lib: abstract out sandbox for platforms

Signed-off-by: Vincent Batts <vbatts@hashbangbash.com>
This commit is contained in:
Vincent Batts 2018-01-23 08:57:36 -05:00
parent 8ea79e755f
commit 509890acc1
Signed by: vbatts
GPG key ID: 10937E57733F1362
3 changed files with 41 additions and 12 deletions

View file

@ -0,0 +1,26 @@
// +build linux
package lib
import (
"github.com/kubernetes-incubator/cri-o/lib/sandbox"
selinux "github.com/opencontainers/selinux/go-selinux"
"github.com/opencontainers/selinux/go-selinux/label"
)
func (c *ContainerServer) addSandboxPlatform(sb *sandbox.Sandbox) {
c.state.processLevels[selinux.NewContext(sb.ProcessLabel())["level"]]++
}
func (c *ContainerServer) removeSandboxPlatform(sb *sandbox.Sandbox) {
processLabel := sb.ProcessLabel()
level := selinux.NewContext(processLabel)["level"]
pl, ok := c.state.processLevels[level]
if ok {
c.state.processLevels[level] = pl - 1
if c.state.processLevels[level] == 0 {
label.ReleaseLabel(processLabel)
delete(c.state.processLevels, level)
}
}
}