提交 c8e42205 编写于 作者: P Peter Krempa

security: Rename virSecurityManagerSetImageLabel to *Disk*

I'm going to add functions that will deal with individual image files
rather than whole disks. Rename the security function to make room for
the new one.
上级 7c6dae04
...@@ -911,10 +911,10 @@ virSecurityManagerRestoreSavedStateLabel; ...@@ -911,10 +911,10 @@ virSecurityManagerRestoreSavedStateLabel;
virSecurityManagerSetAllLabel; virSecurityManagerSetAllLabel;
virSecurityManagerSetChildProcessLabel; virSecurityManagerSetChildProcessLabel;
virSecurityManagerSetDaemonSocketLabel; virSecurityManagerSetDaemonSocketLabel;
virSecurityManagerSetDiskLabel;
virSecurityManagerSetHostdevLabel; virSecurityManagerSetHostdevLabel;
virSecurityManagerSetHugepages; virSecurityManagerSetHugepages;
virSecurityManagerSetImageFDLabel; virSecurityManagerSetImageFDLabel;
virSecurityManagerSetImageLabel;
virSecurityManagerSetProcessLabel; virSecurityManagerSetProcessLabel;
virSecurityManagerSetSavedStateLabel; virSecurityManagerSetSavedStateLabel;
virSecurityManagerSetSocketLabel; virSecurityManagerSetSocketLabel;
......
...@@ -1727,7 +1727,7 @@ static int virLXCControllerSetupDisk(virLXCControllerPtr ctrl, ...@@ -1727,7 +1727,7 @@ static int virLXCControllerSetupDisk(virLXCControllerPtr ctrl,
/* Labelling normally operates on src, but we need /* Labelling normally operates on src, but we need
* to actually label the dst here, so hack the config */ * to actually label the dst here, so hack the config */
def->src->path = dst; def->src->path = dst;
if (virSecurityManagerSetImageLabel(securityDriver, ctrl->def, def) < 0) if (virSecurityManagerSetDiskLabel(securityDriver, ctrl->def, def) < 0)
goto cleanup; goto cleanup;
ret = 0; ret = 0;
......
...@@ -3899,8 +3899,8 @@ lxcDomainAttachDeviceMknodHelper(pid_t pid ATTRIBUTE_UNUSED, ...@@ -3899,8 +3899,8 @@ lxcDomainAttachDeviceMknodHelper(pid_t pid ATTRIBUTE_UNUSED,
virDomainDiskDefPtr def = data->def->data.disk; virDomainDiskDefPtr def = data->def->data.disk;
char *tmpsrc = def->src->path; char *tmpsrc = def->src->path;
def->src->path = data->file; def->src->path = data->file;
if (virSecurityManagerSetImageLabel(data->driver->securityManager, if (virSecurityManagerSetDiskLabel(data->driver->securityManager,
data->vm->def, def) < 0) { data->vm->def, def) < 0) {
def->src->path = tmpsrc; def->src->path = tmpsrc;
goto cleanup; goto cleanup;
} }
......
...@@ -12098,8 +12098,8 @@ qemuDomainPrepareDiskChainElement(virQEMUDriverPtr driver, ...@@ -12098,8 +12098,8 @@ qemuDomainPrepareDiskChainElement(virQEMUDriverPtr driver,
} else if (virDomainLockDiskAttach(driver->lockManager, cfg->uri, } else if (virDomainLockDiskAttach(driver->lockManager, cfg->uri,
vm, disk) < 0 || vm, disk) < 0 ||
qemuSetupDiskCgroup(vm, disk) < 0 || qemuSetupDiskCgroup(vm, disk) < 0 ||
virSecurityManagerSetImageLabel(driver->securityManager, virSecurityManagerSetDiskLabel(driver->securityManager,
vm->def, disk) < 0) { vm->def, disk) < 0) {
goto cleanup; goto cleanup;
} }
...@@ -14952,8 +14952,8 @@ qemuDomainBlockPivot(virConnectPtr conn, ...@@ -14952,8 +14952,8 @@ qemuDomainBlockPivot(virConnectPtr conn,
(virDomainLockDiskAttach(driver->lockManager, cfg->uri, (virDomainLockDiskAttach(driver->lockManager, cfg->uri,
vm, disk) < 0 || vm, disk) < 0 ||
qemuSetupDiskCgroup(vm, disk) < 0 || qemuSetupDiskCgroup(vm, disk) < 0 ||
virSecurityManagerSetImageLabel(driver->securityManager, vm->def, virSecurityManagerSetDiskLabel(driver->securityManager, vm->def,
disk) < 0)) { disk) < 0)) {
disk->src->path = oldsrc; disk->src->path = oldsrc;
disk->src->format = oldformat; disk->src->format = oldformat;
disk->src->backingStore = oldchain; disk->src->backingStore = oldchain;
......
