On Mon, 15 Dec 2008, James Morris wrote:
On Thu, 11 Dec 2008, Daniel P. Berrange wrote:
* a virNodeInfo is a structure filled by virNodeGetInfo() and providing @@ -504,6 +567,10 @@ int virDomainSetMaxMemory (virDomainPtr domain, int virDomainSetMemory (virDomainPtr domain, unsigned long memory); int virDomainGetMaxVcpus (virDomainPtr domain); +int virDomainGetSecLabel (virDomainPtr domain, + virDomainSecLabelPtr seclabel); +int virDomainGetSecModel (virDomainPtr domain, + virDomainSecModelPtr secmodel);
I'm leaning two ways on this. On the one hand I could see the virDomainGetSecModel being done against the node to match the fact that we record it in the node capabilities XML, so perhaps virNodeGetSecurityModel(virConnectPtr).
Actually, this is a call to get the node information, so I think the name should be changed.
Btw, is 'Node' the correct placement for this information? IIUC, a node is the physical system, whereas, the security model is a property of the hypervisor, and there can be multiple hypervisors running on a node. -- James Morris <jmorris@namei.org>