[libvirt] [PATCH v3 1/2] security: add new internal function "virSecurityManagerGetBaseLabel"
Daniel P. Berrange
berrange at redhat.com
Thu Oct 17 13:13:50 UTC 2013
On Fri, Sep 06, 2013 at 06:29:55PM +0200, Giuseppe Scrivano wrote:
> virSecurityManagerGetBaseLabel queries the default settings used by
> a security model.
>
> Signed-off-by: Giuseppe Scrivano <gscrivan at redhat.com>
> ---
> src/libvirt_private.syms | 1 +
> src/security/security_apparmor.c | 8 ++++++++
> src/security/security_dac.c | 34 ++++++++++++++++++++++++----------
> src/security/security_dac.h | 7 +++----
> src/security/security_driver.h | 4 ++++
> src/security/security_manager.c | 22 ++++++++++++++++++++--
> src/security/security_manager.h | 2 ++
> src/security/security_nop.c | 10 ++++++++++
> src/security/security_selinux.c | 12 ++++++++++++
> src/security/security_stack.c | 9 +++++++++
> 10 files changed, 93 insertions(+), 16 deletions(-)
> diff --git a/src/security/security_manager.c b/src/security/security_manager.c
> index 92fb504..c4b8f10 100644
> --- a/src/security/security_manager.c
> +++ b/src/security/security_manager.c
> @@ -273,6 +275,22 @@ virSecurityManagerGetModel(virSecurityManagerPtr mgr)
> return NULL;
> }
>
> +/* return NULL if a base label is not present */
> +const char *
> +virSecurityManagerGetBaseLabel(virSecurityManagerPtr mgr, int virtType)
> +{
> + if (mgr->drv->getBaseLabel) {
> + const char *ret;
> + virObjectLock(mgr);
> + ret = mgr->drv->getBaseLabel(mgr, virtType);
> + virObjectUnlock(mgr);
> + return ret;
> + }
> +
> + virReportError(VIR_ERR_NO_SUPPORT, __FUNCTION__);
> + return NULL;
Per my reply to the 2nd patch, we need to remove thie virReportError
method call. It is valid to not implement this method if no baselabel
is required.
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
More information about the libvir-list
mailing list