Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
openeuler
libvirt
提交
aaa42912
L
libvirt
项目概览
openeuler
/
libvirt
通知
3
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
L
libvirt
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
aaa42912
编写于
5月 03, 2013
作者:
M
Michal Privoznik
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Adapt to VIR_STRDUP and VIR_STRNDUP in src/security/*
上级
16251193
变更
5
隐藏空白更改
内联
并排
Showing
5 changed file
with
35 addition
and
96 deletion
+35
-96
src/security/security_apparmor.c
src/security/security_apparmor.c
+4
-16
src/security/security_dac.c
src/security/security_dac.c
+5
-16
src/security/security_nop.c
src/security/security_nop.c
+2
-5
src/security/security_selinux.c
src/security/security_selinux.c
+22
-57
src/security/virt-aa-helper.c
src/security/virt-aa-helper.c
+2
-2
未找到文件。
src/security/security_apparmor.c
浏览文件 @
aaa42912
...
...
@@ -445,24 +445,15 @@ AppArmorGenSecurityLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
if
((
profile_name
=
get_profile_name
(
def
))
==
NULL
)
return
rc
;
secdef
->
label
=
strndup
(
profile_name
,
strlen
(
profile_name
));
if
(
!
secdef
->
label
)
{
virReportOOMError
();
if
(
VIR_STRDUP
(
secdef
->
label
,
profile_name
)
<
0
)
goto
cleanup
;
}
/* set imagelabel the same as label (but we won't use it) */
secdef
->
imagelabel
=
strndup
(
profile_name
,
strlen
(
profile_name
));
if
(
!
secdef
->
imagelabel
)
{
virReportOOMError
();
if
(
VIR_STRDUP
(
secdef
->
imagelabel
,
profile_name
)
<
0
)
goto
err
;
}
if
(
!
secdef
->
model
&&
!
(
secdef
->
model
=
strdup
(
SECURITY_APPARMOR_NAME
)))
{
virReportOOMError
();
if
(
!
secdef
->
model
&&
VIR_STRDUP
(
secdef
->
model
,
SECURITY_APPARMOR_NAME
)
<
0
)
goto
err
;
}
/* Now that we have a label, load the profile into the kernel. */
if
(
load_profile
(
mgr
,
secdef
->
label
,
def
,
NULL
,
false
)
<
0
)
{
...
...
@@ -949,10 +940,7 @@ AppArmorGetMountOptions(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
{
char
*
opts
;
if
(
!
(
opts
=
strdup
(
""
)))
{
virReportOOMError
();
return
NULL
;
}
ignore_value
(
VIR_STRDUP
(
opts
,
""
));
return
opts
;
}
...
...
src/security/security_dac.c
浏览文件 @
aaa42912
...
...
@@ -78,11 +78,8 @@ int parseIds(const char *label, uid_t *uidPtr, gid_t *gidPtr)
char
*
owner
=
NULL
;
char
*
group
=
NULL
;
tmp_label
=
strdup
(
label
);
if
(
tmp_label
==
NULL
)
{
virReportOOMError
();
if
(
VIR_STRDUP
(
tmp_label
,
label
)
<
0
)
goto
cleanup
;
}
/* Split label */
sep
=
strchr
(
tmp_label
,
':'
);
...
...
@@ -1104,18 +1101,10 @@ virSecurityDACGenLabel(virSecurityManagerPtr mgr,
return
rc
;
}
if
(
!
seclabel
->
norelabel
)
{
if
(
seclabel
->
imagelabel
==
NULL
&&
seclabel
->
label
!=
NULL
)
{
seclabel
->
imagelabel
=
strdup
(
seclabel
->
label
);
if
(
seclabel
->
imagelabel
==
NULL
)
{
virReportError
(
VIR_ERR_INTERNAL_ERROR
,
_
(
"cannot generate dac user and group id "
"for domain %s"
),
def
->
name
);
VIR_FREE
(
seclabel
->
label
);
seclabel
->
label
=
NULL
;
return
rc
;
}
}
if
(
!
seclabel
->
norelabel
&&
!
seclabel
->
imagelabel
&&
VIR_STRDUP
(
seclabel
->
imagelabel
,
seclabel
->
label
)
<
0
)
{
VIR_FREE
(
seclabel
->
label
);
return
rc
;
}
return
0
;
...
