On Thu, Feb 12, 2015 at 06:32:40PM +0100, Erik Skultety wrote:
We do have a check for valid per-domain security model, however we
still
do permit an invalid security model for a domain's device (those which
are specified with <source> element).
This patch introduces a new function virSecurityManagerCheckAllLabel
which compares user specified security model against currently
registered security drivers. That being said, it also permits 'none'
being specified as a device security model.
Resolves:
https://bugzilla.redhat.com/show_bug.cgi?id=1165485
---
src/libvirt_private.syms | 1 +
src/lxc/lxc_process.c | 3 ++
src/qemu/qemu_process.c | 6 +++
src/security/security_manager.c | 89 +++++++++++++++++++++++++++++++++++++++++
src/security/security_manager.h | 2 +
5 files changed, 101 insertions(+)
ACK
+static int virSecurityManagerCheckSecurityModel(char *secmodel,
+ void *opaque)
Only callbacks should use void *opaque.
The redundant 'Security' occurs twice in the function names.
I fixed the parameter types, and removed the extra word to save some
screen space and pushed the patch.
Jan