...@@ -91,8 +91,8 @@ int qemuDomainChangeEjectableMedia(virQEMUDriverPtr driver, ...@@ -91,8 +91,8 @@ int qemuDomainChangeEjectableMedia(virQEMUDriverPtr driver,
vm, disk) < 0) vm, disk) < 0)
goto cleanup; goto cleanup;
if (virSecurityManagerSetImageLabel(driver->securityManager, if (virSecurityManagerSetDiskLabel(driver->securityManager,
vm->def, disk) < 0) { vm->def, disk) < 0) {
if (virDomainLockDiskDetach(driver->lockManager, vm, disk) < 0) if (virDomainLockDiskDetach(driver->lockManager, vm, disk) < 0)
VIR_WARN("Unable to release lock on %s", VIR_WARN("Unable to release lock on %s",
virDomainDiskGetSource(disk)); virDomainDiskGetSource(disk));
...@@ -270,8 +270,8 @@ qemuDomainAttachVirtioDiskDevice(virConnectPtr conn, ...@@ -270,8 +270,8 @@ qemuDomainAttachVirtioDiskDevice(virConnectPtr conn,
vm, disk) < 0) vm, disk) < 0)
goto cleanup; goto cleanup;
if (virSecurityManagerSetImageLabel(driver->securityManager, if (virSecurityManagerSetDiskLabel(driver->securityManager,
vm->def, disk) < 0) { vm->def, disk) < 0) {
if (virDomainLockDiskDetach(driver->lockManager, vm, disk) < 0) if (virDomainLockDiskDetach(driver->lockManager, vm, disk) < 0)
VIR_WARN("Unable to release lock on %s", src); VIR_WARN("Unable to release lock on %s", src);
goto cleanup; goto cleanup;
...@@ -509,8 +509,8 @@ qemuDomainAttachSCSIDisk(virConnectPtr conn, ...@@ -509,8 +509,8 @@ qemuDomainAttachSCSIDisk(virConnectPtr conn,
vm, disk) < 0) vm, disk) < 0)
goto cleanup; goto cleanup;
if (virSecurityManagerSetImageLabel(driver->securityManager, if (virSecurityManagerSetDiskLabel(driver->securityManager,
vm->def, disk) < 0) { vm->def, disk) < 0) {
if (virDomainLockDiskDetach(driver->lockManager, vm, disk) < 0) if (virDomainLockDiskDetach(driver->lockManager, vm, disk) < 0)
VIR_WARN("Unable to release lock on %s", src); VIR_WARN("Unable to release lock on %s", src);
goto cleanup; goto cleanup;
...@@ -634,8 +634,8 @@ qemuDomainAttachUSBMassstorageDevice(virConnectPtr conn, ...@@ -634,8 +634,8 @@ qemuDomainAttachUSBMassstorageDevice(virConnectPtr conn,
vm, disk) < 0) vm, disk) < 0)
goto cleanup; goto cleanup;
if (virSecurityManagerSetImageLabel(driver->securityManager, if (virSecurityManagerSetDiskLabel(driver->securityManager,
vm->def, disk) < 0) { vm->def, disk) < 0) {
if (virDomainLockDiskDetach(driver->lockManager, vm, disk) < 0) if (virDomainLockDiskDetach(driver->lockManager, vm, disk) < 0)
VIR_WARN("Unable to release lock on %s", src); VIR_WARN("Unable to release lock on %s", src);
goto cleanup; goto cleanup;
......
