security: remove unneeded labels

Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
This commit is contained in:
Daniel Henrique Barboza 2020-01-06 18:57:44 -03:00 committed by Erik Skultety
parent 5731181fbd
commit ce56408e5f
3 changed files with 41 additions and 52 deletions

View File

@ -1238,7 +1238,7 @@ virSecurityDACSetHostdevLabel(virSecurityManagerPtr mgr,
return 0;
if (!(usb = virUSBDeviceNew(usbsrc->bus, usbsrc->device, vroot)))
goto done;
return -1;
ret = virUSBDeviceFileIterate(usb,
virSecurityDACSetUSBLabel,
@ -1253,14 +1253,14 @@ virSecurityDACSetHostdevLabel(virSecurityManagerPtr mgr,
pcisrc->addr.slot, pcisrc->addr.function);
if (!pci)
goto done;
return -1;
if (pcisrc->backend == VIR_DOMAIN_HOSTDEV_PCI_BACKEND_VFIO) {
char *vfioGroupDev = virPCIDeviceGetIOMMUGroupDev(pci);
if (!vfioGroupDev) {
virPCIDeviceFree(pci);
goto done;
return -1;
}
ret = virSecurityDACSetPCILabel(pci, vfioGroupDev, &cbdata);
VIR_FREE(vfioGroupDev);
@ -1283,7 +1283,7 @@ virSecurityDACSetHostdevLabel(virSecurityManagerPtr mgr,
dev->readonly, dev->shareable);
if (!scsi)
goto done;
return -1;
ret = virSCSIDeviceFileIterate(scsi,
virSecurityDACSetSCSILabel,
@ -1297,7 +1297,7 @@ virSecurityDACSetHostdevLabel(virSecurityManagerPtr mgr,
virSCSIVHostDevicePtr host = virSCSIVHostDeviceNew(hostsrc->wwpn);
if (!host)
goto done;
return -1;
ret = virSCSIVHostDeviceFileIterate(host,
virSecurityDACSetHostLabel,
@ -1310,7 +1310,7 @@ virSecurityDACSetHostdevLabel(virSecurityManagerPtr mgr,
char *vfiodev = NULL;
if (!(vfiodev = virMediatedDeviceGetIOMMUGroupDev(mdevsrc->uuidstr)))
goto done;
return -1;
ret = virSecurityDACSetHostdevLabelHelper(vfiodev, &cbdata);
@ -1323,7 +1323,6 @@ virSecurityDACSetHostdevLabel(virSecurityManagerPtr mgr,
break;
}
done:
return ret;
}
@ -1407,7 +1406,7 @@ virSecurityDACRestoreHostdevLabel(virSecurityManagerPtr mgr,
return 0;
if (!(usb = virUSBDeviceNew(usbsrc->bus, usbsrc->device, vroot)))
goto done;
return -1;
ret = virUSBDeviceFileIterate(usb, virSecurityDACRestoreUSBLabel, mgr);
virUSBDeviceFree(usb);
@ -1421,14 +1420,14 @@ virSecurityDACRestoreHostdevLabel(virSecurityManagerPtr mgr,
pcisrc->addr.slot, pcisrc->addr.function);
if (!pci)
goto done;
return -1;
if (pcisrc->backend == VIR_DOMAIN_HOSTDEV_PCI_BACKEND_VFIO) {
char *vfioGroupDev = virPCIDeviceGetIOMMUGroupDev(pci);
if (!vfioGroupDev) {
virPCIDeviceFree(pci);
goto done;
return -1;
}
ret = virSecurityDACRestorePCILabel(pci, vfioGroupDev, mgr);
VIR_FREE(vfioGroupDev);
@ -1448,7 +1447,7 @@ virSecurityDACRestoreHostdevLabel(virSecurityManagerPtr mgr,
dev->readonly, dev->shareable);
if (!scsi)
goto done;
return -1;
ret = virSCSIDeviceFileIterate(scsi, virSecurityDACRestoreSCSILabel, mgr);
virSCSIDeviceFree(scsi);
@ -1460,7 +1459,7 @@ virSecurityDACRestoreHostdevLabel(virSecurityManagerPtr mgr,
virSCSIVHostDevicePtr host = virSCSIVHostDeviceNew(hostsrc->wwpn);
if (!host)
goto done;
return -1;
ret = virSCSIVHostDeviceFileIterate(host,
virSecurityDACRestoreHostLabel,
@ -1474,7 +1473,7 @@ virSecurityDACRestoreHostdevLabel(virSecurityManagerPtr mgr,
char *vfiodev = NULL;
if (!(vfiodev = virMediatedDeviceGetIOMMUGroupDev(mdevsrc->uuidstr)))
goto done;
return -1;
ret = virSecurityDACRestoreFileLabel(mgr, vfiodev);
VIR_FREE(vfiodev);
@ -1486,7 +1485,6 @@ virSecurityDACRestoreHostdevLabel(virSecurityManagerPtr mgr,
break;
}
done:
return ret;
}

