[PATCH 3/6] security: Drop unused virSecurityManagerSetSavedStateLabel()
Michal Privoznik
mprivozn at redhat.com
Wed Jun 17 11:35:37 UTC 2020
After previous commit this function is used no more.
Signed-off-by: Michal Privoznik <mprivozn at redhat.com>
---
src/libvirt_private.syms | 1 -
src/security/security_apparmor.c | 9 ---------
src/security/security_dac.c | 20 --------------------
src/security/security_driver.h | 4 ----
src/security/security_manager.c | 17 -----------------
src/security/security_manager.h | 3 ---
src/security/security_nop.c | 9 ---------
src/security/security_selinux.c | 16 ----------------
src/security/security_stack.c | 32 --------------------------------
9 files changed, 111 deletions(-)
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index fc7406f2b7..b93e05b43c 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -1569,7 +1569,6 @@ virSecurityManagerSetImageLabel;
virSecurityManagerSetInputLabel;
virSecurityManagerSetMemoryLabel;
virSecurityManagerSetProcessLabel;
-virSecurityManagerSetSavedStateLabel;
virSecurityManagerSetSocketLabel;
virSecurityManagerSetTapFDLabel;
virSecurityManagerSetTPMLabels;
diff --git a/src/security/security_apparmor.c b/src/security/security_apparmor.c
index 7c8fd39584..30f7701975 100644
--- a/src/security/security_apparmor.c
+++ b/src/security/security_apparmor.c
@@ -1048,14 +1048,6 @@ AppArmorRestoreChardevLabel(virSecurityManagerPtr mgr,
return reload_profile(mgr, def, NULL, false);
}
-static int
-AppArmorSetSavedStateLabel(virSecurityManagerPtr mgr,
- virDomainDefPtr def,
- const char *savefile)
-{
- return reload_profile(mgr, def, savefile, true);
-}
-
static int
AppArmorSetPathLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def,
@@ -1165,7 +1157,6 @@ virSecurityDriver virAppArmorSecurityDriver = {
.domainSetSecurityHostdevLabel = AppArmorSetSecurityHostdevLabel,
.domainRestoreSecurityHostdevLabel = AppArmorRestoreSecurityHostdevLabel,
- .domainSetSavedStateLabel = AppArmorSetSavedStateLabel,
.domainRestoreSavedStateLabel = AppArmorRestoreSavedStateLabel,
.domainSetPathLabel = AppArmorSetPathLabel,
diff --git a/src/security/security_dac.c b/src/security/security_dac.c
index 7e65b78fbe..2f531cb86b 100644
--- a/src/security/security_dac.c
+++ b/src/security/security_dac.c
@@ -2257,25 +2257,6 @@ virSecurityDACSetAllLabel(virSecurityManagerPtr mgr,
}
-static int
-virSecurityDACSetSavedStateLabel(virSecurityManagerPtr mgr,
- virDomainDefPtr def,
- const char *savefile)
-{
- virSecurityDACDataPtr priv = virSecurityManagerGetPrivateData(mgr);
- virSecurityLabelDefPtr secdef;
- uid_t user;
- gid_t group;
-
- secdef = virDomainDefGetSecurityLabelDef(def, SECURITY_DAC_NAME);
-
- if (virSecurityDACGetImageIds(secdef, priv, &user, &group) < 0)
- return -1;
-
- return virSecurityDACSetOwnership(mgr, NULL, savefile, user, group, true);
-}
-
-
static int
virSecurityDACRestoreSavedStateLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def G_GNUC_UNUSED,
@@ -2635,7 +2616,6 @@ virSecurityDriver virSecurityDriverDAC = {
.domainSetSecurityHostdevLabel = virSecurityDACSetHostdevLabel,
.domainRestoreSecurityHostdevLabel = virSecurityDACRestoreHostdevLabel,