...
src/security/security_nop.c
浏览文件 @
aaa42912
...
...
@@ -20,7 +20,7 @@
#include <config.h>
#include "security_nop.h"
#include "virstring.h"
#include "virerror.h"
#define VIR_FROM_THIS VIR_FROM_SECURITY
...
...
@@ -182,10 +182,7 @@ static char *virSecurityDomainGetMountOptionsNop(virSecurityManagerPtr mgr ATTRI
{
char
*
opts
;
if
(
!
(
opts
=
strdup
(
""
)))
{
virReportOOMError
();
return
NULL
;
}
ignore_value
(
VIR_STRDUP
(
opts
,
""
));
return
opts
;
}
...
...
src/security/security_selinux.c
浏览文件 @
aaa42912
...
...
@@ -203,10 +203,8 @@ virSecuritySELinuxMCSGetProcessRange(char **sens,
goto
cleanup
;
}
if
(
!
(
*
sens
=
strdup
(
context_range_get
(
ourContext
))))
{
virReportOOMError
();
if
(
VIR_STRDUP
(
*
sens
,
context_range_get
(
ourContext
))
<
0
)
goto
cleanup
;
}
/* Find and blank out the category part (if any) */
tmp
=
strchr
(
*
sens
,
':'
);
...
...
@@ -313,10 +311,7 @@ virSecuritySELinuxContextAddRange(security_context_t src,
goto
cleanup
;
}
if
(
!
(
ret
=
strdup
(
str
)))
{
virReportOOMError
();
goto
cleanup
;
}
ignore_value
(
VIR_STRDUP
(
ret
,
str
));
cleanup:
if
(
srccon
)
context_free
(
srccon
);
...
...
@@ -386,10 +381,8 @@ virSecuritySELinuxGenNewContext(const char *basecontext,
_
(
"Unable to format SELinux context"
));
goto
cleanup
;
}
if
(
!
(
ret
=
strdup
(
str
)))
{
virReportOOMError
();
if
(
VIR_STRDUP
(
ret
,
str
)
<
0
)
goto
cleanup
;
}
VIR_DEBUG
(
"Generated context '%s'"
,
ret
);
cleanup:
freecon
(
ourSecContext
);
...
...
@@ -452,17 +445,10 @@ virSecuritySELinuxLXCInitialize(virSecurityManagerPtr mgr)
goto
error
;
}
data
->
domain_context
=
strdup
(
scon
->
str
);
data
->
file_context
=
strdup
(
tcon
->
str
);
data
->
content_context
=
strdup
(
dcon
->
str
);
if
(
!
data
->
domain_context
||
!
data
->
file_context
||
!
data
->
content_context
)
{
virReportSystemError
(
errno
,
_
(
"cannot allocate memory for LXC SELinux contexts '%s'"
),
selinux_lxc_contexts_path
());
if
(
VIR_STRDUP
(
data
->
domain_context
,
scon
->
str
)
<
0
||
VIR_STRDUP
(
data
->
file_context
,
tcon
->
str
)
<
0
||
VIR_STRDUP
(
data
->
content_context
,
dcon
->
str
)
<
0
)
goto
error
;
}
if
(
!
(
data
->
mcs
=
virHashCreate
(
10
,
NULL
)))
goto
error
;
...
...
