}
+int
+qemuDomainNamespaceSetupInput(virDomainObjPtr vm,
+ virDomainInputDefPtr input)
+{
+ qemuDomainObjPrivatePtr priv = vm->privateData;
+ virQEMUDriverPtr driver = priv->driver;
+ virQEMUDriverConfigPtr cfg = NULL;
+ char **devMountsPath = NULL;
+ size_t ndevMountsPath = 0;
+ const char *path = NULL;
+ int ret = -1;
+
+ if (!(path = virDomainInputDefGetPath(input)))
+ return 0;
+
+ if (!qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT))
+ return 0;
+
+ cfg = virQEMUDriverGetConfig(driver);
+ if (qemuDomainGetPreservedMounts(cfg, vm,
+ &devMountsPath, NULL,
+ &ndevMountsPath) < 0)
+ goto cleanup;
+
+ if (qemuDomainAttachDeviceMknod(driver, vm, path,
+ devMountsPath, ndevMountsPath) < 0)
+ goto cleanup;
+
+ ret = 0;
+ cleanup:
+ virStringListFreeCount(devMountsPath, ndevMountsPath);
+ virObjectUnref(cfg);
+ return ret;
+}
+
+
+int
+qemuDomainNamespaceTeardownInput(virDomainObjPtr vm,
+ virDomainInputDefPtr input)
+{
+ qemuDomainObjPrivatePtr priv = vm->privateData;
+ virQEMUDriverPtr driver = priv->driver;
+ virQEMUDriverConfigPtr cfg = NULL;
+ char **devMountsPath = NULL;
+ size_t ndevMountsPath = 0;
+ const char *path = NULL;
+ int ret = -1;
+
+ if (!(path = virDomainInputDefGetPath(input)))
+ return 0;
+
+ if (!qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT))
+ return 0;
+
+ cfg = virQEMUDriverGetConfig(driver);
+ if (qemuDomainGetPreservedMounts(cfg, vm,
+ &devMountsPath, NULL,
+ &ndevMountsPath) < 0)
+ goto cleanup;
+
+ if (qemuDomainDetachDeviceUnlink(driver, vm, path,
+ devMountsPath, ndevMountsPath) < 0)
+ goto cleanup;
+
+ ret = 0;
+ cleanup:
+ virStringListFreeCount(devMountsPath, ndevMountsPath);
+ virObjectUnref(cfg);
+ return ret;
+}
+
+
/**
* qemuDomainDiskLookupByNodename:
* @def: domain definition to look for the disk
virDomainObjPtr vm,
virDomainRNGDefPtr rng);
+int qemuDomainNamespaceSetupInput(virDomainObjPtr vm,
+ virDomainInputDefPtr input);
+
+int qemuDomainNamespaceTeardownInput(virDomainObjPtr vm,
+ virDomainInputDefPtr input);
+
virDomainDiskDefPtr qemuDomainDiskLookupByNodename(virDomainDefPtr def,
const char *nodename,
virStorageSourcePtr *src,
virSecurityManagerTransactionAbort(driver->securityManager);
return ret;
}
+
+
+int
+qemuSecuritySetInputLabel(virDomainObjPtr vm,
+ virDomainInputDefPtr input)
+{
+ qemuDomainObjPrivatePtr priv = vm->privateData;
+ virQEMUDriverPtr driver = priv->driver;
+ int ret = -1;
+
+ if (qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT) &&
+ virSecurityManagerTransactionStart(driver->securityManager) < 0)
+ goto cleanup;
+
+ if (virSecurityManagerSetInputLabel(driver->securityManager,
+ vm->def,
+ input) < 0)
+ goto cleanup;
+
+ if (qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT) &&
+ virSecurityManagerTransactionCommit(driver->securityManager,
+ vm->pid) < 0)
+ goto cleanup;
+
+ ret = 0;
+ cleanup:
+ virSecurityManagerTransactionAbort(driver->securityManager);
+ return ret;
+}
+
+
+int
+qemuSecurityRestoreInputLabel(virDomainObjPtr vm,
+ virDomainInputDefPtr input)
+{
+ qemuDomainObjPrivatePtr priv = vm->privateData;
+ virQEMUDriverPtr driver = priv->driver;
+ int ret = -1;
+
+ if (qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT) &&
+ virSecurityManagerTransactionStart(driver->securityManager) < 0)
+ goto cleanup;
+
+ if (virSecurityManagerRestoreInputLabel(driver->securityManager,
+ vm->def,
+ input) < 0)
+ goto cleanup;
+
+ if (qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT) &&
+ virSecurityManagerTransactionCommit(driver->securityManager,
+ vm->pid) < 0)
+ goto cleanup;
+
+ ret = 0;
+ cleanup:
+ virSecurityManagerTransactionAbort(driver->securityManager);
+ return ret;
+}
virDomainObjPtr vm,
virDomainMemoryDefPtr mem);
+int qemuSecuritySetInputLabel(virDomainObjPtr vm,
+ virDomainInputDefPtr input);
+
+int qemuSecurityRestoreInputLabel(virDomainObjPtr vm,
+ virDomainInputDefPtr input);
+
/* Please note that for these APIs there is no wrapper yet. Do NOT blindly add
* new APIs here. If an API can touch a /dev file add a proper wrapper instead.
*/
projects / libvirt.git / commitdiff