diff options
| author | Tim Wiederhake <twiederh@redhat.com> | 2022-04-04 10:56:21 +0200 |
|---|---|---|
| committer | Tim Wiederhake <twiederh@redhat.com> | 2022-04-14 19:03:43 +0200 |
| commit | c8f5b336318d896f175e022308e00a9bb4c36b9c (patch) | |
| tree | 560b707bdc486b0765ff2a3e5b7d8a402e64ed2f /src/security | |
| parent | 122efa6a079588e5d66f711a61ebd458af531075 (diff) | |
| download | libvirt-c8f5b336318d896f175e022308e00a9bb4c36b9c.tar.gz | |
security_manager: Use automatic mutex management
Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Diffstat (limited to 'src/security')
| -rw-r--r-- | src/security/security_manager.c | 524 |
1 files changed, 215 insertions, 309 deletions
diff --git a/src/security/security_manager.c b/src/security/security_manager.c index f9c942de08..572e400a48 100644 --- a/src/security/security_manager.c +++ b/src/security/security_manager.c @@ -254,13 +254,12 @@ virSecurityManagerPostFork(virSecurityManager *mgr) int virSecurityManagerTransactionStart(virSecurityManager *mgr) { - int ret = 0; + VIR_LOCK_GUARD lock = virObjectLockGuard(mgr); - virObjectLock(mgr); - if (mgr->drv->transactionStart) - ret = mgr->drv->transactionStart(mgr); - virObjectUnlock(mgr); - return ret; + if (!mgr->drv->transactionStart) + return 0; + + return mgr->drv->transactionStart(mgr); } @@ -291,13 +290,12 @@ virSecurityManagerTransactionCommit(virSecurityManager *mgr, pid_t pid, bool lock) { - int ret = 0; + VIR_LOCK_GUARD lockguard = virObjectLockGuard(mgr); - virObjectLock(mgr); - if (mgr->drv->transactionCommit) - ret = mgr->drv->transactionCommit(mgr, pid, lock); - virObjectUnlock(mgr); - return ret; + if (!mgr->drv->transactionCommit) + return 0; + + return mgr->drv->transactionCommit(mgr, pid, lock); } @@ -310,10 +308,10 @@ virSecurityManagerTransactionCommit(virSecurityManager *mgr, void virSecurityManagerTransactionAbort(virSecurityManager *mgr) { - virObjectLock(mgr); + VIR_LOCK_GUARD lock = virObjectLockGuard(mgr); + if (mgr->drv->transactionAbort) mgr->drv->transactionAbort(mgr); - virObjectUnlock(mgr); } @@ -341,32 +339,28 @@ virSecurityManagerGetDriver(virSecurityManager *mgr) const char * virSecurityManagerGetDOI(virSecurityManager *mgr) { - if (mgr->drv->getDOI) { - const char *ret; - virObjectLock(mgr); - ret = mgr->drv->getDOI(mgr); - virObjectUnlock(mgr); - return ret; + VIR_LOCK_GUARD lock = virObjectLockGuard(mgr); + + if (!mgr->drv->getDOI) { + virReportUnsupportedError(); + return NULL; } - virReportUnsupportedError(); - return NULL; + return mgr->drv->getDOI(mgr); } const char * virSecurityManagerGetModel(virSecurityManager *mgr) { - if (mgr->drv->getModel) { - const char *ret; - virObjectLock(mgr); - ret = mgr->drv->getModel(mgr); - virObjectUnlock(mgr); - return ret; + VIR_LOCK_GUARD lock = virObjectLockGuard(mgr); + + if (!mgr->drv->getModel) { + virReportUnsupportedError(); + return NULL; } - virReportUnsupportedError(); - return NULL; + return mgr->drv->getModel(mgr); } @@ -375,15 +369,12 @@ const char * virSecurityManagerGetBaseLabel(virSecurityManager *mgr, int virtType) { - if (mgr->drv->getBaseLabel) { - const char *ret; - virObjectLock(mgr); - ret = mgr->drv->getBaseLabel(mgr, virtType); - virObjectUnlock(mgr); - return ret; - } + VIR_LOCK_GUARD lock = virObjectLockGuard(mgr); - return NULL; + if (!mgr->drv->getBaseLabel) + return NULL; + + return mgr->drv->getBaseLabel(mgr, virtType); } @@ -425,16 +416,14 @@ virSecurityManagerRestoreImageLabel(virSecurityManager *mgr, virStorageSource *src, virSecurityDomainImageLabelFlags flags) { - if (mgr->drv->domainRestoreSecurityImageLabel) { - int ret; - virObjectLock(mgr); - ret = mgr->drv->domainRestoreSecurityImageLabel(mgr, vm, src, flags); - virObjectUnlock(mgr); - return ret; + VIR_LOCK_GUARD lock = virObjectLockGuard(mgr); + + if (!mgr->drv->domainRestoreSecurityImageLabel) { + virReportUnsupportedError(); + return -1; } - virReportUnsupportedError(); - return -1; + return mgr->drv->domainRestoreSecurityImageLabel(mgr, vm, src, flags); } @@ -464,15 +453,12 @@ virSecurityManagerMoveImageMetadata(virSecurityManager *mgr, virStorageSource *src, virStorageSource *dst) { - if (mgr->drv->domainMoveImageMetadata) { - int ret; - virObjectLock(mgr); - ret = mgr->drv->domainMoveImageMetadata(mgr, pid, src, dst); - virObjectUnlock(mgr); - return ret; - } + VIR_LOCK_GUARD lock = virObjectLockGuard(mgr); - return 0; + if (!mgr->drv->domainMoveImageMetadata) + return 0; + + return mgr->drv->domainMoveImageMetadata(mgr, pid, src, dst); } @@ -480,16 +466,14 @@ int virSecurityManagerSetDaemonSocketLabel(virSecurityManager *mgr, virDomainDef *vm) { - if (mgr->drv->domainSetSecurityDaemonSocketLabel) { - int ret; - virObjectLock(mgr); - ret = mgr->drv->domainSetSecurityDaemonSocketLabel(mgr, vm); - virObjectUnlock(mgr); - return ret; + VIR_LOCK_GUARD lock = virObjectLockGuard(mgr); + + if (!mgr->drv->domainSetSecurityDaemonSocketLabel) { + virReportUnsupportedError(); + return -1; } - virReportUnsupportedError(); - return -1; + return mgr->drv->domainSetSecurityDaemonSocketLabel(mgr, vm); } @@ -497,16 +481,14 @@ int virSecurityManagerSetSocketLabel(virSecurityManager *mgr, virDomainDef *vm) { - if (mgr->drv->domainSetSecuritySocketLabel) { - int ret; - virObjectLock(mgr); - ret = mgr->drv->domainSetSecuritySocketLabel(mgr, vm); - virObjectUnlock(mgr); - return ret; + VIR_LOCK_GUARD lock = virObjectLockGuard(mgr); + + if (!mgr->drv->domainSetSecuritySocketLabel) { + virReportUnsupportedError(); + return -1; } - virReportUnsupportedError(); - return -1; + return mgr->drv->domainSetSecuritySocketLabel(mgr, vm); } @@ -514,16 +496,14 @@ int virSecurityManagerClearSocketLabel(virSecurityManager *mgr, virDomainDef *vm) { - if (mgr->drv->domainClearSecuritySocketLabel) { - int ret; - virObjectLock(mgr); - ret = mgr->drv->domainClearSecuritySocketLabel(mgr, vm); - virObjectUnlock(mgr); - return ret; + VIR_LOCK_GUARD lock = virObjectLockGuard(mgr); + + if (!mgr->drv->domainClearSecuritySocketLabel) { + virReportUnsupportedError(); + return -1; } - virReportUnsupportedError(); - return -1; + return