Compare commits
8 Commits
libvirt-0_
...
libvirt-0_
| Author | SHA1 | Date | |
|---|---|---|---|
|
c39f10c1a1 | ||
|
00e10af084 | ||
|
|
782e5b11af | ||
|
a6a9de02cc | ||
|
|
0646e65ec4 | ||
|
|
13203d395a | ||
|
|
562d8c791b | ||
|
fb9ca2f0ad |
14
.cvsignore
14
.cvsignore
@@ -3,16 +3,4 @@
|
||||
i686
|
||||
x86_64
|
||||
libvirt-*.tar.gz
|
||||
libvirt-0.6.0.tar.gz
|
||||
libvirt-0.6.1.tar.gz
|
||||
libvirt-0.6.2.tar.gz
|
||||
libvirt-0.6.3.tar.gz
|
||||
libvirt-0.6.4.tar.gz
|
||||
libvirt-0.6.5.tar.gz
|
||||
libvirt-0.7.0.tar.gz
|
||||
libvirt-0.7.1.tar.gz
|
||||
libvirt-0.7.2.tar.gz
|
||||
libvirt-0.7.3.tar.gz
|
||||
libvirt-0.7.4.tar.gz
|
||||
libvirt-0.7.5.tar.gz
|
||||
libvirt-0.7.6.tar.gz
|
||||
libvirt-0.4.2.tar.gz
|
||||
|
||||
2
Makefile
2
Makefile
@@ -4,7 +4,7 @@ NAME := libvirt
|
||||
SPECFILE = $(firstword $(wildcard *.spec))
|
||||
|
||||
define find-makefile-common
|
||||
for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$d/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done
|
||||
for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done
|
||||
endef
|
||||
|
||||
MAKEFILE_COMMON := $(shell $(find-makefile-common))
|
||||
|
||||
99
libvirt-0.4.4-boot-cdrom.patch
Normal file
99
libvirt-0.4.4-boot-cdrom.patch
Normal file
@@ -0,0 +1,99 @@
|
||||
diff -rupN libvirt-0.4.4.orig/src/qemu_conf.c libvirt-0.4.4.new/src/qemu_conf.c
|
||||
--- libvirt-0.4.4.orig/src/qemu_conf.c 2008-06-19 14:15:02.000000000 +0100
|
||||
+++ libvirt-0.4.4.new/src/qemu_conf.c 2008-07-08 12:24:07.000000000 +0100
|
||||
@@ -2616,7 +2616,8 @@ int qemudBuildCommandLine(virConnectPtr
|
||||
disk->src, qemudBusIdToName(disk->bus, 1),
|
||||
media ? media : "",
|
||||
idx,
|
||||
- bootable ? ",boot=on" : "");
|
||||
+ bootable && disk->device == QEMUD_DISK_DISK
|
||||
+ ? ",boot=on" : "");
|
||||
|
||||
ADD_ARG_LIT("-drive");
|
||||
ADD_ARG_LIT(opt);
|
||||
diff -rupN libvirt-0.4.4.orig/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-boot-cdrom.args libvirt-0.4.4.new/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-boot-cdrom.args
|
||||
--- libvirt-0.4.4.orig/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-boot-cdrom.args 1970-01-01 01:00:00.000000000 +0100
|
||||
+++ libvirt-0.4.4.new/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-boot-cdrom.args 2008-07-08 12:25:59.000000000 +0100
|
||||
@@ -0,0 +1 @@
|
||||
+/usr/bin/qemu -S -M pc -m 214 -smp 1 -nographic -monitor pty -no-acpi -boot d -drive file=/dev/HostVG/QEMUGuest1,if=ide,index=0 -drive file=/dev/HostVG/QEMUGuest2,if=ide,media=cdrom,index=2 -net none -serial none -parallel none -usb
|
||||
\ No newline at end of file
|
||||
diff -rupN libvirt-0.4.4.orig/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-boot-cdrom.xml libvirt-0.4.4.new/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-boot-cdrom.xml
|
||||
--- libvirt-0.4.4.orig/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-boot-cdrom.xml 1970-01-01 01:00:00.000000000 +0100
|
||||
+++ libvirt-0.4.4.new/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-boot-cdrom.xml 2008-07-08 12:20:42.000000000 +0100
|
||||
@@ -0,0 +1,26 @@
|
||||
+<domain type='qemu'>
|
||||
+ <name>QEMUGuest1</name>
|
||||
+ <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
|
||||
+ <memory>219200</memory>
|
||||
