[PATCH libvirt-glib v2 6/8] Add support for setting security labels

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

From: "Daniel P. Berrange" <berrange@xxxxxxxxxx>

Add support for the <seclabel> element via a new object
GVirConfigDomainSeclabel.

* libvirt-gconfig-domain-seclabel.c, libvirt-gconfig-domain-seclabel.h,
  Makefile.am, libvirt-gconfig.h, libvirt-gconfig.sym: New objects
* libvirt-gconfig-domain.c, libvirt-gconfig-domain.h: API to
  associate seclabel with an domain
---
 libvirt-gconfig/Makefile.am                       |    2 +
 libvirt-gconfig/libvirt-gconfig-domain-seclabel.c |  111 +++++++++++++++++++++
 libvirt-gconfig/libvirt-gconfig-domain-seclabel.h |   76 ++++++++++++++
 libvirt-gconfig/libvirt-gconfig-domain.c          |   10 ++
 libvirt-gconfig/libvirt-gconfig-domain.h          |    3 +
 libvirt-gconfig/libvirt-gconfig.h                 |    1 +
 libvirt-gconfig/libvirt-gconfig.sym               |   10 ++
 7 files changed, 213 insertions(+), 0 deletions(-)
 create mode 100644 libvirt-gconfig/libvirt-gconfig-domain-seclabel.c
 create mode 100644 libvirt-gconfig/libvirt-gconfig-domain-seclabel.h

