[libvirt] [PATCH v4 07/15] Revert "security_manager: Load lock plugin on init"

Michal Privoznik mprivozn at redhat.com
Wed Nov 14 12:44:35 UTC 2018


This reverts commit 3e26b476b5f322353bf0dcd8e3f037ca672b8c62.

Signed-off-by: Michal Privoznik <mprivozn at redhat.com>
---
 cfg.mk                           |  4 +---
 src/lxc/lxc_controller.c         |  3 +--
 src/lxc/lxc_driver.c             |  2 +-
 src/qemu/qemu_driver.c           |  3 ---
 src/security/security_manager.c  | 25 +------------------------
 src/security/security_manager.h  |  2 --
 tests/seclabeltest.c             |  2 +-
 tests/securityselinuxlabeltest.c |  2 +-
 tests/securityselinuxtest.c      |  2 +-
 tests/testutilsqemu.c            |  2 +-
 10 files changed, 8 insertions(+), 39 deletions(-)

diff --git a/cfg.mk b/cfg.mk
index d0183c02ff..c83b152fda 100644
--- a/cfg.mk
+++ b/cfg.mk
@@ -787,10 +787,8 @@ sc_prohibit_cross_inclusion:
 	  case $$dir in \
 	    util/) safe="util";; \
 	    access/ | conf/) safe="($$dir|conf|util)";; \
-	    cpu/| network/| node_device/| rpc/| storage/) \
+	    cpu/| network/| node_device/| rpc/| security/| storage/) \
 	      safe="($$dir|util|conf|storage)";; \
-	    security/) \
-	      safe="($$dir|util|conf|storage|locking)";; \
 	    xenapi/ | xenconfig/ ) safe="($$dir|util|conf|xen|cpu)";; \
 	    *) safe="($$dir|$(mid_dirs)|util)";; \
 	  esac; \
diff --git a/src/lxc/lxc_controller.c b/src/lxc/lxc_controller.c
index 62dfd09473..e853d02d65 100644
--- a/src/lxc/lxc_controller.c
+++ b/src/lxc/lxc_controller.c
@@ -2624,8 +2624,7 @@ int main(int argc, char *argv[])
     ctrl->handshakeFd = handshakeFd;
 
     if (!(ctrl->securityManager = virSecurityManagerNew(securityDriver,
-                                                        LXC_DRIVER_NAME,
-                                                        NULL, 0)))
+                                                        LXC_DRIVER_NAME, 0)))
         goto cleanup;
 
     if (ctrl->def->seclabels) {
diff --git a/src/lxc/lxc_driver.c b/src/lxc/lxc_driver.c
index f732305649..990871d9b3 100644
--- a/src/lxc/lxc_driver.c
+++ b/src/lxc/lxc_driver.c
@@ -1531,7 +1531,7 @@ lxcSecurityInit(virLXCDriverConfigPtr cfg)
         flags |= VIR_SECURITY_MANAGER_REQUIRE_CONFINED;
 
     virSecurityManagerPtr mgr = virSecurityManagerNew(cfg->securityDriverName,
-                                                      LXC_DRIVER_NAME, NULL, flags);
+                                                      LXC_DRIVER_NAME, flags);
     if (!mgr)
         goto error;
 
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index 09e04b8544..e387c831d4 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -350,7 +350,6 @@ qemuSecurityInit(virQEMUDriverPtr driver)
         while (names && *names) {
             if (!(mgr = qemuSecurityNew(*names,
                                         QEMU_DRIVER_NAME,
-                                        cfg->metadataLockManagerName,
                                         flags)))
                 goto error;
             if (!stack) {
@@ -366,7 +365,6 @@ qemuSecurityInit(virQEMUDriverPtr driver)
     } else {
         if (!(mgr = qemuSecurityNew(NULL,
                                     QEMU_DRIVER_NAME,
-                                    cfg->metadataLockManagerName,
                                     flags)))
             goto error;
         if (!(stack = qemuSecurityNewStack(mgr)))
@@ -383,7 +381,6 @@ qemuSecurityInit(virQEMUDriverPtr driver)
                                        cfg->user,
                                        cfg->group,
                                        flags,
-                                       cfg->metadataLockManagerName,
                                        qemuSecurityChownCallback)))
             goto error;
         if (!stack) {
diff --git a/src/security/security_manager.c b/src/security/security_manager.c
index f527e6b5b3..a049382c7b 100644
--- a/src/security/security_manager.c
+++ b/src/security/security_manager.c
@@ -32,7 +32,6 @@
 #include "viralloc.h"
 #include "virobject.h"
 #include "virlog.h"
-#include "locking/lock_manager.h"
 #include "virfile.h"
 
