From: Eric Blake Date: Tue, 18 Mar 2014 19:55:04 +0000 (-0600) Subject: conf: use disk source accessors in security/ X-Git-Url: http://xenbits.xensource.com/gitweb?a=commitdiff_plain;h=2aad0ebe2d4d3fa52039fa87f0a11de19e5f0133;p=people%2Fliuw%2Flibxenctrl-split%2Flibvirt.git conf: use disk source accessors in security/ Part of a series of cleanups to use new accessor methods. * src/security/security_dac.c (virSecurityDACSetSecurityImageLabel) (virSecurityDACRestoreSecurityImageLabelInt) (virSecurityDACSetSecurityAllLabel): Use accessors. * src/security/security_selinux.c (virSecuritySELinuxRestoreSecurityImageLabelInt) (virSecuritySELinuxSetSecurityImageLabel) (virSecuritySELinuxSetSecurityAllLabel): Likewise. Signed-off-by: Eric Blake --- diff --git a/src/security/security_dac.c b/src/security/security_dac.c index 9f4506308..0bd36b78b 100644 --- a/src/security/security_dac.c +++ b/src/security/security_dac.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2010-2013 Red Hat, Inc. + * Copyright (C) 2010-2014 Red Hat, Inc. * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU Lesser General Public @@ -355,7 +355,7 @@ virSecurityDACSetSecurityImageLabel(virSecurityManagerPtr mgr, if (!priv->dynamicOwnership) return 0; - if (disk->type == VIR_DOMAIN_DISK_TYPE_NETWORK) + if (virDomainDiskGetType(disk) == VIR_DOMAIN_DISK_TYPE_NETWORK) return 0; params[0] = mgr; @@ -374,11 +374,12 @@ virSecurityDACRestoreSecurityImageLabelInt(virSecurityManagerPtr mgr, int migrated) { virSecurityDACDataPtr priv = virSecurityManagerGetPrivateData(mgr); + const char *src = virDomainDiskGetSource(disk); if (!priv->dynamicOwnership) return 0; - if (disk->type == VIR_DOMAIN_DISK_TYPE_NETWORK) + if (virDomainDiskGetType(disk) == VIR_DOMAIN_DISK_TYPE_NETWORK) return 0; /* Don't restore labels on readoly/shared disks, because @@ -392,7 +393,7 @@ virSecurityDACRestoreSecurityImageLabelInt(virSecurityManagerPtr mgr, if (disk->readonly || disk->shared) return 0; - if (!disk->src) + if (!src) return 0; /* If we have a shared FS & doing migrated, we must not @@ -401,17 +402,17 @@ virSecurityDACRestoreSecurityImageLabelInt(virSecurityManagerPtr mgr, * VM's I/O attempts :-) */ if (migrated) { - int rc = virStorageFileIsSharedFS(disk->src); + int rc = virStorageFileIsSharedFS(src); if (rc < 0) return -1; if (rc == 1) { VIR_DEBUG("Skipping image label restore on %s because FS is shared", - disk->src); + src); return 0; } } - return virSecurityDACRestoreSecurityFileLabel(disk->src); + return virSecurityDACRestoreSecurityFileLabel(src); } @@ -904,7 +905,7 @@ virSecurityDACSetSecurityAllLabel(virSecurityManagerPtr mgr, for (i = 0; i < def->ndisks; i++) { /* XXX fixme - we need to recursively label the entire tree :-( */ - if (def->disks[i]->type == VIR_DOMAIN_DISK_TYPE_DIR) + if (virDomainDiskGetType(def->disks[i]) == VIR_DOMAIN_DISK_TYPE_DIR) continue; if (virSecurityDACSetSecurityImageLabel(mgr, def, diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c index 5f46bef71..489cfcaeb 100644 --- a/src/security/security_selinux.c +++ b/src/security/security_selinux.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2008-2013 Red Hat, Inc. + * Copyright (C) 2008-2014 Red Hat, Inc. * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU Lesser General Public @@ -1133,6 +1133,7 @@ virSecuritySELinuxRestoreSecurityImageLabelInt(virSecurityManagerPtr mgr, { virSecurityLabelDefPtr seclabel; virSecurityDeviceLabelDefPtr disk_seclabel; + const char *src = virDomainDiskGetSource(disk); seclabel = virDomainDefGetSecurityLabelDef(def, SECURITY_SELINUX_NAME); if (seclabel == NULL) @@ -1162,7 +1163,7 @@ virSecuritySELinuxRestoreSecurityImageLabelInt(virSecurityManagerPtr mgr, if (disk->readonly || disk->shared) return 0; - if (!disk->src || disk->type == VIR_DOMAIN_DISK_TYPE_NETWORK) + if (!src || virDomainDiskGetType(disk) == VIR_DOMAIN_DISK_TYPE_NETWORK) return 0; /* If we have a shared FS & doing migrated, we must not @@ -1171,17 +1172,17 @@ virSecuritySELinuxRestoreSecurityImageLabelInt(virSecurityManagerPtr mgr, * VM's I/O attempts :-) */ if (migrated) { - int rc = virStorageFileIsSharedFS(disk->src); + int rc = virStorageFileIsSharedFS(src); if (rc < 0) return -1; if (rc == 1) { VIR_DEBUG("Skipping image label restore on %s because FS is shared", - disk->src); + src); return 0; } } - return virSecuritySELinuxRestoreSecurityFileLabel(mgr, disk->src); + return virSecuritySELinuxRestoreSecurityFileLabel(mgr, src); } @@ -1262,7 +1263,7 @@ virSecuritySELinuxSetSecurityImageLabel(virSecurityManagerPtr mgr, if (cbdata.secdef->norelabel) return 0; - if (disk->type == VIR_DOMAIN_DISK_TYPE_NETWORK) + if (virDomainDiskGetType(disk) == VIR_DOMAIN_DISK_TYPE_NETWORK) return 0; return virDomainDiskDefForeachPath(disk, @@ -2271,9 +2272,10 @@ virSecuritySELinuxSetSecurityAllLabel(virSecurityManagerPtr mgr, for (i = 0; i < def->ndisks; i++) { /* XXX fixme - we need to recursively label the entire tree :-( */ - if (def->disks[i]->type == VIR_DOMAIN_DISK_TYPE_DIR) { + if (virDomainDiskGetType(def->disks[i]) == VIR_DOMAIN_DISK_TYPE_DIR) { VIR_WARN("Unable to relabel directory tree %s for disk %s", - def->disks[i]->src, def->disks[i]->dst); + virDomainDiskGetSource(def->disks[i]), + def->disks[i]->dst); continue; } if (virSecuritySELinuxSetSecurityImageLabel(mgr,