On 03/21/2014 01:10 PM, Laine Stump wrote:
On 03/19/2014 11:20 AM, Eric Blake wrote:
> Part of a series of cleanups to use new accessor methods.
>
> * src/lxc/lxc_cgroup.c (virLXCCgroupSetupDeviceACL): Use
> accessors.
> * src/lxc/lxc_controller.c (virLXCControllerSetupLoopDeviceDisk)
> (virLXCControllerSetupNBDDeviceDisk)
> (virLXCControllerSetupLoopDevices, virLXCControllerSetupDisk):
> Likewise.
> * src/lxc/lxc_driver.c (lxcDomainAttachDeviceDiskLive)
> (lxcDomainDetachDeviceDiskLive): Likewise.
>
> Signed-off-by: Eric Blake <eblake(a)redhat.com>
> ---
> src/lxc/lxc_cgroup.c | 6 ++---
> src/lxc/lxc_controller.c | 69 +++++++++++++++++++++++++++---------------------
> src/lxc/lxc_driver.c | 27 +++++++++++--------
> 3 files changed, 58 insertions(+), 44 deletions(-)
>
> diff --git a/src/lxc/lxc_cgroup.c b/src/lxc/lxc_cgroup.c
> index 5a1718d..da5ccf5 100644
> --- a/src/lxc/lxc_cgroup.c
> +++ b/src/lxc/lxc_cgroup.c
>
> @@ -1662,12 +1671,12 @@ static int virLXCControllerSetupDisk(virLXCControllerPtr
ctrl,
> mode_t mode;
> char *tmpsrc = def->src;
Why didn't you use the accessor here?
This is one of the files that will be further impacted by later patches
to security labeling. The direct use of def->src here was involved in
an in-place swap, then a call to relabel the new file, then another
in-place swap back to the original name, all as a hack to work around
the fact that the security manager requires an entire disk object before
doing a label:
/* Labelling normally operates on src, but we need
* to actually label the dst here, so hack the config */
def->src.path = dst;
if (virSecurityManagerSetImageLabel(securityDriver, ctrl->def, def) < 0)
goto cleanup;
ret = 0;
cleanup:
def->src.path = tmpsrc;
My plans are to improve the security code to add an interface to label
just a virDomainDiskSourceDef, where the code here and in qemu_driver
that currently does the hack of an in-place swap can instead just create
a new DiskSource object that gets labeled directly. And since that
cleanup will get rid of the need to do the swap, converting this usage
to the accessor would just be churn.
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library
http://libvirt.org