mgr->drv->domainClearSecuritySocketLabel(mgr, vm); } @@ -544,16 +524,14 @@ virSecurityManagerSetImageLabel(virSecurityManager *mgr, virStorageSource *src, virSecurityDomainImageLabelFlags flags) { - if (mgr->drv->domainSetSecurityImageLabel) { - int ret; - virObjectLock(mgr); - ret = mgr->drv->domainSetSecurityImageLabel(mgr, vm, src, flags); - virObjectUnlock(mgr); - return ret; + VIR_LOCK_GUARD lock = virObjectLockGuard(mgr); + + if (!mgr->drv->domainSetSecurityImageLabel) { + virReportUnsupportedError(); + return -1; } - virReportUnsupportedError(); - return -1; + return mgr->drv->domainSetSecurityImageLabel(mgr, vm, src, flags); } @@ -563,16 +541,14 @@ virSecurityManagerRestoreHostdevLabel(virSecurityManager *mgr, virDomainHostdevDef *dev, const char *vroot) { - if (mgr->drv->domainRestoreSecurityHostdevLabel) { - int ret; - virObjectLock(mgr); - ret = mgr->drv->domainRestoreSecurityHostdevLabel(mgr, vm, dev, vroot); - virObjectUnlock(mgr); - return ret; + VIR_LOCK_GUARD lock = virObjectLockGuard(mgr); + + if (!mgr->drv->domainRestoreSecurityHostdevLabel) { + virReportUnsupportedError(); + return -1; } - virReportUnsupportedError(); - return -1; + return mgr->drv->domainRestoreSecurityHostdevLabel(mgr, vm, dev, vroot); } @@ -582,16 +558,14 @@ virSecurityManagerSetHostdevLabel(virSecurityManager *mgr, virDomainHostdevDef *dev, const char *vroot) { - if (mgr->drv->domainSetSecurityHostdevLabel) { - int ret; - virObjectLock(mgr); - ret = mgr->drv->domainSetSecurityHostdevLabel(mgr, vm, dev, vroot); - virObjectUnlock(mgr); - return ret; + VIR_LOCK_GUARD lock = virObjectLockGuard(mgr); + + if (!mgr->drv->domainSetSecurityHostdevLabel) { + virReportUnsupportedError(); + return -1; } - virReportUnsupportedError(); - return -1; + return mgr->drv->domainSetSecurityHostdevLabel(mgr, vm, dev, vroot); } @@ -600,15 +574,12 @@ virSecurityManagerSetSavedStateLabel(virSecurityManager *mgr, virDomainDef *vm, const char *savefile) { - if (mgr->drv->domainSetSavedStateLabel) { - int ret; - virObjectLock(mgr); - ret = mgr->drv->domainSetSavedStateLabel(mgr, vm, savefile); - virObjectUnlock(mgr); - return ret; - } + VIR_LOCK_GUARD lock = virObjectLockGuard(mgr); - return 0; + if (!mgr->drv->domainSetSavedStateLabel) + return 0; + + return mgr->drv->domainSetSavedStateLabel(mgr, vm, savefile); } @@ -617,15 +588,12 @@ virSecurityManagerRestoreSavedStateLabel(virSecurityManager *mgr, virDomainDef *vm, const char *savefile) { - if (mgr->drv->domainRestoreSavedStateLabel) { - int ret; - virObjectLock(mgr); - ret = mgr->drv->domainRestoreSavedStateLabel(mgr, vm, savefile); - virObjectUnlock(mgr); - return ret; - } + VIR_LOCK_GUARD lock = virObjectLockGuard(mgr); - return 0; + if (!mgr->drv->domainRestoreSavedStateLabel) + return 0; + + return mgr->drv->domainRestoreSavedStateLabel(mgr, vm, savefile); } @@ -713,16 +681,14 @@ virSecurityManagerReserveLabel(virSecurityManager *mgr, virDomainDef *vm, pid_t pid) { - if (mgr->drv->domainReserveSecurityLabel) { - int ret; - virObjectLock(mgr); - ret = mgr->drv->domainReserveSecurityLabel(mgr, vm, pid); - virObjectUnlock(mgr); - return