github/kata-containers
1
0
Fork 2
mirror of https://github.com/kata-containers/kata-containers.git synced 2025-09-09 04:39:17 +00:00
Code Issues Projects Releases Wiki Activity

runtime-rs: sandbox: read selinux_label from OCI spec and pass to preparevm

Browse Source 
Extract the selinux_label field from the OCI spec during sandbox setup
and forward it to the prepare_vm API so the VMM process receives the
appropriate SELinux context label.

- sandbox: read selinux_label from OCI spec
- prepare_vm: accept and apply selinux_label parameter

Signed-off-by: Caspian443 <scrisis843@gmail.com>
This commit is contained in:
Caspian443
2025-07-22 16:22:47 +08:00
parent ff369c1b1a
commit cdb7fe8315
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
src/runtime-rs/crates/hypervisor/src/lib.rs
View File

@@ -104,6 +104,7 @@ pub trait Hypervisor: std::fmt::Debug + Send + Sync {
id: &str,
netns: Option<String>,
annotations: &HashMap<String, String>,
selinux_label: Option<String>,
) -> Result<()>;
async fn start_vm(&self, timeout: i32) -> Result<()>;
async fn stop_vm(&self) -> Result<()>;