virSecurityManagerReserveLabel;
virSecurityManagerRestoreAllLabel;
virSecurityManagerRestoreChardevLabel;
-virSecurityManagerRestoreDiskLabel;
virSecurityManagerRestoreHostdevLabel;
virSecurityManagerRestoreImageLabel;
virSecurityManagerRestoreInputLabel;
virSecurityManagerSetChardevLabel;
virSecurityManagerSetChildProcessLabel;
virSecurityManagerSetDaemonSocketLabel;
-virSecurityManagerSetDiskLabel;
virSecurityManagerSetHostdevLabel;
virSecurityManagerSetImageFDLabel;
virSecurityManagerSetImageLabel;
/* Labelling normally operates on src, but we need
* to actually label the dst here, so hack the config */
def->src->path = dst;
- if (virSecurityManagerSetDiskLabel(securityDriver, ctrl->def, def) < 0)
+ if (virSecurityManagerSetImageLabel(securityDriver, ctrl->def, def->src,
+ VIR_SECURITY_DOMAIN_IMAGE_LABEL_BACKING_CHAIN) < 0)
goto cleanup;
ret = 0;
virDomainDiskDefPtr def = data->def->data.disk;
char *tmpsrc = def->src->path;
def->src->path = data->file;
- if (virSecurityManagerSetDiskLabel(data->driver->securityManager,
- data->vm->def, def) < 0) {
+ if (virSecurityManagerSetImageLabel(data->driver->securityManager,
+ data->vm->def, def->src,
+ VIR_SECURITY_DOMAIN_IMAGE_LABEL_BACKING_CHAIN) < 0) {
def->src->path = tmpsrc;
goto cleanup;
}
}
-/**
- * virSecurityManagerRestoreDiskLabel:
- * @mgr: security manager object
- * @vm: domain definition object
- * @disk: disk definition to operate on
- *
- * Removes security label from the source image of the disk. Note that this
- * function doesn't restore labels on backing chain elements of @disk.
- *
- * Returns: 0 on success, -1 on error.
- */
-int
-virSecurityManagerRestoreDiskLabel(virSecurityManagerPtr mgr,
- virDomainDefPtr vm,
- virDomainDiskDefPtr disk)
-{
- if (mgr->drv->domainRestoreSecurityImageLabel) {
- int ret;
- virObjectLock(mgr);
- ret = mgr->drv->domainRestoreSecurityImageLabel(mgr, vm, disk->src,
- VIR_SECURITY_DOMAIN_IMAGE_LABEL_BACKING_CHAIN);
- virObjectUnlock(mgr);
- return ret;
- }
-
- virReportUnsupportedError();
- return -1;
-}
-
-
/**
* virSecurityManagerRestoreImageLabel:
* @mgr: security manager object
}
-/**
- * virSecurityManagerSetDiskLabel:
- * @mgr: security manager object
- * @vm: domain definition object
- * @disk: disk definition to operate on
- *
- * Labels the disk image and all images in the backing chain with the configured
- * security label.
- *
- * Returns: 0 on success, -1 on error.
- */
-int
-virSecurityManagerSetDiskLabel(virSecurityManagerPtr mgr,
- virDomainDefPtr vm,
- virDomainDiskDefPtr disk)
-{
- if (mgr->drv->domainSetSecurityImageLabel) {
- int ret;
- virObjectLock(mgr);
- ret = mgr->drv->domainSetSecurityImageLabel(mgr, vm, disk->src,
- VIR_SECURITY_DOMAIN_IMAGE_LABEL_BACKING_CHAIN);
- virObjectUnlock(mgr);
- return ret;
- }
-
- virReportUnsupportedError();
- return -1;
-}
-
-
/**
* virSecurityManagerSetImageLabel:
* @mgr: security manager object
bool virSecurityManagerGetRequireConfined(virSecurityManagerPtr mgr);
bool virSecurityManagerGetPrivileged(virSecurityManagerPtr mgr);
-int virSecurityManagerRestoreDiskLabel(virSecurityManagerPtr mgr,
- virDomainDefPtr def,
- virDomainDiskDefPtr disk);
int virSecurityManagerSetDaemonSocketLabel(virSecurityManagerPtr mgr,
virDomainDefPtr vm);
int virSecurityManagerSetSocketLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def);
int virSecurityManagerClearSocketLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def);
-int virSecurityManagerSetDiskLabel(virSecurityManagerPtr mgr,
- virDomainDefPtr def,
- virDomainDiskDefPtr disk);
int virSecurityManagerRestoreHostdevLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def,
virDomainHostdevDefPtr dev,
projects / libvirt.git / commitdiff