[PATCH RFC 3/3] security_dac: Implement {save, load}Status

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



---
 src/security/security_dac.c | 116 +++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 115 insertions(+), 1 deletion(-)

diff --git a/src/security/security_dac.c b/src/security/security_dac.c
index 4b8f0a2..f2d8c67 100644
--- a/src/security/security_dac.c
+++ b/src/security/security_dac.c
@@ -42,6 +42,7 @@ struct _virSecurityDACData {
     uid_t user;
     gid_t group;
     bool dynamicOwnership;
+    bool updated; /* has the state changed since last virSecurityDACSaveStatus? */
     virHashTablePtr oldOwners; /* to hold pairs <path, virOldLabelPtr> */
 };
 
@@ -65,6 +66,15 @@ hashDataFree(void *payload, const void *name ATTRIBUTE_UNUSED)
     virOldLabelFree(payload);
 }
 
+static void
+hashDataToXML(void *payload, const void *name, void *data)
+{
+    virOldLabelPtr label = payload;
+
+    virBufferAsprintf(data, "<label path='%s' owner='%s' refCount='%d'/>\n",
+                      (const char *)name, label->owner, label->refCount);
+}
+
 /**
  * virSecurityDACRememberLabel:
  * @priv:   private DAC driver data
@@ -114,7 +124,7 @@ virSecurityDACRememberLabel(virSecurityDACDataPtr priv,
 cleanup:
     VIR_FREE(user);
     VIR_FREE(group);
-    return oldLabel ? oldLabel->refCount : -1;
+    return oldLabel ? priv->updated = true, oldLabel->refCount : -1;
 }
 
 static int parseIds(const char *label, uid_t *uidPtr, gid_t *gidPtr);
@@ -147,6 +157,7 @@ virSecurityDACGetRememberedLabel(virSecurityDACDataPtr priv,
         goto cleanup;
 
     ret = --oldLabel->refCount;
+    priv->updated = true;
 
     if (!ret) {
         ret = parseIds(oldLabel->owner, user, group);
@@ -372,6 +383,106 @@ virSecurityDACClose(virSecurityManagerPtr mgr)
     return 0;
 }
 
+static int
+virSecurityDACSaveStatus(virSecurityManagerPtr mgr,
+                         virBufferPtr *buf,
+                         bool force)
+{
+    virSecurityDACDataPtr priv = virSecurityManagerGetPrivateData(mgr);
+    int ret = -1;
+
+    if (!force && !priv->updated) {
+        *buf = NULL;
+        return 0;
+    }
+
+    priv->updated = false;
+
+    virBufferAddLit(*buf, "<securityDriver>\n");
+    virBufferAddLit(*buf, "  <oldLabel>\n");
+    virBufferAdjustIndent(*buf, 4);
+
+    ret = virHashForEach(priv->oldOwners, hashDataToXML, *buf);
+
+    virBufferAdjustIndent(*buf, -4);
+    virBufferAddLit(*buf, "  </oldLabel>\n");
+    virBufferAddLit(*buf, "</securityDriver>\n");
+    return ret;
+}
+
+static int
+virSecurityDACLoadStatus(virSecurityManagerPtr mgr,
+                         xmlDocPtr doc)
+{
+    virSecurityDACDataPtr priv = virSecurityManagerGetPrivateData(mgr);
+    int i, n, ret = -1;
+    xmlNodePtr *nodes = NULL, root = xmlDocGetRootElement(doc);
+    xmlXPathContextPtr ctxt = NULL;
+    char *path = NULL,*owner = NULL, *refCountStr = NULL;
+    virOldLabelPtr oldLabel = NULL;
+
+    if (!xmlStrEqual(root->name, BAD_CAST "securityDriver")) {
+        virReportError(VIR_ERR_XML_ERROR,
+                       _("unexpected root element <%s>, "
+                         "expecting <securityDriver>"),
+                       root->name);
+        return ret;
+    }
+
+    if (!(ctxt = xmlXPathNewContext(doc))) {
+        virReportOOMError();
+        return ret;
+    }
+
+    ctxt->node = root;
+
+    n = virXPathNodeSet("./oldLabel/label", ctxt, &nodes);
+    if (n < 0)
+        goto cleanup;
+
+    for (i = 0; i < n; i++) {
+        path = virXMLPropString(nodes[i], "path");
+        owner = virXMLPropString(nodes[i], "owner");
+        refCountStr = virXMLPropString(nodes[i], "refCount");
+
+        if (!path || !owner || !refCountStr) {
+            virReportError(VIR_ERR_XML_DETAIL, "%s",
+                           _("Malformed security driver xml"));
+            goto cleanup;
+        }
+        if (VIR_ALLOC(oldLabel) < 0) {
+            virReportOOMError();
+            goto cleanup;
+        }
+
+        if (virStrToLong_i(refCountStr, NULL, 10, &oldLabel->refCount) < 0) {
+            virReportError(VIR_ERR_XML_DETAIL,
+                           _("Malformed refCount attribute: %s"),
+                           refCountStr);
+            goto cleanup;
+        }
+
+        oldLabel->owner = owner;
+        owner = NULL;
+
+        if (virHashUpdateEntry(priv->oldOwners, path, oldLabel) < 0)
+            goto cleanup;
+
+        path = NULL;
+        oldLabel = NULL;
+        VIR_FREE(refCountStr);
+    }
+
+    ret = 0;
+cleanup:
+    virOldLabelFree(oldLabel);
+    VIR_FREE(path);
+    VIR_FREE(owner);
+    VIR_FREE(refCountStr);
+    VIR_FREE(nodes);
+    xmlXPathFreeContext(ctxt);
+    return ret;
+}
 
 static const char * virSecurityDACGetModel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED)
 {
@@ -1304,6 +1415,9 @@ virSecurityDriver virSecurityDriverDAC = {
     .open                               = virSecurityDACOpen,
     .close                              = virSecurityDACClose,
 
+    .saveStatus                         = virSecurityDACSaveStatus,
+    .loadStatus                         = virSecurityDACLoadStatus,
+
     .getModel                           = virSecurityDACGetModel,
     .getDOI                             = virSecurityDACGetDOI,
 
-- 
1.8.1.4

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list


[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]