External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2025-01-09 06:25:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

Skip file-based security checks for network disks

Browse Source 
Network disks are accessed by qemu directly, and have no
associated file on the host, so checking for file ownership etc.
is unnecessary.

Signed-off-by: Josh Durgin <joshd@hq.newdream.net>
This commit is contained in:
Josh Durgin 2010-12-20 18:30:58 -08:00 committed by Eric Blake
parent 2954eb7b35
commit ee3efc41e6
4 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/conf/domain_conf.c
View File

@ -8353,7 +8353,7 @@ int virDomainDiskDefForeachPath(virDomainDiskDefPtr disk,
size_t depth = 0;
char *nextpath = NULL;
if (!disk->src)
if (!disk->src || disk->type == VIR_DOMAIN_DISK_TYPE_NETWORK)
return 0;
if (disk->driverType) {

2
src/qemu/qemu_security_dac.c
View File

@ -144,7 +144,7 @@ qemuSecurityDACRestoreSecurityImageLabelInt(virSecurityDriverPtr drv ATTRIBUTE_U
if (disk->readonly || disk->shared)
return 0;
if (!disk->src)
if (!disk->src || disk->type == VIR_DOMAIN_DISK_TYPE_NETWORK)
return 0;
/* If we have a shared FS & doing migrated, we must not

2
src/security/security_apparmor.c
View File

@ -619,7 +619,7 @@ AppArmorSetSecurityImageLabel(virSecurityDriverPtr drv,
if (secdef->type == VIR_DOMAIN_SECLABEL_STATIC)
return 0;
if (!disk->src)
if (!disk->src || disk->type == VIR_DOMAIN_DISK_TYPE_NETWORK)
return 0;
if (secdef->imagelabel) {

2
src/security/security_selinux.c
View File

@ -436,7 +436,7 @@ SELinuxRestoreSecurityImageLabelInt(virSecurityDriverPtr drv ATTRIBUTE_UNUSED,
if (disk->readonly || disk->shared)
return 0;
if (!disk->src)
if (!disk->src || disk->type == VIR_DOMAIN_DISK_TYPE_NETWORK)
return 0;
/* If we have a shared FS & doing migrated, we must not