On 9/9/2021 7:01 PM, Michal Prívozník wrote:
On 8/23/21 4:41 AM, Peng Liang wrote:
Signed-off-by: Peng Liang <liangpeng10@huawei.com> --- src/libvirt_private.syms | 1 + src/security/security_driver.h | 5 +++++ src/security/security_manager.c | 29 +++++++++++++++++++++++++++++ src/security/security_manager.h | 5 +++++ 4 files changed, 40 insertions(+)
diff --git a/src/security/security_manager.c b/src/security/security_manager.c index 9906c1691d0f..b580704d3abf 100644 --- a/src/security/security_manager.c +++ b/src/security/security_manager.c @@ -476,6 +476,35 @@ virSecurityManagerMoveImageMetadata(virSecurityManager *mgr, }
+/** + * virSecurityManagerUpdateImageLabel: + * @mgr: security manager object + * @vm: domain definition object + * @src: disk source definition to operate on + * @flags: bitwise or of 'virSecurityDomainImageLabelFlags' + * + * Update security label from @src according to @flags. + * + * Returns: 0 on success, -1 on error. + */ +int +virSecurityManagerUpdateImageLabel(virSecurityManager *mgr, + virDomainDef *vm, + virStorageSource *src, + virSecurityDomainImageLabelFlags flags) +{ + if (mgr->drv->domainUpdateSecurityImageLabel) { + int ret; + virObjectLock(mgr); + ret = mgr->drv->domainUpdateSecurityImageLabel(mgr, vm, src, flags); + virObjectUnlock(mgr); + return ret; + } + + return 0; +} + +
Is there a reason why this needs to be inside virSecurityManager? We already have virSecurityMoveRememberedLabel() that lives outside of it, in security_util.c and conceptually this function belongs there.
Michal
.
Maybe all security managers' labels need to be updated during migration, so I add it here. Thanks, Peng