Re: [libvirt] [PATCH 5/6] Cleanup sec driver error reporting to use virReportSystemError

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, 2009-09-01 at 16:28 +0100, Daniel P. Berrange wrote:
> * src/security_selinux.c: Use virReportSystemError whereever an
>   errno is involved
> * src/qemu_driver.c: Don't overwrite error message from the
>   security driver

ACK, looks good - poor wee errno was being forgotten

> @@ -440,6 +431,17 @@ SELinuxSetSecurityPCILabel(virConnectPtr conn,
>  }
>  
>  static int
> +SELinuxSetSecurityUSBLabel(virConnectPtr conn,
> +                           usbDevice *dev ATTRIBUTE_UNUSED,
> +                           const char *file, void *opaque)
> +{
> +    virDomainObjPtr vm = opaque;
> +    const virSecurityLabelDefPtr secdef = &vm->def->seclabel;
> +
> +    return SELinuxSetFilecon(conn, file, secdef->imagelabel);
> +}
> +
> +static int
>  SELinuxSetSecurityHostdevLabel(virConnectPtr conn,
>                                 virDomainObjPtr vm,
>                                 virDomainHostdevDefPtr dev)
> @@ -451,8 +453,24 @@ SELinuxSetSecurityHostdevLabel(virConnectPtr conn,
>          return 0;
>  
>      switch (dev->source.subsys.type) {
> -    case VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_USB:
> -        break;
> +    case VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_USB: {
> +        if (dev->source.subsys.u.usb.bus && dev->source.subsys.u.usb.device) {
> +            usbDevice *usb = usbGetDevice(conn,
> +                                          dev->source.subsys.u.usb.bus,
> +                                          dev->source.subsys.u.usb.device);
> +
> +            if (!usb)
> +                goto done;
> +
> +            ret = usbDeviceFileIterate(conn, usb, SELinuxSetSecurityUSBLabel, vm);
> +            usbFreeDevice(conn, usb);
> +
> +            break;
> +        } else {
> +            /* XXX deal with product/vendor better */
> +            ret = 0;
> +        }
> +    }

Ahrrr! There she is! :-)

Looks good, I'd perhaps have just passed the image label as the opaque
pointer to the iterator but ...

Cheers,
Mark.

--
Libvir-list mailing list
Libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list

[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]