if ((profile_name = get_profile_name(def)) == NULL)
return rc;
- secdef->label = strndup(profile_name, strlen(profile_name));
- if (!secdef->label) {
- virReportOOMError();
+ if (VIR_STRDUP(secdef->label, profile_name) < 0)
goto cleanup;
- }
/* set imagelabel the same as label (but we won't use it) */
- secdef->imagelabel = strndup(profile_name,
- strlen(profile_name));
- if (!secdef->imagelabel) {
- virReportOOMError();
+ if (VIR_STRDUP(secdef->imagelabel, profile_name) < 0)
goto err;
- }
- if (!secdef->model && !(secdef->model = strdup(SECURITY_APPARMOR_NAME))) {
- virReportOOMError();
+ if (!secdef->model && VIR_STRDUP(secdef->model, SECURITY_APPARMOR_NAME) < 0)
goto err;
- }
/* Now that we have a label, load the profile into the kernel. */
if (load_profile(mgr, secdef->label, def, NULL, false) < 0) {
{
char *opts;
- if (!(opts = strdup(""))) {
- virReportOOMError();
- return NULL;
- }
+ ignore_value(VIR_STRDUP(opts, ""));
return opts;
}
char *owner = NULL;
char *group = NULL;
- tmp_label = strdup(label);
- if (tmp_label == NULL) {
- virReportOOMError();
+ if (VIR_STRDUP(tmp_label, label) < 0)
goto cleanup;
- }
/* Split label */
sep = strchr(tmp_label, ':');
return rc;
}
- if (!seclabel->norelabel) {
- if (seclabel->imagelabel == NULL && seclabel->label != NULL) {
- seclabel->imagelabel = strdup(seclabel->label);
- if (seclabel->imagelabel == NULL) {
- virReportError(VIR_ERR_INTERNAL_ERROR,
- _("cannot generate dac user and group id "
- "for domain %s"), def->name);
- VIR_FREE(seclabel->label);
- seclabel->label = NULL;
- return rc;
- }
- }
+ if (!seclabel->norelabel && !seclabel->imagelabel &&
+ VIR_STRDUP(seclabel->imagelabel, seclabel->label) < 0) {
+ VIR_FREE(seclabel->label);
+ return rc;
}
return 0;
goto cleanup;
}
- if (!(*sens = strdup(context_range_get(ourContext)))) {
- virReportOOMError();
+ if (VIR_STRDUP(*sens, context_range_get(ourContext)) < 0)
goto cleanup;
- }
/* Find and blank out the category part (if any) */
tmp = strchr(*sens, ':');
goto cleanup;
}
- if (!(ret = strdup(str))) {
- virReportOOMError();
- goto cleanup;
- }
+ ignore_value(VIR_STRDUP(ret, str));
cleanup:
if (srccon) context_free(srccon);
_("Unable to format SELinux context"));
goto cleanup;
}
- if (!(ret = strdup(str))) {
- virReportOOMError();
+ if (VIR_STRDUP(ret, str) < 0)
goto cleanup;
- }
VIR_DEBUG("Generated context '%s'", ret);
cleanup:
freecon(ourSecContext);
goto error;
}
- data->domain_context = strdup(scon->str);
- data->file_context = strdup(tcon->str);
- data->content_context = strdup(dcon->str);
- if (!data->domain_context ||
- !data->file_context ||
- !data->content_context) {
- virReportSystemError(errno,
- _("cannot allocate memory for LXC SELinux contexts '%s'"),
- selinux_lxc_contexts_path());
+ if (VIR_STRDUP(data->domain_context, scon->str) < 0 ||
+ VIR_STRDUP(data->file_context, tcon->str) < 0 ||
+ VIR_STRDUP(data->content_context, dcon->str) < 0)
goto error;
- }
