From nobody Tue May 13 20:33:02 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1539767454057570.641653210574; Wed, 17 Oct 2018 02:10:54 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 03C173082B72; Wed, 17 Oct 2018 09:10:52 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id A875D1B482; Wed, 17 Oct 2018 09:10:51 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 441D63D382; Wed, 17 Oct 2018 09:10:51 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w9H97qBh017265 for ; Wed, 17 Oct 2018 05:07:52 -0400 Received: by smtp.corp.redhat.com (Postfix) id 2BAEA7FC3B; Wed, 17 Oct 2018 09:07:52 +0000 (UTC) Received: from moe.brq.redhat.com (unknown [10.43.2.192]) by smtp.corp.redhat.com (Postfix) with ESMTP id 7F29F7FC3F for ; Wed, 17 Oct 2018 09:07:51 +0000 (UTC) From: Michal Privoznik To: libvir-list@redhat.com Date: Wed, 17 Oct 2018 11:06:47 +0200 Message-Id: <2f4eb17651becfc7ceae1d58175e9fcd3120d913.1539766897.git.mprivozn@redhat.com> In-Reply-To: References: X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v3 05/13] Revert "security_manager: Load lock plugin on init" X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.45]); Wed, 17 Oct 2018 09:10:52 +0000 (UTC) X-ZohoMail: RDMRC_0 RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" This reverts commit 3e26b476b5f322353bf0dcd8e3f037ca672b8c62. Signed-off-by: Michal Privoznik --- cfg.mk | 4 +--- src/lxc/lxc_controller.c | 3 +-- src/lxc/lxc_driver.c | 2 +- src/qemu/qemu_driver.c | 3 --- src/security/security_manager.c | 25 +------------------------ src/security/security_manager.h | 2 -- tests/seclabeltest.c | 2 +- tests/securityselinuxlabeltest.c | 2 +- tests/securityselinuxtest.c | 2 +- tests/testutilsqemu.c | 2 +- 10 files changed, 8 insertions(+), 39 deletions(-) diff --git a/cfg.mk b/cfg.mk index 4790d0b7e7..eddd110ed6 100644 --- a/cfg.mk +++ b/cfg.mk @@ -787,10 +787,8 @@ sc_prohibit_cross_inclusion: case $$dir in \ util/) safe=3D"util";; \ access/ | conf/) safe=3D"($$dir|conf|util)";; \ - cpu/| network/| node_device/| rpc/| storage/) \ + cpu/| network/| node_device/| rpc/| security/| storage/) \ safe=3D"($$dir|util|conf|storage)";; \ - security/) \ - safe=3D"($$dir|util|conf|storage|locking)";; \ xenapi/ | xenconfig/ ) safe=3D"($$dir|util|conf|xen|cpu)";; \ *) safe=3D"($$dir|$(mid_dirs)|util)";; \ esac; \ diff --git a/src/lxc/lxc_controller.c b/src/lxc/lxc_controller.c index 62dfd09473..e853d02d65 100644 --- a/src/lxc/lxc_controller.c +++ b/src/lxc/lxc_controller.c @@ -2624,8 +2624,7 @@ int main(int argc, char *argv[]) ctrl->handshakeFd =3D handshakeFd; =20 if (!(ctrl->securityManager =3D virSecurityManagerNew(securityDriver, - LXC_DRIVER_NAME, - NULL, 0))) + LXC_DRIVER_NAME, 0= ))) goto cleanup; =20 if (ctrl->def->seclabels) { diff --git a/src/lxc/lxc_driver.c b/src/lxc/lxc_driver.c index f732305649..990871d9b3 100644 --- a/src/lxc/lxc_driver.c +++ b/src/lxc/lxc_driver.c @@ -1531,7 +1531,7 @@ lxcSecurityInit(virLXCDriverConfigPtr cfg) flags |=3D VIR_SECURITY_MANAGER_REQUIRE_CONFINED; =20 virSecurityManagerPtr mgr =3D virSecurityManagerNew(cfg->securityDrive= rName, - LXC_DRIVER_NAME, NUL= L, flags); + LXC_DRIVER_NAME, fla= gs); if (!mgr) goto error; =20 diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index a52e2495d5..3a1185f947 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -350,7 +350,6 @@ qemuSecurityInit(virQEMUDriverPtr driver) while (names && *names) { if (!