From 4d7194ab0b86772ea1a25eaf0e5e7e69fa2ba5e9 Mon Sep 17 00:00:00 2001
From: tangbinzy <tangbin_yewu@cmss.chinamobile.com>
Date: Wed, 30 Nov 2022 07:32:05 +0000
Subject: [PATCH 10/24] security_util: Don't error on macOS when 
 getting/setting/moving XATTRs There are three internal APIs implemented in
 this security_util file: virSecurityGetRememberedLabel(),
 virSecuritySetRememberedLabel() and virSecurityMoveRememberedLabel() for
 getting, setting and moving remembered seclabel. All three have a special
 return value of -2 when XATTRs are not supported (for whatever reason) and
 callers are expected to handle it gracefully. However, after my commit of
 v5.7.0-rc1~115 it may happen that one of the three functions returned -1 even
 though XATTRs are not supported (and thus -2 should have been returned).

Fixes: 7cfb7aab573a031880a1f4fd20747843fea109ba
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Roman Bolshakov <r.bolshakov@yadro.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>

Signed-off-by: tangbin <tangbin_yewu@cmss.chinamobile.com>
(cherry-pick from d337543f06e43006869310adc3c0e60d76516ca9)
---
 src/security/security_util.c | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

diff --git a/src/security/security_util.c b/src/security/security_util.c
index 4f661fd75e..5503f18ffb 100644
--- a/src/security/security_util.c
+++ b/src/security/security_util.c
@@ -272,8 +272,11 @@ virSecurityGetRememberedLabel(const char *name,
 
     *label = NULL;
 
-    if (!(ref_name = virSecurityGetRefCountAttrName(name)))
+    if (!(ref_name = virSecurityGetRefCountAttrName(name))) {
+        if (errno == ENOSYS)
+            return -2;
         return -1;
+    }
 
     if (virFileGetXAttrQuiet(path, ref_name, &value) < 0) {
         if (errno == ENOSYS || errno == ENODATA || errno == ENOTSUP)
@@ -367,8 +370,11 @@ virSecuritySetRememberedLabel(const char *name,
     g_autofree char *value = NULL;
     unsigned int refcount = 0;
 
-    if (!(ref_name = virSecurityGetRefCountAttrName(name)))
+    if (!(ref_name = virSecurityGetRefCountAttrName(name))) {
+        if (errno == ENOSYS)
+            return -2;
         return -1;
+    }
 
     if (virFileGetXAttrQuiet(path, ref_name, &value) < 0) {
         if (errno == ENOSYS || errno == ENOTSUP) {
@@ -455,8 +461,11 @@ virSecurityMoveRememberedLabel(const char *name,
 
     if (!(ref_name = virSecurityGetRefCountAttrName(name)) ||
         !(attr_name = virSecurityGetAttrName(name)) ||
-        !(timestamp_name = virSecurityGetTimestampAttrName(name)))
+        !(timestamp_name = virSecurityGetTimestampAttrName(name))) {
+        if (errno == ENOSYS)
+            return -2;
         return -1;
+    }
 
     if (virFileGetXAttrQuiet(src, ref_name, &ref_value) < 0) {
         if (errno == ENOSYS || errno == ENOTSUP) {
-- 
2.27.0