security: Rename virSecurityManagerRestoreImageLabel to *Disk*

I'm going to add functions that will deal with individual image files
rather than whole disks. Rename the security function to make room for
the new one.

diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index b3f73f9cb575aac5d5ae6ab38386124aeb4090a4..1e1dd84d452d6c798d0384d0c594c736ba985fb4 100644 (file)
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -911,8 +911,8 @@ virSecurityManagerPreFork;
 virSecurityManagerReleaseLabel;
 virSecurityManagerReserveLabel;
 virSecurityManagerRestoreAllLabel;
+virSecurityManagerRestoreDiskLabel;
 virSecurityManagerRestoreHostdevLabel;
-virSecurityManagerRestoreImageLabel;
 virSecurityManagerRestoreSavedStateLabel;
 virSecurityManagerSetAllLabel;
 virSecurityManagerSetChildProcessLabel;

diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index 376d7cbec03821aeae5cf151c522e62231d49178..775dc4eb7dd2b145af2f931d4a542014cc42245f 100644 (file)
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -12096,8 +12096,8 @@ qemuDomainPrepareDiskChainElement(virQEMUDriverPtr driver,
     disk->readonly = mode == VIR_DISK_CHAIN_READ_ONLY;
 
     if (mode == VIR_DISK_CHAIN_NO_ACCESS) {
-        if (virSecurityManagerRestoreImageLabel(driver->securityManager,
-                                                vm->def, disk) < 0)
+        if (virSecurityManagerRestoreDiskLabel(driver->securityManager,
+                                               vm->def, disk) < 0)
             VIR_WARN("Unable to restore security label on %s", disk->src->path);
         if (qemuTeardownDiskCgroup(vm, disk) < 0)
             VIR_WARN("Failed to teardown cgroup for disk path %s",

diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c
index 9cd6a3e8460b7c621af54ca5a8bdd9dfadc9fb1c..5e8aa4e1cba1d1ce06131d8d982f054017f29dbe 100644 (file)
--- a/src/qemu/qemu_hotplug.c
+++ b/src/qemu/qemu_hotplug.c
@@ -161,8 +161,8 @@ int qemuDomainChangeEjectableMedia(virQEMUDriverPtr driver,
     if (ret < 0)
         goto error;
 
-    if (virSecurityManagerRestoreImageLabel(driver->securityManager,
-                                            vm->def, origdisk) < 0)
+    if (virSecurityManagerRestoreDiskLabel(driver->securityManager,
+                                           vm->def, origdisk) < 0)
         VIR_WARN("Unable to restore security label on ejected image %s",
                  virDomainDiskGetSource(origdisk));
 
@@ -182,8 +182,8 @@ int qemuDomainChangeEjectableMedia(virQEMUDriverPtr driver,
     return ret;
 
  error:
-    if (virSecurityManagerRestoreImageLabel(driver->securityManager,
-                                            vm->def, disk) < 0)
+    if (virSecurityManagerRestoreDiskLabel(driver->securityManager,
+                                           vm->def, disk) < 0)
         VIR_WARN("Unable to restore security label on new media %s", src);
 
     if (virDomainLockDiskDetach(driver->lockManager, vm, disk) < 0)
@@ -347,8 +347,8 @@ qemuDomainAttachVirtioDiskDevice(virConnectPtr conn,
     if (releaseaddr)
         qemuDomainReleaseDeviceAddress(vm, &disk->info, src);
 
-    if (virSecurityManagerRestoreImageLabel(driver->securityManager,
-                                            vm->def, disk) < 0)
+    if (virSecurityManagerRestoreDiskLabel(driver->securityManager,
+                                           vm->def, disk) < 0)
         VIR_WARN("Unable to restore security label on %s", src);
 
     if (virDomainLockDiskDetach(driver->lockManager, vm, disk) < 0)
@@ -597,8 +597,8 @@ qemuDomainAttachSCSIDisk(virConnectPtr conn,
     return ret;
 
  error:
-    if (virSecurityManagerRestoreImageLabel(driver->securityManager,
-                                            vm->def, disk) < 0)
+    if (virSecurityManagerRestoreDiskLabel(driver->securityManager,
+                                           vm->def, disk) < 0)
         VIR_WARN("Unable to restore security label on %s", src);
 
     if (virDomainLockDiskDetach(driver->lockManager, vm, disk) < 0)
@@ -691,8 +691,8 @@ qemuDomainAttachUSBMassstorageDevice(virConnectPtr conn,
     return ret;
 
  error:
-    if (virSecurityManagerRestoreImageLabel(driver->securityManager,
-                                            vm->def, disk) < 0)
+    if (virSecurityManagerRestoreDiskLabel(driver->securityManager,
+                                           vm->def, disk) < 0)
         VIR_WARN("Unable to restore security label on %s", src);
 
     if (virDomainLockDiskDetach(driver->lockManager, vm, disk) < 0)
@@ -2504,8 +2504,8 @@ qemuDomainRemoveDiskDevice(virQEMUDriverPtr driver,
 
     qemuDomainReleaseDeviceAddress(vm, &disk->info, src);
 
