[libvirt] [PATCH 5/7] Update QEMU driver to support multiple security drivers

Daniel P. Berrange berrange at redhat.com
Mon Jun 11 15:16:57 UTC 2012 

On Mon, May 21, 2012 at 10:39:27AM -0300, Marcelo Cerri wrote:
> ---
>  src/driver.h            |    8 ++-
>  src/qemu/qemu_conf.c    |   33 ++++++++
>  src/qemu/qemu_conf.h    |    1 +
>  src/qemu/qemu_driver.c  |  196 ++++++++++++++++++++++++++++++++++++++---------
>  src/qemu/qemu_process.c |   53 +++++++++----
>  5 files changed, 236 insertions(+), 55 deletions(-)
> 
> diff --git a/src/driver.h b/src/driver.h
> index 03d249b..ca4927f 100644
> --- a/src/driver.h
> +++ b/src/driver.h
> @@ -305,11 +305,14 @@ typedef int
>                                           int maplen);
>  typedef int
>          (*virDrvDomainGetMaxVcpus)	(virDomainPtr domain);
> -
>  typedef int
> -        (*virDrvDomainGetSecurityLabel)	(virDomainPtr domain,
> +        (*virDrvDomainGetSecurityLabel) (virDomainPtr domain,
>                                           virSecurityLabelPtr seclabel);
>  typedef int
> +        (*virDrvDomainGetSecurityLabelList) (virDomainPtr domain,
> +                                         virSecurityLabelPtr seclabels,
> +                                         int nseclabels);
> +typedef int
>          (*virDrvNodeGetSecurityModel)	(virConnectPtr conn,
>                                           virSecurityModelPtr secmodel);
>  typedef int
> @@ -911,6 +914,7 @@ struct _virDriver {
>      virDrvDomainGetVcpus		domainGetVcpus;
>      virDrvDomainGetMaxVcpus		domainGetMaxVcpus;
>      virDrvDomainGetSecurityLabel     domainGetSecurityLabel;
> +    virDrvDomainGetSecurityLabelList     domainGetSecurityLabelList;
>      virDrvNodeGetSecurityModel  nodeGetSecurityModel;
>      virDrvDomainGetXMLDesc		domainGetXMLDesc;
>      virDrvConnectDomainXMLFromNative domainXMLFromNative;

This part should have been in the earlier patch that introduces the new
public API.


> diff --git a/src/qemu/qemu_conf.c b/src/qemu/qemu_conf.c
> index 88a04bc..5cc2071 100644
> --- a/src/qemu/qemu_conf.c
> +++ b/src/qemu/qemu_conf.c
> @@ -202,6 +202,39 @@ int qemudLoadDriverConfig(struct qemud_driver *driver,
>          }
>      }
>  
> +    p = virConfGetValue (conf, "additional_security_drivers");
> +    CHECK_TYPE ("additional_security_driver", VIR_CONF_STRING);

I don't really like this. We currently have a 'security_driver'
parameter, which takes a STRING. We should deprecate the old
parameter and introduce a new parameter 'security_drivers' which
takes a LIST of STRING.

If 'security_drivers' is not set, then look for 'security_driver'
as back-compat and log a warning (VIR_WARN) about its deprecation
and replacement.

Daniel
-- 
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|

More information about the libvir-list mailing list