openkylin
/
libvirt
mirror of https://gitee.com/openkylin/libvirt.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity

virSecuritySELinuxRestoreAllLabel: Restore more labels 

We are setting label on kernel, initrd, dtb and slic_table files.
But we never restored it.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
This commit is contained in:
Michal Privoznik 2018-10-03 11:08:21 +02:00
parent d81f3e02d7
commit d9043c06e6
1 changed files with 16 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
src/security/security_selinux.c
View File

@ -2668,6 +2668,22 @@ virSecuritySELinuxRestoreAllLabel(virSecurityManagerPtr mgr,
virSecuritySELinuxRestoreFileLabel(mgr, def->os.loader->nvram, false) < 0)
rc = -1;
if (def->os.kernel &&
virSecuritySELinuxRestoreFileLabel(mgr, def->os.kernel, false) < 0)
rc = -1;
if (def->os.initrd &&
virSecuritySELinuxRestoreFileLabel(mgr, def->os.initrd, false) < 0)
rc = -1;
if (def->os.dtb &&
virSecuritySELinuxRestoreFileLabel(mgr, def->os.dtb, false) < 0)
rc = -1;
if (def->os.slic_table &&
virSecuritySELinuxRestoreFileLabel(mgr, def->os.slic_table, false) < 0)
rc = -1;
return rc;
}