 #define VIR_FROM_THIS VIR_FROM_SECURITY
@@ -46,8 +45,6 @@ struct _virSecurityManager {
     unsigned int flags;
     const char *virtDriver;
     void *privateData;
-
-    virLockManagerPluginPtr lockPlugin;
 };
 
 static virClassPtr virSecurityManagerClass;
@@ -58,12 +55,8 @@ void virSecurityManagerDispose(void *obj)
 {
     virSecurityManagerPtr mgr = obj;
 
-    if (mgr->drv &&
-        mgr->drv->close)
+    if (mgr->drv->close)
         mgr->drv->close(mgr);
-
-    virObjectUnref(mgr->lockPlugin);
-
     VIR_FREE(mgr->privateData);
 }
 
@@ -83,7 +76,6 @@ VIR_ONCE_GLOBAL_INIT(virSecurityManager);
 static virSecurityManagerPtr
 virSecurityManagerNewDriver(virSecurityDriverPtr drv,
                             const char *virtDriver,
-                            const char *lockManagerPluginName,
                             unsigned int flags)
 {
     virSecurityManagerPtr mgr = NULL;
@@ -103,14 +95,6 @@ virSecurityManagerNewDriver(virSecurityDriverPtr drv,
     if (!(mgr = virObjectLockableNew(virSecurityManagerClass)))
         goto error;
 
-    if (!lockManagerPluginName)
-        lockManagerPluginName = "nop";
-
-    if (!(mgr->lockPlugin = virLockManagerPluginNew(lockManagerPluginName,
-                                                    NULL, NULL, 0))) {
-        goto error;
-    }
-
     mgr->drv = drv;
     mgr->flags = flags;
     mgr->virtDriver = virtDriver;
@@ -133,7 +117,6 @@ virSecurityManagerNewStack(virSecurityManagerPtr primary)
     virSecurityManagerPtr mgr =
         virSecurityManagerNewDriver(&virSecurityDriverStack,
                                     virSecurityManagerGetDriver(primary),
-                                    NULL,
                                     primary->flags);
 
     if (!mgr)
@@ -142,8 +125,6 @@ virSecurityManagerNewStack(virSecurityManagerPtr primary)
     if (virSecurityStackAddNested(mgr, primary) < 0)
         goto error;
 
-    mgr->lockPlugin = virObjectRef(mgr->lockPlugin);
-
     return mgr;
  error:
     virObjectUnref(mgr);
@@ -166,7 +147,6 @@ virSecurityManagerNewDAC(const char *virtDriver,
                          uid_t user,
                          gid_t group,
                          unsigned int flags,
-                         const char *lockManagerPluginName,
                          virSecurityManagerDACChownCallback chownCallback)
 {
     virSecurityManagerPtr mgr;
@@ -177,7 +157,6 @@ virSecurityManagerNewDAC(const char *virtDriver,
 
     mgr = virSecurityManagerNewDriver(&virSecurityDriverDAC,
                                       virtDriver,
-                                      lockManagerPluginName,
                                       flags & VIR_SECURITY_MANAGER_NEW_MASK);
 
     if (!mgr)
@@ -199,7 +178,6 @@ virSecurityManagerNewDAC(const char *virtDriver,
 virSecurityManagerPtr
 virSecurityManagerNew(const char *name,
                       const char *virtDriver,
-                      const char *lockManagerPluginName,
                       unsigned int flags)
 {
     virSecurityDriverPtr drv = virSecurityDriverLookup(name, virtDriver);
@@ -228,7 +206,6 @@ virSecurityManagerNew(const char *name,
 
     return virSecurityManagerNewDriver(drv,
                                        virtDriver,
-                                       lockManagerPluginName,
                                        flags);
 }
 
