[PATCH 1/6] qemu: Use qemuSecurityDomainSetPathLabel() to set seclabes on not saved state files
There are two places within qemu driver that misuse
qemuSecuritySetSavedStateLabel() to set seclabels on tempfiles
that are not state files: qemuDomainScreenshot() and
qemuDomainMemoryPeek(). They are doing so because of lack of
qemuSecurityDomainSetPathLabel() at the time of their
introduction.
In all three secdrivers (well, four if you count NOP driver) the
implementation of .domainSetSavedStateLabel and
.domainSetPathLabel callbacks is the same anyway.
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
---
src/qemu/qemu_driver.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index e482d08f3a..3fad440272 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -4064,7 +4064,7 @@ qemuDomainScreenshot(virDomainPtr dom,
}
unlink_tmp = true;
- qemuSecuritySetSavedStateLabel(driver, vm, tmp);
+ qemuSecurityDomainSetPathLabel(driver, vm, tmp, false);
qemuDomainObjEnterMonitor(driver, vm);
if (qemuMonitorScreendump(priv->mon, videoAlias, screen, tmp) < 0) {
@@ -11666,7 +11666,7 @@ qemuDomainMemoryPeek(virDomainPtr dom,
goto endjob;
}
- qemuSecuritySetSavedStateLabel(driver, vm, tmp);
+ qemuSecurityDomainSetPathLabel(driver, vm, tmp, false);
priv = vm->privateData;
qemuDomainObjEnterMonitor(driver, vm);
--
2.26.2