- .domainSetSavedStateLabel = virSecurityDACSetSavedStateLabel,
.domainRestoreSavedStateLabel = virSecurityDACRestoreSavedStateLabel,
.domainSetSecurityImageFDLabel = virSecurityDACSetImageFDLabel,
diff --git a/src/security/security_driver.h b/src/security/security_driver.h
index d23b64668d..33887f4c16 100644
--- a/src/security/security_driver.h
+++ b/src/security/security_driver.h
@@ -67,9 +67,6 @@ typedef int (*virSecurityDomainSetHostdevLabel) (virSecurityManagerPtr mgr,
virDomainDefPtr def,
virDomainHostdevDefPtr dev,
const char *vroot);
-typedef int (*virSecurityDomainSetSavedStateLabel) (virSecurityManagerPtr mgr,
- virDomainDefPtr def,
- const char *savefile);
typedef int (*virSecurityDomainRestoreSavedStateLabel) (virSecurityManagerPtr mgr,
virDomainDefPtr def,
const char *savefile);
@@ -203,7 +200,6 @@ struct _virSecurityDriver {
virSecurityDomainSetHostdevLabel domainSetSecurityHostdevLabel;
virSecurityDomainRestoreHostdevLabel domainRestoreSecurityHostdevLabel;
- virSecurityDomainSetSavedStateLabel domainSetSavedStateLabel;
virSecurityDomainRestoreSavedStateLabel domainRestoreSavedStateLabel;
virSecurityDomainSetImageFDLabel domainSetSecurityImageFDLabel;
diff --git a/src/security/security_manager.c b/src/security/security_manager.c
index b1237d63b6..b2f3f1a6bb 100644
--- a/src/security/security_manager.c
+++ b/src/security/security_manager.c
@@ -596,23 +596,6 @@ virSecurityManagerSetHostdevLabel(virSecurityManagerPtr mgr,
}
-int
-virSecurityManagerSetSavedStateLabel(virSecurityManagerPtr mgr,
- virDomainDefPtr vm,
- const char *savefile)
-{
- if (mgr->drv->domainSetSavedStateLabel) {
- int ret;
- virObjectLock(mgr);
- ret = mgr->drv->domainSetSavedStateLabel(mgr, vm, savefile);
- virObjectUnlock(mgr);
- return ret;
- }
-
- virReportUnsupportedError();
- return -1;
-}
-
int
virSecurityManagerRestoreSavedStateLabel(virSecurityManagerPtr mgr,
virDomainDefPtr vm,
diff --git a/src/security/security_manager.h b/src/security/security_manager.h
index 2c5fa3ee15..ac50100f0f 100644
--- a/src/security/security_manager.h
+++ b/src/security/security_manager.h
@@ -104,9 +104,6 @@ int virSecurityManagerSetHostdevLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def,
virDomainHostdevDefPtr dev,
const char *vroot);
-int virSecurityManagerSetSavedStateLabel(virSecurityManagerPtr mgr,
- virDomainDefPtr def,
- const char *savefile);
int virSecurityManagerRestoreSavedStateLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def,
const char *savefile);
diff --git a/src/security/security_nop.c b/src/security/security_nop.c
index c1856eb421..d5720ee495 100644
--- a/src/security/security_nop.c
+++ b/src/security/security_nop.c
@@ -94,14 +94,6 @@ virSecurityDomainSetHostdevLabelNop(virSecurityManagerPtr mgr G_GNUC_UNUSED,
return 0;
}
-static int
-virSecurityDomainSetSavedStateLabelNop(virSecurityManagerPtr mgr G_GNUC_UNUSED,
- virDomainDefPtr vm G_GNUC_UNUSED,
- const char *savefile G_GNUC_UNUSED)
-{
- return 0;
-}
-
static int
virSecurityDomainRestoreSavedStateLabelNop(virSecurityManagerPtr mgr G_GNUC_UNUSED,
virDomainDefPtr vm G_GNUC_UNUSED,
@@ -316,7 +308,6 @@ virSecurityDriver virSecurityDriverNop = {