ret; + VIR_LOCK_GUARD lock = virObjectLockGuard(mgr); + + if (!mgr->drv->domainReserveSecurityLabel) { + virReportUnsupportedError(); + return -1; } - virReportUnsupportedError(); - return -1; + return mgr->drv->domainReserveSecurityLabel(mgr, vm, pid); } @@ -730,16 +696,14 @@ int virSecurityManagerReleaseLabel(virSecurityManager *mgr, virDomainDef *vm) { - if (mgr->drv->domainReleaseSecurityLabel) { - int ret; - virObjectLock(mgr); - ret = mgr->drv->domainReleaseSecurityLabel(mgr, vm); - virObjectUnlock(mgr); - return ret; + VIR_LOCK_GUARD lock = virObjectLockGuard(mgr); + + if (!mgr->drv->domainReleaseSecurityLabel) { + virReportUnsupportedError(); + return -1; } - virReportUnsupportedError(); - return -1; + return mgr->drv->domainReleaseSecurityLabel(mgr, vm); } @@ -857,18 +821,15 @@ virSecurityManagerSetAllLabel(virSecurityManager *mgr, bool chardevStdioLogd, bool migrated) { - if (mgr->drv->domainSetSecurityAllLabel) { - int ret; - virObjectLock(mgr); - ret = mgr->drv->domainSetSecurityAllLabel(mgr, vm, incomingPath, - chardevStdioLogd, - migrated); - virObjectUnlock(mgr); - return ret; + VIR_LOCK_GUARD lock = virObjectLockGuard(mgr); + + if (!mgr->drv->domainSetSecurityAllLabel) { + virReportUnsupportedError(); + return -1; } - virReportUnsupportedError(); - return -1; + return mgr->drv->domainSetSecurityAllLabel(mgr, vm, incomingPath, + chardevStdioLogd, migrated); } @@ -878,17 +839,15 @@ virSecurityManagerRestoreAllLabel(virSecurityManager *mgr, bool migrated, bool chardevStdioLogd) { - if (mgr->drv->domainRestoreSecurityAllLabel) { - int ret; - virObjectLock(mgr); - ret = mgr->drv->domainRestoreSecurityAllLabel(mgr, vm, migrated, - chardevStdioLogd); - virObjectUnlock(mgr); - return ret; + VIR_LOCK_GUARD lock = virObjectLockGuard(mgr); + + if (!mgr->drv->domainRestoreSecurityAllLabel) { + virReportUnsupportedError(); + return -1; } - virReportUnsupportedError(); - return -1; + return mgr->drv->domainRestoreSecurityAllLabel(mgr, vm, migrated, + chardevStdioLogd); } int @@ -897,16 +856,14 @@ virSecurityManagerGetProcessLabel(virSecurityManager *mgr, pid_t pid, virSecurityLabelPtr sec) { - if (mgr->drv->domainGetSecurityProcessLabel) { - int ret; - virObjectLock(mgr); - ret = mgr->drv->domainGetSecurityProcessLabel(mgr, vm, pid, sec); - virObjectUnlock(mgr); - return ret; + VIR_LOCK_GUARD lock = virObjectLockGuard(mgr); + + if (!mgr->drv->domainGetSecurityProcessLabel) { + virReportUnsupportedError(); + return -1; } - virReportUnsupportedError(); - return -1; + return mgr->drv->domainGetSecurityProcessLabel(mgr, vm, pid, sec); } @@ -914,16 +871,14 @@ int virSecurityManagerSetProcessLabel(virSecurityManager *mgr, virDomainDef *vm) { - if (mgr->drv->domainSetSecurityProcessLabel) { - int ret; - virObjectLock(mgr); - ret = mgr->drv->domainSetSecurityProcessLabel(mgr, vm); - virObjectUnlock(mgr); - return ret; + VIR_LOCK_GUARD lock = virObjectLockGuard(mgr); + + if (!mgr->drv->domainSetSecurityProcessLabel) { + virReportUnsupportedError(); + return -1; } - virReportUnsupportedError(); - return -1; + return mgr->drv->domainSetSecurityProcessLabel(mgr, vm); } @@ -957,12 +912,10 @@ virSecurityManagerVerify(virSecurityManager *mgr, if (secdef == NULL || secdef->model == NULL) return 0; - if (mgr->drv->domainSecurityVerify) { - int ret; - virObjectLock(mgr); - ret = mgr->drv->domainSecurityVerify(mgr, def); - virObjectUnlock(mgr); - return ret; + VIR_WITH_OBJECT_LOCK_GUARD(mgr) { + if (mgr->drv->domainSecurityVerify) { + return mgr->drv->domainSecurityVerify(mgr, def); + } } virReportUnsupportedError(); @@ -975,16 +928,14 @@ virSecurityManagerSetImageFDLabel(virSecurityManager *mgr, virDomainDef *vm, int fd) { - if (mgr->drv->domainSetSecurityImageFDLabel) { - int ret; - virObjectLock(mgr); - ret = mgr->drv->domainSetSecurityImageFDLabel(mgr, vm, fd); - virObjectUnlock(mgr); - return ret; + VIR_LOCK_GUARD lock = virObjectLockGuard(mgr); + + if (!mgr->drv->domainSetSecurityImageFDLabel) { + virReportUnsupportedError(); + return -1; } - virReportUnsupportedError(); - return -1; + return mgr->drv->domainSetSecurityImageFDLabel(mgr, vm, fd); } @@ -993,16 +944,14 @@ virSecurityManagerSetTapFDLabel(virSecurityManager *mgr, virDomainDef *vm, int fd) { - if (mgr->drv->domainSetSecurityTapFDLabel) { - int ret; - virObjectLock(mgr); - ret = mgr->drv->domainSetSecurityTapFDLabel(mgr, vm, fd); - virObjectUnlock(mgr); - return ret; + VIR_LOCK_GUARD lock = virObjectLockGuard(mgr); + + if (!mgr->drv->domainSetSecurityTapFDLabel) { + virReportUnsupportedError(); + return -1; } - virReportUnsupportedError(); - return -1; + return mgr->drv->domainSetSecurityTapFDLabel(mgr, vm, fd); } @@ -1010,16 +959,14 @@ char * virSecurityManagerGetMountOptions(virSecurityManager *mgr, virDomainDef *vm) { - if (mgr->drv->domainGetSecurityMountOptions) { - char *ret; - virObjectLock(mgr); - ret = mgr->drv->domainGetSecurityMountOptions(mgr, vm); - virObjectUnlock(mgr); - return ret; + VIR_LOCK_GUARD lock = virObjectLockGuard(mgr); + + if (!mgr->drv->domainGetSecurityMountOptions) { + virReportUnsupportedError(); + return NULL; } - virReportUnsupportedError(); - return NULL; + return mgr->drv->domainGetSecurityMountOptions(mgr, vm); } @@ -1059,15 +1006,12 @@ virSecurityManagerDomainSetPathLabel(virSecurityManager *mgr, const char *path, bool allowSubtree) { - if (mgr->drv->domainSetPathLabel) { - int ret; - virObjectLock(mgr); - ret = mgr->drv->domainSetPathLabel(mgr, vm, path, allowSubtree); - virObjectUnlock(mgr); - return ret; - } + VIR_LOCK_GUARD lock = virObjectLockGuard(mgr); - return 0; + if (!mgr->drv->domainSetPathLabel) + return 0; + + return mgr->drv->domainSetPathLabel(mgr, vm, path, allowSubtree); } @@ -1088,15 +1032,12 @@ virSecurityManagerDomainSetPathLabelRO(virSecurityManager *mgr, virDomainDef *vm, const char *path) { - if (mgr->drv->domainSetPathLabelRO) { - int ret; - virObjectLock(mgr); - ret = mgr->drv->domainSetPathLabelRO(mgr, vm, path); - virObjectUnlock(mgr); - return ret; - } + VIR_LOCK_GUARD lock = virObjectLockGuard(mgr); - return 0; + if (!mgr->drv->domainSetPathLabelRO) + return 