Re: [libvirt] Resubmission: [PATCH 1/6] sVirt AppArmor security driver

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Jamie Strandboge wrote:
> On Tue, 08 Sep 2009, Jamie Strandboge wrote:
> 
>>> [PATCH 1*]
>>> patch_1a_reenable-nonfile-labels.patch:
>>> When James Morris originally submitted his sVirt patches (as seen in
>>> libvirt 0.6.1), he did not require on disk labelling for
>>> virSecurityDomainRestoreImageLabel. A later commit[2] changed this
>>> behavior to assume on disk labelling, which halts implementations for
>>> path-based MAC systems such as AppArmor and TOMOYO where
>>> vm->def->seclabel is required to obtain the label. This patch simply
>>> adds the 'virDomainObjPtr vm' argument back to *RestoreImageLabel.
>>>
>>> patch_1b_optional.patch:
>>> Due to the above change, 'make syntax-check' fails because
>>> SELinuxRestoreSecurityImageLabel() does not use the 'virDomainObjPtr
>>> vm'. patch_1b_optional.patch is a simple patch to fix this by checking
>>> if vm->def->seclabel == NULL and returns with error if it does. I
>>> realize this may not be desired in the long term, but it should be
>>> harmless enough to include.
>>>

It looks fine, except instead of using the optional patch, just use
"ATTRIBUTE_UNUSED" instead.  (Oh, I see danpb gave you the same feedback :).


-- 
Chris Lalancette

--
Libvir-list mailing list
Libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list

[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]