-    if (virSecurityManagerRestoreImageLabel(driver->securityManager,
-                                            vm->def, disk) < 0)
+    if (virSecurityManagerRestoreDiskLabel(driver->securityManager,
+                                           vm->def, disk) < 0)
         VIR_WARN("Unable to restore security label on %s", src);
 
     if (qemuTeardownDiskCgroup(vm, disk) < 0)

diff --git a/src/security/security_apparmor.c b/src/security/security_apparmor.c
index c27ab476c2e2bd64bf1b0c6528ac54bf3e2605fd..b4cbc6141cd7afa9cf7b862c524adf9a92a718cd 100644 (file)
--- a/src/security/security_apparmor.c
+++ b/src/security/security_apparmor.c
@@ -684,9 +684,9 @@ AppArmorClearSecuritySocketLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
 
 /* Called when hotplugging */
 static int
-AppArmorRestoreSecurityImageLabel(virSecurityManagerPtr mgr,
-                                  virDomainDefPtr def,
-                                  virDomainDiskDefPtr disk)
+AppArmorRestoreSecurityDiskLabel(virSecurityManagerPtr mgr,
+                                 virDomainDefPtr def,
+                                 virDomainDiskDefPtr disk)
 {
     if (virDomainDiskGetType(disk) == VIR_STORAGE_TYPE_NETWORK)
         return 0;
@@ -973,7 +973,7 @@ virSecurityDriver virAppArmorSecurityDriver = {
     .domainSecurityVerify               = AppArmorSecurityVerify,
 
     .domainSetSecurityDiskLabel         = AppArmorSetSecurityDiskLabel,
-    .domainRestoreSecurityImageLabel    = AppArmorRestoreSecurityImageLabel,
+    .domainRestoreSecurityDiskLabel     = AppArmorRestoreSecurityDiskLabel,
 
     .domainSetSecurityDaemonSocketLabel = AppArmorSetSecurityDaemonSocketLabel,
     .domainSetSecuritySocketLabel       = AppArmorSetSecuritySocketLabel,

diff --git a/src/security/security_dac.c b/src/security/security_dac.c
index 9760e6f13521e5d03c5859af410f3c0c229bcb54..639f9b0afc67a7ddc8537bd400819f48c043d26b 100644 (file)
--- a/src/security/security_dac.c
+++ b/src/security/security_dac.c
@@ -410,9 +410,9 @@ virSecurityDACRestoreSecurityImageLabelInt(virSecurityManagerPtr mgr,
 
 
 static int
-virSecurityDACRestoreSecurityImageLabel(virSecurityManagerPtr mgr,
-                                        virDomainDefPtr def,
-                                        virDomainDiskDefPtr disk)
+virSecurityDACRestoreSecurityDiskLabel(virSecurityManagerPtr mgr,
+                                       virDomainDefPtr def,
+                                       virDomainDiskDefPtr disk)
 {
     return virSecurityDACRestoreSecurityImageLabelInt(mgr, def, disk, false);
 }
@@ -1274,7 +1274,7 @@ virSecurityDriver virSecurityDriverDAC = {
     .domainSecurityVerify               = virSecurityDACVerify,
 
     .domainSetSecurityDiskLabel         = virSecurityDACSetSecurityDiskLabel,
-    .domainRestoreSecurityImageLabel    = virSecurityDACRestoreSecurityImageLabel,
+    .domainRestoreSecurityDiskLabel     = virSecurityDACRestoreSecurityDiskLabel,
 
     .domainSetSecurityDaemonSocketLabel = virSecurityDACSetDaemonSocketLabel,
     .domainSetSecuritySocketLabel       = virSecurityDACSetSocketLabel,

diff --git a/src/security/security_driver.h b/src/security/security_driver.h
index 6a17a8e42c17985b7d7e4b1e7d309ca2effd74d1..05d612a1ccfa27f15861291a43a9684a125b65de 100644 (file)
--- a/src/security/security_driver.h
+++ b/src/security/security_driver.h
@@ -51,9 +51,9 @@ typedef const char *(*virSecurityDriverGetBaseLabel) (virSecurityManagerPtr mgr,
 
 typedef int (*virSecurityDriverPreFork) (virSecurityManagerPtr mgr);
 
