From: Cole Robinson <crobinso@redhat.com>
Date: Mon, 7 Oct 2019 20:14:02 +0000 (-0400)
Subject: security: dac: Add is_toplevel to SetImageLabelInternal
X-Git-Tag: v5.9.0-rc1~288
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c1f0b31267d075b01b69b2d0f36f651e17112fbb;p=thirdparty%2Flibvirt.git

security: dac: Add is_toplevel to SetImageLabelInternal

This will simplify future patches and make the logic easier to follow

Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Cole Robinson <crobinso@redhat.com>
---

diff --git a/src/security/security_dac.c b/src/security/security_dac.c
index b3e7c6bd17..f3fbede737 100644
--- a/src/security/security_dac.c
+++ b/src/security/security_dac.c
@@ -884,6 +884,7 @@ virSecurityDACSetImageLabelInternal(virSecurityManagerPtr mgr,
     virSecurityDeviceLabelDefPtr parent_seclabel = NULL;
     virSecurityDACDataPtr priv = virSecurityManagerGetPrivateData(mgr);
     bool remember;
+    bool is_toplevel = parent == src;
     uid_t user;
     gid_t group;
 
@@ -928,7 +929,7 @@ virSecurityDACSetImageLabelInternal(virSecurityManagerPtr mgr,
      * but the top layer, or read only image, or disk explicitly
      * marked as shared.
      */
-    remember = src == parent && !src->readonly && !src->shared;
+    remember = is_toplevel && !src->readonly && !src->shared;
 
     return virSecurityDACSetOwnership(mgr, src, NULL, user, group, remember);
 }