[lxc-devel] [PATCH v2 1/2] add lsm op for getting name of enabled lsm
Dwight Engen
dwight.engen at oracle.com
Fri Oct 18 17:44:56 UTC 2013
Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
---
v2: return "none" when there is no lsm driver
src/lxc/lsm/lsm.c | 9 ++++++++-
src/lxc/lsm/lsm.h | 26 ++++++++++++++------------
2 files changed, 22 insertions(+), 13 deletions(-)
diff --git a/src/lxc/lsm/lsm.c b/src/lxc/lsm/lsm.c
index f022de9..066102b 100644
--- a/src/lxc/lsm/lsm.c
+++ b/src/lxc/lsm/lsm.c
@@ -62,13 +62,20 @@ void lsm_init(void)
INFO("Initialized LSM security driver %s", drv->name);
}
-int lsm_enabled()
+int lsm_enabled(void)
{
if (drv)
return drv->enabled();
return 0;
}
+const char *lsm_name(void)
+{
+ if (drv)
+ return drv->name;
+ return "none";
+}
+
char *lsm_process_label_get(pid_t pid)
{
if (!drv) {
diff --git a/src/lxc/lsm/lsm.h b/src/lxc/lsm/lsm.h
index ee093da..621e1af 100644
--- a/src/lxc/lsm/lsm.h
+++ b/src/lxc/lsm/lsm.h
@@ -37,19 +37,21 @@ struct lsm_drv {
};
#if HAVE_APPARMOR || HAVE_SELINUX
-void lsm_init(void);
-int lsm_enabled(void);
-char *lsm_process_label_get(pid_t pid);
-int lsm_process_label_set(const char *label, int use_default);
-int lsm_proc_mount(struct lxc_conf *lxc_conf);
-void lsm_proc_unmount(struct lxc_conf *lxc_conf);
+void lsm_init(void);
+int lsm_enabled(void);
+const char *lsm_name(void);
+char *lsm_process_label_get(pid_t pid);
+int lsm_process_label_set(const char *label, int use_default);
+int lsm_proc_mount(struct lxc_conf *lxc_conf);
+void lsm_proc_unmount(struct lxc_conf *lxc_conf);
#else
-static inline void lsm_init(void) { }
-static inline int lsm_enabled(void) { return 0; }
-static inline char *lsm_process_label_get(pid_t pid) { return NULL; }
-static inline int lsm_process_label_set(char *label, int use_default) { return 0; }
-static inline int lsm_proc_mount(struct lxc_conf *lxc_conf) { return 0; }
-static inline void lsm_proc_unmount(struct lxc_conf *lxc_conf) { }
+static inline void lsm_init(void) { }
+static inline int lsm_enabled(void) { return 0; }
+static inline const char *lsm_name(void) { return "none"; }
+static inline char *lsm_process_label_get(pid_t pid) { return NULL; }
+static inline int lsm_process_label_set(char *label, int use_default) { return 0; }
+static inline int lsm_proc_mount(struct lxc_conf *lxc_conf) { return 0; }
+static inline void lsm_proc_unmount(struct lxc_conf *lxc_conf) { }
#endif
#endif
--
1.8.3.1
More information about the lxc-devel
mailing list