View File

@ -2094,7 +2094,7 @@ virSecuritySELinuxSetHostdevSubsysLabel(virSecurityManagerPtr mgr,
usbsrc->device,
vroot);
if (!usb)
goto done;
return -1;
ret = virUSBDeviceFileIterate(usb, virSecuritySELinuxSetUSBLabel, &data);
virUSBDeviceFree(usb);
@ -2107,14 +2107,14 @@ virSecuritySELinuxSetHostdevSubsysLabel(virSecurityManagerPtr mgr,
pcisrc->addr.slot, pcisrc->addr.function);
if (!pci)
goto done;
return -1;
if (pcisrc->backend == VIR_DOMAIN_HOSTDEV_PCI_BACKEND_VFIO) {
char *vfioGroupDev = virPCIDeviceGetIOMMUGroupDev(pci);
if (!vfioGroupDev) {
virPCIDeviceFree(pci);
goto done;
return -1;
}
ret = virSecuritySELinuxSetPCILabel(pci, vfioGroupDev, &data);
VIR_FREE(vfioGroupDev);
@ -2135,7 +2135,7 @@ virSecuritySELinuxSetHostdevSubsysLabel(virSecurityManagerPtr mgr,
dev->readonly, dev->shareable);
if (!scsi)
goto done;
return -1;
ret = virSCSIDeviceFileIterate(scsi,
virSecuritySELinuxSetSCSILabel,
@ -2149,7 +2149,7 @@ virSecuritySELinuxSetHostdevSubsysLabel(virSecurityManagerPtr mgr,
virSCSIVHostDevicePtr host = virSCSIVHostDeviceNew(hostsrc->wwpn);
if (!host)
goto done;
return -1;
ret = virSCSIVHostDeviceFileIterate(host,
virSecuritySELinuxSetHostLabel,
@ -2162,7 +2162,7 @@ virSecuritySELinuxSetHostdevSubsysLabel(virSecurityManagerPtr mgr,
char *vfiodev = NULL;
if (!(vfiodev = virMediatedDeviceGetIOMMUGroupDev(mdevsrc->uuidstr)))
goto done;
return ret;
ret = virSecuritySELinuxSetHostdevLabelHelper(vfiodev, &data);
@ -2175,7 +2175,6 @@ virSecuritySELinuxSetHostdevSubsysLabel(virSecurityManagerPtr mgr,
break;
}
done:
return ret;
}
@ -2332,7 +2331,7 @@ virSecuritySELinuxRestoreHostdevSubsysLabel(virSecurityManagerPtr mgr,
usbsrc->device,
vroot);
if (!usb)
goto done;
return -1;
ret = virUSBDeviceFileIterate(usb, virSecuritySELinuxRestoreUSBLabel, mgr);
virUSBDeviceFree(usb);
@ -2346,14 +2345,14 @@ virSecuritySELinuxRestoreHostdevSubsysLabel(virSecurityManagerPtr mgr,
pcisrc->addr.slot, pcisrc->addr.function);
if (!pci)
goto done;
return -1;
if (pcisrc->backend == VIR_DOMAIN_HOSTDEV_PCI_BACKEND_VFIO) {
char *vfioGroupDev = virPCIDeviceGetIOMMUGroupDev(pci);
if (!vfioGroupDev) {
virPCIDeviceFree(pci);
goto done;
return -1;
}
ret = virSecuritySELinuxRestorePCILabel(pci, vfioGroupDev, mgr);
VIR_FREE(vfioGroupDev);
@ -2373,7 +2372,7 @@ virSecuritySELinuxRestoreHostdevSubsysLabel(virSecurityManagerPtr mgr,
dev->readonly, dev->shareable);
if (!scsi)
goto done;
return -1;
ret = virSCSIDeviceFileIterate(scsi, virSecuritySELinuxRestoreSCSILabel, mgr);
virSCSIDeviceFree(scsi);
@ -2385,7 +2384,7 @@ virSecuritySELinuxRestoreHostdevSubsysLabel(virSecurityManagerPtr mgr,
virSCSIVHostDevicePtr host = virSCSIVHostDeviceNew(hostsrc->wwpn);
if (!host)
goto done;
return -1;
ret = virSCSIVHostDeviceFileIterate(host,
virSecuritySELinuxRestoreHostLabel,
@ -2399,7 +2398,7 @@ virSecuritySELinuxRestoreHostdevSubsysLabel(virSecurityManagerPtr mgr,
char *vfiodev = NULL;
if (!(vfiodev = virMediatedDeviceGetIOMMUGroupDev(mdevsrc->uuidstr)))
goto done;
return -1;
ret = virSecuritySELinuxRestoreFileLabel(mgr, vfiodev, true);
@ -2412,7 +2411,6 @@ virSecuritySELinuxRestoreHostdevSubsysLabel(virSecurityManagerPtr mgr,
break;
}
done:
return ret;
}

