In case of udev, it will never try to reset security label on say
domain monitor socket, or some other channel. Therefore, it makes
sense to filter those paths out and keep the state file on the
disk small. The only paths that udev will handle are those
prefixed with "/dev/".
Signed-off-by: Michal Privoznik <mpriv...@redhat.com>
---
src/qemu/qemu_driver.c | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index 51122d0..0fe91b9 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -370,6 +370,15 @@ qemuSecurityChownCallback(virStorageSourcePtr src,
static int
+qemuUdevFilter(const char *devpath,
+ const virSecurityDeviceLabelDef *seclabel ATTRIBUTE_UNUSED,
+ void *opaque ATTRIBUTE_UNUSED)
+{
+ return STRPREFIX(devpath, "/dev/") ? 1 : 0;
+}
+
+
+static int
qemuSecurityInit(virQEMUDriverPtr driver)
{
char **names;
@@ -390,6 +399,8 @@ qemuSecurityInit(virQEMUDriverPtr driver)
if (!(driver->udevMgr = virUdevMgrNew()))
goto error;
}
+
+ virUdevMgrSetFilter(driver->udevMgr, qemuUdevFilter, NULL);
}
if (cfg->allowDiskFormatProbing)
--
2.8.4
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
