From nobody Wed May 14 17:02:47 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 152095198373355.33837777879671; Tue, 13 Mar 2018 07:39:43 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 7D32C13A41; Tue, 13 Mar 2018 14:39:42 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 424EC96565; Tue, 13 Mar 2018 14:39:42 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id E8E4B4CA99; Tue, 13 Mar 2018 14:39:41 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w2DEcQmY003434 for ; Tue, 13 Mar 2018 10:38:26 -0400 Received: by smtp.corp.redhat.com (Postfix) id 33BA12166BB2; Tue, 13 Mar 2018 14:38:26 +0000 (UTC) Received: from angien.brq.redhat.com (unknown [10.43.2.136]) by smtp.corp.redhat.com (Postfix) with ESMTP id B1B282166BDA; Tue, 13 Mar 2018 14:38:25 +0000 (UTC) From: Peter Krempa To: libvir-list@redhat.com Date: Tue, 13 Mar 2018 15:37:34 +0100 Message-Id: <7429b438229736b3d3ab8747c113d7aa7a68336c.1520951803.git.pkrempa@redhat.com> In-Reply-To: References: In-Reply-To: References: X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 X-loop: libvir-list@redhat.com Cc: Peter Krempa Subject: [libvirt] [PATCH 08/10] conf: Parse and validate disk source seclabels together with the source X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.29]); Tue, 13 Mar 2018 14:39:42 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Since seclabels are formatted along with the source element and will also make sense to be passed for the backing chain we should parse them in the place where we parse the disk source. Same applies for validation. Signed-off-by: Peter Krempa --- src/conf/domain_conf.c | 39 +++++++++++++++------------------------ 1 file changed, 15 insertions(+), 24 deletions(-) diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 6c2a2f3a75..d1ff80feb7 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -8631,6 +8631,10 @@ virDomainDiskSourceParse(xmlNodePtr node, !(src->encryption =3D virStorageEncryptionParseNode(tmp, ctxt))) goto cleanup; + if (virSecurityDeviceLabelDefParseXML(&src->seclabels, &src->nseclabel= s, + ctxt, flags) < 0) + goto cleanup; + if (virDomainDiskSourcePrivateDataParse(ctxt, src, flags, xmlopt) < 0) goto cleanup; @@ -8985,7 +8989,10 @@ virDomainDiskSourceDefParseAuthValidate(const virSto= rageSource *src) static int -virDomainDiskDefParseValidate(const virDomainDiskDef *def) +virDomainDiskDefParseValidate(const virDomainDiskDef *def, + virSecurityLabelDefPtr *vmSeclabels, + size_t nvmSeclabels) + { virStorageSourcePtr next; @@ -9075,6 +9082,12 @@ virDomainDiskDefParseValidate(const virDomainDiskDef= *def) return -1; } } + + if (virSecurityDeviceLabelDefValidateXML(next->seclabels, + next->nseclabels, + vmSeclabels, + nvmSeclabels) < 0) + return -1; } return 0; @@ -9222,7 +9235,6 @@ virDomainDiskDefParseXML(virDomainXMLOptionPtr xmlopt, unsigned int flags) { virDomainDiskDefPtr def; - xmlNodePtr sourceNode =3D NULL; xmlNodePtr cur; xmlNodePtr save_ctxt =3D ctxt->node; char *tmp =3D NULL; @@ -9281,8 +9293,6 @@ virDomainDiskDefParseXML(virDomainXMLOptionPtr xmlopt, continue; if (!source && virXMLNodeNameEqual(cur, "source")) { - sourceNode =3D cur; - if (virDomainDiskSourceParse(cur, ctxt, def->src, flags, xmlop= t) < 0) goto error; @@ -9460,25 +9470,6 @@ virDomainDiskDefParseXML(virDomainXMLOptionPtr xmlop= t, goto error; } - /* If source is present, check for an optional seclabel override. */ - if (sourceNode) { - xmlNodePtr saved_node =3D ctxt->node; - ctxt->node =3D sourceNode; - if (virSecurityDeviceLabelDefParseXML(&def->src->seclabels, - &def->src->nseclabels, - ctxt, - flags) < 0) - goto error; - - if (virSecurityDeviceLabelDefValidateXML(def->src->seclabels, - def->src->nseclabels, - vmSeclabels, - nvmSeclabels) < 0) - goto error; - - ctxt->node =3D saved_node; - } - if (!target && !(flags & VIR_DOMAIN_DEF_PARSE_DISK_SOURCE)) { if (def->src->srcpool) { if (virAsprintf(&tmp, "pool =3D '%s', volume =3D '%s'", @@ -9644,7 +9635,7 @@ virDomainDiskDefParseXML(virDomainXMLOptionPtr xmlopt, goto error; } - if (virDomainDiskDefParseValidate(def) < 0) + if (virDomainDiskDefParseValidate(def, vmSeclabels, nvmSeclabels) < 0) goto error; cleanup: --=20 2.16.2 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list