These procedures will be used to store and bring back security labels. So far, the idea is that tuple (path, model, label) is enough. Well, certainly for DAC and SELinux. The functions are: VIR_LOCK_SPACE_PROTOCOL_PROC_REMEMBER_SECLABEL VIR_LOCK_SPACE_PROTOCOL_PROC_RECALL_SECLABEL Yeah, they really need that VIR_LOCK_SPACE_PROTOCOL_PROC prefix due to way we call gendispatch.pl. So the former will take the whole tuple and remember it. The latter will then take just pair of (path, model) and return label stored previously. Moreover, the return value of recall will be important: value greater than zero means @path is still in use, don't relabel it. Value of zero means @path is no longer used, and a negative value means an error (e.g. @path not found, OOM, etc.). Signed-off-by: Michal Privoznik <mprivozn@xxxxxxxxxx> --- src/lock_protocol-structs | 15 +++++++++++++++ src/locking/lock_daemon_dispatch.c | 21 +++++++++++++++++++++ src/locking/lock_protocol.x | 29 ++++++++++++++++++++++++++++- 3 files changed, 64 insertions(+), 1 deletion(-) diff --git a/src/lock_protocol-structs b/src/lock_protocol-structs index 8e8b84f..c45086b 100644 --- a/src/lock_protocol-structs +++ b/src/lock_protocol-structs @@ -43,6 +43,19 @@ struct virLockSpaceProtocolReleaseResourceArgs { struct virLockSpaceProtocolCreateLockSpaceArgs { virLockSpaceProtocolNonNullString path; }; +struct virLockSpaceProtocolRememberSeclabelArgs { + virLockSpaceProtocolNonNullString model; + virLockSpaceProtocolNonNullString path; + virLockSpaceProtocolNonNullString label; +}; +struct virLockSpaceProtocolRecallSeclabelArgs { + virLockSpaceProtocolNonNullString model; + virLockSpaceProtocolNonNullString path; +}; +struct virLockSpaceProtocolRecallSeclabelRet { + virLockSpaceProtocolString label; + u_int ret; +}; enum virLockSpaceProtocolProcedure { VIR_LOCK_SPACE_PROTOCOL_PROC_REGISTER = 1, VIR_LOCK_SPACE_PROTOCOL_PROC_RESTRICT = 2, @@ -52,4 +65,6 @@ enum virLockSpaceProtocolProcedure { VIR_LOCK_SPACE_PROTOCOL_PROC_ACQUIRE_RESOURCE = 6, VIR_LOCK_SPACE_PROTOCOL_PROC_RELEASE_RESOURCE = 7, VIR_LOCK_SPACE_PROTOCOL_PROC_CREATE_LOCKSPACE = 8, + VIR_LOCK_SPACE_PROTOCOL_PROC_REMEMBER_SECLABEL = 9, + VIR_LOCK_SPACE_PROTOCOL_PROC_RECALL_SECLABEL = 10, }; diff --git a/src/locking/lock_daemon_dispatch.c b/src/locking/lock_daemon_dispatch.c index 1b479db..2d0bd81 100644 --- a/src/locking/lock_daemon_dispatch.c +++ b/src/locking/lock_daemon_dispatch.c @@ -430,3 +430,24 @@ virLockSpaceProtocolDispatchCreateLockSpace(virNetServerPtr server ATTRIBUTE_UNU virMutexUnlock(&priv->lock); return rv; } + +static int +virLockSpaceProtocolDispatchRememberSeclabel(virNetServerPtr server ATTRIBUTE_UNUSED, + virNetServerClientPtr client ATTRIBUTE_UNUSED, + virNetMessagePtr msg ATTRIBUTE_UNUSED, + virNetMessageErrorPtr rerr ATTRIBUTE_UNUSED, + virLockSpaceProtocolRememberSeclabelArgs *args ATTRIBUTE_UNUSED) +{ + return 0; +} + +static int +virLockSpaceProtocolDispatchRecallSeclabel(virNetServerPtr server ATTRIBUTE_UNUSED, + virNetServerClientPtr client ATTRIBUTE_UNUSED, + virNetMessagePtr msg ATTRIBUTE_UNUSED, + virNetMessageErrorPtr rerr ATTRIBUTE_UNUSED, + virLockSpaceProtocolRecallSeclabelArgs *args ATTRIBUTE_UNUSED, + virLockSpaceProtocolRecallSeclabelRet *ret ATTRIBUTE_UNUSED) +{ + return 0; +} diff --git a/src/locking/lock_protocol.x b/src/locking/lock_protocol.x index a77a784..bac4f0c 100644 --- a/src/locking/lock_protocol.x +++ b/src/locking/lock_protocol.x @@ -71,6 +71,21 @@ struct virLockSpaceProtocolCreateLockSpaceArgs { virLockSpaceProtocolNonNullString path; }; +struct virLockSpaceProtocolRememberSeclabelArgs { + virLockSpaceProtocolNonNullString model; + virLockSpaceProtocolNonNullString path; + virLockSpaceProtocolNonNullString label; +}; + +struct virLockSpaceProtocolRecallSeclabelArgs { + virLockSpaceProtocolNonNullString model; + virLockSpaceProtocolNonNullString path; +}; + +struct virLockSpaceProtocolRecallSeclabelRet { + virLockSpaceProtocolString label; + unsigned int ret; +}; /* Define the program number, protocol version and procedure numbers here. */ const VIR_LOCK_SPACE_PROTOCOL_PROGRAM = 0xEA7BEEF; @@ -149,5 +164,17 @@ enum virLockSpaceProtocolProcedure { * @generate: none * @acl: none */ - VIR_LOCK_SPACE_PROTOCOL_PROC_CREATE_LOCKSPACE = 8 + VIR_LOCK_SPACE_PROTOCOL_PROC_CREATE_LOCKSPACE = 8, + + /** + * @generate: none + * @acl: none + */ + VIR_LOCK_SPACE_PROTOCOL_PROC_REMEMBER_SECLABEL = 9, + + /** + * @generate: none + * @acl: none + */ + VIR_LOCK_SPACE_PROTOCOL_PROC_RECALL_SECLABEL = 10 }; -- 2.4.9 -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list