(mgr =3D qemuSecurityNew(*names, QEMU_DRIVER_NAME, - cfg->metadataLockManagerName, flags))) goto error; if (!stack) { @@ -366,7 +365,6 @@ qemuSecurityInit(virQEMUDriverPtr driver) } else { if (!(mgr =3D qemuSecurityNew(NULL, QEMU_DRIVER_NAME, - cfg->metadataLockManagerName, flags))) goto error; if (!(stack =3D qemuSecurityNewStack(mgr))) @@ -383,7 +381,6 @@ qemuSecurityInit(virQEMUDriverPtr driver) cfg->user, cfg->group, flags, - cfg->metadataLockManagerName, qemuSecurityChownCallback))) goto error; if (!stack) { diff --git a/src/security/security_manager.c b/src/security/security_manage= r.c index b675f8ab46..47be47df48 100644 --- a/src/security/security_manager.c +++ b/src/security/security_manager.c @@ -32,7 +32,6 @@ #include "viralloc.h" #include "virobject.h" #include "virlog.h" -#include "locking/lock_manager.h" #include "virfile.h" =20 #define VIR_FROM_THIS VIR_FROM_SECURITY @@ -46,8 +45,6 @@ struct _virSecurityManager { unsigned int flags; const char *virtDriver; void *privateData; - - virLockManagerPluginPtr lockPlugin; }; =20 static virClassPtr virSecurityManagerClass; @@ -58,12 +55,8 @@ void virSecurityManagerDispose(void *obj) { virSecurityManagerPtr mgr =3D obj; =20 - if (mgr->drv && - mgr->drv->close) + if (mgr->drv->close) mgr->drv->close(mgr); - - virObjectUnref(mgr->lockPlugin); - VIR_FREE(mgr->privateData); } =20 @@ -83,7 +76,6 @@ VIR_ONCE_GLOBAL_INIT(virSecurityManager); static virSecurityManagerPtr virSecurityManagerNewDriver(virSecurityDriverPtr drv, const char *virtDriver, - const char *lockManagerPluginName, unsigned int flags) { virSecurityManagerPtr mgr =3D NULL; @@ -103,14 +95,6 @@ virSecurityManagerNewDriver(virSecurityDriverPtr drv, if (!(mgr =3D virObjectLockableNew(virSecurityManagerClass))) goto error; =20 - if (!lockManagerPluginName) - lockManagerPluginName =3D "nop"; - - if (!(mgr->lockPlugin =3D virLockManagerPluginNew(lockManagerPluginNam= e, - NULL, NULL, 0))) { - goto error; - } - mgr->drv =3D drv; mgr->flags =3D flags; mgr->virtDriver =3D virtDriver; @@ -133,7 +117,6 @@ virSecurityManagerNewStack(virSecurityManagerPtr primar= y) virSecurityManagerPtr mgr =3D virSecurityManagerNewDriver(&virSecurityDriverStack, virSecurityManagerGetDriver(primary), - NULL, primary->flags); =20 if (!mgr) @@ -142,8 +125,6 @@ virSecurityManagerNewStack(virSecurityManagerPtr primar= y) if (virSecurityStackAddNested(mgr, primary) < 0) goto error; =20 - mgr->lockPlugin =3D virObjectRef(mgr->lockPlugin); - return mgr; error: virObjectUnref(mgr); @@ -166,7 +147,6 @@ virSecurityManagerNewDAC(const char *virtDriver, uid_t user, gid_t group, unsigned int flags, - const char *lockManagerPluginName, virSecurityManagerDACChownCallback chownCallback) { virSecurityManagerPtr mgr; @@ -177,7 +157,6 @@ virSecurityManagerNewDAC(const char *virtDriver, =20 mgr =3D virSecurityManagerNewDriver(&virSecurityDriverDAC, virtDriver, - lockManagerPluginName, flags & VIR_SECURITY_MANAGER_NEW_MAS= K); =20 if (!mgr) @@ -199,7 +178,6 @@ virSecurityManagerNewDAC(const char *virtDriver, virSecurityManagerPtr