[libvirt] [PATCH libvirt-glib 6/5] Add support for setting security labels
Daniel P. Berrange
berrange at redhat.com
Wed Nov 30 17:09:50 UTC 2011
From: "Daniel P. Berrange" <berrange at redhat.com>
Add support for the <seclabel> element via a new object
GVirConfigDomainSeclabel.
* libvirt-gconfig-domain-seclabel.c, libvirt-gconfig-domain-seclabel.h,
Makefile.am, libvirt-gconfig.h, libvirt-gconfig.sym: New objects
* libvirt-gconfig-domain.c, libvirt-gconfig-domain.h: API to
associate seclabel with an domain
---
libvirt-gconfig/Makefile.am | 2 +
libvirt-gconfig/libvirt-gconfig-domain-seclabel.c | 113 +++++++++++++++++++++
libvirt-gconfig/libvirt-gconfig-domain-seclabel.h | 76 ++++++++++++++
libvirt-gconfig/libvirt-gconfig-domain.c | 10 ++
libvirt-gconfig/libvirt-gconfig-domain.h | 2 +
libvirt-gconfig/libvirt-gconfig.h | 1 +
libvirt-gconfig/libvirt-gconfig.sym | 10 ++
7 files changed, 214 insertions(+), 0 deletions(-)
create mode 100644 libvirt-gconfig/libvirt-gconfig-domain-seclabel.c
create mode 100644 libvirt-gconfig/libvirt-gconfig-domain-seclabel.h
diff --git a/libvirt-gconfig/Makefile.am b/libvirt-gconfig/Makefile.am
index 7c9e8c0..ddae5fa 100644
--- a/libvirt-gconfig/Makefile.am
+++ b/libvirt-gconfig/Makefile.am
@@ -25,6 +25,7 @@ GCONFIG_HEADER_FILES = \
libvirt-gconfig-domain-interface.h \
libvirt-gconfig-domain-interface-network.h \
libvirt-gconfig-domain-os.h \
+ libvirt-gconfig-domain-seclabel.h \
libvirt-gconfig-domain-snapshot.h \
libvirt-gconfig-domain-timer.h \
libvirt-gconfig-domain-video.h \
@@ -57,6 +58,7 @@ GCONFIG_SOURCE_FILES = \
libvirt-gconfig-domain-interface.c \
libvirt-gconfig-domain-interface-network.c \
libvirt-gconfig-domain-os.c \
+ libvirt-gconfig-domain-seclabel.c \
libvirt-gconfig-domain-snapshot.c \
libvirt-gconfig-domain-timer.c \
libvirt-gconfig-domain-video.c \
diff --git a/libvirt-gconfig/libvirt-gconfig-domain-seclabel.c b/libvirt-gconfig/libvirt-gconfig-domain-seclabel.c
new file mode 100644
index 0000000..61fbb48
--- /dev/null
+++ b/libvirt-gconfig/libvirt-gconfig-domain-seclabel.c
@@ -0,0 +1,113 @@
+/*
+ * libvirt-gobject-config-domain-seclabel.c: libvirt glib integration
+ *
+ * Copyright (C) 2011 Red Hat
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPSECLABELE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Bseclabelton, MA 02111-1307 USA
+ *
+ * Author: Christophe Fergeau <cfergeau at gmail.com>
+ */
+
+#include <config.h>
+
+#include <string.h>
+
+#include <libxml/tree.h>
+
+#include "libvirt-gconfig/libvirt-gconfig.h"
+#include "libvirt-gconfig/libvirt-gconfig-helpers-private.h"
+#include "libvirt-gconfig/libvirt-gconfig-object-private.h"
+
+#define GVIR_CONFIG_DOMAIN_SECLABEL_GET_PRIVATE(obj) \
+ (G_TYPE_INSTANCE_GET_PRIVATE((obj), GVIR_TYPE_CONFIG_DOMAIN_SECLABEL, GVirConfigDomainSeclabelPrivate))
+
+struct _GVirConfigDomainSeclabelPrivate
+{
+ gboolean unused;