0; + + return mgr->drv->domainSetPathLabelRO(mgr, vm, path); } /** @@ -1115,15 +1056,12 @@ virSecurityManagerDomainRestorePathLabel(virSecurityManager *mgr, virDomainDef *vm, const char *path) { - if (mgr->drv->domainRestorePathLabel) { - int ret; - virObjectLock(mgr); - ret = mgr->drv->domainRestorePathLabel(mgr, vm, path); - virObjectUnlock(mgr); - return ret; - } + VIR_LOCK_GUARD lock = virObjectLockGuard(mgr); - return 0; + if (!mgr->drv->domainRestorePathLabel) + return 0; + + return mgr->drv->domainRestorePathLabel(mgr, vm, path); } @@ -1143,16 +1081,14 @@ virSecurityManagerSetMemoryLabel(virSecurityManager *mgr, virDomainDef *vm, virDomainMemoryDef *mem) { - if (mgr->drv->domainSetSecurityMemoryLabel) { - int ret; - virObjectLock(mgr); - ret = mgr->drv->domainSetSecurityMemoryLabel(mgr, vm, mem); - virObjectUnlock(mgr); - return ret; + VIR_LOCK_GUARD lock = virObjectLockGuard(mgr); + + if (!mgr->drv->domainSetSecurityMemoryLabel) { + virReportUnsupportedError(); + return -1; } - virReportUnsupportedError(); - return -1; + return mgr->drv->domainSetSecurityMemoryLabel(mgr, vm, mem); } @@ -1171,16 +1107,14 @@ virSecurityManagerRestoreMemoryLabel(virSecurityManager *mgr, virDomainDef *vm, virDomainMemoryDef *mem) { - if (mgr->drv->domainRestoreSecurityMemoryLabel) { - int ret; - virObjectLock(mgr); - ret = mgr->drv->domainRestoreSecurityMemoryLabel(mgr, vm, mem); - virObjectUnlock(mgr); - return ret; + VIR_LOCK_GUARD lock = virObjectLockGuard(mgr); + + if (!mgr->drv->domainRestoreSecurityMemoryLabel) { + virReportUnsupportedError(); + return -1; } - virReportUnsupportedError(); - return -1; + return mgr->drv->domainRestoreSecurityMemoryLabel(mgr, vm, mem); } @@ -1189,16 +1123,14 @@ virSecurityManagerSetInputLabel(virSecurityManager *mgr, virDomainDef *vm, virDomainInputDef *input) { - if (mgr->drv->domainSetSecurityInputLabel) { - int ret; - virObjectLock(mgr); - ret = mgr->drv->domainSetSecurityInputLabel(mgr, vm, input); - virObjectUnlock(mgr); - return ret; + VIR_LOCK_GUARD lock = virObjectLockGuard(mgr); + + if (!mgr->drv->domainSetSecurityInputLabel) { + virReportUnsupportedError(); + return -1; } - virReportUnsupportedError(); - return -1; + return mgr->drv->domainSetSecurityInputLabel(mgr, vm, input); } @@ -1207,16 +1139,14 @@ virSecurityManagerRestoreInputLabel(virSecurityManager *mgr, virDomainDef *vm, virDomainInputDef *input) { - if (mgr->drv->domainRestoreSecurityInputLabel) { - int ret; - virObjectLock(mgr); - ret = mgr->drv->domainRestoreSecurityInputLabel(mgr, vm, input); - virObjectUnlock(mgr); - return ret; + VIR_LOCK_GUARD lock = virObjectLockGuard(mgr); + + if (!mgr->drv->domainRestoreSecurityInputLabel) { + virReportUnsupportedError(); + return -1; } - virReportUnsupportedError(); - return -1; + return mgr->drv->domainRestoreSecurityInputLabel(mgr, vm, input); } @@ -1226,17 +1156,15 @@ virSecurityManagerSetChardevLabel(virSecurityManager *mgr, virDomainChrSourceDef *dev_source, bool chardevStdioLogd) { - if (mgr->drv->domainSetSecurityChardevLabel) { - int