libvirt

External/libvirt

Fork 0

mirror of https://gitlab.com/libvirt/libvirt.git synced 2024-08-27 19:11:16 +00:00

Commit Graph

Author	SHA1	Message	Date
Michal Privoznik	a36318be9d	conf: Reject invalid device's <seclabel relabel='yes'/> with no <label/> We allow (some) domain devices to have a different <seclabel/> than the top level domain one (this is mostly to allow access to a resource for multiple domains). Now, we do couple of sanity checks for such <seclabel/>, e.g. when the <label/> is specified, but '@relabel' is set to no. But what we are missing is the opposite: when '@relabel' is set, but no <label/> was provided. Our schema already denies such combination. Make our parser behave the same. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2160356 Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>	2023-06-01 13:53:09 +02:00

Author

SHA1

Message

Date

Michal Privoznik

a36318be9d

conf: Reject invalid device's <seclabel relabel='yes'/> with no <label/>

We allow (some) domain devices to have a different <seclabel/>
than the top level domain one (this is mostly to allow access to
a resource for multiple domains). Now, we do couple of sanity
checks for such <seclabel/>, e.g. when the <label/> is specified,
but '@relabel' is set to no. But what we are missing is the
opposite: when '@relabel' is set, but no <label/> was provided.

Our schema already denies such combination. Make our parser
behave the same.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2160356
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>

2023-06-01 13:53:09 +02:00

1 Commits