...@@ -696,8 +696,8 @@ AppArmorRestoreSecurityImageLabel(virSecurityManagerPtr mgr, ...@@ -696,8 +696,8 @@ AppArmorRestoreSecurityImageLabel(virSecurityManagerPtr mgr,
/* Called when hotplugging */ /* Called when hotplugging */
static int static int
AppArmorSetSecurityImageLabel(virSecurityManagerPtr mgr, AppArmorSetSecurityDiskLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def, virDomainDiskDefPtr disk) virDomainDefPtr def, virDomainDiskDefPtr disk)
{ {
int rc = -1; int rc = -1;
char *profile_name = NULL; char *profile_name = NULL;
...@@ -972,7 +972,7 @@ virSecurityDriver virAppArmorSecurityDriver = { ...@@ -972,7 +972,7 @@ virSecurityDriver virAppArmorSecurityDriver = {
.domainSecurityVerify = AppArmorSecurityVerify, .domainSecurityVerify = AppArmorSecurityVerify,
.domainSetSecurityImageLabel = AppArmorSetSecurityImageLabel, .domainSetSecurityDiskLabel = AppArmorSetSecurityDiskLabel,
.domainRestoreSecurityImageLabel = AppArmorRestoreSecurityImageLabel, .domainRestoreSecurityImageLabel = AppArmorRestoreSecurityImageLabel,
.domainSetSecurityDaemonSocketLabel = AppArmorSetSecurityDaemonSocketLabel, .domainSetSecurityDaemonSocketLabel = AppArmorSetSecurityDaemonSocketLabel,
......
...@@ -321,9 +321,9 @@ virSecurityDACSetSecurityFileLabel(virDomainDiskDefPtr disk, ...@@ -321,9 +321,9 @@ virSecurityDACSetSecurityFileLabel(virDomainDiskDefPtr disk,
static int static int
virSecurityDACSetSecurityImageLabel(virSecurityManagerPtr mgr, virSecurityDACSetSecurityDiskLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def, virDomainDefPtr def,
virDomainDiskDefPtr disk) virDomainDiskDefPtr disk)
{ {
virSecurityDACDataPtr priv = virSecurityManagerGetPrivateData(mgr); virSecurityDACDataPtr priv = virSecurityManagerGetPrivateData(mgr);
...@@ -967,9 +967,9 @@ virSecurityDACSetSecurityAllLabel(virSecurityManagerPtr mgr, ...@@ -967,9 +967,9 @@ virSecurityDACSetSecurityAllLabel(virSecurityManagerPtr mgr,
/* XXX fixme - we need to recursively label the entire tree :-( */ /* XXX fixme - we need to recursively label the entire tree :-( */
if (virDomainDiskGetType(def->disks[i]) == VIR_STORAGE_TYPE_DIR) if (virDomainDiskGetType(def->disks[i]) == VIR_STORAGE_TYPE_DIR)
continue; continue;
if (virSecurityDACSetSecurityImageLabel(mgr, if (virSecurityDACSetSecurityDiskLabel(mgr,
def, def,
def->disks[i]) < 0) def->disks[i]) < 0)
return -1; return -1;
} }
for (i = 0; i < def->nhostdevs; i++) { for (i = 0; i < def->nhostdevs; i++) {
...@@ -1273,7 +1273,7 @@ virSecurityDriver virSecurityDriverDAC = { ...@@ -1273,7 +1273,7 @@ virSecurityDriver virSecurityDriverDAC = {
.domainSecurityVerify = virSecurityDACVerify, .domainSecurityVerify = virSecurityDACVerify,
.domainSetSecurityImageLabel = virSecurityDACSetSecurityImageLabel, .domainSetSecurityDiskLabel = virSecurityDACSetSecurityDiskLabel,
.domainRestoreSecurityImageLabel = virSecurityDACRestoreSecurityImageLabel, .domainRestoreSecurityImageLabel = virSecurityDACRestoreSecurityImageLabel,
.domainSetSecurityDaemonSocketLabel = virSecurityDACSetDaemonSocketLabel, .domainSetSecurityDaemonSocketLabel = virSecurityDACSetDaemonSocketLabel,
......
...@@ -60,9 +60,9 @@ typedef int (*virSecurityDomainSetSocketLabel) (virSecurityManagerPtr mgr, ...@@ -60,9 +60,9 @@ typedef int (*virSecurityDomainSetSocketLabel) (virSecurityManagerPtr mgr,
virDomainDefPtr def); virDomainDefPtr def);
typedef int (*virSecurityDomainClearSocketLabel)(virSecurityManagerPtr mgr, typedef int (*virSecurityDomainClearSocketLabel)(virSecurityManagerPtr mgr,
virDomainDefPtr def); virDomainDefPtr def);
typedef int (*virSecurityDomainSetImageLabel) (virSecurityManagerPtr mgr, typedef int (*virSecurityDomainSetDiskLabel) (virSecurityManagerPtr mgr,
virDomainDefPtr def, virDomainDefPtr def,
virDomainDiskDefPtr disk); virDomainDiskDefPtr disk);
typedef int (*virSecurityDomainRestoreHostdevLabel) (virSecurityManagerPtr mgr, typedef int (*virSecurityDomainRestoreHostdevLabel) (virSecurityManagerPtr mgr,
virDomainDefPtr def, virDomainDefPtr def,
virDomainHostdevDefPtr dev, virDomainHostdevDefPtr dev,
...@@ -127,7 +127,7 @@ struct _virSecurityDriver { ...@@ -127,7 +127,7 @@ struct _virSecurityDriver {
virSecurityDomainSecurityVerify domainSecurityVerify; virSecurityDomainSecurityVerify domainSecurityVerify;
virSecurityDomainSetImageLabel domainSetSecurityImageLabel; virSecurityDomainSetDiskLabel domainSetSecurityDiskLabel;
virSecurityDomainRestoreImageLabel domainRestoreSecurityImageLabel; virSecurityDomainRestoreImageLabel domainRestoreSecurityImageLabel;
virSecurityDomainSetDaemonSocketLabel domainSetSecurityDaemonSocketLabel; virSecurityDomainSetDaemonSocketLabel domainSetSecurityDaemonSocketLabel;
......
