Re: [libvirt] [PATCH 1/4] conf: introduce seclabels in shmem device element

Introduce a new element in shmem device element, this could help users to change the shm label to a specified label. Signed-off-by: Luyao Huang <lhuang(a)redhat.com&gt; --- docs/formatdomain.html.in | 7 ++++++ docs/schemas/domaincommon.rng | 3 +++ src/conf/domain_conf.c | 55 ++++++++++++++++++++++++++++++++++--------- src/conf/domain_conf.h | 5 ++++ 4 files changed, 59 insertions(+), 11 deletions(-) diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in index d0c1741..e02c67c 100644 --- a/docs/formatdomain.html.in +++ b/docs/formatdomain.html.in @@ -6098,6 +6098,13 @@ qemu-kvm -net nic,model=? /dev/null vectors. The <code>ioeventd</code> attribute enables/disables (values "on"/"off", respectively) ioeventfd. </dd> + <dt><code>seclabel</code></dt> + <dd> + The optional <code>seclabel</code> to override the way that labelling + is done on the shm object path or shm server path. If this + element is not present, the <a href="#seclabel">security label is inherited + from the per-domain setting</a>. + </dd> </dl> <h4><a name="elementsMemory">Memory devices</a></h4> diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng index 1120003..f58e8de 100644 --- a/docs/schemas/domaincommon.rng +++ b/docs/schemas/domaincommon.rng @@ -3323,6 +3323,9 @@ </optional> </element> </optional> + <zeroOrMore> + <ref name='devSeclabel'/> + </zeroOrMore> <optional> <ref name="address"/> </optional>