+ <currentMemory>219200</currentMemory>
|
||||
+ <vcpu>1</vcpu>
|
||||
+ <os>
|
||||
+ <type arch='i686' machine='pc'>hvm</type>
|
||||
+ <boot dev='cdrom'/>
|
||||
+ </os>
|
||||
+ <clock offset='utc'/>
|
||||
+ <on_poweroff>destroy</on_poweroff>
|
||||
+ <on_reboot>restart</on_reboot>
|
||||
+ <on_crash>destroy</on_crash>
|
||||
+ <devices>
|
||||
+ <emulator>/usr/bin/qemu</emulator>
|
||||
+ <disk type='block' device='disk'>
|
||||
+ <source dev='/dev/HostVG/QEMUGuest1'/>
|
||||
+ <target dev='hda' bus='ide'/>
|
||||
+ </disk>
|
||||
+ <disk type='block' device='cdrom'>
|
||||
+ <source dev='/dev/HostVG/QEMUGuest2'/>
|
||||
+ <target dev='hdc' bus='ide'/>
|
||||
+ </disk>
|
||||
+ </devices>
|
||||
+</domain>
|
||||
diff -rupN libvirt-0.4.4.orig/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-boot-disk.args libvirt-0.4.4.new/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-boot-disk.args
|
||||
--- libvirt-0.4.4.orig/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-boot-disk.args 1970-01-01 01:00:00.000000000 +0100
|
||||
+++ libvirt-0.4.4.new/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-boot-disk.args 2008-07-08 12:13:15.000000000 +0100
|
||||
@@ -0,0 +1 @@
|
||||
+/usr/bin/qemu -S -M pc -m 214 -smp 1 -nographic -monitor pty -no-acpi -boot c -drive file=/dev/HostVG/QEMUGuest1,if=ide,index=0,boot=on -drive file=/dev/HostVG/QEMUGuest2,if=ide,media=cdrom,index=2 -net none -serial none -parallel none -usb
|
||||
\ No newline at end of file
|
||||
diff -rupN libvirt-0.4.4.orig/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-boot-disk.xml libvirt-0.4.4.new/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-boot-disk.xml
|
||||
--- libvirt-0.4.4.orig/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-boot-disk.xml 1970-01-01 01:00:00.000000000 +0100
|
||||
+++ libvirt-0.4.4.new/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-boot-disk.xml 2008-07-08 12:12:41.000000000 +0100
|
||||
@@ -0,0 +1,26 @@
|
||||
+<domain type='qemu'>
|
||||
+ <name>QEMUGuest1</name>
|
||||
+ <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
|
||||
+ <memory>219200</memory>
|
||||
+ <currentMemory>219200</currentMemory>
|
||||
+ <vcpu>1</vcpu>
|
||||
+ <os>
|
||||
+ <type arch='i686' machine='pc'>hvm</type>
|
||||
+ <boot dev='hd'/>
|
||||
+ </os>
|
||||
+ <clock offset='utc'/>
|
||||
+ <on_poweroff>destroy</on_poweroff>
|
||||
+ <on_reboot>restart</on_reboot>
|
||||
+ <on_crash>destroy</on_crash>
|
||||
+ <devices>
|
||||
+ <emulator>/usr/bin/qemu</emulator>
|
||||
+ <disk type='block' device='disk'>
|
||||
+ <source dev='/dev/HostVG/QEMUGuest1'/>
|
||||
+ <target dev='hda' bus='ide'/>
|
||||
+ </disk>
|
||||
+ <disk type='block' device='cdrom'>
|
||||
+ <source dev='/dev/HostVG/QEMUGuest2'/>
|
||||
+ <target dev='hdc' bus='ide'/>
|
||||
+ </disk>
|
||||
+ </devices>
|
||||
+</domain>
|
||||
diff -rupN libvirt-0.4.4.orig/tests/qemuxml2argvtest.c libvirt-0.4.4.new/tests/qemuxml2argvtest.c
|
||||
--- libvirt-0.4.4.orig/tests/qemuxml2argvtest.c 2008-06-02 10:16:46.000000000 +0100
|
||||
+++ libvirt-0.4.4.new/tests/qemuxml2argvtest.c 2008-07-08 12:21:53.000000000 +0100
|
||||
@@ -158,6 +158,10 @@ mymain(int argc, char **argv)
|
||||
QEMUD_CMD_FLAG_DRIVE_BOOT);
|
||||
DO_TEST("disk-xenvbd", QEMUD_CMD_FLAG_DRIVE |
|
||||
QEMUD_CMD_FLAG_DRIVE_BOOT);