diff --git a/libvirt-gconfig/Makefile.am b/libvirt-gconfig/Makefile.am
index 7c9e8c0..ddae5fa 100644
--- a/libvirt-gconfig/Makefile.am
+++ b/libvirt-gconfig/Makefile.am
@@ -25,6 +25,7 @@ GCONFIG_HEADER_FILES = \
 			libvirt-gconfig-domain-interface.h \
 			libvirt-gconfig-domain-interface-network.h \
 			libvirt-gconfig-domain-os.h \
+			libvirt-gconfig-domain-seclabel.h \
 			libvirt-gconfig-domain-snapshot.h \
 			libvirt-gconfig-domain-timer.h \
 			libvirt-gconfig-domain-video.h \
@@ -57,6 +58,7 @@ GCONFIG_SOURCE_FILES = \
 			libvirt-gconfig-domain-interface.c \
 			libvirt-gconfig-domain-interface-network.c \
 			libvirt-gconfig-domain-os.c \
+			libvirt-gconfig-domain-seclabel.c \
 			libvirt-gconfig-domain-snapshot.c \
 			libvirt-gconfig-domain-timer.c \
 			libvirt-gconfig-domain-video.c \
diff --git a/libvirt-gconfig/libvirt-gconfig-domain-seclabel.c b/libvirt-gconfig/libvirt-gconfig-domain-seclabel.c
new file mode 100644
index 0000000..22508e9
--- /dev/null
+++ b/libvirt-gconfig/libvirt-gconfig-domain-seclabel.c
@@ -0,0 +1,111 @@
+/*
+ * libvirt-gconfig-domain-seclabel.c: libvirt glib integration
+ *
+ * Copyright (C) 2011 Red Hat
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPSECLABELE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Bseclabelton, MA 02111-1307  USA
+ *
+ * Author: Daniel P. Berrange <berrange@xxxxxxxxxx>
+ */
+
+#include <config.h>
+
+#include <string.h>
+
+#include "libvirt-gconfig/libvirt-gconfig.h"
+#include "libvirt-gconfig/libvirt-gconfig-helpers-private.h"
+#include "libvirt-gconfig/libvirt-gconfig-object-private.h"
+
+#define GVIR_CONFIG_DOMAIN_SECLABEL_GET_PRIVATE(obj)                         \
+        (G_TYPE_INSTANCE_GET_PRIVATE((obj), GVIR_TYPE_CONFIG_DOMAIN_SECLABEL, GVirConfigDomainSeclabelPrivate))
+
+struct _GVirConfigDomainSeclabelPrivate
+{
+    gboolean unused;
+};
+
+G_DEFINE_TYPE(GVirConfigDomainSeclabel, gvir_config_domain_seclabel, GVIR_TYPE_CONFIG_OBJECT);
+
+
+static void gvir_config_domain_seclabel_class_init(GVirConfigDomainSeclabelClass *klass)
+{
+    g_type_class_add_private(klass, sizeof(GVirConfigDomainSeclabelPrivate));
+}
+
+
+static void gvir_config_domain_seclabel_init(GVirConfigDomainSeclabel *seclabel)
+{
+    g_debug("Init GVirConfigDomainSeclabel=%p", seclabel);
+
+    seclabel->priv = GVIR_CONFIG_DOMAIN_SECLABEL_GET_PRIVATE(seclabel);
+}
+
+
+GVirConfigDomainSeclabel *gvir_config_domain_seclabel_new(void)
+{
+    GVirConfigObject *object;
+
+    object = gvir_config_object_new(GVIR_TYPE_CONFIG_DOMAIN_SECLABEL, "seclabel", NULL);
+    return GVIR_CONFIG_DOMAIN_SECLABEL(object);
+}
+
+GVirConfigDomainSeclabel *gvir_config_domain_seclabel_new_from_xml(const gchar *xml, GError **error)
+{
+    GVirConfigObject *object;
+
+    object = gvir_config_object_new_from_xml(GVIR_TYPE_CONFIG_DOMAIN_SECLABEL, "seclabel",
+                                             NULL, xml, error);
+    return GVIR_CONFIG_DOMAIN_SECLABEL(object);
+}
+
+void gvir_config_domain_seclabel_set_type(GVirConfigDomainSeclabel *seclabel,
+                                          GVirConfigDomainSeclabelType type)
+{
+    g_return_if_fail(GVIR_IS_CONFIG_DOMAIN_SECLABEL(seclabel));
+
+    gvir_config_object_set_attribute_with_type(GVIR_CONFIG_OBJECT(seclabel),
+                                               "type",
+                                               GVIR_TYPE_CONFIG_DOMAIN_SECLABEL_TYPE,
+                                               type, NULL);
+}
+
+void gvir_config_domain_seclabel_set_model(GVirConfigDomainSeclabel *seclabel,
+                                           const gchar *model)
+{
+    g_return_if_fail(GVIR_IS_CONFIG_DOMAIN_SECLABEL(seclabel));
+
+    gvir_config_object_set_attribute(GVIR_CONFIG_OBJECT(seclabel),
+                                     "model", model,
+                                     NULL);
+
+}
+
+void gvir_config_domain_seclabel_set_baselabel(GVirConfigDomainSeclabel *seclabel,
+                                               const char *label)
+{
+    g_return_if_fail(GVIR_IS_CONFIG_DOMAIN_SECLABEL(seclabel));
+
+    gvir_config_object_set_node_content(GVIR_CONFIG_OBJECT(seclabel),
+                                        "baselabel", label);
+}
+
+void gvir_config_domain_seclabel_set_label(GVirConfigDomainSeclabel *seclabel,
+                                           const char *label)
+{
+    g_return_if_fail(GVIR_IS_CONFIG_DOMAIN_SECLABEL(seclabel));
+
+    gvir_config_object_set_node_content(GVIR_CONFIG_OBJECT(seclabel),
+                                        "label", label);
+}
diff --git a/libvirt-gconfig/libvirt-gconfig-domain-seclabel.h b/libvirt-gconfig/libvirt-gconfig-domain-seclabel.h
new file mode 100644
index 0000000..3aa446c
--- /dev/null
+++ b/libvirt-gconfig/libvirt-gconfig-domain-seclabel.h
@@ -0,0 +1,76 @@
+/*
+ * libvirt-gconfig-domain-seclabel.h: libvirt gobject integration
+ *
+ * Copyright (C) 2011 Red Hat
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA
+ *
+ * Author: Daniel P. Berrange <berrange@xxxxxxxxxx>
+ */
+
+#if !defined(__LIBVIRT_GCONFIG_H__) && !defined(LIBVIRT_GCONFIG_BUILD)
+#error "Only <libvirt-gconfig/libvirt-gconfig.h> can be included directly."
+#endif
+
+#ifndef __LIBVIRT_GCONFIG_DOMAIN_SECLABEL_H__
+#define __LIBVIRT_GCONFIG_DOMAIN_SECLABEL_H__
+
+G_BEGIN_DECLS
+
+#define GVIR_TYPE_CONFIG_DOMAIN_SECLABEL            (gvir_config_domain_seclabel_get_type ())
+#define GVIR_CONFIG_DOMAIN_SECLABEL(obj)            (G_TYPE_CHECK_INSTANCE_CAST ((obj), GVIR_TYPE_CONFIG_DOMAIN_SECLABEL, GVirConfigDomainSeclabel))
+#define GVIR_CONFIG_DOMAIN_SECLABEL_CLASS(klass)    (G_TYPE_CHECK_CLASS_CAST ((klass), GVIR_TYPE_CONFIG_DOMAIN_SECLABEL, GVirConfigDomainSeclabelClass))
+#define GVIR_IS_CONFIG_DOMAIN_SECLABEL(obj)         (G_TYPE_CHECK_INSTANCE_TYPE ((obj), GVIR_TYPE_CONFIG_DOMAIN_SECLABEL))
+#define GVIR_IS_CONFIG_DOMAIN_SECLABEL_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE ((klass), GVIR_TYPE_CONFIG_DOMAIN_SECLABEL))
+#define GVIR_CONFIG_DOMAIN_SECLABEL_GET_CLASS(obj)  (G_TYPE_INSTANCE_GET_CLASS ((obj), GVIR_TYPE_CONFIG_DOMAIN_SECLABEL, GVirConfigDomainSeclabelClass))
+
+typedef struct _GVirConfigDomainSeclabel GVirConfigDomainSeclabel;
+typedef struct _GVirConfigDomainSeclabelPrivate GVirConfigDomainSeclabelPrivate;
+typedef struct _GVirConfigDomainSeclabelClass GVirConfigDomainSeclabelClass;
+
+struct _GVirConfigDomainSeclabel
+{
+    GVirConfigObject parent;
+
+    GVirConfigDomainSeclabelPrivate *priv;
+
+    /* Do not add fields to this struct */
+};
+
+struct _GVirConfigDomainSeclabelClass
+{
+    GVirConfigObjectClass parent_class;
+
+    gpointer padding[20];
+};
+
+typedef enum {
+    GVIR_CONFIG_DOMAIN_SECLABEL_TYPE_DYNAMIC,
+    GVIR_CONFIG_DOMAIN_SECLABEL_TYPE_STATIC
+} GVirConfigDomainSeclabelType;
+
+GType gvir_config_domain_seclabel_get_type(void);
+
+GVirConfigDomainSeclabel *gvir_config_domain_seclabel_new(void);
+GVirConfigDomainSeclabel *gvir_config_domain_seclabel_new_from_xml(const gchar *xml, GError **error);
+
+void gvir_config_domain_seclabel_set_type(GVirConfigDomainSeclabel *seclabel, GVirConfigDomainSeclabelType type);
+void gvir_config_domain_seclabel_set_model(GVirConfigDomainSeclabel *seclabel, const gchar *model);
+void gvir_config_domain_seclabel_set_baselabel(GVirConfigDomainSeclabel *seclabel, const gchar *label);
+void gvir_config_domain_seclabel_set_label(GVirConfigDomainSeclabel *seclabel, const gchar *label);
+
+G_END_DECLS
+
+#endif /* __LIBVIRT_GCONFIG_DOMAIN_SECLABEL_H__ */
diff --git a/libvirt-gconfig/libvirt-gconfig-domain.c b/libvirt-gconfig/libvirt-gconfig-domain.c
index ab40cb3..062be3b 100644
--- a/libvirt-gconfig/libvirt-gconfig-domain.c
+++ b/libvirt-gconfig/libvirt-gconfig-domain.c
@@ -292,6 +292,16 @@ void gvir_config_domain_set_os(GVirConfigDomain *domain,
                               GVIR_CONFIG_OBJECT(os));
 }
 
