Re: [libvirt] [PATCHv3 05/26] security: manager: Document behavior of disk label manipulation funcs
On 06/25/2014 10:54 AM, Peter Krempa wrote:
virSecurityManagerSetDiskLabel and
virSecurityManagerRestoreDiskLabel
don't have complementary semantics. Document the semantics to avoid
possible problems.
---
src/security/security_manager.c | 22 ++++++++++++++++++++++
1 file changed, 22 insertions(+)
diff --git a/src/security/security_manager.c b/src/security/security_manager.c
index bb12e8e..06e5123 100644
--- a/src/security/security_manager.c
+++ b/src/security/security_manager.c
@@ -331,6 +331,17 @@ virSecurityManagerGetRequireConfined(virSecurityManagerPtr mgr)
}
+/**
+ * virSecurityManagerRestoreDiskLabel:
+ * @mgr: security manager object
+ * @vm: domain definition object
+ * @disk: disk definition to operate on
+ *
+ * Removes security label from the source image of the disk. Note that this
+ * function doesn't restore labels on backing chain elements of @disk.
which probably ought to be considered a bug, and something that we might
change in the future - but accurate documentation of what it does now.
Restoring labels on backing chains is tricky - we need to start keeping
a reference count of all places that are using a backing file (as it can
be in use by more than one chain, even by more than one domain), and
really the label restore ought to be part of releasing the last use of a
storage volume after all domains are done sharing the same backing file.
The disk lease manager may be helpful, as backing files are shared
(readonly) leases.
ACK.
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
Attachments:
- signature.asc (application/pgp-signature — 604 bytes)