[PATCH v1 09/10] virSecurityManagerNew: Add virLockManagerPluginPtr

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



For future work it's crucial to have virLockManagerPluginPtr
stored in virSecurityDriver. Therefore, we must pass it when
creating the security driver.

Signed-off-by: Michal Privoznik <mprivozn@xxxxxxxxxx>
---
 src/Makefile.am                  |  6 +++++-
 src/lxc/lxc_controller.c         |  2 +-
 src/lxc/lxc_driver.c             |  3 ++-
 src/qemu/qemu_driver.c           |  7 +++++--
 src/security/security_manager.c  | 25 ++++++++++++++++++++-----
 src/security/security_manager.h  |  6 +++++-
 tests/Makefile.am                |  1 +
 tests/qemuhotplugtest.c          |  2 +-
 tests/seclabeltest.c             |  2 +-
 tests/securityselinuxlabeltest.c |  2 +-
 tests/securityselinuxtest.c      |  2 +-
 11 files changed, 43 insertions(+), 15 deletions(-)

diff --git a/src/Makefile.am b/src/Makefile.am
index 7302abb..90a51f6 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -1264,6 +1264,7 @@ libvirt_driver_qemu_impl_la_CFLAGS = \
 		$(LIBNL_CFLAGS) \
 		-I$(top_srcdir)/src/access \
 		-I$(top_srcdir)/src/conf \
+		-I$(top_srcdir)/src/locking \
 		$(AM_CFLAGS)
 libvirt_driver_qemu_impl_la_LDFLAGS = $(AM_LDFLAGS)
 libvirt_driver_qemu_impl_la_LIBADD = $(CAPNG_LIBS) \
@@ -1303,6 +1304,7 @@ libvirt_driver_lxc_impl_la_CFLAGS = \
 		$(FUSE_CFLAGS) \
 		-I$(top_srcdir)/src/access \
 		-I$(top_srcdir)/src/conf \
+		-I$(top_srcdir)/src/locking \
 		$(AM_CFLAGS)
 libvirt_driver_lxc_impl_la_LIBADD = $(CAPNG_LIBS) $(LIBNL_LIBS) $(FUSE_LIBS)
 if WITH_BLKID
@@ -1650,7 +1652,7 @@ libvirt_security_manager_la_SOURCES = $(SECURITY_DRIVER_SOURCES)
 noinst_LTLIBRARIES += libvirt_security_manager.la
 libvirt_la_BUILT_LIBADD += libvirt_security_manager.la
 libvirt_security_manager_la_CFLAGS = \
-		-I$(top_srcdir)/src/conf $(AM_CFLAGS)
+		-I$(top_srcdir)/src/conf -I$(top_srcdir)/src/locking $(AM_CFLAGS)
 libvirt_security_manager_la_LDFLAGS = $(AM_LDFLAGS)
 libvirt_security_manager_la_LIBADD = $(SECDRIVER_LIBS)
 if WITH_SECDRIVER_SELINUX
@@ -2636,6 +2638,7 @@ endif WITH_DTRACE_PROBES
 libvirt_lxc_LDADD += $(SECDRIVER_LIBS)
 libvirt_lxc_CFLAGS =				\
 		-I$(top_srcdir)/src/conf	\
+		-I$(top_srcdir)/src/locking	\
 		$(AM_CFLAGS)                    \
 		$(PIE_CFLAGS)			\
 		$(LIBNL_CFLAGS)			\
@@ -2672,6 +2675,7 @@ virt_aa_helper_LDADD += libvirt_probes.lo
 endif WITH_DTRACE_PROBES
 virt_aa_helper_CFLAGS =						\
 		-I$(top_srcdir)/src/conf			\
+		-I$(top_srcdir)/src/locking			\
 		-I$(top_srcdir)/src/security			\
 		$(AM_CFLAGS) \
 		$(PIE_CFLAGS) \
diff --git a/src/lxc/lxc_controller.c b/src/lxc/lxc_controller.c
index 1861dd6..eb9dea0 100644
--- a/src/lxc/lxc_controller.c
+++ b/src/lxc/lxc_controller.c
@@ -2414,7 +2414,7 @@ int main(int argc, char *argv[])
 
