5:25 a.m.
These procedures will be used to store and bring back security
labels. So far, the idea is that tuple (path, model, label) is
enough. Well, certainly for DAC and SELinux. The functions are:
VIR_LOCK_SPACE_PROTOCOL_PROC_REMEMBER_SECLABEL
VIR_LOCK_SPACE_PROTOCOL_PROC_RECALL_SECLABEL
Yeah, they really need that VIR_LOCK_SPACE_PROTOCOL_PROC prefix
due to way we call gendispatch.pl.
So the former will take the whole tuple and remember it. The
latter will then take just pair of (path, model) and return label
stored previously. Moreover, the return value of recall will be
important: value greater than zero means @path is still in use,
don't relabel it. Value of zero means @path is no longer used,
and a negative value means an error (e.g. @path not found, OOM,
etc.).
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
---
src/lock_protocol-structs | 15 +++++++++++++++
src/locking/lock_daemon_dispatch.c | 21 +++++++++++++++++++++
src/locking/lock_protocol.x | 29 ++++++++++++++++++++++++++++-
3 files changed, 64 insertions(+), 1 deletion(-)
diff --git a/src/lock_protocol-structs b/src/lock_protocol-structs
index 8e8b84f..c45086b 100644
--- a/src/lock_protocol-structs
+++ b/src/lock_protocol-structs
@@ -43,6 +43,19 @@ struct virLockSpaceProtocolReleaseResourceArgs {
struct virLockSpaceProtocolCreateLockSpaceArgs {
virLockSpaceProtocolNonNullString path;
};
+struct virLockSpaceProtocolRememberSeclabelArgs {
+ virLockSpaceProtocolNonNullString model;
+ virLockSpaceProtocolNonNullString path;
+ virLockSpaceProtocolNonNullString label;
+};
+struct virLockSpaceProtocolRecallSeclabelArgs {
+ virLockSpaceProtocolNonNullString model;
+ virLockSpaceProtocolNonNullString path;
+};
+struct virLockSpaceProtocolRecallSeclabelRet {
+ virLockSpaceProtocolString label;
+ u_int ret;
+};
enum virLockSpaceProtocolProcedure {
VIR_LOCK_SPACE_PROTOCOL_PROC_REGISTER = 1,
VIR_LOCK_SPACE_PROTOCOL_PROC_RESTRICT = 2,
@@ -52,4 +65,6 @@ enum virLockSpaceProtocolProcedure {
VIR_LOCK_SPACE_PROTOCOL_PROC_ACQUIRE_RESOURCE = 6,
VIR_LOCK_SPACE_PROTOCOL_PROC_RELEASE_RESOURCE = 7,
VIR_LOCK_SPACE_PROTOCOL_PROC_CREATE_LOCKSPACE = 8,
+ VIR_LOCK_SPACE_PROTOCOL_PROC_REMEMBER_SECLABEL = 9,
+ VIR_LOCK_SPACE_PROTOCOL_PROC_RECALL_SECLABEL = 10,
};
diff --git a/src/locking/lock_daemon_dispatch.c b/src/locking/lock_daemon_dispatch.c
index 1b479db..2d0bd81 100644
--- a/src/locking/lock_daemon_dispatch.c
+++ b/src/locking/lock_daemon_dispatch.c
@@ -430,3 +430,24 @@ virLockSpaceProtocolDispatchCreateLockSpace(virNetServerPtr server
ATTRIBUTE_UNU
virMutexUnlock(&priv->lock);
return rv;
}
+
+static int
+virLockSpaceProtocolDispatchRememberSeclabel(virNetServerPtr server ATTRIBUTE_UNUSED,
+ virNetServerClientPtr client
ATTRIBUTE_UNUSED,
+ virNetMessagePtr msg ATTRIBUTE_UNUSED,
+ virNetMessageErrorPtr rerr
ATTRIBUTE_UNUSED,
+ virLockSpaceProtocolRememberSeclabelArgs
*args ATTRIBUTE_UNUSED)
+{
+ return 0;
+}
+
+static int
+virLockSpaceProtocolDispatchRecallSeclabel(virNetServerPtr server ATTRIBUTE_UNUSED,
+ virNetServerClientPtr client
ATTRIBUTE_UNUSED,
+ virNetMessagePtr msg ATTRIBUTE_UNUSED,
+ virNetMessageErrorPtr rerr ATTRIBUTE_UNUSED,
+ virLockSpaceProtocolRecallSeclabelArgs *args
ATTRIBUTE_UNUSED,
+ virLockSpaceProtocolRecallSeclabelRet *ret
ATTRIBUTE_UNUSED)
+{
+ return 0;
+}
diff --git a/src/locking/lock_protocol.x b/src/locking/lock_protocol.x
index a77a784..bac4f0c 100644
--- a/src/locking/lock_protocol.x
+++ b/src/locking/lock_protocol.x
@@ -71,6 +71,21 @@ struct virLockSpaceProtocolCreateLockSpaceArgs {
virLockSpaceProtocolNonNullString path;
};
+struct virLockSpaceProtocolRememberSeclabelArgs {
+ virLockSpaceProtocolNonNullString model;
+ virLockSpaceProtocolNonNullString path;
+ virLockSpaceProtocolNonNullString label;
+};
+
+struct virLockSpaceProtocolRecallSeclabelArgs {
+ virLockSpaceProtocolNonNullString model;
+ virLockSpaceProtocolNonNullString path;
+};
+
+struct virLockSpaceProtocolRecallSeclabelRet {
+ virLockSpaceProtocolString label;
+ unsigned int ret;
+};
/* Define the program number, protocol version and procedure numbers here. */
const VIR_LOCK_SPACE_PROTOCOL_PROGRAM = 0xEA7BEEF;
@@ -149,5 +164,17 @@ enum virLockSpaceProtocolProcedure {
* @generate: none
* @acl: none
*/
- VIR_LOCK_SPACE_PROTOCOL_PROC_CREATE_LOCKSPACE = 8
+ VIR_LOCK_SPACE_PROTOCOL_PROC_CREATE_LOCKSPACE = 8,
+
+ /**
+ * @generate: none
+ * @acl: none
+ */
+ VIR_LOCK_SPACE_PROTOCOL_PROC_REMEMBER_SECLABEL = 9,
+
+ /**
+ * @generate: none
+ * @acl: none
+ */
+ VIR_LOCK_SPACE_PROTOCOL_PROC_RECALL_SECLABEL = 10
};
--
2.4.9