Jamie Strandboge wrote: > On Tue, 08 Sep 2009, Jamie Strandboge wrote: > >>> [PATCH 1*] >>> patch_1a_reenable-nonfile-labels.patch: >>> When James Morris originally submitted his sVirt patches (as seen in >>> libvirt 0.6.1), he did not require on disk labelling for >>> virSecurityDomainRestoreImageLabel. A later commit[2] changed this >>> behavior to assume on disk labelling, which halts implementations for >>> path-based MAC systems such as AppArmor and TOMOYO where >>> vm->def->seclabel is required to obtain the label. This patch simply >>> adds the 'virDomainObjPtr vm' argument back to *RestoreImageLabel. >>> >>> patch_1b_optional.patch: >>> Due to the above change, 'make syntax-check' fails because >>> SELinuxRestoreSecurityImageLabel() does not use the 'virDomainObjPtr >>> vm'. patch_1b_optional.patch is a simple patch to fix this by checking >>> if vm->def->seclabel == NULL and returns with error if it does. I >>> realize this may not be desired in the long term, but it should be >>> harmless enough to include. >>> It looks fine, except instead of using the optional patch, just use "ATTRIBUTE_UNUSED" instead. (Oh, I see danpb gave you the same feedback :). -- Chris Lalancette -- Libvir-list mailing list Libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list