ret; - virObjectLock(mgr); - ret = mgr->drv->domainSetSecurityChardevLabel(mgr, def, dev_source, - chardevStdioLogd); - virObjectUnlock(mgr); - return ret; + VIR_LOCK_GUARD lock = virObjectLockGuard(mgr); + + if (!mgr->drv->domainSetSecurityChardevLabel) { + virReportUnsupportedError(); + return -1; } - virReportUnsupportedError(); - return -1; + return mgr->drv->domainSetSecurityChardevLabel(mgr, def, dev_source, + chardevStdioLogd); } @@ -1246,17 +1174,15 @@ virSecurityManagerRestoreChardevLabel(virSecurityManager *mgr, virDomainChrSourceDef *dev_source, bool chardevStdioLogd) { - if (mgr->drv->domainRestoreSecurityChardevLabel) { - int ret; - virObjectLock(mgr); - ret = mgr->drv->domainRestoreSecurityChardevLabel(mgr, def, dev_source, - chardevStdioLogd); - virObjectUnlock(mgr); - return ret; + VIR_LOCK_GUARD lock = virObjectLockGuard(mgr); + + if (!mgr->drv->domainRestoreSecurityChardevLabel) { + virReportUnsupportedError(); + return -1; } - virReportUnsupportedError(); - return -1; + return mgr->drv->domainRestoreSecurityChardevLabel(mgr, def, dev_source, + chardevStdioLogd); } @@ -1264,17 +1190,12 @@ int virSecurityManagerSetTPMLabels(virSecurityManager *mgr, virDomainDef *vm) { - int ret; - - if (mgr->drv->domainSetSecurityTPMLabels) { - virObjectLock(mgr); - ret = mgr->drv->domainSetSecurityTPMLabels(mgr, vm); - virObjectUnlock(mgr); + VIR_LOCK_GUARD lock = virObjectLockGuard(mgr); - return ret; - } + if (!mgr->drv->domainSetSecurityTPMLabels) + return 0; - return 0; + return mgr->drv->domainSetSecurityTPMLabels(mgr, vm); } @@ -1282,17 +1203,12 @@ int virSecurityManagerRestoreTPMLabels(virSecurityManager *mgr, virDomainDef *vm) { - int ret; + VIR_LOCK_GUARD lock = virObjectLockGuard(mgr); - if (mgr->drv->domainRestoreSecurityTPMLabels) { - virObjectLock(mgr); - ret = mgr->drv->domainRestoreSecurityTPMLabels(mgr, vm); - virObjectUnlock(mgr); - - return ret; - } + if (!mgr->drv->domainRestoreSecurityTPMLabels) + return 0; - return 0; + return mgr->drv->domainRestoreSecurityTPMLabels(mgr, vm); } @@ -1301,17 +1217,12 @@ virSecurityManagerSetNetdevLabel(virSecurityManager *mgr, virDomainDef *vm, virDomainNetDef *net) { - int ret; - - if (mgr->drv->domainSetSecurityNetdevLabel) { - virObjectLock(mgr); - ret = mgr->drv->domainSetSecurityNetdevLabel(mgr, vm, net); - virObjectUnlock(mgr); + VIR_LOCK_GUARD lock = virObjectLockGuard(mgr); - return ret; - } + if (!mgr->drv->domainSetSecurityNetdevLabel) + return 0; - return 0; + return mgr->drv->domainSetSecurityNetdevLabel(mgr, vm, net); } @@ -1320,17 +1231,12 @@ virSecurityManagerRestoreNetdevLabel(virSecurityManager *mgr, virDomainDef *vm, virDomainNetDef *net) { - int ret; - - if (mgr->drv->domainRestoreSecurityNetdevLabel) { - virObjectLock(mgr); - ret = mgr->drv->domainRestoreSecurityNetdevLabel(mgr, vm, net); - virObjectUnlock(mgr); + VIR_LOCK_GUARD lock = virObjectLockGuard(mgr); - return ret; - } + if (!mgr->drv->domainRestoreSecurityNetdevLabel) + return 0; - return 0; + return mgr->drv->domainRestoreSecurityNetdevLabel(mgr, vm, net); } |