Re: [libvirt] [PATCH v3 1/2] security: add new internal function "virSecurityManagerGetBaseLabel"

virSecurityManagerGetBaseLabel queries the default settings used by a security model. Signed-off-by: Giuseppe Scrivano <gscrivan(a)redhat.com&gt; --- src/libvirt_private.syms | 1 + src/security/security_apparmor.c | 8 ++++++++ src/security/security_dac.c | 34 ++++++++++++++++++++++++---------- src/security/security_dac.h | 7 +++---- src/security/security_driver.h | 4 ++++ src/security/security_manager.c | 22 ++++++++++++++++++++-- src/security/security_manager.h | 2 ++ src/security/security_nop.c | 10 ++++++++++ src/security/security_selinux.c | 12 ++++++++++++ src/security/security_stack.c | 9 +++++++++ 10 files changed, 93 insertions(+), 16 deletions(-) diff --git a/src/security/security_manager.c b/src/security/security_manager.c index 92fb504..c4b8f10 100644 --- a/src/security/security_manager.c +++ b/src/security/security_manager.c @@ -273,6 +275,22 @@ virSecurityManagerGetModel(virSecurityManagerPtr mgr) return NULL; } +/* return NULL if a base label is not present */ +const char * +virSecurityManagerGetBaseLabel(virSecurityManagerPtr mgr, int virtType) +{ + if (mgr->drv->getBaseLabel) { + const char *ret; + virObjectLock(mgr); + ret = mgr->drv->getBaseLabel(mgr, virtType); + virObjectUnlock(mgr); + return ret; + } + + virReportError(VIR_ERR_NO_SUPPORT, __FUNCTION__); + return NULL;