1 /*
2  * virseclabel.h: security label utility functions
3  *
4  * Copyright (C) 2006-2014 Red Hat, Inc.
5  * Copyright (C) 2006-2008 Daniel P. Berrange
6  *
7  * This library is free software; you can redistribute it and/or
8  * modify it under the terms of the GNU Lesser General Public
9  * License as published by the Free Software Foundation; either
10  * version 2.1 of the License, or (at your option) any later version.
11  *
12  * This library is distributed in the hope that it will be useful,
13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
15  * Lesser General Public License for more details.
16  *
17  * You should have received a copy of the GNU Lesser General Public
18  * License along with this library.  If not, see
19  * <http://www.gnu.org/licenses/>.
20  */
21 
22 #pragma once
23 
24 typedef enum {
25     VIR_DOMAIN_SECLABEL_DEFAULT,
26     VIR_DOMAIN_SECLABEL_NONE,
27     VIR_DOMAIN_SECLABEL_DYNAMIC,
28     VIR_DOMAIN_SECLABEL_STATIC,
29 
30     VIR_DOMAIN_SECLABEL_LAST
31 } virDomainSeclabelType;
32 
33 /* Security configuration for domain */
34 typedef struct _virSecurityLabelDef virSecurityLabelDef;
35 struct _virSecurityLabelDef {
36     char *model;        /* name of security model */
37     char *label;        /* security label string */
38     char *imagelabel;   /* security image label string */
39     char *baselabel;    /* base name of label string */
40     virDomainSeclabelType type; /* virDomainSeclabelType */
41     bool relabel;       /* true (default) for allowing relabels */
42     bool implicit;      /* true if seclabel is auto-added */
43 };
44 
45 
46 /* Security configuration for device */
47 typedef struct _virSecurityDeviceLabelDef virSecurityDeviceLabelDef;
48 struct _virSecurityDeviceLabelDef {
49     char *model;
50     char *label;        /* image label string */
51     bool relabel;       /* true (default) for allowing relabels */
52     bool labelskip;     /* live-only; true if skipping failed label attempt */
53 };
54 
55 virSecurityLabelDef *
56 virSecurityLabelDefNew(const char *model);
57 
58 virSecurityDeviceLabelDef *
59 virSecurityDeviceLabelDefNew(const char *model);
60 
61 virSecurityDeviceLabelDef *
62 virSecurityDeviceLabelDefCopy(const virSecurityDeviceLabelDef *src)
63     ATTRIBUTE_NONNULL(1);
64 
65 void virSecurityLabelDefFree(virSecurityLabelDef *def);
66 G_DEFINE_AUTOPTR_CLEANUP_FUNC(virSecurityLabelDef, virSecurityLabelDefFree);
67 
68 void virSecurityDeviceLabelDefFree(virSecurityDeviceLabelDef *def);
69 G_DEFINE_AUTOPTR_CLEANUP_FUNC(virSecurityDeviceLabelDef, virSecurityDeviceLabelDefFree);
70