11:54 a.m.
I'm going to add functions that will deal with individual image files
rather than whole disks. Rename the security function to make room for
the new one.
---
src/libvirt_private.syms | 2 +-
src/qemu/qemu_driver.c | 4 ++--
src/qemu/qemu_hotplug.c | 24 ++++++++++++------------
src/security/security_apparmor.c | 8 ++++----
src/security/security_dac.c | 8 ++++----
src/security/security_driver.h | 8 ++++----
src/security/security_manager.c | 10 +++++-----
src/security/security_manager.h | 6 +++---
src/security/security_nop.c | 8 ++++----
src/security/security_selinux.c | 8 ++++----
src/security/security_stack.c | 10 +++++-----
11 files changed, 48 insertions(+), 48 deletions(-)
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index b3f73f9..1e1dd84 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -911,8 +911,8 @@ virSecurityManagerPreFork;
virSecurityManagerReleaseLabel;
virSecurityManagerReserveLabel;
virSecurityManagerRestoreAllLabel;
+virSecurityManagerRestoreDiskLabel;
virSecurityManagerRestoreHostdevLabel;
-virSecurityManagerRestoreImageLabel;
virSecurityManagerRestoreSavedStateLabel;
virSecurityManagerSetAllLabel;
virSecurityManagerSetChildProcessLabel;
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index 41d7bb6..ce57542 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -12087,8 +12087,8 @@ qemuDomainPrepareDiskChainElement(virQEMUDriverPtr driver,
disk->readonly = mode == VIR_DISK_CHAIN_READ_ONLY;
if (mode == VIR_DISK_CHAIN_NO_ACCESS) {
- if (virSecurityManagerRestoreImageLabel(driver->securityManager,
- vm->def, disk) < 0)
+ if (virSecurityManagerRestoreDiskLabel(driver->securityManager,
+ vm->def, disk) < 0)
VIR_WARN("Unable to restore security label on %s",
disk->src->path);
if (qemuTeardownDiskCgroup(vm, disk) < 0)
VIR_WARN("Failed to teardown cgroup for disk path %s",
diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c
index 9cd6a3e..5e8aa4e 100644
--- a/src/qemu/qemu_hotplug.c
+++ b/src/qemu/qemu_hotplug.c
@@ -161,8 +161,8 @@ int qemuDomainChangeEjectableMedia(virQEMUDriverPtr driver,
if (ret < 0)
goto error;
- if (virSecurityManagerRestoreImageLabel(driver->securityManager,
- vm->def, origdisk) < 0)
+ if (virSecurityManagerRestoreDiskLabel(driver->securityManager,
+ vm->def, origdisk) < 0)
VIR_WARN("Unable to restore security label on ejected image %s",
virDomainDiskGetSource(origdisk));
@@ -182,8 +182,8 @@ int qemuDomainChangeEjectableMedia(virQEMUDriverPtr driver,
return ret;
error:
- if (virSecurityManagerRestoreImageLabel(driver->securityManager,
- vm->def, disk) < 0)
+ if (virSecurityManagerRestoreDiskLabel(driver->securityManager,
+ vm->def, disk) < 0)
VIR_WARN("Unable to restore security label on new media %s", src);
if (virDomainLockDiskDetach(driver->lockManager, vm, disk) < 0)
@@ -347,8 +347,8 @@ qemuDomainAttachVirtioDiskDevice(virConnectPtr conn,
if (releaseaddr)
qemuDomainReleaseDeviceAddress(vm, &disk->info, src);
- if (virSecurityManagerRestoreImageLabel(driver->securityManager,
- vm->def, disk) < 0)
+ if (virSecurityManagerRestoreDiskLabel(driver->securityManager,
+ vm->def, disk) < 0)
VIR_WARN("Unable to restore security label on %s", src);
if (virDomainLockDiskDetach(driver->lockManager, vm, disk) < 0)
