virtmgr: check SELinux label of non-partition disk images Test: m Bug: 393087663 Change-Id: Idc0965f46f37830e296d1f1e2a075bbcbf81360c

commit: 9539fb5b0317c04c82eda48ba3de6abc22df7ce3 [log] [tgz]
author: Frederick Mayle <fmayle@google.com> Thu Feb 13 13:08:15 2025 -0800
committer: Frederick Mayle <fmayle@google.com> Thu Feb 13 15:37:27 2025 -0800
tree: 734a268c4525c32a50d0f2a3820e99d95f1e1889
parent: 50c2b6a83c2a913848de22a4ac34538c4a8bdec9 [diff]
diff --git a/android/virtmgr/src/aidl.rs b/android/virtmgr/src/aidl.rs
index 5a52921..cc6141e 100644
--- a/android/virtmgr/src/aidl.rs
+++ b/android/virtmgr/src/aidl.rs

@@ -717,6 +717,12 @@
             config
                 .disks
                 .iter()
+                .flat_map(|disk| disk.image.as_ref())
+                .try_for_each(|image| check_label_for_file(image, "disk image", calling_partition))
+                .or_service_specific_exception(-1)?;
+            config
+                .disks
+                .iter()
                 .flat_map(|disk| disk.partitions.iter())
                 .filter(|partition| {
                     if is_app_config {
@@ -1592,7 +1598,7 @@
     Ok(())
 }
 fn check_label_for_file(
-    file: &File,
+    file: &impl AsRawFd,
     name: &str,
     calling_partition: CallingPartition,
 ) -> Result<()> {
commit	9539fb5b0317c04c82eda48ba3de6abc22df7ce3	[log] [tgz]
author	Frederick Mayle <fmayle@google.com>	Thu Feb 13 13:08:15 2025 -0800
committer	Frederick Mayle <fmayle@google.com>	Thu Feb 13 15:37:27 2025 -0800
tree	734a268c4525c32a50d0f2a3820e99d95f1e1889
parent	50c2b6a83c2a913848de22a4ac34538c4a8bdec9 [diff]