[libvirt] [PATCH v1 08/10] security_dac: Cleanup virSecurityDACSetOwnershipInternal usage

[Michal Privoznik]

We have nice wrappers over internal function that eventually
calls the Internal() function, but for future work it's better to
call those wrappers instead of the internal function directly.
This is due to fact that the wrappers differentiate between
setting or restoring the label while the internal function does
not.

Signed-off-by: Michal Privoznik <mpriv...@redhat.com>
---
 src/security/security_dac.c | 48 ++++++++++++++++++++++++++++++---------------
 1 file changed, 32 insertions(+), 16 deletions(-)

diff --git a/src/security/security_dac.c b/src/security/security_dac.c
index e398d2c..7f69d86 100644
--- a/src/security/security_dac.c
+++ b/src/security/security_dac.c
@@ -305,21 +305,29 @@ virSecurityDACSetOwnershipInternal(virSecurityDACDataPtr 
priv,
 
 
 static int
-virSecurityDACSetOwnership(const char *path, uid_t uid, gid_t gid)
+virSecurityDACSetOwnership(virSecurityManagerPtr mgr,
+                           virStorageSourcePtr src,
+                           const char *path,
+                           uid_t uid,
+                           gid_t gid)
 {
-    return virSecurityDACSetOwnershipInternal(NULL, NULL, path, uid, gid);
+    virSecurityDACDataPtr priv = virSecurityManagerGetPrivateData(mgr);
+
+    /* XXX record previous ownership */
+    return virSecurityDACSetOwnershipInternal(priv, src, path, uid, gid);
 }
 
 
 static int
-virSecurityDACRestoreSecurityFileLabelInternal(virSecurityDACDataPtr priv,
+virSecurityDACRestoreSecurityFileLabelInternal(virSecurityManagerPtr mgr,
                                                virStorageSourcePtr src,
                                                const char *path)
 {
+    virSecurityDACDataPtr priv = virSecurityManagerGetPrivateData(mgr);
     VIR_INFO("Restoring DAC user and group on '%s'",
              NULLSTR(src ? src->path : path));
 
-    /* XXX record previous ownership */
+    /* XXX recall previous ownership */
     return virSecurityDACSetOwnershipInternal(priv, src, path, 0, 0);
 }
 
@@ -362,7 +370,7 @@ virSecurityDACSetSecurityImageLabel(virSecurityManagerPtr 
mgr,
             return -1;
     }
 
-    return virSecurityDACSetOwnershipInternal(priv, src, NULL, user, group);
+    return virSecurityDACSetOwnership(mgr, src, NULL, user, group);
 }
 
 
@@ -434,7 +442,7 @@ 
virSecurityDACRestoreSecurityImageLabelInt(virSecurityManagerPtr mgr,
         }
     }
 
-    return virSecurityDACRestoreSecurityFileLabelInternal(priv, src, NULL);
+    return virSecurityDACRestoreSecurityFileLabelInternal(mgr, src, NULL);
 }
 
 
@@ -470,7 +478,7 @@ virSecurityDACSetSecurityHostdevLabelHelper(const char 
*file,
     if (virSecurityDACGetIds(secdef, priv, &user, &group, NULL, NULL))
         return -1;
 
-    return virSecurityDACSetOwnership(file, user, group);
+    return virSecurityDACSetOwnership(mgr, NULL, file, user, group);
 }
 
 
@@ -762,7 +770,8 @@ virSecurityDACSetChardevLabel(virSecurityManagerPtr mgr,
     switch ((virDomainChrType) dev_source->type) {
     case VIR_DOMAIN_CHR_TYPE_DEV:
     case VIR_DOMAIN_CHR_TYPE_FILE:
-        ret = virSecurityDACSetOwnership(dev_source->data.file.path,
+        ret = virSecurityDACSetOwnership(mgr, NULL,
+                                         dev_source->data.file.path,
                                          user, group);
         break;
 
@@ -771,11 +780,14 @@ virSecurityDACSetChardevLabel(virSecurityManagerPtr mgr,
             (virAsprintf(&out, "%s.out", dev_source->data.file.path) < 0))
             goto done;
         if (virFileExists(in) && virFileExists(out)) {
-            if ((virSecurityDACSetOwnership(in, user, group) < 0) ||
-                (virSecurityDACSetOwnership(out, user, group) < 0)) {
+            if ((virSecurityDACSetOwnership(mgr, NULL,
+                                            in, user, group) < 0) ||
+                (virSecurityDACSetOwnership(mgr, NULL,
+                                            out, user, group) < 0)) {
                 goto done;
             }
-        } else if (virSecurityDACSetOwnership(dev_source->data.file.path,
+        } else if (virSecurityDACSetOwnership(mgr, NULL,
+                                              dev_source->data.file.path,
                                               user, group) < 0) {
             goto done;
         }
@@ -1041,19 +1053,23 @@ virSecurityDACSetSecurityAllLabel(virSecurityManagerPtr 
mgr,
         return -1;
 
     if (def->os.loader && def->os.loader->nvram &&
-        virSecurityDACSetOwnership(def->os.loader->nvram, user, group) < 0)
+        virSecurityDACSetOwnership(mgr, NULL,
+                                   def->os.loader->nvram, user, group) < 0)
         return -1;
 
     if (def->os.kernel &&
-        virSecurityDACSetOwnership(def->os.kernel, user, group) < 0)
+        virSecurityDACSetOwnership(mgr, NULL,
+                                   def->os.kernel, user, group) < 0)
         return -1;
 
     if (def->os.initrd &&
-        virSecurityDACSetOwnership(def->os.initrd, user, group) < 0)
+        virSecurityDACSetOwnership(mgr, NULL,
+                                   def->os.initrd, user, group) < 0)
         return -1;
 
     if (def->os.dtb &&
-        virSecurityDACSetOwnership(def->os.dtb, user, group) < 0)
+        virSecurityDACSetOwnership(mgr, NULL,
+                                   def->os.dtb, user, group) < 0)
         return -1;
 
     return 0;
@@ -1075,7 +1091,7 @@ virSecurityDACSetSavedStateLabel(virSecurityManagerPtr 
mgr,
     if (virSecurityDACGetImageIds(secdef, priv, &user, &group) < 0)
         return -1;
 
-    return virSecurityDACSetOwnership(savefile, user, group);
+    return virSecurityDACSetOwnership(mgr, NULL, savefile, user, group);
 }
 
 
-- 
1.8.5.5

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list