Re: [PATCH 04/25] m4: virt-selinux: remove obsolete checks

Ján Tomko <jtomko@xxxxxxxxxx> · Mon, 21 Oct 2019 14:51:32 +0200

On Mon, Oct 21, 2019 at 10:00:29AM +0200, Pavel Hrdina wrote:
All OSes that we support have libselinux >= 2.5 except for Ubuntu 16.04
where the version is 2.4.

Signed-off-by: Pavel Hrdina <phrdina@xxxxxxxxxx>
---
m4/virt-selinux.m4              | 20 ++------------------
src/qemu/qemu_domain.c          |  4 ++--
src/security/security_selinux.c | 22 ++--------------------
tests/securityselinuxhelper.c   | 19 +++++--------------
4 files changed, 11 insertions(+), 54 deletions(-)

diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index a97bf65e7f..71478319a6 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -13262,7 +13262,7 @@ qemuDomainCreateDeviceRecursive(const char *device,
    }

    if (tcon &&
-        lsetfilecon_raw(devicePath, (VIR_SELINUX_CTX_CONST char *)tcon) < 0) {
+        lsetfilecon_raw(devicePath, (const char *)tcon) < 0) {

I'm confused - why do we use a cast here in the first place?

The original failure was that the definition of our mocked versions of the APIs did not
match the declaration in system selinux headers:
https://www.redhat.com/archives/libvir-list/2014-May/msg00925.html

Passing char* to a function treating it as const char* is allowed and I don't
see any benefit of explicitly casting it.

        VIR_WARNINGS_NO_WLOGICALOP_EQUAL_EXPR
        if (errno != EOPNOTSUPP && errno != ENOTSUP) {
        VIR_WARNINGS_RESET
@@ -14061,7 +14061,7 @@ qemuDomainAttachDeviceMknodHelper(pid_t pid G_GNUC_UNUSED,

# ifdef WITH_SELINUX
    if (data->tcon &&
-        lsetfilecon_raw(data->file, (VIR_SELINUX_CTX_CONST char *)data->tcon) < 0) {
+        lsetfilecon_raw(data->file, (const char *)data->tcon) < 0) {
        VIR_WARNINGS_NO_WLOGICALOP_EQUAL_EXPR
        if (errno != EOPNOTSUPP && errno != ENOTSUP) {
        VIR_WARNINGS_RESET
diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
index 0812def922..386a8b84e6 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -1279,7 +1265,7 @@ virSecuritySELinuxSetFileconImpl(const char *path,

    VIR_INFO("Setting SELinux context on '%s' to '%s'", path, tcon);

-    if (setfilecon_raw(path, (VIR_SELINUX_CTX_CONST char *)tcon) < 0) {
+    if (setfilecon_raw(path, (const char *)tcon) < 0) {
        int setfilecon_errno = errno;

        if (getfilecon_raw(path, &econ) >= 0) {

Reviewed-by: Ján Tomko <jtomko@xxxxxxxxxx>

Jano
Attachment:
signature.asc

Description: PGP signature
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list



