[29/30] security: selinux: break out SetImageLabelRelative

Message ID	576bd3d5f50ab3cfec37d21e1e9729258838ec7d.1570482718.git.crobinso@redhat.com
State	Accepted
Commit	dbdf150b45e5b55ee4f712184150b7296e7be55e
Headers	show Delivered-To: patch@linaro.org Received-SPF: pass (google.com: domain of libvir-list-bounces@redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; From: Cole Robinson <crobinso@redhat.com> To: libvir-list@redhat.com Date: Mon, 7 Oct 2019 17:49:43 -0400 Message-Id: <576bd3d5f50ab3cfec37d21e1e9729258838ec7d.1570482718.git.crobinso@redhat.com> In-Reply-To: <cover.1570482718.git.crobinso@redhat.com> References: <cover.1570482718.git.crobinso@redhat.com> MIME-Version: 1.0 Subject: [libvirt] [PATCH 29/30] security: selinux: break out SetImageLabelRelative Precedence: junk Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com
Series	storagefile, security: qcow2 data_file support \| expand [00/30] storagefile, security: qcow2 data_file support [01/30] storagefile: Make GetMetadataInternal static [02/30] storagefile: qcow1: Check for BACKING_STORE_OK [03/30] storagefile: qcow1: Fix check for empty backing file [04/30] storagefile: qcow1: Let qcowXGetBackingStore fill in format [05/30] storagefile: Check version to determine if qcow2 or not [06/30] storagefile: Drop now unused isQCow2 argument [07/30] storagefile: Use qcowXGetBackingStore directly [08/30] storagefile: Push 'start' into qcow2GetBackingStoreFormat [09/30] storagefile: Push extension_end calc to qcow2GetBackingStoreFormat [10/30] storagefile: Rename qcow2GetBackingStoreFormat [11/30] storagefile: Rename qcow2GetExtensions 'format' argument [12/30] storagefile: Fix backing format \0 check [13/30] storagefile: Add externalDataStoreRaw member [14/30] storagefile: Parse qcow2 external data file [15/30] storagefile: Fill in meta->externalDataStoreRaw [16/30] storagefile: Don't access backingStoreRaw directly in FromBackingRelative [17/30] storagefile: Split out virStorageSourceNewFromChild [18/30] storagefile: Add externalDataStore member [19/30] storagefile: Fill in meta->externalDataStore [20/30] security: dac: Drop !parent handling in SetImageLabelInternal [21/30] security: dac: Add is_toplevel to SetImageLabelInternal [22/30] security: dac: Restore image label for externalDataStore [23/30] security: dac: break out SetImageLabelRelative [24/30] security: dac: Label externalDataStore [25/30] security: selinux: Simplify SetImageLabelInternal [26/30] security: selinux: Drop !parent handling in SetImageLabelInternal [27/30] security: selinux: Add is_toplevel to SetImageLabelInternal [28/30] security: selinux: Restore image label for externalDataStore [29/30] security: selinux: break out SetImageLabelRelative [30/30] security: selinux: Label externalDataStore

Message ID

576bd3d5f50ab3cfec37d21e1e9729258838ec7d.1570482718.git.crobinso@redhat.com

State

Accepted

Commit

dbdf150b45e5b55ee4f712184150b7296e7be55e

Headers

Received-SPF: pass (google.com: domain of libvir-list-bounces@redhat.com
	designates 209.132.183.28 as permitted sender)
	client-ip=209.132.183.28; 
From: Cole Robinson <crobinso@redhat.com>
To: libvir-list@redhat.com
Date: Mon,  7 Oct 2019 17:49:43 -0400
Message-Id: <576bd3d5f50ab3cfec37d21e1e9729258838ec7d.1570482718.git.crobinso@redhat.com>
In-Reply-To: <cover.1570482718.git.crobinso@redhat.com>
References: <cover.1570482718.git.crobinso@redhat.com>
MIME-Version: 1.0
Subject: [libvirt] [PATCH 29/30] security: selinux: break out
	SetImageLabelRelative
Precedence: junk
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com

Series

storagefile, security: qcow2 data_file support | expand

Commit Message

Cole Robinson Oct. 7, 2019, 9:49 p.m. UTC

This will be used for recursing into externalDataStore

Signed-off-by: Cole Robinson <crobinso@redhat.com>

---
 src/security/security_selinux.c | 20 +++++++++++++++-----
 1 file changed, 15 insertions(+), 5 deletions(-)

