomainLockDiskDetach(driver->lockManager, vm, disk) < 0)
|
||||
VIR_WARN("Unable to release lock on %s", src);
|
||||
@ -509,7 +509,7 @@ qemuDomainAttachSCSIDisk(virConnectPtr conn,
|
||||
vm, disk) < 0)
|
||||
goto cleanup;
|
||||
|
||||
if (virSecurityManagerSetImageLabel(driver->securityManager,
|
||||
if (virSecurityManagerSetDiskLabel(driver->securityManager,
|
||||
vm->def, disk) < 0) {
|
||||
if (virDomainLockDiskDetach(driver->lockManager, vm, disk) < 0)
|
||||
VIR_WARN("Unable to release lock on %s", src);
|
||||
@ -634,7 +634,7 @@ qemuDomainAttachUSBMassstorageDevice(virConnectPtr conn,
|
||||
vm, disk) < 0)
|
||||
goto cleanup;
|
||||
|
||||
if (virSecurityManagerSetImageLabel(driver->securityManager,
|
||||
if (virSecurityManagerSetDiskLabel(driver->securityManager,
|
||||
vm->def, disk) < 0) {
|
||||
if (virDomainLockDiskDetach(driver->lockManager, vm, disk) < 0)
|
||||
VIR_WARN("Unable to release lock on %s", src);
|
||||
|
@ -696,7 +696,7 @@ AppArmorRestoreSecurityImageLabel(virSecurityManagerPtr mgr,
|
||||
|
||||
/* Called when hotplugging */
|
||||
static int
|
||||
AppArmorSetSecurityImageLabel(virSecurityManagerPtr mgr,
|
||||
AppArmorSetSecurityDiskLabel(virSecurityManagerPtr mgr,
|
||||
virDomainDefPtr def, virDomainDiskDefPtr disk)
|
||||
{
|
||||
int rc = -1;
|
||||
@ -972,7 +972,7 @@ virSecurityDriver virAppArmorSecurityDriver = {
|
||||
|
||||
.domainSecurityVerify = AppArmorSecurityVerify,
|
||||
|
||||
.domainSetSecurityImageLabel = AppArmorSetSecurityImageLabel,
|
||||
.domainSetSecurityDiskLabel = AppArmorSetSecurityDiskLabel,
|
||||
.domainRestoreSecurityImageLabel = AppArmorRestoreSecurityImageLabel,
|
||||
|
||||
.domainSetSecurityDaemonSocketLabel = AppArmorSetSecurityDaemonSocketLabel,
|
||||
|
@ -321,7 +321,7 @@ virSecurityDACSetSecurityFileLabel(virDomainDiskDefPtr disk,
|
||||
|
||||
|
||||
static int
|
||||
virSecurityDACSetSecurityImageLabel(virSecurityManagerPtr mgr,
|
||||
virSecurityDACSetSecurityDiskLabel(virSecurityManagerPtr mgr,
|
||||
virDomainDefPtr def,
|
||||
virDomainDiskDefPtr disk)
|
||||
|
||||
@ -967,7 +967,7 @@ virSecurityDACSetSecurityAllLabel(virSecurityManagerPtr mgr,
|
||||
/* XXX fixme - we need to recursively label the entire tree :-( */
|
||||
if (virDomainDiskGetType(def->disks[i]) == VIR_STORAGE_TYPE_DIR)
|
||||
continue;
|
||||
if (virSecurityDACSetSecurityImageLabel(mgr,
|
||||
if (virSecurityDACSetSecurityDiskLabel(mgr,
|
||||
def,
|
||||
def->disks[i]) < 0)
|
||||
return -1;
|
||||
@ -1273,7 +1273,7 @@ virSecurityDriver virSecurityDriverDAC = {
|
||||
|
||||
.domainSecurityVerify = virSecurityDACVerify,
|
||||
|
||||
.domainSetSecurityImageLabel = virSecurityDACSetSecurityImageLabel,
|
||||
.domainSetSecurityDiskLabel = virSecurityDACSetSecurityDiskLabel,
|
||||
