加入 Gitee
与超过 1200万 开发者一起发现、参与优秀开源项目,私有仓库也完全免费 :)
免费加入
文件
该仓库未声明开源许可证文件(LICENSE),使用请关注具体项目描述及其代码上游依赖。
克隆/下载
qemu-Use-qemuSecurityDomainSetPathLabel-to-set-secla.patch 1.72 KB
一键复制 编辑 原始数据 按行查看 历史
From e6b532333a0f7dcd3c1466b941b5ce8317a70d62 Mon Sep 17 00:00:00 2001
From: Michal Privoznik <mprivozn@redhat.com>
Date: Wed, 17 Jun 2020 11:01:05 +0200
Subject: [PATCH 009/108] qemu: Use qemuSecurityDomainSetPathLabel() to set
seclabes on not saved state files
There are two places within qemu driver that misuse
qemuSecuritySetSavedStateLabel() to set seclabels on tempfiles
that are not state files: qemuDomainScreenshot() and
qemuDomainMemoryPeek(). They are doing so because of lack of
qemuSecurityDomainSetPathLabel() at the time of their
introduction.
In all three secdrivers (well, four if you count NOP driver) the
implementation of .domainSetSavedStateLabel and
.domainSetPathLabel callbacks is the same anyway.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
(cherry picked from commit 8c6257942425c36e6f6d96629d334fb09a94da28)
---
src/qemu/qemu_driver.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index e7166e4af3..196b301751 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -4083,7 +4083,7 @@ qemuDomainScreenshot(virDomainPtr dom,
}
unlink_tmp = true;
- qemuSecuritySetSavedStateLabel(driver, vm, tmp);
+ qemuSecurityDomainSetPathLabel(driver, vm, tmp, false);
qemuDomainObjEnterMonitor(driver, vm);
if (qemuMonitorScreendump(priv->mon, videoAlias, screen, tmp) < 0) {
@@ -11699,7 +11699,7 @@ qemuDomainMemoryPeek(virDomainPtr dom,
goto endjob;
}
- qemuSecuritySetSavedStateLabel(driver, vm, tmp);
+ qemuSecurityDomainSetPathLabel(driver, vm, tmp, false);
priv = vm->privateData;
qemuDomainObjEnterMonitor(driver, vm);
--
2.33.0
马建仓 AI 助手
尝试更多
代码解读
代码找茬
代码优化