virCapsPtr caps,
unsigned int flags)
{
- size_t i = 0;
+ size_t i = 0, j;
int n;
xmlNodePtr *list = NULL, saved_node;
virCapsHostPtr host = &caps->host;
/* Parse each "seclabel" tag */
for (i = 0; i < n; i++) {
+ virSecurityLabelDefPtr seclabel;
+
ctxt->node = list[i];
- def->seclabels[i] = virSecurityLabelDefParseXML(ctxt, flags);
- if (def->seclabels[i] == NULL)
+ if (!(seclabel = virSecurityLabelDefParseXML(ctxt, flags)))
goto error;
+
+ for (j = 0; j < i; j++) {
+ if (STREQ_NULLABLE(seclabel->model, def->seclabels[j]->model)) {
+ virReportError(VIR_ERR_XML_DETAIL,
+ _("seclablel for model %s is already provided"),
+ seclabel->model);
+ virSecurityLabelDefFree(seclabel);
+ goto error;
+ }
+ }
+
+ def->seclabels[i] = seclabel;
}
def->nseclabels = n;
ctxt->node = saved_node;
--- /dev/null
+<domain type='qemu' id='1'>
+ <name>QEMUGuest1</name>
+ <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
+ <memory unit='KiB'>219100</memory>
+ <currentMemory unit='KiB'>219100</currentMemory>
+ <vcpu placement='static' cpuset='1-4,8-20,525'>1</vcpu>
+ <os>
+ <type arch='i686' machine='pc'>hvm</type>
+ <boot dev='hd'/>
+ </os>
+ <clock offset='utc'/>
+ <on_poweroff>destroy</on_poweroff>
+ <on_reboot>restart</on_reboot>
+ <on_crash>destroy</on_crash>
+ <devices>
+ <emulator>/usr/bin/qemu</emulator>
+ <disk type='block' device='disk'>
+ <source dev='/dev/HostVG/QEMUGuest1'>
+ <seclabel model='selinux' labelskip='yes'/>
+ </source>
+ <backingStore/>
+ <target dev='hda' bus='ide'/>
+ <address type='drive' controller='0' bus='0' target='0' unit='0'/>
+ </disk>
+ <controller type='usb' index='0'/>
+ <controller type='ide' index='0'/>
+ <controller type='pci' index='0' model='pci-root'/>
+ <memballoon model='virtio'/>
+ </devices>
+ <seclabel type='none' relabel='no'/>
+ <seclabel type='dynamic' model='dac' relabel='yes'/>
+ <seclabel type='static' model='selinux' relabel='yes'>
+ <label>system_u:system_r:svirt_custom_t:s0:c192,c392</label>
+ <imagelabel>system_u:system_r:svirt_custom_t:s0:c192,c392</imagelabel>
+ </seclabel>
+ <seclabel type='static' model='selinux' relabel='yes'>
+ <label>system_u:system_r:svirt_custom_t:s0:c192,c393</label>
+ <imagelabel>system_u:system_r:svirt_custom_t:s0:c192,c393</imagelabel>
+ </seclabel>
+</domain>
DO_TEST("seclabel-static-labelskip", QEMU_CAPS_NAME);
DO_TEST("seclabel-none", QEMU_CAPS_NAME);
DO_TEST("seclabel-dac-none", QEMU_CAPS_NAME);
+ DO_TEST_PARSE_ERROR("seclabel-multiple", QEMU_CAPS_NAME);
DO_TEST("pseries-basic",
QEMU_CAPS_CHARDEV, QEMU_CAPS_DEVICE, QEMU_CAPS_NODEFCONFIG);
projects / thirdparty / libvirt.git / commitdiff