.domainRestoreSecurityImageLabel = virSecurityDACRestoreSecurityImageLabel,
|
||||
|
||||
.domainSetSecurityDaemonSocketLabel = virSecurityDACSetDaemonSocketLabel,
|
||||
|
@ -60,7 +60,7 @@ typedef int (*virSecurityDomainSetSocketLabel) (virSecurityManagerPtr mgr,
|
||||
virDomainDefPtr def);
|
||||
typedef int (*virSecurityDomainClearSocketLabel)(virSecurityManagerPtr mgr,
|
||||
virDomainDefPtr def);
|
||||
typedef int (*virSecurityDomainSetImageLabel) (virSecurityManagerPtr mgr,
|
||||
typedef int (*virSecurityDomainSetDiskLabel) (virSecurityManagerPtr mgr,
|
||||
virDomainDefPtr def,
|
||||
virDomainDiskDefPtr disk);
|
||||
typedef int (*virSecurityDomainRestoreHostdevLabel) (virSecurityManagerPtr mgr,
|
||||
@ -127,7 +127,7 @@ struct _virSecurityDriver {
|
||||
|
||||
virSecurityDomainSecurityVerify domainSecurityVerify;
|
||||
|
||||
virSecurityDomainSetImageLabel domainSetSecurityImageLabel;
|
||||
virSecurityDomainSetDiskLabel domainSetSecurityDiskLabel;
|
||||
virSecurityDomainRestoreImageLabel domainRestoreSecurityImageLabel;
|
||||
|
||||
virSecurityDomainSetDaemonSocketLabel domainSetSecurityDaemonSocketLabel;
|
||||
|
@ -367,14 +367,14 @@ int virSecurityManagerClearSocketLabel(virSecurityManagerPtr mgr,
|
||||
return -1;
|
||||
}
|
||||
|
||||
int virSecurityManagerSetImageLabel(virSecurityManagerPtr mgr,
|
||||
int virSecurityManagerSetDiskLabel(virSecurityManagerPtr mgr,
|
||||
virDomainDefPtr vm,
|
||||
virDomainDiskDefPtr disk)
|
||||
{
|
||||
if (mgr->drv->domainSetSecurityImageLabel) {
|
||||
if (mgr->drv->domainSetSecurityDiskLabel) {
|
||||
int ret;
|
||||
virObjectLock(mgr);
|
||||
ret = mgr->drv->domainSetSecurityImageLabel(mgr, vm, disk);
|
||||
ret = mgr->drv->domainSetSecurityDiskLabel(mgr, vm, disk);
|
||||
virObjectUnlock(mgr);
|
||||
return ret;
|
||||
}
|
||||
|
@ -70,7 +70,7 @@ int virSecurityManagerSetSocketLabel(virSecurityManagerPtr mgr,
|
||||
virDomainDefPtr def);
|
||||
int virSecurityManagerClearSocketLabel(virSecurityManagerPtr mgr,
|
||||
virDomainDefPtr def);
|
||||
int virSecurityManagerSetImageLabel(virSecurityManagerPtr mgr,
|
||||
int virSecurityManagerSetDiskLabel(virSecurityManagerPtr mgr,
|
||||
virDomainDefPtr def,
|
||||
virDomainDiskDefPtr disk);
|
||||
int virSecurityManagerRestoreHostdevLabel(virSecurityManagerPtr mgr,
|
||||
|
@ -75,7 +75,7 @@ static int virSecurityDomainClearSocketLabelNop(virSecurityManagerPtr mgr ATTRIB
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int virSecurityDomainSetImageLabelNop(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
|
||||
static int virSecurityDomainSetDiskLabelNop(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
|
||||
virDomainDefPtr vm ATTRIBUTE_UNUSED,
|
||||
virDomainDiskDefPtr disk ATTRIBUTE_UNUSED)
|
||||
{
|
||||