.domainSetSecurityHostdevLabel = virSecurityDomainSetHostdevLabelNop,
.domainRestoreSecurityHostdevLabel = virSecurityDomainRestoreHostdevLabelNop,
- .domainSetSavedStateLabel = virSecurityDomainSetSavedStateLabelNop,
.domainRestoreSavedStateLabel = virSecurityDomainRestoreSavedStateLabelNop,
.domainSetSecurityImageFDLabel = virSecurityDomainSetFDLabelNop,
diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
index 7359a45a96..02b1100420 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -2858,21 +2858,6 @@ virSecuritySELinuxReleaseLabel(virSecurityManagerPtr mgr,
}
-static int
-virSecuritySELinuxSetSavedStateLabel(virSecurityManagerPtr mgr,
- virDomainDefPtr def,
- const char *savefile)
-{
- virSecurityLabelDefPtr secdef;
-
- secdef = virDomainDefGetSecurityLabelDef(def, SECURITY_SELINUX_NAME);
- if (!secdef || !secdef->relabel)
- return 0;
-
- return virSecuritySELinuxSetFilecon(mgr, savefile, secdef->imagelabel, true);
-}
-
-
static int
virSecuritySELinuxRestoreSavedStateLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def,
@@ -3635,7 +3620,6 @@ virSecurityDriver virSecurityDriverSELinux = {
.domainSetSecurityHostdevLabel = virSecuritySELinuxSetHostdevLabel,
.domainRestoreSecurityHostdevLabel = virSecuritySELinuxRestoreHostdevLabel,
- .domainSetSavedStateLabel = virSecuritySELinuxSetSavedStateLabel,
.domainRestoreSavedStateLabel = virSecuritySELinuxRestoreSavedStateLabel,
.domainSetSecurityImageFDLabel = virSecuritySELinuxSetImageFDLabel,
diff --git a/src/security/security_stack.c b/src/security/security_stack.c
index 165303a1f8..8e04b4fcfe 100644
--- a/src/security/security_stack.c
+++ b/src/security/security_stack.c
@@ -394,37 +394,6 @@ virSecurityStackRestoreAllLabel(virSecurityManagerPtr mgr,
}
-static int
-virSecurityStackSetSavedStateLabel(virSecurityManagerPtr mgr,
- virDomainDefPtr vm,
- const char *savefile)
-{
- virSecurityStackDataPtr priv = virSecurityManagerGetPrivateData(mgr);
- virSecurityStackItemPtr item = priv->itemsHead;
-
- for (; item; item = item->next) {
- if (virSecurityManagerSetSavedStateLabel(item->securityManager, vm, savefile) < 0)
- goto rollback;
- }
-
- return 0;
-
- rollback:
- for (item = item->prev; item; item = item->prev) {
- if (virSecurityManagerRestoreSavedStateLabel(item->securityManager,
- vm,
- savefile) < 0) {
- VIR_WARN("Unable to restore saved state label after failed set "
- "label call virDriver=%s driver=%s savefile=%s",
- virSecurityManagerGetVirtDriver(mgr),
- virSecurityManagerGetDriver(item->securityManager),
- savefile);
- }
- }
- return -1;
-}
-
-
static int
virSecurityStackRestoreSavedStateLabel(virSecurityManagerPtr mgr,
virDomainDefPtr vm,
@@ -994,7 +963,6 @@ virSecurityDriver virSecurityDriverStack = {
.domainSetSecurityHostdevLabel = virSecurityStackSetHostdevLabel,
.domainRestoreSecurityHostdevLabel = virSecurityStackRestoreHostdevLabel,
- .domainSetSavedStateLabel = virSecurityStackSetSavedStateLabel,
.domainRestoreSavedStateLabel = virSecurityStackRestoreSavedStateLabel,
.domainSetSecurityImageFDLabel = virSecurityStackSetImageFDLabel,
--
2.26.2
More information about the libvir-list
mailing list