     if (!(ctrl->securityManager = virSecurityManagerNew(securityDriver,
                                                         LXC_DRIVER_NAME,
-                                                        false, false, false)))
+                                                        false, false, false, NULL)))
         goto cleanup;
 
     if (ctrl->def->seclabels) {
diff --git a/src/lxc/lxc_driver.c b/src/lxc/lxc_driver.c
index f93360f..ccb4de9 100644
--- a/src/lxc/lxc_driver.c
+++ b/src/lxc/lxc_driver.c
@@ -1539,7 +1539,8 @@ lxcSecurityInit(virLXCDriverConfigPtr cfg)
                                                       LXC_DRIVER_NAME,
                                                       false,
                                                       cfg->securityDefaultConfined,
-                                                      cfg->securityRequireConfined);
+                                                      cfg->securityRequireConfined,
+                                                      NULL);
     if (!mgr)
         goto error;
 
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index a8cda43..eecdb7b 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -392,7 +392,8 @@ qemuSecurityInit(virQEMUDriverPtr driver)
                                               QEMU_DRIVER_NAME,
                                               cfg->allowDiskFormatProbing,
                                               cfg->securityDefaultConfined,
-                                              cfg->securityRequireConfined)))
+                                              cfg->securityRequireConfined,
+                                              driver->lockManager)))
                 goto error;
             if (!stack) {
                 if (!(stack = virSecurityManagerNewStack(mgr)))
@@ -409,7 +410,8 @@ qemuSecurityInit(virQEMUDriverPtr driver)
                                           QEMU_DRIVER_NAME,
                                           cfg->allowDiskFormatProbing,
                                           cfg->securityDefaultConfined,
-                                          cfg->securityRequireConfined)))
+                                          cfg->securityRequireConfined,
+                                          driver->lockManager)))
             goto error;
         if (!(stack = virSecurityManagerNewStack(mgr)))
             goto error;
@@ -424,6 +426,7 @@ qemuSecurityInit(virQEMUDriverPtr driver)
                                              cfg->securityDefaultConfined,
                                              cfg->securityRequireConfined,
                                              cfg->dynamicOwnership,
+                                             driver->lockManager,
                                              qemuSecurityChownCallback)))
             goto error;
         if (!stack) {
diff --git a/src/security/security_manager.c b/src/security/security_manager.c
index 8671620..bbfbfef 100644
--- a/src/security/security_manager.c
+++ b/src/security/security_manager.c
@@ -41,6 +41,7 @@ struct _virSecurityManager {
     bool defaultConfined;
     bool requireConfined;
     const char *virtDriver;
+    virLockManagerPluginPtr lockPlugin;
     void *privateData;
 };
 
@@ -78,7 +79,8 @@ virSecurityManagerNewDriver(virSecurityDriverPtr drv,
                             const char *virtDriver,
                             bool allowDiskFormatProbing,
                             bool defaultConfined,
-                            bool requireConfined)
+                            bool requireConfined,
+                            virLockManagerPluginPtr lockPlugin)
 {
     virSecurityManagerPtr mgr;
     char *privateData;
@@ -105,6 +107,7 @@ virSecurityManagerNewDriver(virSecurityDriverPtr drv,
     mgr->defaultConfined = defaultConfined;
     mgr->requireConfined = requireConfined;
     mgr->virtDriver = virtDriver;
+    mgr->lockPlugin = lockPlugin;
     mgr->privateData = privateData;
 