+void gvir_config_domain_set_seclabel(GVirConfigDomain *domain,
+                                     GVirConfigDomainSeclabel *seclabel)
+{
+    g_return_if_fail(GVIR_IS_CONFIG_DOMAIN(domain));
+    g_return_if_fail(GVIR_IS_CONFIG_DOMAIN_SECLABEL(seclabel));
+
+    gvir_config_object_attach(GVIR_CONFIG_OBJECT(domain),
+                              GVIR_CONFIG_OBJECT(seclabel));
+}
+
 /**
  * gvir_config_domain_set_devices:
  * @devices: (in) (element-type LibvirtGConfig.DomainDevice):
diff --git a/libvirt-gconfig/libvirt-gconfig-domain.h b/libvirt-gconfig/libvirt-gconfig-domain.h
index 4cbc1f0..a531a54 100644
--- a/libvirt-gconfig/libvirt-gconfig-domain.h
+++ b/libvirt-gconfig/libvirt-gconfig-domain.h
@@ -30,6 +30,7 @@
 #include <libvirt-gconfig/libvirt-gconfig-domain-clock.h>
 #include <libvirt-gconfig/libvirt-gconfig-domain-os.h>
 #include <libvirt-gconfig/libvirt-gconfig-domain-device.h>
+#include <libvirt-gconfig/libvirt-gconfig-domain-seclabel.h>
 
