[libvirt] [PATCHv5 17/28] security: DAC: Implement per-image seclabel restore

Peter Krempa pkrempa at redhat.com
Fri Jul 4 11:29:32 UTC 2014 

Refactor the existing code to allow re-using it for the per-image label
restore too.
---
 src/security/security_dac.c | 59 ++++++++++++++++++++++++---------------------
 1 file changed, 31 insertions(+), 28 deletions(-)

diff --git a/src/security/security_dac.c b/src/security/security_dac.c
index 38cb47f..f86d532 100644
--- a/src/security/security_dac.c
+++ b/src/security/security_dac.c
@@ -350,62 +350,63 @@ virSecurityDACSetSecurityDiskLabel(virSecurityManagerPtr mgr,
 static int
 virSecurityDACRestoreSecurityImageLabelInt(virSecurityManagerPtr mgr,
                                            virDomainDefPtr def,
-                                           virDomainDiskDefPtr disk,
+                                           virStorageSourcePtr src,
                                            bool migrated)
 {
     virSecurityDACDataPtr priv = virSecurityManagerGetPrivateData(mgr);
     virSecurityLabelDefPtr secdef;
     virSecurityDeviceLabelDefPtr disk_seclabel;
-    const char *src = virDomainDiskGetSource(disk);

     if (!priv->dynamicOwnership)
         return 0;

-    if (virDomainDiskGetType(disk) == VIR_STORAGE_TYPE_NETWORK)
+    if (!src->path || !virStorageSourceIsLocalStorage(src))
         return 0;

-    secdef = virDomainDefGetSecurityLabelDef(def, SECURITY_DAC_NAME);
+    /* Don't restore labels on readoly/shared disks, because other VMs may
+     * still be accessing these Alternatively we could iterate over all running
+     * domains and try to figure out if it is in use, but this would not work
+     * for clustered filesystems, since we can't see running VMs using the file
+     * on other nodes Safest bet is thus to skip the restore step.
+     */
+    if (src->readonly || src->shared)
+        return 0;

+    secdef = virDomainDefGetSecurityLabelDef(def, SECURITY_DAC_NAME);
     if (secdef && secdef->norelabel)
         return 0;

-    disk_seclabel = virStorageSourceGetSecurityLabelDef(disk->src,
+    disk_seclabel = virStorageSourceGetSecurityLabelDef(src,
                                                         SECURITY_DAC_NAME);
-
     if (disk_seclabel && disk_seclabel->norelabel)
         return 0;

-    /* Don't restore labels on readoly/shared disks, because
-     * other VMs may still be accessing these
-     * Alternatively we could iterate over all running
-     * domains and try to figure out if it is in use, but
-     * this would not work for clustered filesystems, since
-     * we can't see running VMs using the file on other nodes
-     * Safest bet is thus to skip the restore step.
-     */
-    if (disk->src->readonly || disk->src->shared)
-        return 0;
-
-    if (!src)
-        return 0;

-    /* If we have a shared FS & doing migrated, we must not
-     * change ownership, because that kills access on the
-     * destination host which is sub-optimal for the guest
-     * VM's I/O attempts :-)
+    /* If we have a shared FS & doing migrated, we must not change ownership,
+     * because that kills access on the destination host which is sub-optimal
+     * for the guest VM's I/O attempts :-)
      */
     if (migrated) {
-        int rc = virFileIsSharedFS(src);
+        int rc = virFileIsSharedFS(src->path);
         if (rc < 0)
             return -1;
         if (rc == 1) {
             VIR_DEBUG("Skipping image label restore on %s because FS is shared",
-                      src);
+                      src->path);
             return 0;
         }
     }

-    return virSecurityDACRestoreSecurityFileLabel(src);
+    return virSecurityDACRestoreSecurityFileLabel(src->path);
+}
+
+
+static int
+virSecurityDACRestoreSecurityImageLabel(virSecurityManagerPtr mgr,
+                                        virDomainDefPtr def,
+                                        virStorageSourcePtr src)
+{
+    return virSecurityDACRestoreSecurityImageLabelInt(mgr, def, src, false);
 }


@@ -414,7 +415,7 @@ virSecurityDACRestoreSecurityDiskLabel(virSecurityManagerPtr mgr,
                                        virDomainDefPtr def,
                                        virDomainDiskDefPtr disk)
 {
-    return virSecurityDACRestoreSecurityImageLabelInt(mgr, def, disk, false);
+    return virSecurityDACRestoreSecurityImageLabelInt(mgr, def, disk->src, false);
 }


@@ -902,7 +903,7 @@ virSecurityDACRestoreSecurityAllLabel(virSecurityManagerPtr mgr,
     for (i = 0; i < def->ndisks; i++) {
         if (virSecurityDACRestoreSecurityImageLabelInt(mgr,
                                                        def,
-                                                       def->disks[i],
+                                                       def->disks[i]->src,
                                                        migrated) < 0)
             rc = -1;
     }
@@ -1276,6 +1277,8 @@ virSecurityDriver virSecurityDriverDAC = {
     .domainSetSecurityDiskLabel         = virSecurityDACSetSecurityDiskLabel,
     .domainRestoreSecurityDiskLabel     = virSecurityDACRestoreSecurityDiskLabel,

+    .domainRestoreSecurityImageLabel    = virSecurityDACRestoreSecurityImageLabel,
+
     .domainSetSecurityDaemonSocketLabel = virSecurityDACSetDaemonSocketLabel,
     .domainSetSecuritySocketLabel       = virSecurityDACSetSocketLabel,
     .domainClearSecuritySocketLabel     = virSecurityDACClearSocketLabel,
-- 
1.9.3

More information about the libvir-list mailing list