[libvirt] [PATCH v2] selinux: Only create the selabel_handle once.

Richard W.M. Jones rjones at redhat.com
Wed Jan 23 20:39:05 UTC 2013


On Wed, Jan 23, 2013 at 08:35:13PM +0000, Daniel P. Berrange wrote:
> On Wed, Jan 23, 2013 at 08:33:55PM +0000, Richard W.M. Jones wrote:
> > From: "Richard W.M. Jones" <rjones at redhat.com>
> > 
> > According to Eric Paris this is slightly more efficient because it
> > only loads the regular expressions in libselinux once.
> > ---
> >  src/security/security_selinux.c | 24 +++++++++++++++++-------
> >  1 file changed, 17 insertions(+), 7 deletions(-)
> > 
> > diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
> > index a3ef728..d4f0595 100644
> > --- a/src/security/security_selinux.c
> > +++ b/src/security/security_selinux.c
> > @@ -935,20 +935,30 @@ virSecuritySELinuxFSetFilecon(int fd, char *tcon)
> >      return 0;
> >  }
> >  
> > +#if HAVE_SELINUX_LABEL_H
> > +
> > +static struct selabel_handle *seLabelHandle = NULL;
> 
> Same comment as previous version - this should go in the
> virSecuritySELinuxData struct, not a global variable.

Will do .. Is there some problem with global variables?

Rich.

-- 
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming blog: http://rwmj.wordpress.com
Fedora now supports 80 OCaml packages (the OPEN alternative to F#)




More information about the libvir-list mailing list