+};
+
+G_DEFINE_TYPE(GVirConfigDomainSeclabel, gvir_config_domain_seclabel, GVIR_TYPE_CONFIG_OBJECT);
+
+
+static void gvir_config_domain_seclabel_class_init(GVirConfigDomainSeclabelClass *klass)
+{
+ g_type_class_add_private(klass, sizeof(GVirConfigDomainSeclabelPrivate));
+}
+
+
+static void gvir_config_domain_seclabel_init(GVirConfigDomainSeclabel *seclabel)
+{
+ g_debug("Init GVirConfigDomainSeclabel=%p", seclabel);
+
+ seclabel->priv = GVIR_CONFIG_DOMAIN_SECLABEL_GET_PRIVATE(seclabel);
+}
+
+
+GVirConfigDomainSeclabel *gvir_config_domain_seclabel_new(void)
+{
+ GVirConfigObject *object;
+
+ object = gvir_config_object_new(GVIR_TYPE_CONFIG_DOMAIN_SECLABEL, "seclabel", NULL);
+ return GVIR_CONFIG_DOMAIN_SECLABEL(object);
+}
+
+GVirConfigDomainSeclabel *gvir_config_domain_seclabel_new_from_xml(const gchar *xml, GError **error)
+{
+ GVirConfigObject *object;
+
+ object = gvir_config_object_new_from_xml(GVIR_TYPE_CONFIG_DOMAIN_SECLABEL, "seclabel",
+ NULL, xml, error);
+ return GVIR_CONFIG_DOMAIN_SECLABEL(object);
+}
+
+void gvir_config_domain_seclabel_set_type(GVirConfigDomainSeclabel *seclabel,
+ GVirConfigDomainSeclabelType type)
+{
+ g_return_if_fail(GVIR_IS_CONFIG_DOMAIN_SECLABEL(seclabel));
+
+ gvir_config_object_set_attribute_with_type(GVIR_CONFIG_OBJECT(seclabel),
+ "type",
+ GVIR_TYPE_CONFIG_DOMAIN_SECLABEL_TYPE,
+ type, NULL);
+}
+
+void gvir_config_domain_seclabel_set_model(GVirConfigDomainSeclabel *seclabel,
+ const gchar *model)
+{
+ g_return_if_fail(GVIR_IS_CONFIG_DOMAIN_SECLABEL(seclabel));
+
+ gvir_config_object_set_attribute(GVIR_CONFIG_OBJECT(seclabel),
+ "model", model,
+ NULL);
+
+}
+
+void gvir_config_domain_seclabel_set_baselabel(GVirConfigDomainSeclabel *seclabel,
+ const char *label)
+{
+ g_return_if_fail(GVIR_IS_CONFIG_DOMAIN_SECLABEL(seclabel));
+
+ gvir_config_object_set_node_content(GVIR_CONFIG_OBJECT(seclabel),
+ "baselabel", label);
+}
+
+void gvir_config_domain_seclabel_set_label(GVirConfigDomainSeclabel *seclabel,
+ const char *label)
+{
+ g_return_if_fail(GVIR_IS_CONFIG_DOMAIN_SECLABEL(seclabel));
+
+ gvir_config_object_set_node_content(GVIR_CONFIG_OBJECT(seclabel),
+ "label", label);
+}
diff --git a/libvirt-gconfig/libvirt-gconfig-domain-seclabel.h b/libvirt-gconfig/libvirt-gconfig-domain-seclabel.h
new file mode 100644
index 0000000..cfa37a1
--- /dev/null
+++ b/libvirt-gconfig/libvirt-gconfig-domain-seclabel.h
@@ -0,0 +1,76 @@
+/*
+ * libvirt-gobject-domain-seclabel.c: libvirt gobject integration
+ *
+ * Copyright (C) 2011 Red Hat
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPSECLABELE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Bseclabelton, MA 02111-1307 USA
+ *
+ * Author: Christophe Fergeau <cfergeau at gmail.com>
+ */
+
+#if !defined(__LIBVIRT_GCONFIG_H__) && !defined(LIBVIRT_GCONFIG_BUILD)
+#error "Only <libvirt-gconfig/libvirt-gconfig.h> can be included directly."
