apparmor: refactor AppArmorSetSecurityImageLabel

A lot of the code in AppArmorSetSecurityImageLabel is a duplicate of what is in reload_profile, this refactors AppArmorSetSecurityImageLabel to use reload_profile instead. Reviewed-by: N Cole Robinson <crobinso@redhat.com> Acked-by: N Jamie Strandboge <jamie@canonical.com> Signed-off-by: N Christian Ehrhardt <christian.ehrhardt@canonical.com>

apparmor: refactor AppArmorSetSecurityImageLabel
A lot of the code in AppArmorSetSecurityImageLabel is a duplicate of what is in reload_profile, this refactors AppArmorSetSecurityImageLabel to use reload_profile instead. Reviewed-by: N Cole Robinson <crobinso@redhat.com> Acked-by: N Jamie Strandboge <jamie@canonical.com> Signed-off-by: N Christian Ehrhardt <christian.ehrhardt@canonical.com>
9714f270 · Christian Ehrhardt · 70cf0af7 · 9714f270
隐藏空白更改
内联并排

Showing with 9 addition and 29 deletion

src/security/security_apparmor.c src/security/security_apparmor.c +9 -29

未找到文件。
--- a/src/security/security_apparmor.c
+++ b/src/security/security_apparmor.c
@@ -778,8 +778,6 @@ AppArmorSetSecurityImageLabel(virSecurityManagerPtr mgr,
                              virStorageSourcePtr src,
                              virSecurityDomainImageLabelFlags flags G_GNUC_UNUSED)
 {
-    int rc = -1;
-    char *profile_name = NULL;
    virSecurityLabelDefPtr secdef;
    if (!src->path || !virStorageSourceIsLocalStorage(src))
@@ -789,36 +787,18 @@ AppArmorSetSecurityImageLabel(virSecurityManagerPtr mgr,
    if (!secdef || !secdef->relabel)
        return 0;
-    if (secdef->imagelabel) {
+    if (!secdef->imagelabel)
-        /* if the device doesn't exist, error out */
+        return 0;
-        if (!virFileExists(src->path)) {
-            virReportError(VIR_ERR_INTERNAL_ERROR,
-                           _("\'%s\' does not exist"),
-                           src->path);
-            return -1;
-        }
-        if ((profile_name = get_profile_name(def)) == NULL)
-            return -1;
-        /* update the profile only if it is loaded */
+    /* if the device doesn't exist, error out */
-        if (profile_loaded(secdef->imagelabel) >= 0) {
+    if (!virFileExists(src->path)) {
-            if (load_profile(mgr, secdef->imagelabel, def,
+        virReportError(VIR_ERR_INTERNAL_ERROR,
-                             src->path, false) < 0) {
+                       _("\'%s\' does not exist"),
-                virReportError(VIR_ERR_INTERNAL_ERROR,
+                       src->path);
-                               _("cannot update AppArmor profile "
+        return -1;
-                                 "\'%s\'"),
-                               secdef->imagelabel);
-                goto cleanup;
-            }
-        }
    }
-    rc = 0;
- cleanup:
+    return reload_profile(mgr, def, src->path, false);
-    VIR_FREE(profile_name);
-    return rc;
 }
 static int