[PATCH 3/9] security: implement domainUpdateSecurityImageLabel for stack

Peng Liang liangpeng10 at huawei.com
Mon Aug 23 02:41:14 UTC 2021


Signed-off-by: Peng Liang <liangpeng10 at huawei.com>
---
 src/security/security_stack.c | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/src/security/security_stack.c b/src/security/security_stack.c
index f7a9ed1e33a3..490238a92511 100644
--- a/src/security/security_stack.c
+++ b/src/security/security_stack.c
@@ -706,6 +706,25 @@ virSecurityStackMoveImageMetadata(virSecurityManager *mgr,
     return rc;
 }
 
+static int
+virSecurityStackUpdateImageLabel(virSecurityManager *mgr,
+                                 virDomainDef *vm,
+                                 virStorageSource *src,
+                                 virSecurityDomainImageLabelFlags flags)
+{
+    virSecurityStackData *priv = virSecurityManagerGetPrivateData(mgr);
+    virSecurityStackItem *item = priv->itemsHead;
+    int rc = 0;
+
+    for (; item; item = item->next) {
+        if (virSecurityManagerUpdateImageLabel(item->securityManager,
+                                               vm, src, flags) < 0)
+            rc = -1;
+    }
+
+    return rc;
+}
+
 static int
 virSecurityStackSetMemoryLabel(virSecurityManager *mgr,
                                virDomainDef *vm,
@@ -984,6 +1003,7 @@ virSecurityDriver virSecurityDriverStack = {
     .domainSetSecurityImageLabel        = virSecurityStackSetImageLabel,
     .domainRestoreSecurityImageLabel    = virSecurityStackRestoreImageLabel,
     .domainMoveImageMetadata            = virSecurityStackMoveImageMetadata,
+    .domainUpdateSecurityImageLabel     = virSecurityStackUpdateImageLabel,
 
     .domainSetSecurityMemoryLabel       = virSecurityStackSetMemoryLabel,
     .domainRestoreSecurityMemoryLabel   = virSecurityStackRestoreMemoryLabel,
-- 
2.31.1





More information about the libvir-list mailing list