+#endif
+
+#ifndef __LIBVIRT_GCONFIG_DOMAIN_SECLABEL_H__
+#define __LIBVIRT_GCONFIG_DOMAIN_SECLABEL_H__
+
+G_BEGIN_DECLS
+
+#define GVIR_TYPE_CONFIG_DOMAIN_SECLABEL (gvir_config_domain_seclabel_get_type ())
+#define GVIR_CONFIG_DOMAIN_SECLABEL(obj) (G_TYPE_CHECK_INSTANCE_CAST ((obj), GVIR_TYPE_CONFIG_DOMAIN_SECLABEL, GVirConfigDomainSeclabel))
+#define GVIR_CONFIG_DOMAIN_SECLABEL_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST ((klass), GVIR_TYPE_CONFIG_DOMAIN_SECLABEL, GVirConfigDomainSeclabelClass))
+#define GVIR_IS_CONFIG_DOMAIN_SECLABEL(obj) (G_TYPE_CHECK_INSTANCE_TYPE ((obj), GVIR_TYPE_CONFIG_DOMAIN_SECLABEL))
+#define GVIR_IS_CONFIG_DOMAIN_SECLABEL_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE ((klass), GVIR_TYPE_CONFIG_DOMAIN_SECLABEL))
+#define GVIR_CONFIG_DOMAIN_SECLABEL_GET_CLASS(obj) (G_TYPE_INSTANCE_GET_CLASS ((obj), GVIR_TYPE_CONFIG_DOMAIN_SECLABEL, GVirConfigDomainSeclabelClass))
+
+typedef struct _GVirConfigDomainSeclabel GVirConfigDomainSeclabel;
+typedef struct _GVirConfigDomainSeclabelPrivate GVirConfigDomainSeclabelPrivate;
+typedef struct _GVirConfigDomainSeclabelClass GVirConfigDomainSeclabelClass;
+
+struct _GVirConfigDomainSeclabel
+{
+ GVirConfigObject parent;
+
+ GVirConfigDomainSeclabelPrivate *priv;
+
+ /* Do not add fields to this struct */
+};
+
+struct _GVirConfigDomainSeclabelClass
+{
+ GVirConfigObjectClass parent_class;
+
+ gpointer padding[20];
+};
+
+typedef enum {
+ GVIR_CONFIG_DOMAIN_SECLABEL_TYPE_DYNAMIC,
+ GVIR_CONFIG_DOMAIN_SECLABEL_TYPE_STATIC
+} GVirConfigDomainSeclabelType;
+
+GType gvir_config_domain_seclabel_get_type(void);
+
+GVirConfigDomainSeclabel *gvir_config_domain_seclabel_new(void);
+GVirConfigDomainSeclabel *gvir_config_domain_seclabel_new_from_xml(const gchar *xml, GError **error);
+
+void gvir_config_domain_seclabel_set_type(GVirConfigDomainSeclabel *seclabel, GVirConfigDomainSeclabelType type);
+void gvir_config_domain_seclabel_set_model(GVirConfigDomainSeclabel *seclabel, const gchar *model);
+void gvir_config_domain_seclabel_set_baselabel(GVirConfigDomainSeclabel *seclabel, const gchar *label);
+void gvir_config_domain_seclabel_set_label(GVirConfigDomainSeclabel *seclabel, const gchar *label);
+
+G_END_DECLS
+
+#endif /* __LIBVIRT_GCONFIG_DOMAIN_SECLABEL_H__ */
diff --git a/libvirt-gconfig/libvirt-gconfig-domain.c b/libvirt-gconfig/libvirt-gconfig-domain.c
index 8fb1a2b..d83baea 100644
--- a/libvirt-gconfig/libvirt-gconfig-domain.c
+++ b/libvirt-gconfig/libvirt-gconfig-domain.c
@@ -298,6 +298,16 @@ void gvir_config_domain_set_os(GVirConfigDomain *domain,
GVIR_CONFIG_OBJECT(os));
}
+void gvir_config_domain_set_seclabel(GVirConfigDomain *domain,
+ GVirConfigDomainSeclabel *seclabel)
