openkylin
/
libvirt
mirror of https://gitee.com/openkylin/libvirt.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity

Revert "security_manager: Load lock plugin on init" 

This reverts commit 3e26b476b5.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
This commit is contained in:
Michal Privoznik 2018-10-02 15:08:28 +02:00
parent 207860927a
commit 0aad10cdae
10 changed files with 8 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
cfg.mk
View File

@ -788,10 +788,8 @@ sc_prohibit_cross_inclusion:
case $$dir in \
util/) safe="util";; \
access/ | conf/) safe="($$dir|conf|util)";; \
cpu/| network/| node_device/| rpc/| storage/) \
cpu/| network/| node_device/| rpc/| security/| storage/) \
safe="($$dir|util|conf|storage)";; \
security/) \
safe="($$dir|util|conf|storage|locking)";; \
xenapi/ | xenconfig/ ) safe="($$dir|util|conf|xen|cpu)";; \
*) safe="($$dir|$(mid_dirs)|util)";; \
esac; \

3
src/lxc/lxc_controller.c
View File

@ -2624,8 +2624,7 @@ int main(int argc, char *argv[])
ctrl->handshakeFd = handshakeFd;
if (!(ctrl->securityManager = virSecurityManagerNew(securityDriver,
LXC_DRIVER_NAME,
NULL, 0)))
LXC_DRIVER_NAME, 0)))
goto cleanup;
if (ctrl->def->seclabels) {

2
src/lxc/lxc_driver.c
View File

@ -1531,7 +1531,7 @@ lxcSecurityInit(virLXCDriverConfigPtr cfg)
flags |= VIR_SECURITY_MANAGER_REQUIRE_CONFINED;
virSecurityManagerPtr mgr = virSecurityManagerNew(cfg->securityDriverName,
LXC_DRIVER_NAME, NULL, flags);
LXC_DRIVER_NAME, flags);
if (!mgr)
goto error;

3
src/qemu/qemu_driver.c
View File

@ -350,7 +350,6 @@ qemuSecurityInit(virQEMUDriverPtr driver)
while (names && *names) {
if (!(mgr = qemuSecurityNew(*names,
QEMU_DRIVER_NAME,
cfg->metadataLockManagerName,
flags)))
goto error;
if (!stack) {
@ -366,7 +365,6 @@ qemuSecurityInit(virQEMUDriverPtr driver)
} else {
if (!(mgr = qemuSecurityNew(NULL,
QEMU_DRIVER_NAME,
cfg->metadataLockManagerName,
flags)))
goto error;
if (!(stack = qemuSecurityNewStack(mgr)))
@ -383,7 +381,6 @@ qemuSecurityInit(virQEMUDriverPtr driver)
cfg->user,
cfg->group,
flags,
cfg->metadataLockManagerName,
qemuSecurityChownCallback)))
goto error;
if (!stack) {

25
src/security/security_manager.c
View File

@ -32,7 +32,6 @@
#include "viralloc.h"
#include "virobject.h"
#include "virlog.h"
#include "locking/lock_manager.h"
#include "virfile.h"
#define VIR_FROM_THIS VIR_FROM_SECURITY
@ -46,8 +45,6 @@ struct _virSecurityManager {
unsigned int flags;
const char *virtDriver;
void *privateData;
virLockManagerPluginPtr lockPlugin;
};
static virClassPtr virSecurityManagerClass;
@ -58,12 +55,8 @@ void virSecurityManagerDispose(void *obj)
{
virSecurityManagerPtr mgr = obj;
if (mgr->drv &&
mgr->drv->close)
if (mgr->drv->close)
mgr->drv->close(mgr);
virObjectUnref(mgr->lockPlugin);
VIR_FREE(mgr->privateData);
}
@ -83,7 +76,6 @@ VIR_ONCE_GLOBAL_INIT(virSecurityManager);
static virSecurityManagerPtr
virSecurityManagerNewDriver(virSecurityDriverPtr drv,
const char *virtDriver,
const char *lockManagerPluginName,
unsigned int flags)
{
virSecurityManagerPtr mgr = NULL;
@ -103,14 +95,6 @@ virSecurityManagerNewDriver(virSecurityDriverPtr drv,
if (!(mgr = virObjectLockableNew(virSecurityManagerClass)))
goto error;
if (!lockManagerPluginName)
lockManagerPluginName = "nop";
if (!(mgr->lockPlugin = virLockManagerPluginNew(lockManagerPluginName,
NULL, NULL, 0))) {
goto error;
}
mgr->drv = drv;
mgr->flags = flags;
mgr->virtDriver = virtDriver;
@ -133,7 +117,6 @@ virSecurityManagerNewStack(virSecurityManagerPtr primary)
virSecurityManagerPtr mgr =
virSecurityManagerNewDriver(&virSecurityDriverStack,
virSecurityManagerGetDriver(primary),
NULL,
primary->flags);
if (!mgr)
@ -142,8 +125,6 @@ virSecurityManagerNewStack(virSecurityManagerPtr primary)
if (virSecurityStackAddNested(mgr, primary) < 0)
goto error;
mgr->lockPlugin = virObjectRef(mgr->lockPlugin);
return mgr;
error:
virObjectUnref(mgr);
@ -166,7 +147,6 @@ virSecurityManagerNewDAC(const char *virtDriver,
uid_t user,
gid_t group,
unsigned int flags,
const char *lockManagerPluginName,
virSecurityManagerDACChownCallback chownCallback)
{
virSecurityManagerPtr mgr;
@ -177,7 +157,6 @@ virSecurityManagerNewDAC(const char *virtDriver,
mgr = virSecurityManagerNewDriver(&virSecurityDriverDAC,
virtDriver,
lockManagerPluginName,
flags & VIR_SECURITY_MANAGER_NEW_MASK);
if (!mgr)
@ -199,7 +178,6 @@ virSecurityManagerNewDAC(const char *virtDriver,
virSecurityManagerPtr
virSecurityManagerNew(const char *name,
const char *virtDriver,
const char *lockManagerPluginName,
unsigned int flags)
{
virSecurityDriverPtr drv = virSecurityDriverLookup(name, virtDriver);
@ -228,7 +206,6 @@ virSecurityManagerNew(const char *name,
return virSecurityManagerNewDriver(drv,
virtDriver,
lockManagerPluginName,
flags);
}

