[libvirt] Re: [RFC] sVirt 0.20

James Morris jmorris at namei.org
Wed Dec 17 00:07:16 UTC 2008


On Wed, 17 Dec 2008, James Morris wrote:

> On Mon, 15 Dec 2008, James Morris wrote:
> 
> > On Thu, 11 Dec 2008, Daniel P. Berrange wrote:
> > 
> > 
> > > >   * a virNodeInfo is a structure filled by virNodeGetInfo() and providing
> > > > @@ -504,6 +567,10 @@ int                     virDomainSetMaxMemory   (virDomainPtr domain,
> > > >  int                     virDomainSetMemory      (virDomainPtr domain,
> > > >                                                   unsigned long memory);
> > > >  int                     virDomainGetMaxVcpus    (virDomainPtr domain);
> > > > +int                     virDomainGetSecLabel	(virDomainPtr domain,
> > > > +                                                 virDomainSecLabelPtr seclabel);
> > > > +int                     virDomainGetSecModel	(virDomainPtr domain,
> > > > +                                                virDomainSecModelPtr secmodel);
> > > 
> > > I'm leaning two ways on this. On the one hand I could see the
> > > virDomainGetSecModel being done against the node to match the
> > > fact that we record it in the node capabilities XML, so perhaps
> > > virNodeGetSecurityModel(virConnectPtr).
> > 
> > Actually, this is a call to get the node information, so I think the name 
> > should be changed.
> 
> Btw, is 'Node' the correct placement for this information?  IIUC, a node 
> is the physical system, whereas, the security model is a property of the 
> hypervisor, and there can be multiple hypervisors running on a node.
> 

So, what we need is perhaps virConnectGetSecurityModel() ?


-- 
James Morris
<jmorris at namei.org>




More information about the libvir-list mailing list