提交 a36d3b88 编写于 作者: C Cole Robinson

security: selinux: Add is_toplevel to SetImageLabelInternal

This will simplify future patches and make the logic easier to follow
Reviewed-by: NDaniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: NMichal Privoznik <mprivozn@redhat.com>
Signed-off-by: NCole Robinson <crobinso@redhat.com>
上级 65181d41
......@@ -1826,6 +1826,7 @@ virSecuritySELinuxSetImageLabelInternal(virSecurityManagerPtr mgr,
virSecurityDeviceLabelDefPtr parent_seclabel = NULL;
char *use_label = NULL;
bool remember;
bool is_toplevel = parent == src;
int ret;
if (!src->path || !virStorageSourceIsLocalStorage(src))
......@@ -1847,7 +1848,7 @@ virSecuritySELinuxSetImageLabelInternal(virSecurityManagerPtr mgr,
* but the top layer, or read only image, or disk explicitly
* marked as shared.
*/
remember = src == parent && !src->readonly && !src->shared;
remember = is_toplevel && !src->readonly && !src->shared;
disk_seclabel = virStorageSourceGetSecurityLabelDef(src,
SECURITY_SELINUX_NAME);
......@@ -1864,7 +1865,7 @@ virSecuritySELinuxSetImageLabelInternal(virSecurityManagerPtr mgr,
return 0;
use_label = parent_seclabel->label;
} else if (parent == src) {
} else if (is_toplevel) {
if (src->shared) {
use_label = data->file_context;
} else if (src->readonly) {
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册