if (!(data->mcs = virHashCreate(10, NULL)))
goto error;
*ptr = '\0';
ptr++;
if (*ptr != '\0') {
- data->alt_domain_context = strdup(ptr);
- if (!data->alt_domain_context) {
- virReportOOMError();
+ if (VIR_STRDUP(data->alt_domain_context, ptr) < 0)
goto error;
- }
ptr = strchrnul(data->alt_domain_context, '\n');
if (ptr && *ptr == '\n')
*ptr = '\0';
ptr = strchrnul(data->file_context, '\n');
if (ptr && *ptr == '\n') {
*ptr = '\0';
- data->content_context = strdup(ptr+1);
- if (!data->content_context) {
- virReportOOMError();
+ if (VIR_STRDUP(data->content_context, ptr + 1) < 0)
goto error;
- }
ptr = strchrnul(data->content_context, '\n');
if (ptr && *ptr == '\n')
*ptr = '\0';
}
range = context_range_get(ctx);
- if (!range ||
- !(mcs = strdup(range))) {
+ if (!range) {
virReportOOMError();
goto cleanup;
}
+ if (VIR_STRDUP(mcs, range) < 0)
+ goto cleanup;
break;
case VIR_DOMAIN_SECLABEL_DYNAMIC:
}
if (!seclabel->model &&
- !(seclabel->model = strdup(SECURITY_SELINUX_NAME))) {
- virReportOOMError();
+ VIR_STRDUP(seclabel->model, SECURITY_SELINUX_NAME) < 0)
goto cleanup;
- }
rc = 0;
return -1;
}
} else {
- if (!(path = strdup(dev->source.caps.u.storage.block))) {
- virReportOOMError();
+ if (VIR_STRDUP(path, dev->source.caps.u.storage.block) < 0)
return -1;
- }
}
ret = virSecuritySELinuxSetFilecon(path, secdef->imagelabel);
VIR_FREE(path);
return -1;
}
} else {
- if (!(path = strdup(dev->source.caps.u.misc.chardev))) {
- virReportOOMError();
+ if (VIR_STRDUP(path, dev->source.caps.u.misc.chardev) < 0)
return -1;
- }
}
ret = virSecuritySELinuxSetFilecon(path, secdef->imagelabel);
VIR_FREE(path);
return -1;
}
} else {
- if (!(path = strdup(dev->source.caps.u.storage.block))) {
- virReportOOMError();
+ if (VIR_STRDUP(path, dev->source.caps.u.storage.block) < 0)
return -1;
- }
}
ret = virSecuritySELinuxRestoreSecurityFileLabel(mgr, path);
VIR_FREE(path);
return -1;
}
} else {
- if (!(path = strdup(dev->source.caps.u.misc.chardev))) {
- virReportOOMError();
+ if (VIR_STRDUP(path, dev->source.caps.u.misc.chardev) < 0)
return -1;
- }
}
ret = virSecuritySELinuxRestoreSecurityFileLabel(mgr, path);
VIR_FREE(path);
const char *range;
context_t ctx = NULL;
char *label = NULL;
- const char *mcs = NULL;
+ char *mcs = NULL;
secdef = virDomainDefGetSecurityLabelDef(def, SECURITY_SELINUX_NAME);
if (secdef == NULL)
}
range = context_range_get(ctx);
if (range) {
- mcs = strdup(range);
- if (!mcs) {
- virReportOOMError();
+ if (VIR_STRDUP(mcs, range) < 0)
goto cleanup;
- }
if (!(label = virSecuritySELinuxGenNewContext(data->file_context,
mcs, true)))
goto cleanup;
}
cleanup:
- context_free(ctx);
- VIR_FREE(mcs);
- return label;
+ context_free(ctx);
+ VIR_FREE(mcs);
+ return label;
}
static char *
}
}
- if (!opts &&
- !(opts = strdup(""))) {
- virReportOOMError();
+ if (!opts && VIR_STRDUP(opts, "") < 0)
return NULL;
- }
VIR_DEBUG("imageLabel=%s opts=%s",
secdef ? secdef->imagelabel : "(null)", opts);
projects / libvirt.git / commitdiff