[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[libvirt] [PATCH 07/11] security: Remove disk labelling functions and fix callers



Now that we have replacement in the form of the image labelling function
we can drop the unnecessary functions by replacing all callers.

Signed-off-by: Peter Krempa <pkrempa redhat com>
---
 src/libvirt_private.syms        |  2 --
 src/lxc/lxc_controller.c        |  3 +-
 src/lxc/lxc_driver.c            |  4 +--
 src/security/security_manager.c | 58 ---------------------------------
 src/security/security_manager.h |  6 ----
 5 files changed, 4 insertions(+), 69 deletions(-)

diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index c3d6306809..599b97569a 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -1354,7 +1354,6 @@ virSecurityManagerReleaseLabel;
 virSecurityManagerReserveLabel;
 virSecurityManagerRestoreAllLabel;
 virSecurityManagerRestoreChardevLabel;
-virSecurityManagerRestoreDiskLabel;
 virSecurityManagerRestoreHostdevLabel;
 virSecurityManagerRestoreImageLabel;
 virSecurityManagerRestoreInputLabel;
@@ -1365,7 +1364,6 @@ virSecurityManagerSetAllLabel;
 virSecurityManagerSetChardevLabel;
 virSecurityManagerSetChildProcessLabel;
 virSecurityManagerSetDaemonSocketLabel;
-virSecurityManagerSetDiskLabel;
 virSecurityManagerSetHostdevLabel;
 virSecurityManagerSetImageFDLabel;
 virSecurityManagerSetImageLabel;
diff --git a/src/lxc/lxc_controller.c b/src/lxc/lxc_controller.c
index 2bec8846aa..790ff65b0e 100644
--- a/src/lxc/lxc_controller.c
+++ b/src/lxc/lxc_controller.c
@@ -1932,7 +1932,8 @@ static int virLXCControllerSetupDisk(virLXCControllerPtr ctrl,
     /* Labelling normally operates on src, but we need
      * to actually label the dst here, so hack the config */
     def->src->path = dst;
-    if (virSecurityManagerSetDiskLabel(securityDriver, ctrl->def, def) < 0)
+    if (virSecurityManagerSetImageLabel(securityDriver, ctrl->def,
+                                        def->src, true) < 0)
         goto cleanup;

     ret = 0;
diff --git a/src/lxc/lxc_driver.c b/src/lxc/lxc_driver.c
index df15a0da50..f03c6af691 100644
--- a/src/lxc/lxc_driver.c
+++ b/src/lxc/lxc_driver.c
@@ -3636,8 +3636,8 @@ lxcDomainAttachDeviceMknodHelper(pid_t pid ATTRIBUTE_UNUSED,
         virDomainDiskDefPtr def = data->def->data.disk;
         char *tmpsrc = def->src->path;
         def->src->path = data->file;
-        if (virSecurityManagerSetDiskLabel(data->driver->securityManager,
-                                           data->vm->def, def) < 0) {
+        if (virSecurityManagerSetImageLabel(data->driver->securityManager,
+                                            data->vm->def, def->src, true) < 0) {
             def->src->path = tmpsrc;
             goto cleanup;
         }
diff --git a/src/security/security_manager.c b/src/security/security_manager.c
index 5493f0f66b..72081ac586 100644
--- a/src/security/security_manager.c
+++ b/src/security/security_manager.c
@@ -402,35 +402,6 @@ virSecurityManagerGetPrivileged(virSecurityManagerPtr mgr)
 }


-/**
- * virSecurityManagerRestoreDiskLabel:
- * @mgr: security manager object
- * @vm: domain definition object
- * @disk: disk definition to operate on
- *
- * Removes security label from the source image of the disk. Note that this
- * function doesn't restore labels on backing chain elements of @disk.
- *
- * Returns: 0 on success, -1 on error.
- */
-int
-virSecurityManagerRestoreDiskLabel(virSecurityManagerPtr mgr,
-                                   virDomainDefPtr vm,
-                                   virDomainDiskDefPtr disk)
-{
-    if (mgr->drv->domainRestoreSecurityImageLabel) {
-        int ret;
-        virObjectLock(mgr);
-        ret = mgr->drv->domainRestoreSecurityImageLabel(mgr, vm, disk->src, true);
-        virObjectUnlock(mgr);
-        return ret;
-    }
-
-    virReportUnsupportedError();
-    return -1;
-}
-
-
 /**
  * virSecurityManagerRestoreImageLabel:
  * @mgr: security manager object
@@ -512,35 +483,6 @@ virSecurityManagerClearSocketLabel(virSecurityManagerPtr mgr,
 }


-/**
- * virSecurityManagerSetDiskLabel:
- * @mgr: security manager object
- * @vm: domain definition object
- * @disk: disk definition to operate on
- *
- * Labels the disk image and all images in the backing chain with the configured
- * security label.
- *
- * Returns: 0 on success, -1 on error.
- */
-int
-virSecurityManagerSetDiskLabel(virSecurityManagerPtr mgr,
-                               virDomainDefPtr vm,
-                               virDomainDiskDefPtr disk)
-{
-    if (mgr->drv->domainSetSecurityImageLabel) {
-        int ret;
-        virObjectLock(mgr);
-        ret = mgr->drv->domainSetSecurityImageLabel(mgr, vm, disk->src, true);
-        virObjectUnlock(mgr);
-        return ret;
-    }
-
-    virReportUnsupportedError();
-    return -1;
-}
-
-
 /**
  * virSecurityManagerSetImageLabel:
  * @mgr: security manager object
diff --git a/src/security/security_manager.h b/src/security/security_manager.h
index 0207113b14..8e1fb3b3c9 100644
--- a/src/security/security_manager.h
+++ b/src/security/security_manager.h
@@ -90,18 +90,12 @@ bool virSecurityManagerGetDefaultConfined(virSecurityManagerPtr mgr);
 bool virSecurityManagerGetRequireConfined(virSecurityManagerPtr mgr);
 bool virSecurityManagerGetPrivileged(virSecurityManagerPtr mgr);

-int virSecurityManagerRestoreDiskLabel(virSecurityManagerPtr mgr,
-                                       virDomainDefPtr def,
-                                       virDomainDiskDefPtr disk);
 int virSecurityManagerSetDaemonSocketLabel(virSecurityManagerPtr mgr,
                                            virDomainDefPtr vm);
 int virSecurityManagerSetSocketLabel(virSecurityManagerPtr mgr,
                                      virDomainDefPtr def);
 int virSecurityManagerClearSocketLabel(virSecurityManagerPtr mgr,
                                        virDomainDefPtr def);
-int virSecurityManagerSetDiskLabel(virSecurityManagerPtr mgr,
-                                   virDomainDefPtr def,
-                                   virDomainDiskDefPtr disk);
 int virSecurityManagerRestoreHostdevLabel(virSecurityManagerPtr mgr,
                                           virDomainDefPtr def,
                                           virDomainHostdevDefPtr dev,
-- 
2.20.1


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]