]> xenbits.xensource.com Git - libvirt.git/commitdiff
projects / libvirt.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 4c3e83c)
qemu: Use qemuSecurityDomainSetPathLabel() to set seclabes on not saved state files
authorMichal Privoznik <mprivozn@redhat.com>
Wed, 17 Jun 2020 09:01:05 +0000 (11:01 +0200)
committerMichal Privoznik <mprivozn@redhat.com>
Thu, 18 Jun 2020 11:45:08 +0000 (13:45 +0200)
There are two places within qemu driver that misuse
qemuSecuritySetSavedStateLabel() to set seclabels on tempfiles
that are not state files: qemuDomainScreenshot() and
qemuDomainMemoryPeek(). They are doing so because of lack of
qemuSecurityDomainSetPathLabel() at the time of their
introduction.

In all three secdrivers (well, four if you count NOP driver) the
implementation of .domainSetSavedStateLabel and
.domainSetPathLabel callbacks is the same anyway.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
src/qemu/qemu_driver.c patch | blob | blame | history

diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index 0424f0785f9eb0e5c722f64ca7a7bc9dc3a96b56..20444eb1577be696a8d82d0a43e099409f2eb5c5 100644 (file)
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -4064,7 +4064,7 @@ qemuDomainScreenshot(virDomainPtr dom,
     }
     unlink_tmp = true;
 
-    qemuSecuritySetSavedStateLabel(driver, vm, tmp);
+    qemuSecurityDomainSetPathLabel(driver, vm, tmp, false);
 
     qemuDomainObjEnterMonitor(driver, vm);
     if (qemuMonitorScreendump(priv->mon, videoAlias, screen, tmp) < 0) {
@@ -11671,7 +11671,7 @@ qemuDomainMemoryPeek(virDomainPtr dom,
         goto endjob;
     }
 
-    qemuSecuritySetSavedStateLabel(driver, vm, tmp);
+    qemuSecurityDomainSetPathLabel(driver, vm, tmp, false);
 
     priv = vm->privateData;
     qemuDomainObjEnterMonitor(driver, vm);
Unnamed repository; edit this file 'description' to name the repository.