     if (drv->open(mgr) < 0) {
@@ -124,7 +127,8 @@ virSecurityManagerNewStack(virSecurityManagerPtr primary)
                                     virSecurityManagerGetDriver(primary),
                                     virSecurityManagerGetAllowDiskFormatProbing(primary),
                                     virSecurityManagerGetDefaultConfined(primary),
-                                    virSecurityManagerGetRequireConfined(primary));
+                                    virSecurityManagerGetRequireConfined(primary),
+                                    virSecurityManagerGetLockPlugin(primary));
 
     if (!mgr)
         return NULL;
@@ -153,6 +157,7 @@ virSecurityManagerNewDAC(const char *virtDriver,
                          bool defaultConfined,
                          bool requireConfined,
                          bool dynamicOwnership,
+                         virLockManagerPluginPtr lockPlugin,
                          virSecurityManagerDACChownCallback chownCallback)
 {
     virSecurityManagerPtr mgr =
@@ -160,7 +165,8 @@ virSecurityManagerNewDAC(const char *virtDriver,
                                     virtDriver,
                                     allowDiskFormatProbing,
                                     defaultConfined,
-                                    requireConfined);
+                                    requireConfined,
+                                    lockPlugin);
 
     if (!mgr)
         return NULL;
@@ -182,7 +188,8 @@ virSecurityManagerNew(const char *name,
                       const char *virtDriver,
                       bool allowDiskFormatProbing,
                       bool defaultConfined,
-                      bool requireConfined)
+                      bool requireConfined,
+                      virLockManagerPluginPtr lockPlugin)
 {
     virSecurityDriverPtr drv = virSecurityDriverLookup(name, virtDriver);
     if (!drv)
@@ -212,7 +219,8 @@ virSecurityManagerNew(const char *name,
                                        virtDriver,
                                        allowDiskFormatProbing,
                                        defaultConfined,
-                                       requireConfined);
+                                       requireConfined,
+                                       lockPlugin);
 }
 
 
@@ -333,6 +341,13 @@ virSecurityManagerGetRequireConfined(virSecurityManagerPtr mgr)
 }
 
 
+virLockManagerPluginPtr
+virSecurityManagerGetLockPlugin(virSecurityManagerPtr mgr)
+{
+    return mgr->lockPlugin;
+}
+
+
 /**
  * virSecurityManagerRestoreDiskLabel:
  * @mgr: security manager object
diff --git a/src/security/security_manager.h b/src/security/security_manager.h
index 156f882..0605996 100644
--- a/src/security/security_manager.h
+++ b/src/security/security_manager.h
@@ -26,6 +26,7 @@
 # include "domain_conf.h"
 # include "vircommand.h"
 # include "virstoragefile.h"
+# include "lock_manager.h"
 
 typedef struct _virSecurityManager virSecurityManager;
 typedef virSecurityManager *virSecurityManagerPtr;
@@ -34,7 +35,8 @@ virSecurityManagerPtr virSecurityManagerNew(const char *name,
                                             const char *virtDriver,
                                             bool allowDiskFormatProbing,
                                             bool defaultConfined,
-                                            bool requireConfined);
+                                            bool requireConfined,
+                                            virLockManagerPluginPtr lockPlugin);
 
 virSecurityManagerPtr virSecurityManagerNewStack(virSecurityManagerPtr primary);
 int virSecurityManagerStackAddNested(virSecurityManagerPtr stack,
@@ -62,6 +64,7 @@ virSecurityManagerPtr virSecurityManagerNewDAC(const char *virtDriver,
                                                bool defaultConfined,
                                                bool requireConfined,
                                                bool dynamicOwnership,
+                                               virLockManagerPluginPtr lockPlugin,
                                                virSecurityManagerDACChownCallback chownCallback);
 
