[libvirt] [PATCH 07/18] conf: use disk source accessors in lxc/

Eric Blake eblake at redhat.com
Fri Mar 21 19:28:16 UTC 2014 

On 03/21/2014 01:10 PM, Laine Stump wrote:
> On 03/19/2014 11:20 AM, Eric Blake wrote:
>> Part of a series of cleanups to use new accessor methods.
>>
>> * src/lxc/lxc_cgroup.c (virLXCCgroupSetupDeviceACL): Use
>> accessors.
>> * src/lxc/lxc_controller.c (virLXCControllerSetupLoopDeviceDisk)
>> (virLXCControllerSetupNBDDeviceDisk)
>> (virLXCControllerSetupLoopDevices, virLXCControllerSetupDisk):
>> Likewise.
>> * src/lxc/lxc_driver.c (lxcDomainAttachDeviceDiskLive)
>> (lxcDomainDetachDeviceDiskLive): Likewise.
>>
>> Signed-off-by: Eric Blake <eblake at redhat.com>
>> ---
>>  src/lxc/lxc_cgroup.c     |  6 ++---
>>  src/lxc/lxc_controller.c | 69 +++++++++++++++++++++++++++---------------------
>>  src/lxc/lxc_driver.c     | 27 +++++++++++--------
>>  3 files changed, 58 insertions(+), 44 deletions(-)
>>
>> diff --git a/src/lxc/lxc_cgroup.c b/src/lxc/lxc_cgroup.c
>> index 5a1718d..da5ccf5 100644
>> --- a/src/lxc/lxc_cgroup.c
>> +++ b/src/lxc/lxc_cgroup.c
> 
>>
>> @@ -1662,12 +1671,12 @@ static int virLXCControllerSetupDisk(virLXCControllerPtr ctrl,
>>      mode_t mode;
>>      char *tmpsrc = def->src;
> 
> Why didn't you use the accessor here?

This is one of the files that will be further impacted by later patches
to security labeling.  The direct use of def->src here was involved in
an in-place swap, then a call to relabel the new file, then another
in-place swap back to the original name, all as a hack to work around
the fact that the security manager requires an entire disk object before
doing a label:

    /* Labelling normally operates on src, but we need
     * to actually label the dst here, so hack the config */
    def->src.path = dst;
    if (virSecurityManagerSetImageLabel(securityDriver, ctrl->def, def) < 0)
        goto cleanup;

    ret = 0;

cleanup:
    def->src.path = tmpsrc;


My plans are to improve the security code to add an interface to label
just a virDomainDiskSourceDef, where the code here and in qemu_driver
that currently does the hack of an in-place swap can instead just create
a new DiskSource object that gets labeled directly.  And since that
cleanup will get rid of the need to do the swap, converting this usage
to the accessor would just be churn.


-- 
Eric Blake   eblake redhat com    +1-919-301-3266
Libvirt virtualization library http://libvirt.org

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 604 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20140321/2bc80f8a/attachment-0001.sig>

More information about the libvir-list mailing list