From: Jamie Strandboge <jamie@ubuntu.com>
Date: Tue, 6 Apr 2010 15:22:39 +0000 (+0200)
Subject: Add backingstore support to apparmor
X-Git-Tag: v0.8.0~49
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2aca94bfd3691c492ce4b6e7f1dd73342774fefd;p=thirdparty%2Flibvirt.git

Add backingstore support to apparmor

adjust virt-aa-helper to handle backing store
* src/security/virt-aa-helper.c: look for backing store metadata
  for disk definitions.
---

diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c
index 787f2b0643..f9b7c370cd 100644
--- a/src/security/virt-aa-helper.c
+++ b/src/security/virt-aa-helper.c
@@ -36,6 +36,7 @@
 #include "uuid.h"
 #include "hostusb.h"
 #include "pci.h"
+#include "storage_file.h"
 
 static char *progname;
 
@@ -809,6 +810,33 @@ get_files(vahControl * ctl)
     for (i = 0; i < ctl->def->ndisks; i++)
         if (ctl->def->disks[i] && ctl->def->disks[i]->src) {
             int ret;
+            const char *path;
+
+            path = ctl->def->disks[i]->src;
+            do {
+                virStorageFileMetadata meta;
+
+                memset(&meta, 0, sizeof(meta));
+
+                ret = virStorageFileGetMetadata(path, &meta);
+
+                if (path != ctl->def->disks[i]->src)
+                    VIR_FREE(path);
+                path = NULL;
+
+                if (ret < 0) {
+                    vah_warning("skipping backingStore check (open failed)");
+                    continue;
+                }
+
+                if (meta.backingStore != NULL &&
+                    (ret = vah_add_file(&buf, meta.backingStore, "rw")) != 0) {
+                    VIR_FREE(meta.backingStore);
+                    goto clean;
+                }
+
+                path = meta.backingStore;
+            } while (path != NULL);
 
             if (ctl->def->disks[i]->readonly)
                 ret = vah_add_file(&buf, ctl->def->disks[i]->src, "r");