-- 
2.23.0

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Comments

Daniel Henrique Barboza Oct. 10, 2019, 4:09 p.m. UTC | #1

On 10/7/19 6:49 PM, Cole Robinson wrote:
> This will be used for recursing into externalDataStore

>

> Signed-off-by: Cole Robinson <crobinso@redhat.com>

> ---


Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>


>   src/security/security_selinux.c | 20 +++++++++++++++-----

>   1 file changed, 15 insertions(+), 5 deletions(-)

>

> diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c

> index c0bfb581e3..feb703d325 100644

> --- a/src/security/security_selinux.c

> +++ b/src/security/security_selinux.c

> @@ -1919,15 +1919,16 @@ virSecuritySELinuxSetImageLabelInternal(virSecurityManagerPtr mgr,

>   

>   

>   static int

> -virSecuritySELinuxSetImageLabel(virSecurityManagerPtr mgr,

> -                                virDomainDefPtr def,

> -                                virStorageSourcePtr src,

> -                                virSecurityDomainImageLabelFlags flags)

> +virSecuritySELinuxSetImageLabelRelative(virSecurityManagerPtr mgr,

> +                                        virDomainDefPtr def,

> +                                        virStorageSourcePtr src,

> +                                        virStorageSourcePtr parent,

> +                                        virSecurityDomainImageLabelFlags flags)

>   {

>       virStorageSourcePtr n;

>   

>       for (n = src; virStorageSourceIsBacking(n); n = n->backingStore) {

> -        if (virSecuritySELinuxSetImageLabelInternal(mgr, def, n, src) < 0)

> +        if (virSecuritySELinuxSetImageLabelInternal(mgr, def, n, parent) < 0)

>               return -1;

>   

>           if (!(flags & VIR_SECURITY_DOMAIN_IMAGE_LABEL_BACKING_CHAIN))

> @@ -1938,6 +1939,15 @@ virSecuritySELinuxSetImageLabel(virSecurityManagerPtr mgr,

>   }

>   

>   

> +static int

> +virSecuritySELinuxSetImageLabel(virSecurityManagerPtr mgr,

> +                                virDomainDefPtr def,

> +                                virStorageSourcePtr src,

> +                                virSecurityDomainImageLabelFlags flags)

> +{

> +    return virSecuritySELinuxSetImageLabelRelative(mgr, def, src, src, flags);

> +}

> +

>   struct virSecuritySELinuxMoveImageMetadataData {

>       virSecurityManagerPtr mgr;

>       const char *src;


--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
index c0bfb581e3..feb703d325 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -1919,15 +1919,16 @@  virSecuritySELinuxSetImageLabelInternal(virSecurityManagerPtr mgr,
 
 
 static int
-virSecuritySELinuxSetImageLabel(virSecurityManagerPtr mgr,
-                                virDomainDefPtr def,
-                                virStorageSourcePtr src,
-                                virSecurityDomainImageLabelFlags flags)
+virSecuritySELinuxSetImageLabelRelative(virSecurityManagerPtr mgr,
+                                        virDomainDefPtr def,
+                                        virStorageSourcePtr src,
+                                        virStorageSourcePtr parent,
+                                        virSecurityDomainImageLabelFlags flags)
 {
     virStorageSourcePtr n;
 
     for (n = src; virStorageSourceIsBacking(n); n = n->backingStore) {
-        if (virSecuritySELinuxSetImageLabelInternal(mgr, def, n, src) < 0)
+        if (virSecuritySELinuxSetImageLabelInternal(mgr, def, n, parent) < 0)
             return -1;
 
         if (!(flags & VIR_SECURITY_DOMAIN_IMAGE_LABEL_BACKING_CHAIN))
@@ -1938,6 +1939,15 @@  virSecuritySELinuxSetImageLabel(virSecurityManagerPtr mgr,
 }
 
 
+static int
+virSecuritySELinuxSetImageLabel(virSecurityManagerPtr mgr,
+                                virDomainDefPtr def,
+                                virStorageSourcePtr src,
+                                virSecurityDomainImageLabelFlags flags)
+{
+    return virSecuritySELinuxSetImageLabelRelative(mgr, def, src, src, flags);
+}
+
 struct virSecuritySELinuxMoveImageMetadataData {
     virSecurityManagerPtr mgr;
     const char *src;

[29/30] security: selinux: break out SetImageLabelRelative

Commit Message

Comments

Patch