@@ -521,11 +507,8 @@ virSecuritySELinuxQEMUInitialize(virSecurityManagerPtr mgr)
*
ptr
=
'\0'
;
ptr
++
;
if
(
*
ptr
!=
'\0'
)
{
data
->
alt_domain_context
=
strdup
(
ptr
);
if
(
!
data
->
alt_domain_context
)
{
virReportOOMError
();
if
(
VIR_STRDUP
(
data
->
alt_domain_context
,
ptr
)
<
0
)
goto
error
;
}
ptr
=
strchrnul
(
data
->
alt_domain_context
,
'\n'
);
if
(
ptr
&&
*
ptr
==
'\n'
)
*
ptr
=
'\0'
;
...
...
@@ -545,11 +528,8 @@ virSecuritySELinuxQEMUInitialize(virSecurityManagerPtr mgr)
ptr
=
strchrnul
(
data
->
file_context
,
'\n'
);
if
(
ptr
&&
*
ptr
==
'\n'
)
{
*
ptr
=
'\0'
;
data
->
content_context
=
strdup
(
ptr
+
1
);
if
(
!
data
->
content_context
)
{
virReportOOMError
();
if
(
VIR_STRDUP
(
data
->
content_context
,
ptr
+
1
)
<
0
)
goto
error
;
}
ptr
=
strchrnul
(
data
->
content_context
,
'\n'
);
if
(
ptr
&&
*
ptr
==
'\n'
)
*
ptr
=
'\0'
;
...
...
@@ -644,11 +624,12 @@ virSecuritySELinuxGenSecurityLabel(virSecurityManagerPtr mgr,
}
range
=
context_range_get
(
ctx
);
if
(
!
range
||
!
(
mcs
=
strdup
(
range
)))
{
if
(
!
range
)
{
virReportOOMError
();
goto
cleanup
;
}
if
(
VIR_STRDUP
(
mcs
,
range
)
<
0
)
goto
cleanup
;
break
;
case
VIR_DOMAIN_SECLABEL_DYNAMIC
:
...
...
@@ -712,10 +693,8 @@ virSecuritySELinuxGenSecurityLabel(virSecurityManagerPtr mgr,
}
if
(
!
seclabel
->
model
&&
!
(
seclabel
->
model
=
strdup
(
SECURITY_SELINUX_NAME
)))
{
virReportOOMError
();
VIR_STRDUP
(
seclabel
->
model
,
SECURITY_SELINUX_NAME
)
<
0
)
goto
cleanup
;
}
rc
=
0
;
...
...
@@ -1413,10 +1392,8 @@ virSecuritySELinuxSetSecurityHostdevCapsLabel(virDomainDefPtr def,
return
-
1
;
}
}
else
{
if
(
!
(
path
=
strdup
(
dev
->
source
.
caps
.
u
.
storage
.
block
)))
{
virReportOOMError
();
if
(
VIR_STRDUP
(
path
,
dev
->
source
.
caps
.
u
.
storage
.
block
)
<
0
)
return
-
1
;
}
}
ret
=
virSecuritySELinuxSetFilecon
(
path
,
secdef
->
imagelabel
);
VIR_FREE
(
path
);
...
...
@@ -1431,10 +1408,8 @@ virSecuritySELinuxSetSecurityHostdevCapsLabel(virDomainDefPtr def,
return
-
1
;
}
}
else
{
if
(
!
(
path
=
strdup
(
dev
->
source
.
caps
.
u
.
misc
.
chardev
)))
{
virReportOOMError
();
if
(
VIR_STRDUP
(
path
,
dev
->
source
.
caps
.
u
.
misc
.
chardev
)
<
0
)
return
-
1
;
}
}
ret
=
virSecuritySELinuxSetFilecon
(
path
,
secdef
->
imagelabel
);
VIR_FREE
(
path
);
...
...
@@ -1607,10 +1582,8 @@ virSecuritySELinuxRestoreSecurityHostdevCapsLabel(virSecurityManagerPtr mgr,
return
-
1
;
}
}
else
{
if
(
!