diff --git a/src/security/security_manager.h b/src/security/security_manager.h
index cacb17174f..7e82304689 100644
--- a/src/security/security_manager.h
+++ b/src/security/security_manager.h
@@ -45,7 +45,6 @@ typedef enum {
 
 virSecurityManagerPtr virSecurityManagerNew(const char *name,
                                             const char *virtDriver,
-                                            const char *lockManagerPluginName,
                                             unsigned int flags);
 
 virSecurityManagerPtr virSecurityManagerNewStack(virSecurityManagerPtr primary);
@@ -71,7 +70,6 @@ virSecurityManagerPtr virSecurityManagerNewDAC(const char *virtDriver,
                                                uid_t user,
                                                gid_t group,
                                                unsigned int flags,
-                                               const char *lockManagerPluginName,
                                                virSecurityManagerDACChownCallback chownCallback);
 
 int virSecurityManagerPreFork(virSecurityManagerPtr mgr);
diff --git a/tests/seclabeltest.c b/tests/seclabeltest.c
index 7cddf96e82..a0296c787e 100644
--- a/tests/seclabeltest.c
+++ b/tests/seclabeltest.c
@@ -14,7 +14,7 @@ mymain(void)
     if (virThreadInitialize() < 0)
         return EXIT_FAILURE;
 
-    mgr = virSecurityManagerNew(NULL, "QEMU", NULL, VIR_SECURITY_MANAGER_DEFAULT_CONFINED);
+    mgr = virSecurityManagerNew(NULL, "QEMU", VIR_SECURITY_MANAGER_DEFAULT_CONFINED);
     if (mgr == NULL) {
         fprintf(stderr, "Failed to start security driver");
         return EXIT_FAILURE;
diff --git a/tests/securityselinuxlabeltest.c b/tests/securityselinuxlabeltest.c
index aa9fae7d32..39f4eb7b6a 100644
--- a/tests/securityselinuxlabeltest.c
+++ b/tests/securityselinuxlabeltest.c
@@ -346,7 +346,7 @@ mymain(void)
     if (!rc)
         return EXIT_AM_SKIP;
 
-    if (!(mgr = virSecurityManagerNew("selinux", "QEMU", NULL,
+    if (!(mgr = virSecurityManagerNew("selinux", "QEMU",
                                       VIR_SECURITY_MANAGER_DEFAULT_CONFINED |
                                       VIR_SECURITY_MANAGER_PRIVILEGED))) {
         VIR_TEST_VERBOSE("Unable to initialize security driver: %s\n",
diff --git a/tests/securityselinuxtest.c b/tests/securityselinuxtest.c
index f1ea51b1ac..a2864cf57c 100644
--- a/tests/securityselinuxtest.c
+++ b/tests/securityselinuxtest.c
@@ -272,7 +272,7 @@ mymain(void)
     int ret = 0;
     virSecurityManagerPtr mgr;
 
-    if (!(mgr = virSecurityManagerNew("selinux", "QEMU", NULL,
+    if (!(mgr = virSecurityManagerNew("selinux", "QEMU",
                                       VIR_SECURITY_MANAGER_DEFAULT_CONFINED |
                                       VIR_SECURITY_MANAGER_PRIVILEGED))) {
         fprintf(stderr, "Unable to initialize security driver: %s\n",
diff --git a/tests/testutilsqemu.c b/tests/testutilsqemu.c
index 332885eb77..0d3e9fc7e6 100644
--- a/tests/testutilsqemu.c
+++ b/tests/testutilsqemu.c
@@ -716,7 +716,7 @@ int qemuTestDriverInit(virQEMUDriver *driver)
     if (qemuTestCapsCacheInsert(driver->qemuCapsCache, NULL) < 0)
         goto error;
 
-    if (!(mgr = virSecurityManagerNew("none", "qemu", NULL,
+    if (!(mgr = virSecurityManagerNew("none", "qemu",
                                       VIR_SECURITY_MANAGER_PRIVILEGED)))
         goto error;
     if (!(driver->securityManager = virSecurityManagerNewStack(mgr)))
-- 
2.18.1




More information about the libvir-list mailing list