2
src/security/security_manager.h
View File

@ -45,7 +45,6 @@ typedef enum {
virSecurityManagerPtr virSecurityManagerNew(const char *name,
const char *virtDriver,
const char *lockManagerPluginName,
unsigned int flags);
virSecurityManagerPtr virSecurityManagerNewStack(virSecurityManagerPtr primary);
@ -71,7 +70,6 @@ virSecurityManagerPtr virSecurityManagerNewDAC(const char *virtDriver,
uid_t user,
gid_t group,
unsigned int flags,
const char *lockManagerPluginName,
virSecurityManagerDACChownCallback chownCallback);
int virSecurityManagerPreFork(virSecurityManagerPtr mgr);

2
tests/seclabeltest.c
View File

@ -14,7 +14,7 @@ mymain(void)
if (virThreadInitialize() < 0)
return EXIT_FAILURE;
mgr = virSecurityManagerNew(NULL, "QEMU", NULL, VIR_SECURITY_MANAGER_DEFAULT_CONFINED);
mgr = virSecurityManagerNew(NULL, "QEMU", VIR_SECURITY_MANAGER_DEFAULT_CONFINED);
if (mgr == NULL) {
fprintf(stderr, "Failed to start security driver");
return EXIT_FAILURE;

2
tests/securityselinuxlabeltest.c
View File

@ -346,7 +346,7 @@ mymain(void)
if (!rc)
return EXIT_AM_SKIP;
if (!(mgr = virSecurityManagerNew("selinux", "QEMU", NULL,
if (!(mgr = virSecurityManagerNew("selinux", "QEMU",
VIR_SECURITY_MANAGER_DEFAULT_CONFINED |
VIR_SECURITY_MANAGER_PRIVILEGED))) {
VIR_TEST_VERBOSE("Unable to initialize security driver: %s\n",

2
tests/securityselinuxtest.c
View File

@ -272,7 +272,7 @@ mymain(void)
int ret = 0;
virSecurityManagerPtr mgr;
if (!(mgr = virSecurityManagerNew("selinux", "QEMU", NULL,
if (!(mgr = virSecurityManagerNew("selinux", "QEMU",
VIR_SECURITY_MANAGER_DEFAULT_CONFINED |
VIR_SECURITY_MANAGER_PRIVILEGED))) {
fprintf(stderr, "Unable to initialize security driver: %s\n",

2
tests/testutilsqemu.c
View File

@ -716,7 +716,7 @@ int qemuTestDriverInit(virQEMUDriver *driver)
if (qemuTestCapsCacheInsert(driver->qemuCapsCache, NULL) < 0)
goto error;
if (!(mgr = virSecurityManagerNew("none", "qemu", NULL,
if (!(mgr = virSecurityManagerNew("none", "qemu",
VIR_SECURITY_MANAGER_PRIVILEGED)))
goto error;
if (!(driver->securityManager = virSecurityManagerNewStack(mgr)))