return -1;
if (vm->def->os.loader->nvram &&
- virStorageSourceIsLocalStorage(vm->def->os.loader->nvram) &&
- qemuSetupImagePathCgroup(vm, vm->def->os.loader->nvram->path, false) < 0)
+ qemuSetupImageCgroup(vm, vm->def->os.loader->nvram) < 0)
return -1;
return 0;
*paths = g_slist_prepend(*paths, g_strdup(loader->path));
if (loader->nvram &&
- virStorageSourceIsLocalStorage(loader->nvram))
- *paths = g_slist_prepend(*paths, g_strdup(loader->nvram->path));
+ qemuDomainSetupDisk(loader->nvram, paths) < 0)
+ return -1;
+
break;
case VIR_DOMAIN_LOADER_TYPE_NONE:
rc = -1;
}
- if (def->os.loader && def->os.loader->nvram &&
- virStorageSourceIsLocalStorage(def->os.loader->nvram) &&
- virSecurityDACRestoreFileLabel(mgr, def->os.loader->nvram->path) < 0)
- rc = -1;
+ if (def->os.loader && def->os.loader->nvram) {
+ if (virSecurityDACRestoreImageLabelInt(mgr, def, def->os.loader->nvram,
+ migrated) < 0)
+ rc = -1;
+ }
if (def->os.kernel &&
virSecurityDACRestoreFileLabel(mgr, def->os.kernel) < 0)
return -1;
}
- if (def->os.loader && def->os.loader->nvram &&
- virStorageSourceIsLocalStorage(def->os.loader->nvram) &&
- virSecurityDACSetOwnership(mgr, NULL,
- def->os.loader->nvram->path,
- user, group, true) < 0)
- return -1;
+ if (def->os.loader && def->os.loader->nvram) {
+ if (virSecurityDACSetImageLabel(mgr, def, def->os.loader->nvram,
+ VIR_SECURITY_DOMAIN_IMAGE_LABEL_BACKING_CHAIN |
+ VIR_SECURITY_DOMAIN_IMAGE_PARENT_CHAIN_TOP) < 0)
+ return -1;
+ }
if (def->os.kernel &&
virSecurityDACSetOwnership(mgr, NULL,
rc = -1;
}
- if (def->os.loader && def->os.loader->nvram &&
- virStorageSourceIsLocalStorage(def->os.loader->nvram) &&
- virSecuritySELinuxRestoreFileLabel(mgr, def->os.loader->nvram->path, true) < 0)
- rc = -1;
+ if (def->os.loader && def->os.loader->nvram) {
+ if (virSecuritySELinuxRestoreImageLabelInt(mgr, def, def->os.loader->nvram,
+ migrated) < 0)
+ rc = -1;
+ }
if (def->os.kernel &&
virSecuritySELinuxRestoreFileLabel(mgr, def->os.kernel, true) < 0)
return -1;
}
- /* This is different than kernel or initrd. The nvram store
- * is really a disk, qemu can read and write to it. */
- if (def->os.loader && def->os.loader->nvram &&
- virStorageSourceIsLocalStorage(def->os.loader->nvram) &&
- secdef && secdef->imagelabel &&
- virSecuritySELinuxSetFilecon(mgr, def->os.loader->nvram->path,
- secdef->imagelabel, true) < 0)
- return -1;
+ if (def->os.loader && def->os.loader->nvram) {
+ if (virSecuritySELinuxSetImageLabel(mgr, def, def->os.loader->nvram,
+ VIR_SECURITY_DOMAIN_IMAGE_LABEL_BACKING_CHAIN |
+ VIR_SECURITY_DOMAIN_IMAGE_PARENT_CHAIN_TOP) < 0)
+ return -1;
+ }
if (def->os.kernel &&
virSecuritySELinuxSetFilecon(mgr, def->os.kernel,
if (vah_add_file(&buf, ctl->def->os.loader->path, "rk") != 0)
goto cleanup;
- if (ctl->def->os.loader && ctl->def->os.loader->nvram &&
- virStorageSourceIsLocalStorage(ctl->def->os.loader->nvram))
- if (vah_add_file(&buf, ctl->def->os.loader->nvram->path, "rwk") != 0)
+ if (ctl->def->os.loader && ctl->def->os.loader->nvram) {
+ if (storage_source_add_files(ctl->def->os.loader->nvram, &buf, 0) < 0)
goto cleanup;
+ }
for (i = 0; i < ctl->def->ngraphics; i++) {
virDomainGraphicsDef *graphics = ctl->def->graphics[i];
projects / thirdparty / libvirt.git / commitdiff