virSecurityManagerNew(const char *name, const char *virtDriver, - const char *lockManagerPluginName, unsigned int flags) { virSecurityDriverPtr drv =3D virSecurityDriverLookup(name, virtDriver); @@ -228,7 +206,6 @@ virSecurityManagerNew(const char *name, =20 return virSecurityManagerNewDriver(drv, virtDriver, - lockManagerPluginName, flags); } =20 diff --git a/src/security/security_manager.h b/src/security/security_manage= r.h index fe8a1b4a24..c4abc34b17 100644 --- a/src/security/security_manager.h +++ b/src/security/security_manager.h @@ -45,7 +45,6 @@ typedef enum { =20 virSecurityManagerPtr virSecurityManagerNew(const char *name, const char *virtDriver, - const char *lockManagerPluginN= ame, unsigned int flags); =20 virSecurityManagerPtr virSecurityManagerNewStack(virSecurityManagerPtr pri= mary); @@ -71,7 +70,6 @@ virSecurityManagerPtr virSecurityManagerNewDAC(const char= *virtDriver, uid_t user, gid_t group, unsigned int flags, - const char *lockManagerPlug= inName, virSecurityManagerDACChownC= allback chownCallback); =20 int virSecurityManagerPreFork(virSecurityManagerPtr mgr); diff --git a/tests/seclabeltest.c b/tests/seclabeltest.c index 7cddf96e82..a0296c787e 100644 --- a/tests/seclabeltest.c +++ b/tests/seclabeltest.c @@ -14,7 +14,7 @@ mymain(void) if (virThreadInitialize() < 0) return EXIT_FAILURE; =20 - mgr =3D virSecurityManagerNew(NULL, "QEMU", NULL, VIR_SECURITY_MANAGER= _DEFAULT_CONFINED); + mgr =3D virSecurityManagerNew(NULL, "QEMU", VIR_SECURITY_MANAGER_DEFAU= LT_CONFINED); if (mgr =3D=3D NULL) { fprintf(stderr, "Failed to start security driver"); return EXIT_FAILURE; diff --git a/tests/securityselinuxlabeltest.c b/tests/securityselinuxlabelt= est.c index aa9fae7d32..39f4eb7b6a 100644 --- a/tests/securityselinuxlabeltest.c +++ b/tests/securityselinuxlabeltest.c @@ -346,7 +346,7 @@ mymain(void) if (!rc) return EXIT_AM_SKIP; =20 - if (!(mgr =3D virSecurityManagerNew("selinux", "QEMU", NULL, + if (!(mgr =3D virSecurityManagerNew("selinux", "QEMU", VIR_SECURITY_MANAGER_DEFAULT_CONFINE= D | VIR_SECURITY_MANAGER_PRIVILEGED))) { VIR_TEST_VERBOSE("Unable to initialize security driver: %s\n", diff --git a/tests/securityselinuxtest.c b/tests/securityselinuxtest.c index f1ea51b1ac..a2864cf57c 100644 --- a/tests/securityselinuxtest.c +++ b/tests/securityselinuxtest.c @@ -272,7 +272,7 @@ mymain(void) int ret =3D 0; virSecurityManagerPtr mgr; =20 - if (!(mgr =3D virSecurityManagerNew("selinux", "QEMU", NULL, + if (!(mgr =3D virSecurityManagerNew("selinux", "QEMU", VIR_SECURITY_MANAGER_DEFAULT_CONFINE= D | VIR_SECURITY_MANAGER_PRIVILEGED))) { fprintf(stderr, "Unable to initialize security driver: %s\n", diff --git a/tests/testutilsqemu.c b/tests/testutilsqemu.c index 332885eb77..0d3e9fc7e6 100644 --- a/tests/testutilsqemu.c +++ b/tests/testutilsqemu.c @@ -716,7 +716,7 @@ int qemuTestDriverInit(virQEMUDriver *driver) if (qemuTestCapsCacheInsert(driver->qemuCapsCache, NULL) < 0) goto error; =20 - if (!(mgr =3D virSecurityManagerNew("none", "qemu", NULL, + if (!(mgr =3D virSecurityManagerNew("none", "qemu", VIR_SECURITY_MANAGER_PRIVILEGED))) goto error; if (!(driver->securityManager =3D virSecurityManagerNewStack(mgr))) --=20 2.18.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list