-typedef int (*virSecurityDomainRestoreImageLabel) (virSecurityManagerPtr mgr,
-                                                   virDomainDefPtr def,
-                                                   virDomainDiskDefPtr disk);
+typedef int (*virSecurityDomainRestoreDiskLabel) (virSecurityManagerPtr mgr,
+                                                  virDomainDefPtr def,
+                                                  virDomainDiskDefPtr disk);
 typedef int (*virSecurityDomainSetDaemonSocketLabel)(virSecurityManagerPtr mgr,
                                                      virDomainDefPtr vm);
 typedef int (*virSecurityDomainSetSocketLabel) (virSecurityManagerPtr mgr,
@@ -128,7 +128,7 @@ struct _virSecurityDriver {
     virSecurityDomainSecurityVerify domainSecurityVerify;
 
     virSecurityDomainSetDiskLabel domainSetSecurityDiskLabel;
-    virSecurityDomainRestoreImageLabel domainRestoreSecurityImageLabel;
+    virSecurityDomainRestoreDiskLabel domainRestoreSecurityDiskLabel;
 
     virSecurityDomainSetDaemonSocketLabel domainSetSecurityDaemonSocketLabel;
     virSecurityDomainSetSocketLabel domainSetSecuritySocketLabel;

diff --git a/src/security/security_manager.c b/src/security/security_manager.c
index f0e3ee13b4968978654c179ababcecd61eada244..d57bab95c63175e988463797a4cc98bee4939b52 100644 (file)
--- a/src/security/security_manager.c
+++ b/src/security/security_manager.c
@@ -306,14 +306,14 @@ bool virSecurityManagerGetRequireConfined(virSecurityManagerPtr mgr)
     return mgr->requireConfined;
 }
 
-int virSecurityManagerRestoreImageLabel(virSecurityManagerPtr mgr,
-                                        virDomainDefPtr vm,
-                                        virDomainDiskDefPtr disk)
+int virSecurityManagerRestoreDiskLabel(virSecurityManagerPtr mgr,
+                                       virDomainDefPtr vm,
+                                       virDomainDiskDefPtr disk)
 {
-    if (mgr->drv->domainRestoreSecurityImageLabel) {
+    if (mgr->drv->domainRestoreSecurityDiskLabel) {
         int ret;
         virObjectLock(mgr);
-        ret = mgr->drv->domainRestoreSecurityImageLabel(mgr, vm, disk);
+        ret = mgr->drv->domainRestoreSecurityDiskLabel(mgr, vm, disk);
         virObjectUnlock(mgr);
         return ret;
     }

diff --git a/src/security/security_manager.h b/src/security/security_manager.h
index f083b3ae89ccce4ca3db355f813e67ee6a91cf97..307e1c2121c17c9bbfcc6abdd154442c21767fcc 100644 (file)
--- a/src/security/security_manager.h
+++ b/src/security/security_manager.h
@@ -61,9 +61,9 @@ bool virSecurityManagerGetAllowDiskFormatProbing(virSecurityManagerPtr mgr);
 bool virSecurityManagerGetDefaultConfined(virSecurityManagerPtr mgr);
 bool virSecurityManagerGetRequireConfined(virSecurityManagerPtr mgr);
 
-int virSecurityManagerRestoreImageLabel(virSecurityManagerPtr mgr,
-                                        virDomainDefPtr def,
-                                        virDomainDiskDefPtr disk);
+int virSecurityManagerRestoreDiskLabel(virSecurityManagerPtr mgr,
+                                       virDomainDefPtr def,
+                                       virDomainDiskDefPtr disk);
 int virSecurityManagerSetDaemonSocketLabel(virSecurityManagerPtr mgr,
                                            virDomainDefPtr vm);
 int virSecurityManagerSetSocketLabel(virSecurityManagerPtr mgr,

diff --git a/src/security/security_nop.c b/src/security/security_nop.c
index 7feeda631bc73d149d007257a260676b68d1ca40..ac9ceaecb13ed2a09fd80a94efe5351f7a0e877f 100644 (file)
--- a/src/security/security_nop.c
+++ b/src/security/security_nop.c
@@ -50,9 +50,9 @@ static const char * virSecurityDriverGetDOINop(virSecurityManagerPtr mgr ATTRIBU
     return "0";
 }
 
