50 lines
1.7 KiB
Diff
50 lines
1.7 KiB
Diff
From e6b532333a0f7dcd3c1466b941b5ce8317a70d62 Mon Sep 17 00:00:00 2001
|
|
From: Michal Privoznik <mprivozn@redhat.com>
|
|
Date: Wed, 17 Jun 2020 11:01:05 +0200
|
|
Subject: [PATCH 009/108] qemu: Use qemuSecurityDomainSetPathLabel() to set
|
|
seclabes on not saved state files
|
|
|
|
There are two places within qemu driver that misuse
|
|
qemuSecuritySetSavedStateLabel() to set seclabels on tempfiles
|
|
that are not state files: qemuDomainScreenshot() and
|
|
qemuDomainMemoryPeek(). They are doing so because of lack of
|
|
qemuSecurityDomainSetPathLabel() at the time of their
|
|
introduction.
|
|
|
|
In all three secdrivers (well, four if you count NOP driver) the
|
|
implementation of .domainSetSavedStateLabel and
|
|
.domainSetPathLabel callbacks is the same anyway.
|
|
|
|
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
|
Reviewed-by: Erik Skultety <eskultet@redhat.com>
|
|
(cherry picked from commit 8c6257942425c36e6f6d96629d334fb09a94da28)
|
|
---
|
|
src/qemu/qemu_driver.c | 4 ++--
|
|
1 file changed, 2 insertions(+), 2 deletions(-)
|
|
|
|
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
|
|
index e7166e4af3..196b301751 100644
|
|
--- a/src/qemu/qemu_driver.c
|
|
+++ b/src/qemu/qemu_driver.c
|
|
@@ -4083,7 +4083,7 @@ qemuDomainScreenshot(virDomainPtr dom,
|
|
}
|
|
unlink_tmp = true;
|
|
|
|
- qemuSecuritySetSavedStateLabel(driver, vm, tmp);
|
|
+ qemuSecurityDomainSetPathLabel(driver, vm, tmp, false);
|
|
|
|
qemuDomainObjEnterMonitor(driver, vm);
|
|
if (qemuMonitorScreendump(priv->mon, videoAlias, screen, tmp) < 0) {
|
|
@@ -11699,7 +11699,7 @@ qemuDomainMemoryPeek(virDomainPtr dom,
|
|
goto endjob;
|
|
}
|
|
|
|
- qemuSecuritySetSavedStateLabel(driver, vm, tmp);
|
|
+ qemuSecurityDomainSetPathLabel(driver, vm, tmp, false);
|
|
|
|
priv = vm->privateData;
|
|
qemuDomainObjEnterMonitor(driver, vm);
|
|
--
|
|
2.33.0
|
|
|