|
||||
+ DO_TEST("disk-drive-boot-disk", QEMUD_CMD_FLAG_DRIVE |
|
||||
+ QEMUD_CMD_FLAG_DRIVE_BOOT);
|
||||
+ DO_TEST("disk-drive-boot-cdrom", QEMUD_CMD_FLAG_DRIVE |
|
||||
+ QEMUD_CMD_FLAG_DRIVE_BOOT);
|
||||
DO_TEST("graphics-vnc", 0);
|
||||
DO_TEST("graphics-sdl", 0);
|
||||
DO_TEST("input-usbmouse", 0);
|
||||
@@ -1,233 +0,0 @@
|
||||
From 3a441522017aa9c1b8b54d2ce4569d0f0d96fa72 Mon Sep 17 00:00:00 2001
|
||||
From: Cole Robinson <crobinso@redhat.com>
|
||||
Date: Fri, 12 Mar 2010 12:36:56 -0500
|
||||
Subject: [PATCH] qemu: Add some debugging at domain startup
|
||||
|
||||
---
|
||||
src/qemu/qemu_driver.c | 24 +++++++++++++++++++++++-
|
||||
1 files changed, 23 insertions(+), 1 deletions(-)
|
||||
|
||||
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
|
||||
index f8ab545..040d645 100644
|
||||
--- a/src/qemu/qemu_driver.c
|
||||
+++ b/src/qemu/qemu_driver.c
|
||||
@@ -2695,6 +2695,8 @@ static int qemudStartVMDaemon(virConnectPtr conn,
|
||||
|
||||
FD_ZERO(&keepfd);
|
||||
|
||||
+ DEBUG0("Beginning VM startup process");
|
||||
+
|
||||
if (virDomainObjIsActive(vm)) {
|
||||
qemuReportError(VIR_ERR_OPERATION_INVALID,
|
||||
"%s", _("VM is already active"));
|
||||
@@ -2703,22 +2705,27 @@ static int qemudStartVMDaemon(virConnectPtr conn,
|
||||
|
||||
/* If you are using a SecurityDriver with dynamic labelling,
|
||||
then generate a security label for isolation */
|
||||
+ DEBUG0("Generating domain security label (if required)");
|
||||
if (driver->securityDriver &&
|
||||
driver->securityDriver->domainGenSecurityLabel &&
|
||||
driver->securityDriver->domainGenSecurityLabel(vm) < 0)
|
||||
return -1;
|
||||
|
||||
+ DEBUG0("Generating setting domain security labels (if required)");
|
||||
if (driver->securityDriver &&
|
||||
driver->securityDriver->domainSetSecurityAllLabel &&
|
||||
driver->securityDriver->domainSetSecurityAllLabel(vm) < 0)
|
||||
goto cleanup;
|
||||
|
||||
- /* Ensure no historical cgroup for this VM is lieing around bogus settings */
|
||||
+ /* Ensure no historical cgroup for this VM is lying around bogus
|
||||
+ * settings */
|
||||
+ DEBUG0("Ensuring no historical cgroup is lying around");
|
||||
qemuRemoveCgroup(driver, vm, 1);
|
||||
|
||||
if ((vm->def->ngraphics == 1) &&
|
||||
vm->def->graphics[0]->type == VIR_DOMAIN_GRAPHICS_TYPE_VNC &&
|
||||
vm->def->graphics[0]->data.vnc.autoport) {
|
||||
+ DEBUG0("Determining VNC port");
|
||||
int port = qemudNextFreeVNCPort(driver);
|
||||
if (port < 0) {
|
||||
qemuReportError(VIR_ERR_INTERNAL_ERROR,
|
||||
@@ -2735,6 +2742,7 @@ static int qemudStartVMDaemon(virConnectPtr conn,
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
+ DEBUG0("Creating domain log file");
|
||||
if ((logfile = qemudLogFD(driver, vm->def->name)) < 0)
|
||||
goto cleanup;
|
||||
|
||||
@@ -2751,14 +2759,17 @@ static int qemudStartVMDaemon(virConnectPtr conn,
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
+ DEBUG0("Determing emulator version");
|
||||
if (qemudExtractVersionInfo(emulator,
|
||||
NULL,
|
||||
&qemuCmdFlags) < 0)
|
||||
goto cleanup;
|
||||
|
||||
+ DEBUG0("Setting up domain cgroup (if required)");
|
||||
if (qemuSetupCgroup(driver, vm) < 0)
|
||||
goto cleanup;
|
||||
|
||||
+ DEBUG0("Preparing host devices");
|
||||
if (qemuPrepareHostDevices(driver, vm->def) < 0)