+{
+ g_return_if_fail(GVIR_IS_CONFIG_DOMAIN(domain));
+ g_return_if_fail(GVIR_IS_CONFIG_DOMAIN_SECLABEL(seclabel));
+
+ gvir_config_object_attach(GVIR_CONFIG_OBJECT(domain),
+ GVIR_CONFIG_OBJECT(seclabel));
+}
+
/**
* gvir_config_domain_set_devices:
* @devices: (in) (element-type LibvirtGConfig.DomainDevice):
diff --git a/libvirt-gconfig/libvirt-gconfig-domain.h b/libvirt-gconfig/libvirt-gconfig-domain.h
index c97ff46..6d4195f 100644
--- a/libvirt-gconfig/libvirt-gconfig-domain.h
+++ b/libvirt-gconfig/libvirt-gconfig-domain.h
@@ -87,6 +87,8 @@ void gvir_config_domain_set_clock(GVirConfigDomain *domain,
GVirConfigDomainClock *klock);
void gvir_config_domain_set_os(GVirConfigDomain *domain,
GVirConfigDomainOs *os);
+void gvir_config_domain_set_seclabel(GVirConfigDomain *domain,
+ GVirConfigDomainSeclabel *seclabel);
void gvir_config_domain_set_devices(GVirConfigDomain *domain,
GList *devices);
void gvir_config_domain_add_device(GVirConfigDomain *domain,
diff --git a/libvirt-gconfig/libvirt-gconfig.h b/libvirt-gconfig/libvirt-gconfig.h
index 80ca6f1..ed44682 100644
--- a/libvirt-gconfig/libvirt-gconfig.h
+++ b/libvirt-gconfig/libvirt-gconfig.h
@@ -41,6 +41,7 @@
#include <libvirt-gconfig/libvirt-gconfig-domain-interface.h>
#include <libvirt-gconfig/libvirt-gconfig-domain-interface-network.h>
#include <libvirt-gconfig/libvirt-gconfig-domain-os.h>
+#include <libvirt-gconfig/libvirt-gconfig-domain-seclabel.h>
#include <libvirt-gconfig/libvirt-gconfig-domain-snapshot.h>
#include <libvirt-gconfig/libvirt-gconfig-domain-timer.h>
#include <libvirt-gconfig/libvirt-gconfig-domain-video.h>
diff --git a/libvirt-gconfig/libvirt-gconfig.sym b/libvirt-gconfig/libvirt-gconfig.sym
index 9236101..b222783 100644
--- a/libvirt-gconfig/libvirt-gconfig.sym
+++ b/libvirt-gconfig/libvirt-gconfig.sym
@@ -19,6 +19,7 @@ LIBVIRT_GCONFIG_0.0.1 {
gvir_config_domain_get_name;
gvir_config_domain_set_name;
gvir_config_domain_set_os;
+ gvir_config_domain_set_seclabel;
gvir_config_domain_get_vcpus;
gvir_config_domain_set_vcpus;
gvir_config_domain_get_virt_type;
@@ -119,6 +120,15 @@ LIBVIRT_GCONFIG_0.0.1 {
gvir_config_domain_snapshot_new;
gvir_config_domain_snapshot_new_from_xml;
+ gvir_config_domain_seclabel_get_type;
+ gvir_config_domain_seclabel_type_get_type;
+ gvir_config_domain_seclabel_new;
+ gvir_config_domain_seclabel_new_from_xml;
+ gvir_config_domain_seclabel_set_type;
+ gvir_config_domain_seclabel_set_model;
+ gvir_config_domain_seclabel_set_baselabel;
+ gvir_config_domain_seclabel_set_label;
+
gvir_config_domain_timer_get_type;
gvir_config_domain_timer_new;
gvir_config_domain_timer_new_from_xml;
--
1.7.6.4
More information about the libvir-list
mailing list