2009-03-03 09:44:41 +00:00
|
|
|
/*
|
|
|
|
|
* Copyright (C) 2008 Red Hat, Inc.
|
|
|
|
|
*
|
|
|
|
|
* This library is free software; you can redistribute it and/or
|
|
|
|
|
* modify it under the terms of the GNU Lesser General Public
|
|
|
|
|
* License as published by the Free Software Foundation; either
|
|
|
|
|
* version 2.1 of the License, or (at your option) any later version.
|
|
|
|
|
*
|
|
|
|
|
* Authors:
|
|
|
|
|
* James Morris <jmorris@namei.org>
|
|
|
|
|
*
|
|
|
|
|
*/
|
|
|
|
|
#ifndef __VIR_SECURITY_H__
|
|
|
|
|
#define __VIR_SECURITY_H__
|
|
|
|
|
|
|
|
|
|
#include "internal.h"
|
|
|
|
|
#include "domain_conf.h"
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Return values for security driver probing: the driver will determine
|
|
|
|
|
* whether it should be enabled or disabled.
|
|
|
|
|
*/
|
|
|
|
|
typedef enum {
|
|
|
|
|
SECURITY_DRIVER_ENABLE = 0,
|
|
|
|
|
SECURITY_DRIVER_ERROR = -1,
|
|
|
|
|
SECURITY_DRIVER_DISABLE = -2,
|
|
|
|
|
} virSecurityDriverStatus;
|
|
|
|
|
|
|
|
|
|
typedef struct _virSecurityDriver virSecurityDriver;
|
|
|
|
|
typedef virSecurityDriver *virSecurityDriverPtr;
|
|
|
|
|
typedef virSecurityDriverStatus (*virSecurityDriverProbe) (void);
|
|
|
|
|
typedef int (*virSecurityDriverOpen) (virConnectPtr conn,
|
|
|
|
|
virSecurityDriverPtr drv);
|
|
|
|
|
typedef int (*virSecurityDomainRestoreImageLabel) (virConnectPtr conn,
|
2009-10-07 10:36:35 +00:00
|
|
|
virDomainObjPtr vm,
|
2009-03-17 11:35:40 +00:00
|
|
|
virDomainDiskDefPtr disk);
|
2009-03-03 09:44:41 +00:00
|
|
|
typedef int (*virSecurityDomainSetImageLabel) (virConnectPtr conn,
|
|
|
|
|
virDomainObjPtr vm,
|
2009-03-17 11:35:40 +00:00
|
|
|
virDomainDiskDefPtr disk);
|
2009-08-14 13:23:11 +00:00
|
|
|
typedef int (*virSecurityDomainRestoreHostdevLabel) (virConnectPtr conn,
|
|
|
|
|
virDomainHostdevDefPtr dev);
|
|
|
|
|
typedef int (*virSecurityDomainSetHostdevLabel) (virConnectPtr conn,
|
|
|
|
|
virDomainObjPtr vm,
|
|
|
|
|
virDomainHostdevDefPtr dev);
|
2009-03-03 15:18:24 +00:00
|
|
|
typedef int (*virSecurityDomainGenLabel) (virConnectPtr conn,
|
|
|
|
|
virDomainObjPtr sec);
|
2009-06-12 11:38:50 +00:00
|
|
|
typedef int (*virSecurityDomainReserveLabel) (virConnectPtr conn,
|
|
|
|
|
virDomainObjPtr sec);
|
2009-03-03 09:44:41 +00:00
|
|
|
typedef int (*virSecurityDomainGetLabel) (virConnectPtr conn,
|
|
|
|
|
virDomainObjPtr vm,
|
|
|
|
|
virSecurityLabelPtr sec);
|
|
|
|
|
typedef int (*virSecurityDomainRestoreLabel) (virConnectPtr conn,
|
|
|
|
|
virDomainObjPtr vm);
|
|
|
|
|
typedef int (*virSecurityDomainSetLabel) (virConnectPtr conn,
|
|
|
|
|
virSecurityDriverPtr drv,
|
|
|
|
|
virDomainObjPtr vm);
|
2009-04-03 10:55:51 +00:00
|
|
|
typedef int (*virSecurityDomainSecurityVerify) (virConnectPtr conn,
|
|
|
|
|
virDomainDefPtr def);
|
2009-03-03 09:44:41 +00:00
|
|
|
|
|
|
|
|
struct _virSecurityDriver {
|
|
|
|
|