|
||||
goto cleanup;
|
||||
|
||||
@@ -2767,6 +2778,7 @@ static int qemudStartVMDaemon(virConnectPtr conn,
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
+ DEBUG0("Preparing monitor state");
|
||||
if (qemuPrepareMonitorChr(driver, priv->monConfig, vm->def->name) < 0)
|
||||
goto cleanup;
|
||||
|
||||
@@ -2798,6 +2810,7 @@ static int qemudStartVMDaemon(virConnectPtr conn,
|
||||
* use in hotplug
|
||||
*/
|
||||
if (qemuCmdFlags & QEMUD_CMD_FLAG_DEVICE) {
|
||||
+ DEBUG0("Assigning domain PCI addresses");
|
||||
/* Populate cache with current addresses */
|
||||
if (priv->pciaddrs) {
|
||||
qemuDomainPCIAddressSetFree(priv->pciaddrs);
|
||||
@@ -2816,6 +2829,7 @@ static int qemudStartVMDaemon(virConnectPtr conn,
|
||||
priv->persistentAddrs = 0;
|
||||
}
|
||||
|
||||
+ DEBUG0("Building emulator command line");
|
||||
vm->def->id = driver->nextvmid++;
|
||||
if (qemudBuildCommandLine(conn, driver, vm->def, priv->monConfig,
|
||||
priv->monJSON, qemuCmdFlags, &argv, &progenv,
|
||||
@@ -2899,25 +2913,31 @@ static int qemudStartVMDaemon(virConnectPtr conn,
|
||||
if (ret == -1) /* The VM failed to start */
|
||||
goto cleanup;
|
||||
|
||||
+ DEBUG0("Waiting for monitor to show up");
|
||||
if (qemudWaitForMonitor(driver, vm, pos) < 0)
|
||||
goto abort;
|
||||
|
||||
+ DEBUG0("Detecting VCPU PIDs");
|
||||
if (qemuDetectVcpuPIDs(driver, vm) < 0)
|
||||
goto abort;
|
||||
|
||||
+ DEBUG0("Setting CPU affinity");
|
||||
if (qemudInitCpuAffinity(vm) < 0)
|
||||
goto abort;
|
||||
|
||||
+ DEBUG0("Setting any required VM passwords");
|
||||
if (qemuInitPasswords(conn, driver, vm, qemuCmdFlags) < 0)
|
||||
goto abort;
|
||||
|
||||
/* If we have -device, then addresses are assigned explicitly.
|
||||
* If not, then we have to detect dynamic ones here */
|
||||
if (!(qemuCmdFlags & QEMUD_CMD_FLAG_DEVICE)) {
|
||||
+ DEBUG0("Determining domain device PCI addresses");
|
||||
if (qemuInitPCIAddresses(driver, vm) < 0)
|
||||
goto abort;
|
||||
}
|
||||
|
||||
+ DEBUG0("Setting initial memory amount");
|
||||
qemuDomainObjEnterMonitorWithDriver(driver, vm);
|
||||
if (qemuMonitorSetBalloon(priv->mon, vm->def->memory) < 0) {
|
||||
qemuDomainObjExitMonitorWithDriver(driver, vm);
|
||||
@@ -2925,6 +2945,7 @@ static int qemudStartVMDaemon(virConnectPtr conn,
|
||||
}
|
||||
|
||||
if (migrateFrom == NULL) {
|
||||
+ DEBUG0("Starting domain CPUs");
|
||||
/* Allow the CPUS to start executing */
|
||||
if (qemuMonitorStartCPUs(priv->mon, conn) < 0) {
|
||||
if (virGetLastError() == NULL)
|
||||
@@ -2937,6 +2958,7 @@ static int qemudStartVMDaemon(virConnectPtr conn,
|
||||
qemuDomainObjExitMonitorWithDriver(driver, vm);
|
||||
|
||||
|
||||
+ DEBUG0("Writing domain status to disk");
|
||||
if (virDomainSaveStatus(driver->caps, driver->stateDir, vm) < 0)
|
||||
goto abort;
|
||||
|
||||
--
|
||||
1.6.6.1
|
||||
|
||||
From 6d5c8a8f51db8ce97ab35ab6022dd5c94ab016b4 Mon Sep 17 00:00:00 2001
|
||||
From: Cole Robinson <crobinso@redhat.com>
|
||||
Date: Fri, 12 Mar 2010 12:37:52 -0500
|
||||
Subject: [PATCH] qemu: Fix USB by product with security enabled
|
||||
|
||||
We need to call PrepareHostdevs to determine the USB device path before
|
||||
any security calls. PrepareHostUSBDevices was also incorrectly skipping
|
||||
all USB devices.