...@@ -367,14 +367,14 @@ int virSecurityManagerClearSocketLabel(virSecurityManagerPtr mgr, ...@@ -367,14 +367,14 @@ int virSecurityManagerClearSocketLabel(virSecurityManagerPtr mgr,
return -1; return -1;
} }
int virSecurityManagerSetImageLabel(virSecurityManagerPtr mgr, int virSecurityManagerSetDiskLabel(virSecurityManagerPtr mgr,
virDomainDefPtr vm, virDomainDefPtr vm,
virDomainDiskDefPtr disk) virDomainDiskDefPtr disk)
{ {
if (mgr->drv->domainSetSecurityImageLabel) { if (mgr->drv->domainSetSecurityDiskLabel) {
int ret; int ret;
virObjectLock(mgr); virObjectLock(mgr);
ret = mgr->drv->domainSetSecurityImageLabel(mgr, vm, disk); ret = mgr->drv->domainSetSecurityDiskLabel(mgr, vm, disk);
virObjectUnlock(mgr); virObjectUnlock(mgr);
return ret; return ret;
} }
......
...@@ -70,9 +70,9 @@ int virSecurityManagerSetSocketLabel(virSecurityManagerPtr mgr, ...@@ -70,9 +70,9 @@ int virSecurityManagerSetSocketLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def); virDomainDefPtr def);
int virSecurityManagerClearSocketLabel(virSecurityManagerPtr mgr, int virSecurityManagerClearSocketLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def); virDomainDefPtr def);
int virSecurityManagerSetImageLabel(virSecurityManagerPtr mgr, int virSecurityManagerSetDiskLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def, virDomainDefPtr def,
virDomainDiskDefPtr disk); virDomainDiskDefPtr disk);
int virSecurityManagerRestoreHostdevLabel(virSecurityManagerPtr mgr, int virSecurityManagerRestoreHostdevLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def, virDomainDefPtr def,
virDomainHostdevDefPtr dev, virDomainHostdevDefPtr dev,
......
...@@ -75,9 +75,9 @@ static int virSecurityDomainClearSocketLabelNop(virSecurityManagerPtr mgr ATTRIB ...@@ -75,9 +75,9 @@ static int virSecurityDomainClearSocketLabelNop(virSecurityManagerPtr mgr ATTRIB
return 0; return 0;
} }
static int virSecurityDomainSetImageLabelNop(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED, static int virSecurityDomainSetDiskLabelNop(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
virDomainDefPtr vm ATTRIBUTE_UNUSED, virDomainDefPtr vm ATTRIBUTE_UNUSED,
virDomainDiskDefPtr disk ATTRIBUTE_UNUSED) virDomainDiskDefPtr disk ATTRIBUTE_UNUSED)
{ {
return 0; return 0;
} }
...@@ -206,7 +206,7 @@ virSecurityDriver virSecurityDriverNop = { ...@@ -206,7 +206,7 @@ virSecurityDriver virSecurityDriverNop = {
.domainSecurityVerify = virSecurityDomainVerifyNop, .domainSecurityVerify = virSecurityDomainVerifyNop,
.domainSetSecurityImageLabel = virSecurityDomainSetImageLabelNop, .domainSetSecurityDiskLabel = virSecurityDomainSetDiskLabelNop,
.domainRestoreSecurityImageLabel = virSecurityDomainRestoreImageLabelNop, .domainRestoreSecurityImageLabel = virSecurityDomainRestoreImageLabelNop,
.domainSetSecurityDaemonSocketLabel = virSecurityDomainSetDaemonSocketLabelNop, .domainSetSecurityDaemonSocketLabel = virSecurityDomainSetDaemonSocketLabelNop,
......
