[libvirt] [sVirt] Question about virSecuritySELinuxSetSecurityAllLabel()
Hi,
I am studying sVirt,i have some questions about
virSecuritySELinuxSetSecurityAllLabel() function (below AllLabel()
instead)in src/security/security_selinux.c.
From some materials, i have understood how sVirt works.
AllLabel() is responsible to label "object",in most materials,
"object" represents image files, howerver, in AllLabel(),i find there
are some other "object"(Hostdev,TPMFile,Chardev,Smartcard,os.kernel,
os.initrd,os.dtb) to be labeled.
I have question about the scope of "object",besides labeling image
files,is those other object necessary to be labeled to guarantee sVirt
to achieve strong isolation.