[PATCH 2/9] security: add virSecurityManagerUpdateImageLabel
Peng Liang
liangpeng10 at huawei.com
Thu Sep 9 11:45:23 UTC 2021
On 9/9/2021 7:01 PM, Michal Prívozník wrote:
> On 8/23/21 4:41 AM, Peng Liang wrote:
>> Signed-off-by: Peng Liang <liangpeng10 at huawei.com>
>> ---
>> src/libvirt_private.syms | 1 +
>> src/security/security_driver.h | 5 +++++
>> src/security/security_manager.c | 29 +++++++++++++++++++++++++++++
>> src/security/security_manager.h | 5 +++++
>> 4 files changed, 40 insertions(+)
>>
>
>
>> diff --git a/src/security/security_manager.c b/src/security/security_manager.c
>> index 9906c1691d0f..b580704d3abf 100644
>> --- a/src/security/security_manager.c
>> +++ b/src/security/security_manager.c
>> @@ -476,6 +476,35 @@ virSecurityManagerMoveImageMetadata(virSecurityManager *mgr,
>> }
>>
>>
>> +/**
>> + * virSecurityManagerUpdateImageLabel:
>> + * @mgr: security manager object
>> + * @vm: domain definition object
>> + * @src: disk source definition to operate on
>> + * @flags: bitwise or of 'virSecurityDomainImageLabelFlags'
>> + *
>> + * Update security label from @src according to @flags.
>> + *
>> + * Returns: 0 on success, -1 on error.
>> + */
>> +int
>> +virSecurityManagerUpdateImageLabel(virSecurityManager *mgr,
>> + virDomainDef *vm,
>> + virStorageSource *src,
>> + virSecurityDomainImageLabelFlags flags)
>> +{
>> + if (mgr->drv->domainUpdateSecurityImageLabel) {
>> + int ret;
>> + virObjectLock(mgr);
>> + ret = mgr->drv->domainUpdateSecurityImageLabel(mgr, vm, src, flags);
>> + virObjectUnlock(mgr);
>> + return ret;
>> + }
>> +
>> + return 0;
>> +}
>> +
>> +
>
> Is there a reason why this needs to be inside virSecurityManager? We
> already have virSecurityMoveRememberedLabel() that lives outside of it,
> in security_util.c and conceptually this function belongs there.
>
> Michal
>
> .
>
Maybe all security managers' labels need to be updated during migration,
so I add it here.
Thanks,
Peng
More information about the libvir-list
mailing list