Re: [libvirt] [PATCH 1/1] security_util: verify xattrs only if ref is present

After 7cfb7aab573 commit starting a domain pullutes logs with warnings like [1]. The reason is resource files do not have timestamp before starting a domain and after destroying domain the timestamp is cleared. Let's check the timestamp only if attribute with refcounter is found. [1] warning : virSecurityValidateTimestamp:198 : Invalid XATTR timestamp detected on \ /some/path secdriver=dac Signed-off-by: Nikolay Shirokovskiy <nshirokovskiy(a)virtuozzo.com&gt; --- src/security/security_util.c | 24 ++++++++++++++++-------- 1 file changed, 16 insertions(+), 8 deletions(-) diff --git a/src/security/security_util.c b/src/security/security_util.c index 31f41cedfd..f33fe9dd7b 100644 --- a/src/security/security_util.c +++ b/src/security/security_util.c @@ -269,13 +269,9 @@ virSecurityGetRememberedLabel(const char *name, VIR_AUTOFREE(char *) attr_name = NULL; VIR_AUTOFREE(char *) value = NULL; unsigned int refcount = 0; - int rc; *label = NULL; - if ((rc = virSecurityValidateTimestamp(name, path)) < 0) - return rc; - if (!(ref_name = virSecurityGetRefCountAttrName(name))) return -1; @@ -288,6 +284,14 @@ virSecurityGetRememberedLabel(const char *name, ref_name, path); return -1; + } else { + int rc; + + if ((rc = virSecurityValidateTimestamp(name, path)) < 0) + return rc; + + if (rc == 1) + return -2; } if (virStrToLong_ui(value, NULL, 10, &refcount) < 0) { @@ -357,10 +361,6 @@ virSecuritySetRememberedLabel(const char *name, VIR_AUTOFREE(char *) attr_name = NULL; VIR_AUTOFREE(char *) value = NULL; unsigned int refcount = 0; - int rc; - - if ((rc = virSecurityValidateTimestamp(name, path)) < 0) - return rc; if (!(ref_name = virSecurityGetRefCountAttrName(name))) return -1; @@ -375,6 +375,14 @@ virSecuritySetRememberedLabel(const char *name, path); return -1; } + } else { + int rc; +

+ if ((rc = virSecurityValidateTimestamp(name, path)) < 0) + return rc; + + if (rc == 1) + VIR_FREE(value);