[libvirt] [sVirt] Question about virSecuritySELinuxSetSecurityAllLabel()

30 Jun
2014
30 Jun
'14
3:34 p.m.
Hi, I am studying sVirt,i have some questions about virSecuritySELinuxSetSecurityAllLabel() function (below AllLabel() instead)in src/security/security_selinux.c.
From some materials, i have understood how sVirt works. AllLabel() is responsible to label "object",in most materials, "object" represents image files, howerver, in AllLabel(),i find there are some other "object"(Hostdev,TPMFile,Chardev,Smartcard,os.kernel, os.initrd,os.dtb) to be labeled.
I have question about the scope of "object",besides labeling image files,is those other object necessary to be labeled to guarantee sVirt to achieve strong isolation.
4090
Age (days ago)
4090
Last active (days ago)
0 comments
1 participants
participants (1)
-
H Changyao