Re: [PATCH 07/18] conf: use disk source accessors in lxc/

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 03/21/2014 01:10 PM, Laine Stump wrote:
> On 03/19/2014 11:20 AM, Eric Blake wrote:
>> Part of a series of cleanups to use new accessor methods.
>>
>> * src/lxc/lxc_cgroup.c (virLXCCgroupSetupDeviceACL): Use
>> accessors.
>> * src/lxc/lxc_controller.c (virLXCControllerSetupLoopDeviceDisk)
>> (virLXCControllerSetupNBDDeviceDisk)
>> (virLXCControllerSetupLoopDevices, virLXCControllerSetupDisk):
>> Likewise.
>> * src/lxc/lxc_driver.c (lxcDomainAttachDeviceDiskLive)
>> (lxcDomainDetachDeviceDiskLive): Likewise.
>>
>> Signed-off-by: Eric Blake <eblake@xxxxxxxxxx>
>> ---
>>  src/lxc/lxc_cgroup.c     |  6 ++---
>>  src/lxc/lxc_controller.c | 69 +++++++++++++++++++++++++++---------------------
>>  src/lxc/lxc_driver.c     | 27 +++++++++++--------
>>  3 files changed, 58 insertions(+), 44 deletions(-)
>>
>> diff --git a/src/lxc/lxc_cgroup.c b/src/lxc/lxc_cgroup.c
>> index 5a1718d..da5ccf5 100644
>> --- a/src/lxc/lxc_cgroup.c
>> +++ b/src/lxc/lxc_cgroup.c
> 
>>
>> @@ -1662,12 +1671,12 @@ static int virLXCControllerSetupDisk(virLXCControllerPtr ctrl,
>>      mode_t mode;
>>      char *tmpsrc = def->src;
> 
> Why didn't you use the accessor here?

This is one of the files that will be further impacted by later patches
to security labeling.  The direct use of def->src here was involved in
an in-place swap, then a call to relabel the new file, then another
in-place swap back to the original name, all as a hack to work around
the fact that the security manager requires an entire disk object before
doing a label:

    /* Labelling normally operates on src, but we need
     * to actually label the dst here, so hack the config */
    def->src.path = dst;
    if (virSecurityManagerSetImageLabel(securityDriver, ctrl->def, def) < 0)
        goto cleanup;

    ret = 0;

cleanup:
    def->src.path = tmpsrc;


My plans are to improve the security code to add an interface to label
just a virDomainDiskSourceDef, where the code here and in qemu_driver
that currently does the hack of an in-place swap can instead just create
a new DiskSource object that gets labeled directly.  And since that
cleanup will get rid of the need to do the swap, converting this usage
to the accessor would just be churn.


-- 
Eric Blake   eblake redhat com    +1-919-301-3266
Libvirt virtualization library http://libvirt.org

Attachment: signature.asc
Description: OpenPGP digital signature

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list
[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]