[java] [PATCH 5/6] Implement Domain.getSecurityLabel and add SecurityLabel class

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



This wraps the native virDomainGetSecurityLabel libvirt function available
since version 0.6.1.
---
 src/main/java/org/libvirt/Domain.java        | 18 ++++++++++
 src/main/java/org/libvirt/SecurityLabel.java | 49 ++++++++++++++++++++++++++++
 src/main/java/org/libvirt/jna/Libvirt.java   | 24 +++++++++++++-
 3 files changed, 90 insertions(+), 1 deletion(-)
 create mode 100644 src/main/java/org/libvirt/SecurityLabel.java

diff --git a/src/main/java/org/libvirt/Domain.java b/src/main/java/org/libvirt/Domain.java
index ed6690c..83a500c 100644
--- a/src/main/java/org/libvirt/Domain.java
+++ b/src/main/java/org/libvirt/Domain.java
@@ -637,6 +637,24 @@ public class Domain {
     }
 
     /**
+     * Get the security label of an active domain.
+     *
+     * @return the SecurityLabel or {@code null} if the domain is not
+     *         running under a security model
+     * @throws LibvirtException
+     */
+    public SecurityLabel getSecurityLabel() throws LibvirtException {
+        Libvirt.SecurityLabel seclabel = new Libvirt.SecurityLabel();
+
+        processError(libvirt.virDomainGetSecurityLabel(this.VDP, seclabel));
+
+        if (seclabel.label[0] == 0)
+            return null;
+        else
+            return new SecurityLabel(seclabel);
+    }
+
+    /**
      * Get the UUID for this domain.
      *
      * @return the UUID as an unpacked int array
diff --git a/src/main/java/org/libvirt/SecurityLabel.java b/src/main/java/org/libvirt/SecurityLabel.java
new file mode 100644
index 0000000..60132ba
--- /dev/null
+++ b/src/main/java/org/libvirt/SecurityLabel.java
@@ -0,0 +1,49 @@
+package org.libvirt;
+
+import org.libvirt.jna.Libvirt;
+import com.sun.jna.Native;
+
+/**
+ * Represents a security label used for mandatory access control.
+ *
+ * @see Domain#getSecurityLabel
+ */
+public final class SecurityLabel {
+    private String label;
+    private boolean enforced;
+    private static byte NUL = 0;
+
+    SecurityLabel(Libvirt.SecurityLabel seclabel) {
+        label = Native.toString(seclabel.label, "UTF-8");
+        enforced = seclabel.enforcing == 1;
+    }
+
+    /**
+     * Returns the label of this SecurityLabel.
+     *
+     * @return the security label string
+     */
+    public String getLabel() {
+        return label;
+    }
+
+    /**
+     * Returns true if the security policy is being enforced.
+     *
+     * @return true if the policy is enforced, false otherwise
+     */
+    public boolean isEnforced() {
+        return enforced;
+    }
+
+    @Override
+    public String toString() {
+        return new StringBuilder()
+            .append("(label=")
+            .append(label)
+            .append(", enforced=")
+            .append(enforced)
+            .append(")")
+            .toString();
+    }
+}
diff --git a/src/main/java/org/libvirt/jna/Libvirt.java b/src/main/java/org/libvirt/jna/Libvirt.java
index 3589525..2958233 100644
--- a/src/main/java/org/libvirt/jna/Libvirt.java
+++ b/src/main/java/org/libvirt/jna/Libvirt.java
@@ -8,9 +8,13 @@ import com.sun.jna.Native;
 import com.sun.jna.NativeLong;
 import com.sun.jna.Platform;
 import com.sun.jna.Pointer;
+import com.sun.jna.Structure;
 import com.sun.jna.ptr.IntByReference;
 import com.sun.jna.ptr.LongByReference;
 
+import java.util.Arrays;
+import java.util.List;
+
 /**
  * The libvirt interface which is exposed via JNA. The complete API is
  * documented at http://www.libvirt.org/html/libvirt-libvirt.html.
@@ -36,7 +40,6 @@ import com.sun.jna.ptr.LongByReference;
  * LIBVIRT_0.6.1
  * virFreeError
  * virSaveLastError
- * virDomainGetSecurityLabel;
  * virNodeGetSecurityModel;
  *
  * LIBVIRT_0.6.4
@@ -152,6 +155,24 @@ public interface Libvirt extends Library {
     // Connection Functions
     CString virConnectBaselineCPU(ConnectionPointer virConnectPtr, String[] xmlCPUs, int ncpus, int flags);
 
+    ///
+    /// Structure definitions
+    ///
+
+    static class SecurityLabel extends Structure {
+        private static final int VIR_SECURITY_LABEL_BUFLEN = 4096 + 1;
+        private static final List<String> fields = Arrays.asList("label", "enforcing");
+
+        public byte label[] = new byte[VIR_SECURITY_LABEL_BUFLEN];
+        public int enforcing;
+
+        @Override
+        protected List<String> getFieldOrder() {
+            return fields;
+        }
+    };
+
+
     /**
      * @deprecated as of libvirt 0.6.0, all errors reported in the
      * per-connection object are also duplicated in the global error
@@ -265,6 +286,7 @@ public interface Libvirt extends Library {
     int virDomainGetSchedulerParameters(DomainPointer virDomainPtr, virSchedParameter[] params,
             IntByReference nparams);
     CString virDomainGetSchedulerType(DomainPointer virDomainPtr, IntByReference nparams);
+    int virDomainGetSecurityLabel(DomainPointer virDomainPtr, SecurityLabel seclabel);
     int virDomainGetUUID(DomainPointer virDomainPtr, byte[] uuidString);
     int virDomainGetUUIDString(DomainPointer virDomainPtr, byte[] uuidString);
     int virDomainGetVcpus(DomainPointer virDomainPtr, virVcpuInfo[] info, int maxInfo, byte[] cpumaps, int maplen);
-- 
2.2.2

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list




[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]