@@ -597,8 +597,8 @@ qemuDomainAttachSCSIDisk(virConnectPtr conn,
return ret;
error:
- if (virSecurityManagerRestoreImageLabel(driver->securityManager,
- vm->def, disk) < 0)
+ if (virSecurityManagerRestoreDiskLabel(driver->securityManager,
+ vm->def, disk) < 0)
VIR_WARN("Unable to restore security label on %s", src);
if (virDomainLockDiskDetach(driver->lockManager, vm, disk) < 0)
@@ -691,8 +691,8 @@ qemuDomainAttachUSBMassstorageDevice(virConnectPtr conn,
return ret;
error:
- if (virSecurityManagerRestoreImageLabel(driver->securityManager,
- vm->def, disk) < 0)
+ if (virSecurityManagerRestoreDiskLabel(driver->securityManager,
+ vm->def, disk) < 0)
VIR_WARN("Unable to restore security label on %s", src);
if (virDomainLockDiskDetach(driver->lockManager, vm, disk) < 0)
@@ -2504,8 +2504,8 @@ qemuDomainRemoveDiskDevice(virQEMUDriverPtr driver,
qemuDomainReleaseDeviceAddress(vm, &disk->info, src);
- if (virSecurityManagerRestoreImageLabel(driver->securityManager,
- vm->def, disk) < 0)
+ if (virSecurityManagerRestoreDiskLabel(driver->securityManager,
+ vm->def, disk) < 0)
VIR_WARN("Unable to restore security label on %s", src);
if (qemuTeardownDiskCgroup(vm, disk) < 0)
diff --git a/src/security/security_apparmor.c b/src/security/security_apparmor.c
index c27ab47..b4cbc61 100644
--- a/src/security/security_apparmor.c
+++ b/src/security/security_apparmor.c
@@ -684,9 +684,9 @@ AppArmorClearSecuritySocketLabel(virSecurityManagerPtr mgr
ATTRIBUTE_UNUSED,
/* Called when hotplugging */
static int
-AppArmorRestoreSecurityImageLabel(virSecurityManagerPtr mgr,
- virDomainDefPtr def,
- virDomainDiskDefPtr disk)
+AppArmorRestoreSecurityDiskLabel(virSecurityManagerPtr mgr,
+ virDomainDefPtr def,
+ virDomainDiskDefPtr disk)
{
if (virDomainDiskGetType(disk) == VIR_STORAGE_TYPE_NETWORK)
return 0;
@@ -973,7 +973,7 @@ virSecurityDriver virAppArmorSecurityDriver = {
.domainSecurityVerify = AppArmorSecurityVerify,
.domainSetSecurityDiskLabel = AppArmorSetSecurityDiskLabel,
- .domainRestoreSecurityImageLabel = AppArmorRestoreSecurityImageLabel,
+ .domainRestoreSecurityDiskLabel = AppArmorRestoreSecurityDiskLabel,
.domainSetSecurityDaemonSocketLabel = AppArmorSetSecurityDaemonSocketLabel,
.domainSetSecuritySocketLabel = AppArmorSetSecuritySocketLabel,
diff --git a/src/security/security_dac.c b/src/security/security_dac.c
index 9760e6f..639f9b0 100644
--- a/src/security/security_dac.c
+++ b/src/security/security_dac.c
@@ -410,9 +410,9 @@ virSecurityDACRestoreSecurityImageLabelInt(virSecurityManagerPtr mgr,
static int
-virSecurityDACRestoreSecurityImageLabel(virSecurityManagerPtr mgr,
- virDomainDefPtr def,
- virDomainDiskDefPtr disk)
+virSecurityDACRestoreSecurityDiskLabel(virSecurityManagerPtr mgr,
+ virDomainDefPtr def,
+ virDomainDiskDefPtr disk)
{
return virSecurityDACRestoreSecurityImageLabelInt(mgr, def, disk, false);
}
@@ -1274,7 +1274,7 @@ virSecurityDriver virSecurityDriverDAC = {
.domainSecurityVerify = virSecurityDACVerify,
.domainSetSecurityDiskLabel = virSecurityDACSetSecurityDiskLabel,
- .domainRestoreSecurityImageLabel = virSecurityDACRestoreSecurityImageLabel,
+ .domainRestoreSecurityDiskLabel = virSecurityDACRestoreSecurityDiskLabel,
.domainSetSecurityDaemonSocketLabel = virSecurityDACSetDaemonSocketLabel,
