[libvirt] [PATCH 5/7] security: apparmor: Push virStorageSource checks to add_file_path
Cole Robinson
crobinso at redhat.com
Tue Oct 8 16:22:25 UTC 2019
This mirrors the code layout in security_selinux.c. It will also make
it easier to share the checks for qcow2 external data_file support
eventually
Signed-off-by: Cole Robinson <crobinso at redhat.com>
---
src/security/virt-aa-helper.c | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c
index 9f39eb2e2b..20281c38b7 100644
--- a/src/security/virt-aa-helper.c
+++ b/src/security/virt-aa-helper.c
@@ -917,6 +917,10 @@ add_file_path(virStorageSourcePtr src,
{
int ret;
+ /* execute the callback only for local storage */
+ if (!src->path || !virStorageSourceIsLocalStorage(src))
+ return 0;
+
if (depth == 0) {
if (src->readonly)
ret = vah_add_file(buf, src->path, "rk");
@@ -941,12 +945,8 @@ disk_add_files(virDomainDiskDefPtr disk,
virStorageSourcePtr tmp;
for (tmp = disk->src; virStorageSourceIsBacking(tmp); tmp = tmp->backingStore) {
- /* execute the callback only for local storage */
- if (virStorageSourceIsLocalStorage(tmp) &&
- tmp->path) {
- if (add_file_path(tmp, depth, buf) < 0)
- return -1;
- }
+ if (add_file_path(tmp, depth, buf) < 0)
+ return -1;
depth++;
}
--
2.23.0
More information about the libvir-list
mailing list