[libvirt] [PATCH v2] qemu: Correctly label migration TCP socket passed to qemu

Thu Aug 25 16:16:17 UTC 2011

---
Notes:
    Version 2:
    - use virSecurityManagerSetProcessFDLabel instead of
      virSecurityManagerSetImageFDLabel since the correct label for
      TCP sockets appears to be svirt_t and not svirt_image_t

 src/qemu/qemu_migration.c |    9 ++++++---
 1 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/src/qemu/qemu_migration.c b/src/qemu/qemu_migration.c
index a84faf6..8e24199 100644
--- a/src/qemu/qemu_migration.c
+++ b/src/qemu/qemu_migration.c
@@ -1484,9 +1484,12 @@ qemuMigrationRun(struct qemud_driver *driver,
     case MIGRATION_DEST_FD:
         if (spec->fwdType != MIGRATION_FWD_DIRECT)
             fd = spec->dest.fd.local;
-        ret = qemuMonitorMigrateToFd(priv->mon, migrate_flags,
-                                     spec->dest.fd.qemu);
-        VIR_FORCE_CLOSE(spec->dest.fd.qemu);
+        if (virSecurityManagerSetProcessFDLabel(driver->securityManager, vm,
+                                                spec->dest.fd.qemu) == 0) {
+            ret = qemuMonitorMigrateToFd(priv->mon, migrate_flags,
+                                         spec->dest.fd.qemu);
+            VIR_FORCE_CLOSE(spec->dest.fd.qemu);
+        }
         break;
     }
     qemuDomainObjExitMonitorWithDriver(driver, vm);
-- 
1.7.6.1