@ -206,7 +206,7 @@ virSecurityDriver virSecurityDriverNop = {
|
||||
|
||||
.domainSecurityVerify = virSecurityDomainVerifyNop,
|
||||
|
||||
.domainSetSecurityImageLabel = virSecurityDomainSetImageLabelNop,
|
||||
.domainSetSecurityDiskLabel = virSecurityDomainSetDiskLabelNop,
|
||||
.domainRestoreSecurityImageLabel = virSecurityDomainRestoreImageLabelNop,
|
||||
|
||||
.domainSetSecurityDaemonSocketLabel = virSecurityDomainSetDaemonSocketLabelNop,
|
||||
|
@ -1243,7 +1243,7 @@ virSecuritySELinuxSetSecurityFileLabel(virDomainDiskDefPtr disk,
|
||||
}
|
||||
|
||||
static int
|
||||
virSecuritySELinuxSetSecurityImageLabel(virSecurityManagerPtr mgr,
|
||||
virSecuritySELinuxSetSecurityDiskLabel(virSecurityManagerPtr mgr,
|
||||
virDomainDefPtr def,
|
||||
virDomainDiskDefPtr disk)
|
||||
|
||||
@ -2240,7 +2240,7 @@ virSecuritySELinuxSetSecurityAllLabel(virSecurityManagerPtr mgr,
|
||||
def->disks[i]->dst);
|
||||
continue;
|
||||
}
|
||||
if (virSecuritySELinuxSetSecurityImageLabel(mgr,
|
||||
if (virSecuritySELinuxSetSecurityDiskLabel(mgr,
|
||||
def, def->disks[i]) < 0)
|
||||
return -1;
|
||||
}
|
||||
@ -2426,7 +2426,7 @@ virSecurityDriver virSecurityDriverSELinux = {
|
||||
|
||||
.domainSecurityVerify = virSecuritySELinuxSecurityVerify,
|
||||
|
||||
.domainSetSecurityImageLabel = virSecuritySELinuxSetSecurityImageLabel,
|
||||
.domainSetSecurityDiskLabel = virSecuritySELinuxSetSecurityDiskLabel,
|
||||
.domainRestoreSecurityImageLabel = virSecuritySELinuxRestoreSecurityImageLabel,
|
||||
|
||||
.domainSetSecurityDaemonSocketLabel = virSecuritySELinuxSetSecurityDaemonSocketLabel,
|
||||
|
@ -222,7 +222,7 @@ virSecurityStackReserveLabel(virSecurityManagerPtr mgr,
|
||||
|
||||
|
||||
static int
|
||||
virSecurityStackSetSecurityImageLabel(virSecurityManagerPtr mgr,
|
||||
virSecurityStackSetSecurityDiskLabel(virSecurityManagerPtr mgr,
|
||||
virDomainDefPtr vm,
|
||||
virDomainDiskDefPtr disk)
|
||||
{
|
||||
@ -231,7 +231,7 @@ virSecurityStackSetSecurityImageLabel(virSecurityManagerPtr mgr,
|
||||
int rc = 0;
|
||||
|
||||
for (; item; item = item->next) {
|
||||
if (virSecurityManagerSetImageLabel(item->securityManager, vm, disk) < 0)
|
||||
if (virSecurityManagerSetDiskLabel(item->securityManager, vm, disk) < 0)
|
||||
rc = -1;
|
||||
}
|
||||
|
||||
@ -578,7 +578,7 @@ virSecurityDriver virSecurityDriverStack = {
|
||||
|
||||
.domainSecurityVerify = virSecurityStackVerify,
|
||||
|
||||
.domainSetSecurityImageLabel = virSecurityStackSetSecurityImageLabel,
|
||||
.domainSetSecurityDiskLabel = virSecurityStackSetSecurityDiskLabel,
|
||||
.domainRestoreSecurityImageLabel = virSecurityStackRestoreSecurityImageLabel,
|
||||
|
||||
.domainSetSecurityDaemonSocketLabel = virSecurityStackSetDaemonSocketLabel,
|
||||
|
Loading…
Reference in New Issue
Block a user