[libvirt] [PATCH 04/25] m4: virt-selinux: remove obsolete checks

Ján Tomko jtomko at redhat.com
Mon Oct 21 12:51:32 UTC 2019 

On Mon, Oct 21, 2019 at 10:00:29AM +0200, Pavel Hrdina wrote:
>All OSes that we support have libselinux >= 2.5 except for Ubuntu 16.04
>where the version is 2.4.
>
>Signed-off-by: Pavel Hrdina <phrdina at redhat.com>
>---
> m4/virt-selinux.m4              | 20 ++------------------
> src/qemu/qemu_domain.c          |  4 ++--
> src/security/security_selinux.c | 22 ++--------------------
> tests/securityselinuxhelper.c   | 19 +++++--------------
> 4 files changed, 11 insertions(+), 54 deletions(-)
>
>diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
>index a97bf65e7f..71478319a6 100644
>--- a/src/qemu/qemu_domain.c
>+++ b/src/qemu/qemu_domain.c
>@@ -13262,7 +13262,7 @@ qemuDomainCreateDeviceRecursive(const char *device,
>     }
>
>     if (tcon &&
>-        lsetfilecon_raw(devicePath, (VIR_SELINUX_CTX_CONST char *)tcon) < 0) {
>+        lsetfilecon_raw(devicePath, (const char *)tcon) < 0) {

I'm confused - why do we use a cast here in the first place?

The original failure was that the definition of our mocked versions of the APIs did not
match the declaration in system selinux headers:
https://www.redhat.com/archives/libvir-list/2014-May/msg00925.html

Passing char* to a function treating it as const char* is allowed and I don't
see any benefit of explicitly casting it.

>         VIR_WARNINGS_NO_WLOGICALOP_EQUAL_EXPR
>         if (errno != EOPNOTSUPP && errno != ENOTSUP) {
>         VIR_WARNINGS_RESET
>@@ -14061,7 +14061,7 @@ qemuDomainAttachDeviceMknodHelper(pid_t pid G_GNUC_UNUSED,
>
> # ifdef WITH_SELINUX
>     if (data->tcon &&
>-        lsetfilecon_raw(data->file, (VIR_SELINUX_CTX_CONST char *)data->tcon) < 0) {
>+        lsetfilecon_raw(data->file, (const char *)data->tcon) < 0) {
>         VIR_WARNINGS_NO_WLOGICALOP_EQUAL_EXPR
>         if (errno != EOPNOTSUPP && errno != ENOTSUP) {
>         VIR_WARNINGS_RESET
>diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
>index 0812def922..386a8b84e6 100644
>--- a/src/security/security_selinux.c
>+++ b/src/security/security_selinux.c
>@@ -1279,7 +1265,7 @@ virSecuritySELinuxSetFileconImpl(const char *path,
>
>     VIR_INFO("Setting SELinux context on '%s' to '%s'", path, tcon);
>
>-    if (setfilecon_raw(path, (VIR_SELINUX_CTX_CONST char *)tcon) < 0) {
>+    if (setfilecon_raw(path, (const char *)tcon) < 0) {
>         int setfilecon_errno = errno;
>
>         if (getfilecon_raw(path, &econ) >= 0) {

Reviewed-by: Ján Tomko <jtomko at redhat.com>

Jano
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20191021/70f6f129/attachment-0001.sig>

More information about the libvir-list mailing list