...@@ -1243,9 +1243,9 @@ virSecuritySELinuxSetSecurityFileLabel(virDomainDiskDefPtr disk, ...@@ -1243,9 +1243,9 @@ virSecuritySELinuxSetSecurityFileLabel(virDomainDiskDefPtr disk,
} }
static int static int
virSecuritySELinuxSetSecurityImageLabel(virSecurityManagerPtr mgr, virSecuritySELinuxSetSecurityDiskLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def, virDomainDefPtr def,
virDomainDiskDefPtr disk) virDomainDiskDefPtr disk)
{ {
virSecuritySELinuxCallbackData cbdata; virSecuritySELinuxCallbackData cbdata;
...@@ -2240,7 +2240,7 @@ virSecuritySELinuxSetSecurityAllLabel(virSecurityManagerPtr mgr, ...@@ -2240,7 +2240,7 @@ virSecuritySELinuxSetSecurityAllLabel(virSecurityManagerPtr mgr,
def->disks[i]->dst); def->disks[i]->dst);
continue; continue;
} }
if (virSecuritySELinuxSetSecurityImageLabel(mgr, if (virSecuritySELinuxSetSecurityDiskLabel(mgr,
def, def->disks[i]) < 0) def, def->disks[i]) < 0)
return -1; return -1;
} }
...@@ -2426,7 +2426,7 @@ virSecurityDriver virSecurityDriverSELinux = { ...@@ -2426,7 +2426,7 @@ virSecurityDriver virSecurityDriverSELinux = {
.domainSecurityVerify = virSecuritySELinuxSecurityVerify, .domainSecurityVerify = virSecuritySELinuxSecurityVerify,
.domainSetSecurityImageLabel = virSecuritySELinuxSetSecurityImageLabel, .domainSetSecurityDiskLabel = virSecuritySELinuxSetSecurityDiskLabel,
.domainRestoreSecurityImageLabel = virSecuritySELinuxRestoreSecurityImageLabel, .domainRestoreSecurityImageLabel = virSecuritySELinuxRestoreSecurityImageLabel,
.domainSetSecurityDaemonSocketLabel = virSecuritySELinuxSetSecurityDaemonSocketLabel, .domainSetSecurityDaemonSocketLabel = virSecuritySELinuxSetSecurityDaemonSocketLabel,
......
...@@ -222,16 +222,16 @@ virSecurityStackReserveLabel(virSecurityManagerPtr mgr, ...@@ -222,16 +222,16 @@ virSecurityStackReserveLabel(virSecurityManagerPtr mgr,
static int static int
virSecurityStackSetSecurityImageLabel(virSecurityManagerPtr mgr, virSecurityStackSetSecurityDiskLabel(virSecurityManagerPtr mgr,
virDomainDefPtr vm, virDomainDefPtr vm,
virDomainDiskDefPtr disk) virDomainDiskDefPtr disk)
{ {
virSecurityStackDataPtr priv = virSecurityManagerGetPrivateData(mgr); virSecurityStackDataPtr priv = virSecurityManagerGetPrivateData(mgr);
virSecurityStackItemPtr item = priv->itemsHead; virSecurityStackItemPtr item = priv->itemsHead;
int rc = 0; int rc = 0;
for (; item; item = item->next) { for (; item; item = item->next) {
if (virSecurityManagerSetImageLabel(item->securityManager, vm, disk) < 0) if (virSecurityManagerSetDiskLabel(item->securityManager, vm, disk) < 0)
rc = -1; rc = -1;
} }
...@@ -578,7 +578,7 @@ virSecurityDriver virSecurityDriverStack = { ...@@ -578,7 +578,7 @@ virSecurityDriver virSecurityDriverStack = {
.domainSecurityVerify = virSecurityStackVerify, .domainSecurityVerify = virSecurityStackVerify,
.domainSetSecurityImageLabel = virSecurityStackSetSecurityImageLabel, .domainSetSecurityDiskLabel = virSecurityStackSetSecurityDiskLabel,
.domainRestoreSecurityImageLabel = virSecurityStackRestoreSecurityImageLabel, .domainRestoreSecurityImageLabel = virSecurityStackRestoreSecurityImageLabel,
.domainSetSecurityDaemonSocketLabel = virSecurityStackSetDaemonSocketLabel, .domainSetSecurityDaemonSocketLabel = virSecurityStackSetDaemonSocketLabel,
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册