security: Add virSecurityDomainSetDirLabel

That function can be used for setting security labels on arbitrary
directories.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
(cherry picked from commit f65a2a12f4b9ab6144a979774f0486cdc4f7a60a)
This commit is contained in:
Martin Kletzander 2015-08-17 10:43:43 -07:00 committed by Cole Robinson
parent 6fb8fbad9f
commit 5290876dbc
4 changed files with 27 additions and 0 deletions

View File

@ -1021,6 +1021,7 @@ virSecurityDriverLookup;
# security/security_manager.h # security/security_manager.h
virSecurityManagerCheckAllLabel; virSecurityManagerCheckAllLabel;
virSecurityManagerClearSocketLabel; virSecurityManagerClearSocketLabel;
virSecurityManagerDomainSetDirLabel;
virSecurityManagerGenLabel; virSecurityManagerGenLabel;
virSecurityManagerGetBaseLabel; virSecurityManagerGetBaseLabel;
virSecurityManagerGetDOI; virSecurityManagerGetDOI;

View File

@ -118,6 +118,9 @@ typedef int (*virSecurityDomainSetImageLabel) (virSecurityManagerPtr mgr,
typedef int (*virSecurityDomainRestoreImageLabel) (virSecurityManagerPtr mgr, typedef int (*virSecurityDomainRestoreImageLabel) (virSecurityManagerPtr mgr,
virDomainDefPtr def, virDomainDefPtr def,
virStorageSourcePtr src); virStorageSourcePtr src);
typedef int (*virSecurityDomainSetDirLabel) (virSecurityManagerPtr mgr,
virDomainDefPtr def,
const char *path);
struct _virSecurityDriver { struct _virSecurityDriver {
@ -168,6 +171,8 @@ struct _virSecurityDriver {
virSecurityDomainSetHugepages domainSetSecurityHugepages; virSecurityDomainSetHugepages domainSetSecurityHugepages;
virSecurityDriverGetBaseLabel getBaseLabel; virSecurityDriverGetBaseLabel getBaseLabel;
virSecurityDomainSetDirLabel domainSetDirLabel;
}; };
virSecurityDriverPtr virSecurityDriverLookup(const char *name, virSecurityDriverPtr virSecurityDriverLookup(const char *name,

View File

@ -1006,3 +1006,20 @@ virSecurityManagerSetHugepages(virSecurityManagerPtr mgr,
return 0; return 0;
} }
int
virSecurityManagerDomainSetDirLabel(virSecurityManagerPtr mgr,
virDomainDefPtr vm,
const char *path)
{
if (mgr->drv->domainSetDirLabel) {
int ret;
virObjectLock(mgr);
ret = mgr->drv->domainSetDirLabel(mgr, vm, path);
virObjectUnlock(mgr);
return ret;
}
return 0;
}

View File

@ -153,4 +153,8 @@ int virSecurityManagerRestoreImageLabel(virSecurityManagerPtr mgr,
virDomainDefPtr vm, virDomainDefPtr vm,
virStorageSourcePtr src); virStorageSourcePtr src);
int virSecurityManagerDomainSetDirLabel(virSecurityManagerPtr mgr,
virDomainDefPtr vm,
const char *path);
#endif /* VIR_SECURITY_MANAGER_H__ */ #endif /* VIR_SECURITY_MANAGER_H__ */