.domainSetSecuritySocketLabel = virSecurityDACSetSocketLabel,
diff --git a/src/security/security_driver.h b/src/security/security_driver.h
index 6a17a8e..05d612a 100644
--- a/src/security/security_driver.h
+++ b/src/security/security_driver.h
@@ -51,9 +51,9 @@ typedef const char *(*virSecurityDriverGetBaseLabel)
(virSecurityManagerPtr mgr,
typedef int (*virSecurityDriverPreFork) (virSecurityManagerPtr mgr);
-typedef int (*virSecurityDomainRestoreImageLabel) (virSecurityManagerPtr mgr,
- virDomainDefPtr def,
- virDomainDiskDefPtr disk);
+typedef int (*virSecurityDomainRestoreDiskLabel) (virSecurityManagerPtr mgr,
+ virDomainDefPtr def,
+ virDomainDiskDefPtr disk);
typedef int (*virSecurityDomainSetDaemonSocketLabel)(virSecurityManagerPtr mgr,
virDomainDefPtr vm);
typedef int (*virSecurityDomainSetSocketLabel) (virSecurityManagerPtr mgr,
@@ -128,7 +128,7 @@ struct _virSecurityDriver {
virSecurityDomainSecurityVerify domainSecurityVerify;
virSecurityDomainSetDiskLabel domainSetSecurityDiskLabel;
- virSecurityDomainRestoreImageLabel domainRestoreSecurityImageLabel;
+ virSecurityDomainRestoreDiskLabel domainRestoreSecurityDiskLabel;
virSecurityDomainSetDaemonSocketLabel domainSetSecurityDaemonSocketLabel;
virSecurityDomainSetSocketLabel domainSetSecuritySocketLabel;
diff --git a/src/security/security_manager.c b/src/security/security_manager.c
index f0e3ee1..d57bab9 100644
--- a/src/security/security_manager.c
+++ b/src/security/security_manager.c
@@ -306,14 +306,14 @@ bool virSecurityManagerGetRequireConfined(virSecurityManagerPtr
mgr)
return mgr->requireConfined;
}
-int virSecurityManagerRestoreImageLabel(virSecurityManagerPtr mgr,
- virDomainDefPtr vm,
- virDomainDiskDefPtr disk)
+int virSecurityManagerRestoreDiskLabel(virSecurityManagerPtr mgr,
+ virDomainDefPtr vm,
+ virDomainDiskDefPtr disk)
{
- if (mgr->drv->domainRestoreSecurityImageLabel) {
+ if (mgr->drv->domainRestoreSecurityDiskLabel) {
int ret;
virObjectLock(mgr);
- ret = mgr->drv->domainRestoreSecurityImageLabel(mgr, vm, disk);
+ ret = mgr->drv->domainRestoreSecurityDiskLabel(mgr, vm, disk);
virObjectUnlock(mgr);
return ret;
}
diff --git a/src/security/security_manager.h b/src/security/security_manager.h
index f083b3a..307e1c2 100644
--- a/src/security/security_manager.h
+++ b/src/security/security_manager.h
@@ -61,9 +61,9 @@ bool virSecurityManagerGetAllowDiskFormatProbing(virSecurityManagerPtr
mgr);
bool virSecurityManagerGetDefaultConfined(virSecurityManagerPtr mgr);
bool virSecurityManagerGetRequireConfined(virSecurityManagerPtr mgr);
-int virSecurityManagerRestoreImageLabel(virSecurityManagerPtr mgr,
- virDomainDefPtr def,
- virDomainDiskDefPtr disk);
+int virSecurityManagerRestoreDiskLabel(virSecurityManagerPtr mgr,
+ virDomainDefPtr def,
+ virDomainDiskDefPtr disk);
int virSecurityManagerSetDaemonSocketLabel(virSecurityManagerPtr mgr,
virDomainDefPtr vm);
int virSecurityManagerSetSocketLabel(virSecurityManagerPtr mgr,
diff --git a/src/security/security_nop.c b/src/security/security_nop.c
index 7feeda6..ac9ceae 100644
--- a/src/security/security_nop.c
+++ b/src/security/security_nop.c
@@ -50,9 +50,9 @@ static const char * virSecurityDriverGetDOINop(virSecurityManagerPtr mgr
ATTRIBU
return "0";
}