 G_BEGIN_DECLS
 
@@ -88,6 +89,8 @@ void gvir_config_domain_set_clock(GVirConfigDomain *domain,
                                   GVirConfigDomainClock *klock);
 void gvir_config_domain_set_os(GVirConfigDomain *domain,
                                GVirConfigDomainOs *os);
+void gvir_config_domain_set_seclabel(GVirConfigDomain *domain,
+                                     GVirConfigDomainSeclabel *seclabel);
 void gvir_config_domain_set_devices(GVirConfigDomain *domain,
                                     GList *devices);
 void gvir_config_domain_add_device(GVirConfigDomain *domain,
diff --git a/libvirt-gconfig/libvirt-gconfig.h b/libvirt-gconfig/libvirt-gconfig.h
index 74c26ba..be4b4dd 100644
--- a/libvirt-gconfig/libvirt-gconfig.h
+++ b/libvirt-gconfig/libvirt-gconfig.h
@@ -42,6 +42,7 @@
 #include <libvirt-gconfig/libvirt-gconfig-domain-interface.h>
 #include <libvirt-gconfig/libvirt-gconfig-domain-interface-network.h>
 #include <libvirt-gconfig/libvirt-gconfig-domain-os.h>
+#include <libvirt-gconfig/libvirt-gconfig-domain-seclabel.h>
 #include <libvirt-gconfig/libvirt-gconfig-domain-snapshot.h>
 #include <libvirt-gconfig/libvirt-gconfig-domain-timer.h>
 #include <libvirt-gconfig/libvirt-gconfig-domain-video.h>
diff --git a/libvirt-gconfig/libvirt-gconfig.sym b/libvirt-gconfig/libvirt-gconfig.sym
index da31f68..6f3593d 100644
--- a/libvirt-gconfig/libvirt-gconfig.sym
+++ b/libvirt-gconfig/libvirt-gconfig.sym
@@ -20,6 +20,7 @@ LIBVIRT_GCONFIG_0.0.1 {
 	gvir_config_domain_get_name;
 	gvir_config_domain_set_name;
 	gvir_config_domain_set_os;
+	gvir_config_domain_set_seclabel;
 	gvir_config_domain_get_vcpus;
 	gvir_config_domain_set_vcpus;
 	gvir_config_domain_set_virt_type;
@@ -122,6 +123,15 @@ LIBVIRT_GCONFIG_0.0.1 {
 	gvir_config_domain_snapshot_new;
 	gvir_config_domain_snapshot_new_from_xml;
 
+	gvir_config_domain_seclabel_get_type;
+	gvir_config_domain_seclabel_type_get_type;
+	gvir_config_domain_seclabel_new;
+	gvir_config_domain_seclabel_new_from_xml;
+	gvir_config_domain_seclabel_set_type;
+	gvir_config_domain_seclabel_set_model;
+	gvir_config_domain_seclabel_set_baselabel;
+	gvir_config_domain_seclabel_set_label;
+
 	gvir_config_domain_timer_get_type;
 	gvir_config_domain_timer_new;
 	gvir_config_domain_timer_new_from_xml;
-- 
1.7.6.4

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list
[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]