[PATCH v2 10/10] qemu_hotplug: Relabel memdev

Michal Privoznik <mprivozn@xxxxxxxxxx> · Thu, 11 Aug 2016 15:26:31 +0200

Now that we have APIs for relabel memdevs on hotplug, fill in the
missing implementation in qemu hotplug code.

Signed-off-by: Michal Privoznik <mprivozn@xxxxxxxxxx>
---
 src/qemu/qemu_hotplug.c | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c
index 6ba0b8e..afabbda 100644
--- a/src/qemu/qemu_hotplug.c
+++ b/src/qemu/qemu_hotplug.c
@@ -1861,6 +1861,7 @@ qemuDomainAttachMemory(virQEMUDriverPtr driver,
     int id;
     int ret = -1;
     int rv;
+    bool restoreLabel = false;
 
     qemuDomainMemoryDeviceAlignSize(vm->def, mem);
 
@@ -1893,6 +1894,11 @@ qemuDomainAttachMemory(virQEMUDriverPtr driver,
         goto removedef;
     }
 
+    if (virSecurityManagerSetMemoryLabel(driver->securityManager,
+                                         vm->def, mem) < 0)
+        goto cleanup;
+    restoreLabel = true;
+
     qemuDomainObjEnterMonitor(driver, vm);
     rv = qemuMonitorAddObject(priv->mon, backendType, objalias, props);
     props = NULL; /* qemuMonitorAddObject consumes */
@@ -1945,6 +1951,10 @@ qemuDomainAttachMemory(virQEMUDriverPtr driver,
         mem = NULL;
         goto audit;
     }
+    if (mem && restoreLabel &&
+        virSecurityManagerRestoreMemoryLabel(driver->securityManager,
+                                             vm->def, mem) < 0)
+        VIR_WARN("Unable to restore security label on memdev");
 
  removedef:
     if ((id = virDomainMemoryFindByDef(vm->def, mem)) >= 0)
@@ -3141,6 +3151,10 @@ qemuDomainRemoveMemoryDevice(virQEMUDriverPtr driver,
     if ((idx = virDomainMemoryFindByDef(vm->def, mem)) >= 0)
         virDomainMemoryRemove(vm->def, idx);
 
+    if (virSecurityManagerRestoreMemoryLabel(driver->securityManager,
+                                             vm->def, mem) < 0)
+        VIR_WARN("Unable to restore security label on memdev");
+
     virDomainMemoryDefFree(mem);
 
     /* fix the balloon size */
-- 
2.8.4

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list