-static int virSecurityDomainRestoreImageLabelNop(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
-                                                 virDomainDefPtr vm ATTRIBUTE_UNUSED,
-                                                 virDomainDiskDefPtr disk ATTRIBUTE_UNUSED)
+static int virSecurityDomainRestoreDiskLabelNop(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
+                                                virDomainDefPtr vm ATTRIBUTE_UNUSED,
+                                                virDomainDiskDefPtr disk ATTRIBUTE_UNUSED)
 {
     return 0;
 }
@@ -207,7 +207,7 @@ virSecurityDriver virSecurityDriverNop = {
     .domainSecurityVerify               = virSecurityDomainVerifyNop,
 
     .domainSetSecurityDiskLabel         = virSecurityDomainSetDiskLabelNop,
-    .domainRestoreSecurityImageLabel    = virSecurityDomainRestoreImageLabelNop,
+    .domainRestoreSecurityDiskLabel     = virSecurityDomainRestoreDiskLabelNop,
 
     .domainSetSecurityDaemonSocketLabel = virSecurityDomainSetDaemonSocketLabelNop,
     .domainSetSecuritySocketLabel       = virSecurityDomainSetSocketLabelNop,

diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
index a4c13a1720d1fa97d5accd4f206130a9289137b1..572f8a16b4430394474058c8d2e2a6bbd667d091 100644 (file)
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -1182,9 +1182,9 @@ virSecuritySELinuxRestoreSecurityImageLabelInt(virSecurityManagerPtr mgr,
 
 
 static int
-virSecuritySELinuxRestoreSecurityImageLabel(virSecurityManagerPtr mgr,
-                                            virDomainDefPtr def,
-                                            virDomainDiskDefPtr disk)
+virSecuritySELinuxRestoreSecurityDiskLabel(virSecurityManagerPtr mgr,
+                                           virDomainDefPtr def,
+                                           virDomainDiskDefPtr disk)
 {
     return virSecuritySELinuxRestoreSecurityImageLabelInt(mgr, def, disk, false);
 }
@@ -2427,7 +2427,7 @@ virSecurityDriver virSecurityDriverSELinux = {
     .domainSecurityVerify               = virSecuritySELinuxSecurityVerify,
 
     .domainSetSecurityDiskLabel         = virSecuritySELinuxSetSecurityDiskLabel,
-    .domainRestoreSecurityImageLabel    = virSecuritySELinuxRestoreSecurityImageLabel,
+    .domainRestoreSecurityDiskLabel     = virSecuritySELinuxRestoreSecurityDiskLabel,
 
     .domainSetSecurityDaemonSocketLabel = virSecuritySELinuxSetSecurityDaemonSocketLabel,
     .domainSetSecuritySocketLabel       = virSecuritySELinuxSetSecuritySocketLabel,

diff --git a/src/security/security_stack.c b/src/security/security_stack.c
index 63b27206d6d41145c90d9a148a09a87202b30d10..7f210b2a4a642f6b3c60b1753f549c3958bee3b9 100644 (file)
--- a/src/security/security_stack.c
+++ b/src/security/security_stack.c
@@ -240,16 +240,16 @@ virSecurityStackSetSecurityDiskLabel(virSecurityManagerPtr mgr,
 
 
 static int
-virSecurityStackRestoreSecurityImageLabel(virSecurityManagerPtr mgr,
-                                          virDomainDefPtr vm,
-                                          virDomainDiskDefPtr disk)
+virSecurityStackRestoreSecurityDiskLabel(virSecurityManagerPtr mgr,
+                                         virDomainDefPtr vm,
+                                         virDomainDiskDefPtr disk)
 {
     virSecurityStackDataPtr priv = virSecurityManagerGetPrivateData(mgr);
     virSecurityStackItemPtr item = priv->itemsHead;
     int rc = 0;
 
     for (; item; item = item->next) {
-        if (virSecurityManagerRestoreImageLabel(item->securityManager, vm, disk) < 0)
+        if (virSecurityManagerRestoreDiskLabel(item->securityManager, vm, disk) < 0)
             rc = -1;
     }
 
@@ -579,7 +579,7 @@ virSecurityDriver virSecurityDriverStack = {
     .domainSecurityVerify               = virSecurityStackVerify,
 
     .domainSetSecurityDiskLabel         = virSecurityStackSetSecurityDiskLabel,
-    .domainRestoreSecurityImageLabel    = virSecurityStackRestoreSecurityImageLabel,
+    .domainRestoreSecurityDiskLabel     = virSecurityStackRestoreSecurityDiskLabel,
 
     .domainSetSecurityDaemonSocketLabel = virSecurityStackSetDaemonSocketLabel,
     .domainSetSecuritySocketLabel       = virSecurityStackSetSocketLabel,