[libvirt] [PATCH v1 01/10] locking: Allow seclabel remembering
Daniel P. Berrange
berrange at redhat.com
Fri Sep 19 15:41:50 UTC 2014
On Wed, Sep 10, 2014 at 03:26:07PM +0200, Michal Privoznik wrote:
> To keep original seclabel for files libvirt is touching we need a
> single point where the original seclabels can be stored. Instead
> of inventing a new one we can misuse virtlockd which already has
> nearly all the infrastructure we need. As nice feature, it keeps
> its internal state between virtlockd restarts. Again, it's
> something we are going to need, as we don't want to lose the
> original labels on the lock daemon restart.
>
> In this commit two functions are introduced:
>
> virLockManagerRememberSeclabel that takes three arguments:
>
> path, model and seclabel
>
> where @path is unique identifier for the file we are about to
> label, @model and @seclabel then represents original seclabel.
>
> virLockManagerRecallSeclabel then takes:
>
> path, model, *seclabel
>
> and returns number of references held on @path. If the return
> value is zero, *seclabel contains the original label stored by
> first call of RememberSeclabel(). If a positive value is
> returned, other domains are still using the @path and the
> original label shall not be restored.
> +int virLockManagerRememberSeclabel(virLockManagerPtr lock,
> + const char *path,
> + const char *model,
> + const char *seclabel)
> +{
> + VIR_DEBUG("lock=%p path=%s model=%s seclabel=%s",
> + lock, path, model, seclabel);
> +
> + CHECK_MANAGER(drvRemember, -1);
> +
> + return lock->driver->drvRemember(lock, path, model, seclabel);
> +}
> +
> +int virLockManagerRecallSeclabel(virLockManagerPtr lock,
> + const char *path,
> + const char *model,
> + char **seclabel)
> +{
> + VIR_DEBUG("lock=%p path=%s model=%s seclabel=%p",
> + lock, path, model, seclabel);
> +
> + CHECK_MANAGER(drvRecall, -1);
I thin kwe should do
*seclabel = NULL;
to protect against drivers forgetting todo it
> +
> + return lock->driver->drvRecall(lock, path, model, seclabel);
> +}
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
More information about the libvir-list
mailing list