10:11 a.m.
The same can be achieved by using qemuSecurity[Set|Restore]ImageLabel.
Signed-off-by: Peter Krempa <pkrempa(a)redhat.com>
---
src/qemu/qemu_driver.c | 2 +-
src/qemu/qemu_hotplug.c | 4 +--
src/qemu/qemu_security.c | 62 ----------------------------------------
src/qemu/qemu_security.h | 8 ------
4 files changed, 3 insertions(+), 73 deletions(-)
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index fbc2a20915..025acec6af 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -17190,7 +17190,7 @@ qemuDomainBlockPivot(virQEMUDriverPtr driver,
disk->mirror->format != VIR_STORAGE_FILE_RAW &&
(qemuDomainNamespaceSetupDisk(vm, disk->src) < 0 ||
qemuSetupImageChainCgroup(vm, disk->src) < 0 ||
- qemuSecuritySetDiskLabel(driver, vm, disk) < 0))
+ qemuSecuritySetImageLabel(driver, vm, disk->src, true) < 0))
goto cleanup;
disk->src = oldsrc;
diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c
index 000102ac3f..015f1837ab 100644
--- a/src/qemu/qemu_hotplug.c
+++ b/src/qemu/qemu_hotplug.c
@@ -113,7 +113,7 @@ qemuHotplugPrepareDiskAccess(virQEMUDriverPtr driver,
if (qemuDomainNamespaceSetupDisk(vm, disk->src) < 0)
goto rollback_lock;
- if (qemuSecuritySetDiskLabel(driver, vm, disk) < 0)
+ if (qemuSecuritySetImageLabel(driver, vm, disk->src, true) < 0)
goto rollback_namespace;
if (qemuSetupImageChainCgroup(vm, disk->src) < 0)
@@ -127,7 +127,7 @@ qemuHotplugPrepareDiskAccess(virQEMUDriverPtr driver,
VIR_WARN("Unable to tear down cgroup access on %s",
NULLSTR(virDomainDiskGetSource(disk)));
rollback_label:
- if (qemuSecurityRestoreDiskLabel(driver, vm, disk) < 0)
+ if (qemuSecurityRestoreImageLabel(driver, vm, disk->src, true) < 0)
VIR_WARN("Unable to restore security label on %s",
NULLSTR(virDomainDiskGetSource(disk)));
diff --git a/src/qemu/qemu_security.c b/src/qemu/qemu_security.c
index fed15e90e9..c15ca24f21 100644
--- a/src/qemu/qemu_security.c
+++ b/src/qemu/qemu_security.c
@@ -92,68 +92,6 @@ qemuSecurityRestoreAllLabel(virQEMUDriverPtr driver,
}
-int
-qemuSecuritySetDiskLabel(virQEMUDriverPtr driver,
- virDomainObjPtr vm,
- virDomainDiskDefPtr disk)
-{
- qemuDomainObjPrivatePtr priv = vm->privateData;
- pid_t pid = -1;
- int ret = -1;
-
- if (qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT))
- pid = vm->pid;
-
- if (virSecurityManagerTransactionStart(driver->securityManager) < 0)
- goto cleanup;
-
- if (virSecurityManagerSetDiskLabel(driver->securityManager,
- vm->def,
- disk) < 0)
- goto cleanup;
-
- if (virSecurityManagerTransactionCommit(driver->securityManager,
- pid, priv->rememberOwner) < 0)
- goto cleanup;
-
- ret = 0;
- cleanup:
- virSecurityManagerTransactionAbort(driver->securityManager);
- return ret;
-}
-
-
-int
-qemuSecurityRestoreDiskLabel(virQEMUDriverPtr driver,
- virDomainObjPtr vm,
- virDomainDiskDefPtr disk)
-{
- qemuDomainObjPrivatePtr priv = vm->privateData;
- pid_t pid = -1;
- int ret = -1;
-
- if (qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT))
- pid = vm->pid;
-
- if (virSecurityManagerTransactionStart(driver->securityManager) < 0)
- goto cleanup;
-
- if (virSecurityManagerRestoreDiskLabel(driver->securityManager,
- vm->def,
- disk) < 0)
- goto cleanup;
-
- if (virSecurityManagerTransactionCommit(driver->securityManager,
- pid, priv->rememberOwner) < 0)
- goto cleanup;
-
- ret = 0;
- cleanup:
- virSecurityManagerTransactionAbort(driver->securityManager);
- return ret;
-}
-
-
int
qemuSecuritySetImageLabel(virQEMUDriverPtr driver,
virDomainObjPtr vm,
diff --git a/src/qemu/qemu_security.h b/src/qemu/qemu_security.h
index 2a916f5169..546a66f284 100644
--- a/src/qemu/qemu_security.h
+++ b/src/qemu/qemu_security.h
@@ -34,14 +34,6 @@ void qemuSecurityRestoreAllLabel(virQEMUDriverPtr driver,
virDomainObjPtr vm,
bool migrated);
-int qemuSecuritySetDiskLabel(virQEMUDriverPtr driver,
- virDomainObjPtr vm,
- virDomainDiskDefPtr disk);
-
-int qemuSecurityRestoreDiskLabel(virQEMUDriverPtr driver,
- virDomainObjPtr vm,
- virDomainDiskDefPtr disk);
-
int qemuSecuritySetImageLabel(virQEMUDriverPtr driver,
virDomainObjPtr vm,
virStorageSourcePtr src,
--
2.20.1