-static int virSecurityDomainRestoreImageLabelNop(virSecurityManagerPtr mgr
ATTRIBUTE_UNUSED,
- virDomainDefPtr vm ATTRIBUTE_UNUSED,
- virDomainDiskDefPtr disk
ATTRIBUTE_UNUSED)
+static int virSecurityDomainRestoreDiskLabelNop(virSecurityManagerPtr mgr
ATTRIBUTE_UNUSED,
+ virDomainDefPtr vm ATTRIBUTE_UNUSED,
+ virDomainDiskDefPtr disk
ATTRIBUTE_UNUSED)
{
return 0;
}
@@ -207,7 +207,7 @@ virSecurityDriver virSecurityDriverNop = {
.domainSecurityVerify = virSecurityDomainVerifyNop,
.domainSetSecurityDiskLabel = virSecurityDomainSetDiskLabelNop,
- .domainRestoreSecurityImageLabel = virSecurityDomainRestoreImageLabelNop,
+ .domainRestoreSecurityDiskLabel = virSecurityDomainRestoreDiskLabelNop,
.domainSetSecurityDaemonSocketLabel = virSecurityDomainSetDaemonSocketLabelNop,
.domainSetSecuritySocketLabel = virSecurityDomainSetSocketLabelNop,
diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
index a4c13a1..572f8a1 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -1182,9 +1182,9 @@ virSecuritySELinuxRestoreSecurityImageLabelInt(virSecurityManagerPtr
mgr,
static int
-virSecuritySELinuxRestoreSecurityImageLabel(virSecurityManagerPtr mgr,
- virDomainDefPtr def,
- virDomainDiskDefPtr disk)
+virSecuritySELinuxRestoreSecurityDiskLabel(virSecurityManagerPtr mgr,
+ virDomainDefPtr def,
+ virDomainDiskDefPtr disk)
{
return virSecuritySELinuxRestoreSecurityImageLabelInt(mgr, def, disk, false);
}
@@ -2427,7 +2427,7 @@ virSecurityDriver virSecurityDriverSELinux = {
.domainSecurityVerify = virSecuritySELinuxSecurityVerify,
.domainSetSecurityDiskLabel = virSecuritySELinuxSetSecurityDiskLabel,
- .domainRestoreSecurityImageLabel = virSecuritySELinuxRestoreSecurityImageLabel,
+ .domainRestoreSecurityDiskLabel = virSecuritySELinuxRestoreSecurityDiskLabel,
.domainSetSecurityDaemonSocketLabel =
virSecuritySELinuxSetSecurityDaemonSocketLabel,
.domainSetSecuritySocketLabel = virSecuritySELinuxSetSecuritySocketLabel,
diff --git a/src/security/security_stack.c b/src/security/security_stack.c
index 63b2720..7f210b2 100644
--- a/src/security/security_stack.c
+++ b/src/security/security_stack.c
@@ -240,16 +240,16 @@ virSecurityStackSetSecurityDiskLabel(virSecurityManagerPtr mgr,
static int
-virSecurityStackRestoreSecurityImageLabel(virSecurityManagerPtr mgr,
- virDomainDefPtr vm,
- virDomainDiskDefPtr disk)
+virSecurityStackRestoreSecurityDiskLabel(virSecurityManagerPtr mgr,
+ virDomainDefPtr vm,
+ virDomainDiskDefPtr disk)
{
virSecurityStackDataPtr priv = virSecurityManagerGetPrivateData(mgr);
virSecurityStackItemPtr item = priv->itemsHead;
int rc = 0;
for (; item; item = item->next) {
- if (virSecurityManagerRestoreImageLabel(item->securityManager, vm, disk) <
0)
+ if (virSecurityManagerRestoreDiskLabel(item->securityManager, vm, disk) <
0)
rc = -1;
}
@@ -579,7 +579,7 @@ virSecurityDriver virSecurityDriverStack = {
.domainSecurityVerify = virSecurityStackVerify,
.domainSetSecurityDiskLabel = virSecurityStackSetSecurityDiskLabel,
- .domainRestoreSecurityImageLabel = virSecurityStackRestoreSecurityImageLabel,
+ .domainRestoreSecurityDiskLabel = virSecurityStackRestoreSecurityDiskLabel,
.domainSetSecurityDaemonSocketLabel = virSecurityStackSetDaemonSocketLabel,
.domainSetSecuritySocketLabel = virSecurityStackSetSocketLabel,
--
1.9.3