|
||||
---
|
||||
src/qemu/qemu_driver.c | 11 ++++++-----
|
||||
1 files changed, 6 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
|
||||
index 040d645..b17d26d 100644
|
||||
--- a/src/qemu/qemu_driver.c
|
||||
+++ b/src/qemu/qemu_driver.c
|
||||
@@ -2360,7 +2360,7 @@ qemuPrepareHostUSBDevices(struct qemud_driver *driver ATTRIBUTE_UNUSED,
|
||||
|
||||
if (hostdev->mode != VIR_DOMAIN_HOSTDEV_MODE_SUBSYS)
|
||||
continue;
|
||||
- if (hostdev->source.subsys.type != VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI)
|
||||
+ if (hostdev->source.subsys.type != VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_USB)
|
||||
continue;
|
||||
|
||||
/* Resolve a vendor/product to bus/device */
|
||||
@@ -2703,6 +2703,11 @@ static int qemudStartVMDaemon(virConnectPtr conn,
|
||||
return -1;
|
||||
}
|
||||
|
||||
+ /* Must be run before security labelling */
|
||||
+ DEBUG0("Preparing host devices");
|
||||
+ if (qemuPrepareHostDevices(driver, vm->def) < 0)
|
||||
+ goto cleanup;
|
||||
+
|
||||
/* If you are using a SecurityDriver with dynamic labelling,
|
||||
then generate a security label for isolation */
|
||||
DEBUG0("Generating domain security label (if required)");
|
||||
@@ -2769,10 +2774,6 @@ static int qemudStartVMDaemon(virConnectPtr conn,
|
||||
if (qemuSetupCgroup(driver, vm) < 0)
|
||||
goto cleanup;
|
||||
|
||||
- DEBUG0("Preparing host devices");
|
||||
- if (qemuPrepareHostDevices(driver, vm->def) < 0)
|
||||
- goto cleanup;
|
||||
-
|
||||
if (VIR_ALLOC(priv->monConfig) < 0) {
|
||||
virReportOOMError();
|
||||
goto cleanup;
|
||||
--
|
||||
1.6.6.1
|
||||
|
||||
From 65e97240e6e4606820dd1c42ac172319e0af4d8d Mon Sep 17 00:00:00 2001
|
||||
From: Cole Robinson <crobinso@redhat.com>
|
||||
Date: Mon, 22 Mar 2010 10:45:36 -0400
|
||||
Subject: [PATCH] security: selinux: Fix crash when releasing non-existent label
|
||||
|
||||
This can be triggered by the qemuStartVMDaemon cleanup path if a
|
||||
VM references a non-existent USB device (by product) in the XML.
|
||||
|
||||
Signed-off-by: Cole Robinson <crobinso@redhat.com>
|
||||
---
|
||||
src/security/security_selinux.c | 3 ++-
|
||||
1 files changed, 2 insertions(+), 1 deletions(-)
|
||||
|
||||
diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
|
||||
index 975b315..6680e2d 100644
|
||||
--- a/src/security/security_selinux.c
|
||||
+++ b/src/security/security_selinux.c
|
||||
@@ -632,7 +632,8 @@ SELinuxReleaseSecurityLabel(virDomainObjPtr vm)
|
||||
{
|
||||
const virSecurityLabelDefPtr secdef = &vm->def->seclabel;
|
||||
|
||||
- if (secdef->type == VIR_DOMAIN_SECLABEL_STATIC)
|
||||
+ if (secdef->type == VIR_DOMAIN_SECLABEL_STATIC ||
|
||||
+ secdef->label == NULL)
|
||||
return 0;
|
||||
|
||||
context_t con = context_new(secdef->label);
|
||||
--
|
||||
1.6.6.1
|
||||
|
||||
@@ -1,87 +0,0 @@
|
||||
From 3f1aa08af6580c215d973bc6bf57f505dbf8b926 Mon Sep 17 00:00:00 2001
|
||||
From: Cole Robinson <crobinso@redhat.com>
|
||||
Date: Fri, 12 Mar 2010 13:38:39 -0500
|
||||
Subject: [PATCH] security: Set permissions for kernel/initrd
|
||||
|
||||
Fixes URL installs when running virt-install as root on Fedora.
