mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2024-09-24 08:25:45 +00:00
5247b0695a
The libvirt sanlock plugin is intentionally leaking a file descriptor to QEMU. To enable QEMU to use this FD under SELinux, it must be labelled correctly. We dont want to use the svirt_image_t for this, since QEMU must not be allowed to actually use the FD. So instead we label it with svirt_t using virSecurityManagerSetProcessFDLabel * src/locking/domain_lock.c, src/locking/domain_lock.h, src/locking/lock_driver.h, src/locking/lock_driver_nop.c, src/locking/lock_driver_sanlock.c, src/locking/lock_manager.c, src/locking/lock_manager.h: Optionally pass an FD back to the hypervisor for security driver labelling * src/qemu/qemu_process.c: label the lock manager plugin FD with the process label
67 lines
2.6 KiB
C
67 lines
2.6 KiB
C
/*
|
|
* lock_manager.h: Defines the internal lock manager API
|
|
*
|
|
* Copyright (C) 2010-2011 Red Hat, Inc.
|
|
*
|
|
* This library is free software; you can redistribute it and/or
|
|
* modify it under the terms of the GNU Lesser General Public
|
|
* License as published by the Free Software Foundation; either
|
|
* version 2.1 of the License, or (at your option) any later version.
|
|
*
|
|
* This library is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
* Lesser General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU Lesser General Public
|
|
* License along with this library; if not, write to the Free Software
|
|
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
|
*
|
|
*/
|
|
|
|
#ifndef __VIR_LOCK_MANAGER_H__
|
|
# define __VIR_LOCK_MANAGER_H__
|
|
|
|
# include "internal.h"
|
|
# include "lock_driver.h"
|
|
|
|
typedef struct _virLockManagerPlugin virLockManagerPlugin;
|
|
typedef virLockManagerPlugin *virLockManagerPluginPtr;
|
|
|
|
virLockManagerPluginPtr virLockManagerPluginNew(const char *name,
|
|
unsigned int flags);
|
|
void virLockManagerPluginRef(virLockManagerPluginPtr plugin);
|
|
void virLockManagerPluginUnref(virLockManagerPluginPtr plugin);
|
|
|
|
const char *virLockManagerPluginGetName(virLockManagerPluginPtr plugin);
|
|
bool virLockManagerPluginUsesState(virLockManagerPluginPtr plugin);
|
|
|
|
|
|
virLockManagerPtr virLockManagerNew(virLockManagerPluginPtr plugin,
|
|
unsigned int type,
|
|
size_t nparams,
|
|
virLockManagerParamPtr params,
|
|
unsigned int flags);
|
|
|
|
int virLockManagerAddResource(virLockManagerPtr manager,
|
|
unsigned int type,
|
|
const char *name,
|
|
size_t nparams,
|
|
virLockManagerParamPtr params,
|
|
unsigned int flags);
|
|
|
|
int virLockManagerAcquire(virLockManagerPtr manager,
|
|
const char *state,
|
|
unsigned int flags,
|
|
int *fd);
|
|
int virLockManagerRelease(virLockManagerPtr manager,
|
|
char **state,
|
|
unsigned int flags);
|
|
int virLockManagerInquire(virLockManagerPtr manager,
|
|
char **state,
|
|
unsigned int flags);
|
|
|
|
int virLockManagerFree(virLockManagerPtr manager);
|
|
|
|
#endif /* __VIR_LOCK_MANAGER_H__ */
|