const char *name;
|
|
|
|
|
virSecurityDriverProbe probe;
|
|
|
|
|
virSecurityDriverOpen open;
|
2009-04-03 10:55:51 +00:00
|
|
|
virSecurityDomainSecurityVerify domainSecurityVerify;
|
2009-03-03 09:44:41 +00:00
|
|
|
virSecurityDomainRestoreImageLabel domainRestoreSecurityImageLabel;
|
|
|
|
|
virSecurityDomainSetImageLabel domainSetSecurityImageLabel;
|
|
|
|
|
virSecurityDomainGenLabel domainGenSecurityLabel;
|
2009-06-12 11:38:50 +00:00
|
|
|
virSecurityDomainReserveLabel domainReserveSecurityLabel;
|
2009-03-03 09:44:41 +00:00
|
|
|
virSecurityDomainGetLabel domainGetSecurityLabel;
|
|
|
|
|
virSecurityDomainSetLabel domainSetSecurityLabel;
|
|
|
|
|
virSecurityDomainRestoreLabel domainRestoreSecurityLabel;
|
2009-08-14 13:23:11 +00:00
|
|
|
virSecurityDomainRestoreHostdevLabel domainRestoreSecurityHostdevLabel;
|
|
|
|
|
virSecurityDomainSetHostdevLabel domainSetSecurityHostdevLabel;
|
2009-03-03 09:44:41 +00:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* This is internally managed driver state and should only be accessed
|
|
|
|
|
* via helpers below.
|
|
|
|
|
*/
|
|
|
|
|
struct {
|
|
|
|
|
char doi[VIR_SECURITY_DOI_BUFLEN];
|
|
|
|
|
} _private;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
/* Global methods */
|
|
|
|
|
int virSecurityDriverStartup(virSecurityDriverPtr *drv,
|
|
|
|
|
const char *name);
|
|
|
|
|
|
2009-04-03 10:55:51 +00:00
|
|
|
int
|
|
|
|
|
virSecurityDriverVerify(virConnectPtr conn, virDomainDefPtr def);
|
|
|
|
|
|
2009-03-03 09:44:41 +00:00
|
|
|
void
|
|
|
|
|
virSecurityReportError(virConnectPtr conn, int code, const char *fmt, ...)
|
Fix misc Win32 compile warnings
GCC >= 4.4 assumes the 'printf' attribute refers to the native
runtime libraries format specifiers. Thanks to gnulib, libvirt
has GNU format specifiers everywhere. This means we need to
use 'gnu_printf' with GCC >= 4.4 to get correct compiler
checking of printf format specifiers.
* HACKING: Document new rules for ATTRIBUTE_FMT_PRINTF
* autobuild.sh, mingw32-libvirt.spec.in: Disable OpenNebula
driver on mingw32 builds
* qemud/dispatch.h, qemud/qemu.h, src/buf.h src/internal.h,
src/logging.h, src/security.h, src/sexpr.h, src/util.h,
src/virterror_internal.h, src/xend_internal.c: Change
over to ATTRIBUTE_FMT_PRINTF.
* src/virsh.c: Disable 'cd' and 'pwd' commands on Win32
since they don't compile
* src/threads-win32.c: Add missing return value check
2009-07-23 15:07:32 +00:00
|
|
|
ATTRIBUTE_FMT_PRINTF(3, 4);
|
2009-03-03 09:44:41 +00:00
|
|
|
|
|
|
|
|
/* Helpers */
|
|
|
|
|
void virSecurityDriverInit(virSecurityDriverPtr drv);
|
|
|
|
|
int virSecurityDriverSetDOI(virConnectPtr conn,
|
|
|
|
|
virSecurityDriverPtr drv,
|
|
|
|
|
const char *doi);
|
|
|
|
|
const char *virSecurityDriverGetDOI(virSecurityDriverPtr drv);
|
|
|
|
|
const char *virSecurityDriverGetModel(virSecurityDriverPtr drv);
|
|
|
|
|
|
|
|
|
|
#endif /* __VIR_SECURITY_H__ */
|
