virSecurityManagerReleaseLabel;
virSecurityManagerReserveLabel;
virSecurityManagerRestoreAllLabel;
+virSecurityManagerRestoreChardevLabel;
virSecurityManagerRestoreDiskLabel;
virSecurityManagerRestoreHostdevLabel;
virSecurityManagerRestoreImageLabel;
virSecurityManagerRestoreMemoryLabel;
virSecurityManagerRestoreSavedStateLabel;
virSecurityManagerSetAllLabel;
+virSecurityManagerSetChardevLabel;
virSecurityManagerSetChildProcessLabel;
virSecurityManagerSetDaemonSocketLabel;
virSecurityManagerSetDiskLabel;
.getBaseLabel = virSecurityDACGetBaseLabel,
.domainSetPathLabel = virSecurityDACDomainSetPathLabel,
+
+ .domainSetSecurityChardevLabel = virSecurityDACSetChardevLabel,
+ .domainRestoreSecurityChardevLabel = virSecurityDACRestoreChardevLabel,
};
typedef int (*virSecurityDomainSetPathLabel) (virSecurityManagerPtr mgr,
virDomainDefPtr def,
const char *path);
+typedef int (*virSecurityDomainSetChardevLabel) (virSecurityManagerPtr mgr,
+ virDomainDefPtr def,
+ virDomainChrSourceDefPtr dev_source,
+ bool chardevStdioLogd);
+typedef int (*virSecurityDomainRestoreChardevLabel) (virSecurityManagerPtr mgr,
+ virDomainDefPtr def,
+ virDomainChrSourceDefPtr dev_source,
+ bool chardevStdioLogd);
struct _virSecurityDriver {
virSecurityDriverGetBaseLabel getBaseLabel;
virSecurityDomainSetPathLabel domainSetPathLabel;
+
+ virSecurityDomainSetChardevLabel domainSetSecurityChardevLabel;
+ virSecurityDomainRestoreChardevLabel domainRestoreSecurityChardevLabel;
};
virSecurityDriverPtr virSecurityDriverLookup(const char *name,
virReportUnsupportedError();
return -1;
}
+
+
+int
+virSecurityManagerSetChardevLabel(virSecurityManagerPtr mgr,
+ virDomainDefPtr def,
+ virDomainChrSourceDefPtr dev_source,
+ bool chardevStdioLogd)
+{
+ if (mgr->drv->domainSetSecurityChardevLabel) {
+ int ret;
+ virObjectLock(mgr);
+ ret = mgr->drv->domainSetSecurityChardevLabel(mgr, def, dev_source,
+ chardevStdioLogd);
+ virObjectUnlock(mgr);
+ return ret;
+ }
+
+ virReportUnsupportedError();
+ return -1;
+}
+
+
+int
+virSecurityManagerRestoreChardevLabel(virSecurityManagerPtr mgr,
+ virDomainDefPtr def,
+ virDomainChrSourceDefPtr dev_source,
+ bool chardevStdioLogd)
+{
+ if (mgr->drv->domainRestoreSecurityChardevLabel) {
+ int ret;
+ virObjectLock(mgr);
+ ret = mgr->drv->domainRestoreSecurityChardevLabel(mgr, def, dev_source,
+ chardevStdioLogd);
+ virObjectUnlock(mgr);
+ return ret;
+ }
+
+ virReportUnsupportedError();
+ return -1;
+}
virDomainDefPtr vm,
const char *path);
+int virSecurityManagerSetChardevLabel(virSecurityManagerPtr mgr,
+ virDomainDefPtr def,
+ virDomainChrSourceDefPtr dev_source,
+ bool chardevStdioLogd);
+
+int virSecurityManagerRestoreChardevLabel(virSecurityManagerPtr mgr,
+ virDomainDefPtr def,
+ virDomainChrSourceDefPtr dev_source,
+ bool chardevStdioLogd);
+
#endif /* VIR_SECURITY_MANAGER_H__ */
return 0;
}
+static int
+virSecurityDomainSetChardevLabelNop(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
+ virDomainDefPtr def ATTRIBUTE_UNUSED,
+ virDomainChrSourceDefPtr dev_source ATTRIBUTE_UNUSED,
+ bool chardevStdioLogd ATTRIBUTE_UNUSED)
+{
+ return 0;
+}
+
+static int
+virSecurityDomainRestoreChardevLabelNop(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
+ virDomainDefPtr def ATTRIBUTE_UNUSED,
+ virDomainChrSourceDefPtr dev_source ATTRIBUTE_UNUSED,
+ bool chardevStdioLogd ATTRIBUTE_UNUSED)
+{
+ return 0;
+}
virSecurityDriver virSecurityDriverNop = {
.privateDataLen = 0,
.domainGetSecurityMountOptions = virSecurityDomainGetMountOptionsNop,
.getBaseLabel = virSecurityGetBaseLabel,
+
+ .domainSetSecurityChardevLabel = virSecurityDomainSetChardevLabelNop,
+ .domainRestoreSecurityChardevLabel = virSecurityDomainRestoreChardevLabelNop,
};
.getBaseLabel = virSecuritySELinuxGetBaseLabel,
.domainSetPathLabel = virSecuritySELinuxDomainSetPathLabel,
+
+ .domainSetSecurityChardevLabel = virSecuritySELinuxSetChardevLabel,
+ .domainRestoreSecurityChardevLabel = virSecuritySELinuxRestoreChardevLabel,
};
return rc;
}
+static int
+virSecurityStackDomainSetChardevLabel(virSecurityManagerPtr mgr,
+ virDomainDefPtr def,
+ virDomainChrSourceDefPtr dev_source,
+ bool chardevStdioLogd)
+{
+ virSecurityStackDataPtr priv = virSecurityManagerGetPrivateData(mgr);
+ virSecurityStackItemPtr item = priv->itemsHead;
+ int rc = 0;
+
+ for (; item; item = item->next) {
+ if (virSecurityManagerSetChardevLabel(item->securityManager,
+ def, dev_source,
+ chardevStdioLogd) < 0)
+ rc = -1;
+ }
+
+ return rc;
+}
+
+static int
+virSecurityStackDomainRestoreChardevLabel(virSecurityManagerPtr mgr,
+ virDomainDefPtr def,
+ virDomainChrSourceDefPtr dev_source,
+ bool chardevStdioLogd)
+{
+ virSecurityStackDataPtr priv = virSecurityManagerGetPrivateData(mgr);
+ virSecurityStackItemPtr item = priv->itemsHead;
+ int rc = 0;
+
+ for (; item; item = item->next) {
+ if (virSecurityManagerRestoreChardevLabel(item->securityManager,
+ def, dev_source,
+ chardevStdioLogd) < 0)
+ rc = -1;
+ }
+
+ return rc;
+}
+
virSecurityDriver virSecurityDriverStack = {
.privateDataLen = sizeof(virSecurityStackData),
.name = "stack",
.getBaseLabel = virSecurityStackGetBaseLabel,
.domainSetPathLabel = virSecurityStackDomainSetPathLabel,
+
+ .domainSetSecurityChardevLabel = virSecurityStackDomainSetChardevLabel,
+ .domainRestoreSecurityChardevLabel = virSecurityStackDomainRestoreChardevLabel,
};
projects / libvirt.git / commitdiff