 int virSecurityManagerPreFork(virSecurityManagerPtr mgr);
@@ -77,6 +80,7 @@ const char *virSecurityManagerGetBaseLabel(virSecurityManagerPtr mgr, int virtTy
 bool virSecurityManagerGetAllowDiskFormatProbing(virSecurityManagerPtr mgr);
 bool virSecurityManagerGetDefaultConfined(virSecurityManagerPtr mgr);
 bool virSecurityManagerGetRequireConfined(virSecurityManagerPtr mgr);
+virLockManagerPluginPtr virSecurityManagerGetLockPlugin(virSecurityManagerPtr mgr);
 
 int virSecurityManagerRestoreDiskLabel(virSecurityManagerPtr mgr,
                                        virDomainDefPtr def,
diff --git a/tests/Makefile.am b/tests/Makefile.am
index d6c3cfb..a11b164 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -29,6 +29,7 @@ INCLUDES = \
 	-I$(top_builddir)/src -I$(top_srcdir)/src \
 	-I$(top_srcdir)/src/util \
 	-I$(top_srcdir)/src/conf \
+	-I$(top_srcdir)/src/locking \
 	$(GETTEXT_CPPFLAGS)
 
 AM_CFLAGS = \
diff --git a/tests/qemuhotplugtest.c b/tests/qemuhotplugtest.c
index 9d39968..56ff3ba 100644
--- a/tests/qemuhotplugtest.c
+++ b/tests/qemuhotplugtest.c
@@ -358,7 +358,7 @@ mymain(void)
     if (!driver.lockManager)
         return EXIT_FAILURE;
 
-    if (!(mgr = virSecurityManagerNew("none", "qemu", false, false, false)))
+    if (!(mgr = virSecurityManagerNew("none", "qemu", false, false, false, NULL)))
         return EXIT_FAILURE;
     if (!(driver.securityManager = virSecurityManagerNewStack(mgr)))
         return EXIT_FAILURE;
diff --git a/tests/seclabeltest.c b/tests/seclabeltest.c
index 51765c9..3a6e7a2 100644
--- a/tests/seclabeltest.c
+++ b/tests/seclabeltest.c
@@ -17,7 +17,7 @@ main(int argc ATTRIBUTE_UNUSED, char **argv ATTRIBUTE_UNUSED)
     if (virThreadInitialize() < 0)
         return EXIT_FAILURE;
 
-    mgr = virSecurityManagerNew(NULL, "QEMU", false, true, false);
+    mgr = virSecurityManagerNew(NULL, "QEMU", false, true, false, NULL);
     if (mgr == NULL) {
         fprintf(stderr, "Failed to start security driver");
         return EXIT_FAILURE;
diff --git a/tests/securityselinuxlabeltest.c b/tests/securityselinuxlabeltest.c
index 455eb74..dfc3bed 100644
--- a/tests/securityselinuxlabeltest.c
+++ b/tests/securityselinuxlabeltest.c
@@ -360,7 +360,7 @@ mymain(void)
     if (!rc)
         return EXIT_AM_SKIP;
 
-    if (!(mgr = virSecurityManagerNew("selinux", "QEMU", false, true, false))) {
+    if (!(mgr = virSecurityManagerNew("selinux", "QEMU", false, true, false, NULL))) {
         virErrorPtr err = virGetLastError();
         fprintf(stderr, "Unable to initialize security driver: %s\n",
                 err->message);
diff --git a/tests/securityselinuxtest.c b/tests/securityselinuxtest.c
index 3b5c3e5..d0810d8 100644
--- a/tests/securityselinuxtest.c
+++ b/tests/securityselinuxtest.c
@@ -272,7 +272,7 @@ mymain(void)
     int ret = 0;
     virSecurityManagerPtr mgr;
 
-    if (!(mgr = virSecurityManagerNew("selinux", "QEMU", false, true, false))) {
+    if (!(mgr = virSecurityManagerNew("selinux", "QEMU", false, true, false, NULL))) {
         virErrorPtr err = virGetLastError();
         fprintf(stderr, "Unable to initialize security driver: %s\n",
                 err->message);
-- 
1.8.5.5

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list




[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]