]> xenbits.xensource.com Git - libvirt.git/commit
projects / libvirt.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 7fceb5e) | patch
security: selinux: Handle security labelling of FD-passed images
authorPeter Krempa <pkrempa@redhat.com>
Thu, 5 Jan 2023 13:23:05 +0000 (14:23 +0100)
committerPeter Krempa <pkrempa@redhat.com>
Mon, 9 Jan 2023 13:59:43 +0000 (14:59 +0100)
commit6f3d13bfbdaaaed206f59de3a3609992c1cad90b
tree6e7301a4f55984b92093d31dbc6f2fada82f76aftree
parent7fceb5e16823d62fd800b546fdba6e561a5ab2edcommit | diff
security: selinux: Handle security labelling of FD-passed images

Unfortunately unlike with DAC we can't simply ignore labelling for the
FD and it also influences the on-disk state.

Thus we need to relabel the FD and we also store the existing label in
cases when the user will request best-effort label replacement.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
src/conf/storage_source_conf.c diff | blob | blame | history
src/conf/storage_source_conf.h diff | blob | blame | history
src/security/security_selinux.c diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.