View File

@ -546,27 +546,24 @@ verify_xpath_context(xmlXPathContextPtr ctxt)
if (!ctxt) {
vah_warning(_("Invalid context"));
goto error;
return -1;
}
/* check if have <name> */
if (!(tmp = virXPathString("string(./name[1])", ctxt))) {
vah_warning(_("Could not find <name>"));
goto error;
return -1;
}
VIR_FREE(tmp);
/* check if have <uuid> */
if (!(tmp = virXPathString("string(./uuid[1])", ctxt))) {
vah_warning(_("Could not find <uuid>"));
goto error;
return -1;
}
VIR_FREE(tmp);
rc = 0;
error:
return rc;
return 0;
}
/*
@ -636,7 +633,7 @@ virDomainDefParserConfig virAAHelperDomainDefParserConfig = {
static int
get_definition(vahControl * ctl, const char *xmlStr)
{
int rc = -1, ostype, virtType;
int ostype, virtType;
virCapsGuestPtr guest; /* this is freed when caps is freed */
/*
@ -644,22 +641,22 @@ get_definition(vahControl * ctl, const char *xmlStr)
* but need them for virDomainDefParseString().
*/
if (caps_mockup(ctl, xmlStr) != 0)
goto exit;
return -1;
if ((ctl->caps = virCapabilitiesNew(ctl->arch, true, true)) == NULL) {
vah_error(ctl, 0, _("could not allocate memory"));
goto exit;
return -1;
}
if (!(ctl->xmlopt = virDomainXMLOptionNew(&virAAHelperDomainDefParserConfig,
NULL, NULL, NULL, NULL))) {
vah_error(ctl, 0, _("Failed to create XML config object"));
goto exit;
return -1;
}
if ((ostype = virDomainOSTypeFromString(ctl->os)) < 0) {
vah_error(ctl, 0, _("unknown OS type"));
goto exit;
return -1;
}
if ((guest = virCapabilitiesAddGuest(ctl->caps,
@ -670,12 +667,12 @@ get_definition(vahControl * ctl, const char *xmlStr)
0,
NULL)) == NULL) {
vah_error(ctl, 0, _("could not allocate memory"));
goto exit;
return -1;
}
if ((virtType = virDomainVirtTypeFromString(ctl->virtType)) < 0) {
vah_error(ctl, 0, _("unknown virtualization type"));
goto exit;
return -1;
}
if (virCapabilitiesAddGuestDomain(guest,
@ -685,7 +682,7 @@ get_definition(vahControl * ctl, const char *xmlStr)
0,
NULL) == NULL) {
vah_error(ctl, 0, _("could not allocate memory"));
goto exit;
return -1;
}
ctl->def = virDomainDefParseString(xmlStr,
@ -695,23 +692,20 @@ get_definition(vahControl * ctl, const char *xmlStr)
if (ctl->def == NULL) {
vah_error(ctl, 0, _("could not parse XML"));
goto exit;
return -1;
}
if (!ctl->def->name) {
vah_error(ctl, 0, _("could not find name in XML"));
goto exit;
return -1;
}
if (valid_name(ctl->def->name) != 0) {
vah_error(ctl, 0, _("bad name"));
goto exit;
return -1;
}
rc = 0;
exit:
return rc;
return 0;
}
/**
@ -854,11 +848,10 @@ vah_add_file_chardev(virBufferPtr buf,
} else {
/* add the file */
if (vah_add_file(buf, path, perms) != 0)
goto cleanup;
return -1;
rc = 0;
}
cleanup:
return rc;
}