(
path
=
strdup
(
dev
->
source
.
caps
.
u
.
storage
.
block
)))
{
virReportOOMError
();
if
(
VIR_STRDUP
(
path
,
dev
->
source
.
caps
.
u
.
storage
.
block
)
<
0
)
return
-
1
;
}
}
ret
=
virSecuritySELinuxRestoreSecurityFileLabel
(
mgr
,
path
);
VIR_FREE
(
path
);
...
...
@@ -1625,10 +1598,8 @@ virSecuritySELinuxRestoreSecurityHostdevCapsLabel(virSecurityManagerPtr mgr,
return
-
1
;
}
}
else
{
if
(
!
(
path
=
strdup
(
dev
->
source
.
caps
.
u
.
misc
.
chardev
)))
{
virReportOOMError
();
if
(
VIR_STRDUP
(
path
,
dev
->
source
.
caps
.
u
.
misc
.
chardev
)
<
0
)
return
-
1
;
}
}
ret
=
virSecuritySELinuxRestoreSecurityFileLabel
(
mgr
,
path
);
VIR_FREE
(
path
);
...
...
@@ -2414,7 +2385,7 @@ virSecuritySELinuxGenImageLabel(virSecurityManagerPtr mgr,
const
char
*
range
;
context_t
ctx
=
NULL
;
char
*
label
=
NULL
;
c
onst
c
har
*
mcs
=
NULL
;
char
*
mcs
=
NULL
;
secdef
=
virDomainDefGetSecurityLabelDef
(
def
,
SECURITY_SELINUX_NAME
);
if
(
secdef
==
NULL
)
...
...
@@ -2428,11 +2399,8 @@ virSecuritySELinuxGenImageLabel(virSecurityManagerPtr mgr,
}
range
=
context_range_get
(
ctx
);
if
(
range
)
{
mcs
=
strdup
(
range
);
if
(
!
mcs
)
{
virReportOOMError
();
if
(
VIR_STRDUP
(
mcs
,
range
)
<
0
)
goto
cleanup
;
}
if
(
!
(
label
=
virSecuritySELinuxGenNewContext
(
data
->
file_context
,
mcs
,
true
)))
goto
cleanup
;
...
...
@@ -2440,9 +2408,9 @@ virSecuritySELinuxGenImageLabel(virSecurityManagerPtr mgr,
}
cleanup:
context_free
(
ctx
);
VIR_FREE
(
mcs
);
return
label
;
context_free
(
ctx
);
VIR_FREE
(
mcs
);
return
label
;
}
static
char
*
...
...
@@ -2465,11 +2433,8 @@ virSecuritySELinuxGetSecurityMountOptions(virSecurityManagerPtr mgr,
}
}
if
(
!
opts
&&
!
(
opts
=
strdup
(
""
)))
{
virReportOOMError
();
if
(
!
opts
&&
VIR_STRDUP
(
opts
,
""
)
<
0
)
return
NULL
;
}
VIR_DEBUG
(
"imageLabel=%s opts=%s"
,
secdef
?
secdef
->
imagelabel
:
"(null)"
,
opts
);
...
...
src/security/virt-aa-helper.c
浏览文件 @
aaa42912
...
...
@@ -773,7 +773,7 @@ vah_add_file(virBufferPtr buf, const char *path, const char *perms)
return
rc
;
}
}
else
if
(
(
tmp
=
strdup
(
path
))
==
NULL
)
if
(
VIR_STRDUP_QUIET
(
tmp
,
path
)
<
0
)
return
rc
;
if
(
strchr
(
perms
,
'w'
)
!=
NULL
)
...
...
@@ -1103,7 +1103,7 @@ vahParseArgv(vahControl * ctl, int argc, char **argv)
break
;
case
'f'
:
case
'F'
:
if
(
(
ctl
->
newfile
=
strdup
(
optarg
))
==
NULL
)
if
(
VIR_STRDUP_QUIET
(
ctl
->
newfile
,
optarg
)
<
0
)
vah_error
(
ctl
,
1
,
_
(
"could not allocate memory for disk"
));
ctl
->
append
=
arg
==
'F'
;
break
;
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录