|
||||
---
|
||||
src/qemu/qemu_security_dac.c | 21 +++++++++++++++++++++
|
||||
src/security/security_selinux.c | 16 ++++++++++++++++
|
||||
2 files changed, 37 insertions(+), 0 deletions(-)
|
||||
|
||||
diff --git a/src/qemu/qemu_security_dac.c b/src/qemu/qemu_security_dac.c
|
||||
index 6911f48..1883fbe 100644
|
||||
--- a/src/qemu/qemu_security_dac.c
|
||||
+++ b/src/qemu/qemu_security_dac.c
|
||||
@@ -332,6 +332,15 @@ qemuSecurityDACRestoreSecurityAllLabel(virDomainObjPtr vm)
|
||||
vm->def->disks[i]) < 0)
|
||||
rc = -1;
|
||||
}
|
||||
+
|
||||
+ if (vm->def->os.kernel &&
|
||||
+ qemuSecurityDACRestoreSecurityFileLabel(vm->def->os.kernel) < 0)
|
||||
+ rc = -1;
|
||||
+
|
||||
+ if (vm->def->os.initrd &&
|
||||
+ qemuSecurityDACRestoreSecurityFileLabel(vm->def->os.initrd) < 0)
|
||||
+ rc = -1;
|
||||
+
|
||||
return rc;
|
||||
}
|
||||
|
||||
@@ -356,6 +365,18 @@ qemuSecurityDACSetSecurityAllLabel(virDomainObjPtr vm)
|
||||
return -1;
|
||||
}
|
||||
|
||||
+ if (vm->def->os.kernel &&
|
||||
+ qemuSecurityDACSetOwnership(vm->def->os.kernel,
|
||||
+ driver->user,
|
||||
+ driver->group) < 0)
|
||||
+ return -1;
|
||||
+
|
||||
+ if (vm->def->os.initrd &&
|
||||
+ qemuSecurityDACSetOwnership(vm->def->os.initrd,
|
||||
+ driver->user,
|
||||
+ driver->group) < 0)
|
||||
+ return -1;
|
||||
+
|
||||
return 0;
|
||||
}
|
||||
|
||||
diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
|
||||
index b2c8581..975b315 100644
|
||||
--- a/src/security/security_selinux.c
|
||||
+++ b/src/security/security_selinux.c
|
||||
@@ -616,6 +616,14 @@ SELinuxRestoreSecurityAllLabel(virDomainObjPtr vm)
|
||||
rc = -1;
|
||||
}
|
||||
|
||||
+ if (vm->def->os.kernel &&
|
||||
+ SELinuxRestoreSecurityFileLabel(vm->def->os.kernel) < 0)
|
||||
+ rc = -1;
|
||||
+
|
||||
+ if (vm->def->os.initrd &&
|
||||
+ SELinuxRestoreSecurityFileLabel(vm->def->os.initrd) < 0)
|
||||
+ rc = -1;
|
||||
+
|
||||
return rc;
|
||||
}
|
||||
|
||||
@@ -736,6 +744,14 @@ SELinuxSetSecurityAllLabel(virDomainObjPtr vm)
|
||||
return -1;
|
||||
}
|
||||
|
||||
+ if (vm->def->os.kernel &&
|
||||
+ SELinuxSetFilecon(vm->def->os.kernel, default_content_context) < 0)
|
||||
+ return -1;
|
||||
+
|
||||
+ if (vm->def->os.initrd &&
|
||||
+ SELinuxSetFilecon(vm->def->os.initrd, default_content_context) < 0)
|
||||
+ return -1;
|
||||
+
|
||||
return 0;
|
||||
}
|
||||
|
||||
--
|
||||
1.6.6.1
|
||||
|
||||
982
libvirt.spec
982
libvirt.spec
File diff suppressed because it is too large
Load Diff
Reference in New Issue
Block a user