On Wed, Jan 12, 2011 at 12:23:01PM -0500, Cole Robinson wrote:
This allows us to explicitly handle the 'default' seclabel case, as well as provide easier model validation.
Signed-off-by: Cole Robinson <crobinso@redhat.com> --- src/conf/domain_conf.c | 38 ++++++++++++++++++++++++++++++-------- src/conf/domain_conf.h | 14 ++++++++++++-- src/security/security_apparmor.c | 9 +++------ src/security/security_driver.c | 15 ++++++++++----- src/security/security_selinux.c | 8 ++------ 5 files changed, 57 insertions(+), 27 deletions(-)
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 8f6ef55..077a396 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -313,6 +313,12 @@ VIR_ENUM_IMPL(virDomainSeclabel, VIR_DOMAIN_SECLABEL_LAST, "dynamic", "static")
+VIR_ENUM_IMPL(virDomainSeclabelModel, VIR_DOMAIN_SECLABEL_MODEL_LAST, + "default", + "selinux", + "apparmor", + "none")
If we remove 'none' from the enum, this is ok.
+ VIR_ENUM_IMPL(virDomainNetdevMacvtap, VIR_DOMAIN_NETDEV_MACVTAP_MODE_LAST, "vepa", "private", @@ -759,7 +765,7 @@ void virDomainSeclabelDefClear(virSecurityLabelDefPtr seclabel) if (!seclabel) return;
- VIR_FREE(seclabel->model); + seclabel->model = VIR_DOMAIN_SECLABEL_MODEL_DEFAULT; VIR_FREE(seclabel->label); VIR_FREE(seclabel->imagelabel); } @@ -4244,7 +4250,15 @@ virSecurityLabelDefParseXML(const virDomainDefPtr def, "%s", _("missing security model")); goto error; } - def->seclabel.model = p; + + def->seclabel.model = virDomainSeclabelModelTypeFromString(p); + if (def->seclabel.model < 0) { + virDomainReportError(VIR_ERR_XML_ERROR, + _("unknown security model '%s'"), p); + VIR_FREE(p); + goto error; + } + VIR_FREE(p);
p = virXPathStringLimit("string(./seclabel/label[1])", VIR_SECURITY_LABEL_BUFLEN-1, ctxt); @@ -7336,18 +7350,26 @@ char *virDomainDefFormat(virDomainDefPtr def,
virBufferAddLit(&buf, " </devices>\n");
- if (def->seclabel.model) { - const char *sectype = virDomainSeclabelTypeToString(def->seclabel.type); + if (def->seclabel.model != VIR_DOMAIN_SECLABEL_MODEL_DEFAULT) { + const char *sectype, *secmodel; + + sectype = virDomainSeclabelTypeToString(def->seclabel.type); if (!sectype) goto cleanup; + + secmodel = virDomainSeclabelModelTypeToString(def->seclabel.model); + if (!secmodel) + goto cleanup; + + virBufferVSprintf(&buf, " <seclabel type='%s' model='%s'", + sectype, secmodel); + if (!def->seclabel.label || (def->seclabel.type == VIR_DOMAIN_SECLABEL_DYNAMIC && (flags & VIR_DOMAIN_XML_INACTIVE))) { - virBufferVSprintf(&buf, " <seclabel type='%s' model='%s'/>\n", - sectype, def->seclabel.model); + virBufferAddLit(&buf, "/>\n"); } else { - virBufferVSprintf(&buf, " <seclabel type='%s' model='%s'>\n", - sectype, def->seclabel.model); + virBufferAddLit(&buf, ">\n"); virBufferEscapeString(&buf, " <label>%s</label>\n", def->seclabel.label); if (def->seclabel.imagelabel && diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h index b5cf433..81409f8 100644 --- a/src/conf/domain_conf.h +++ b/src/conf/domain_conf.h @@ -782,14 +782,23 @@ enum virDomainSeclabelType { VIR_DOMAIN_SECLABEL_LAST, };
+enum virDomainSeclabelModel { + VIR_DOMAIN_SECLABEL_MODEL_DEFAULT, + VIR_DOMAIN_SECLABEL_MODEL_SELINUX, + VIR_DOMAIN_SECLABEL_MODEL_APPARMOR, + VIR_DOMAIN_SECLABEL_MODEL_NONE, + + VIR_DOMAIN_SECLABEL_MODEL_LAST, +};
Remove NONE here too. ACK, if the 'none' / NONE bits are removed. Daniel