If the first console is just a copy of the first serial device we
don't need to iterate over the same device twice in order to perform
actions like security labeling, cgroup configuring, etc.
Currently only security SELinux manager was aware of this fact.
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
---
src/conf/domain_conf.c | 26 +++++++++++++++++++++-----
src/security/security_selinux.c | 10 ----------
2 files changed, 21 insertions(+), 15 deletions(-)
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 0ff216e3a3..aa441fae3c 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -3517,6 +3517,24 @@ void virDomainDeviceInfoClear(virDomainDeviceInfoPtr info)
}
+static bool
+virDomainSkipBackcompatConsole(virDomainDefPtr def,
+ size_t index,
+ bool all)
+{
+ virDomainChrDefPtr console = def->consoles[index];
+
+ if (!all && index == 0 &&
+ (console->targetType == VIR_DOMAIN_CHR_CONSOLE_TARGET_TYPE_SERIAL ||
+ console->targetType == VIR_DOMAIN_CHR_CONSOLE_TARGET_TYPE_NONE) &&
+ def->os.type == VIR_DOMAIN_OSTYPE_HVM) {
+ return true;
+ }
+
+ return false;
+}
+
+
static int
virDomainDeviceInfoIterateInternal(virDomainDefPtr def,
virDomainDeviceInfoCallback cb,
@@ -3585,11 +3603,7 @@ virDomainDeviceInfoIterateInternal(virDomainDefPtr def,
return -1;
}
for (i = 0; i < def->nconsoles; i++) {
- if (!all &&
- i == 0 &&
- (def->consoles[i]->targetType == VIR_DOMAIN_CHR_CONSOLE_TARGET_TYPE_SERIAL ||
- def->consoles[i]->targetType == VIR_DOMAIN_CHR_CONSOLE_TARGET_TYPE_NONE) &&
- def->os.type == VIR_DOMAIN_OSTYPE_HVM)
+ if (virDomainSkipBackcompatConsole(def, i, all))
continue;
device.data.chr = def->consoles[i];
if (cb(def, &device, &def->consoles[i]->info, opaque) < 0)
@@ -25313,6 +25327,8 @@ virDomainChrDefForeach(virDomainDefPtr def,
goto done;
}
for (i = 0; i < def->nconsoles; i++) {
+ if (virDomainSkipBackcompatConsole(def, i, false))
+ continue;
if ((iter)(def,
def->consoles[i],
opaque) < 0)
diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
index df7c96833e..612dbc2a83 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -2339,11 +2339,6 @@ virSecuritySELinuxRestoreSecurityChardevCallback(virDomainDefPtr def,
{
virSecurityManagerPtr mgr = opaque;
- /* This is taken care of by processing of def->serials */
- if (dev->deviceType == VIR_DOMAIN_CHR_DEVICE_TYPE_CONSOLE &&
- dev->targetType == VIR_DOMAIN_CHR_CONSOLE_TARGET_TYPE_SERIAL)
- return 0;
-
return virSecuritySELinuxRestoreChardevLabel(mgr, def, dev, dev->source);
}
@@ -2733,11 +2728,6 @@ virSecuritySELinuxSetSecurityChardevCallback(virDomainDefPtr def,
{
virSecurityManagerPtr mgr = opaque;
- /* This is taken care of by processing of def->serials */
- if (dev->deviceType == VIR_DOMAIN_CHR_DEVICE_TYPE_CONSOLE &&
- dev->targetType == VIR_DOMAIN_CHR_CONSOLE_TARGET_TYPE_SERIAL)
- return 0;
-
return virSecuritySELinuxSetChardevLabel(mgr, def, dev, dev->source);
}
--
2.13.0
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
On Mon, May 15, 2017 at 04:28:34PM +0200, Pavel Hrdina wrote: >If the first console is just a copy of the first serial device we >don't need to iterate over the same device twice in order to perform >actions like security labeling, cgroup configuring, etc. > >Currently only security SELinux manager was aware of this fact. > >Signed-off-by: Pavel Hrdina <phrdina@redhat.com> >--- > src/conf/domain_conf.c | 26 +++++++++++++++++++++----- > src/security/security_selinux.c | 10 ---------- > 2 files changed, 21 insertions(+), 15 deletions(-) > ACK -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
© 2016 - 2025 Red Hat, Inc.