From 8b641f44fc2ba6661106886c95d427ad640fadab Mon Sep 17 00:00:00 2001
From: Peter Krempa <pkrempa@redhat.com>
Date: Thu, 19 Jun 2014 17:18:02 +0200
Subject: [PATCH] security: manager: Document behavior of disk label
 manipulation funcs

virSecurityManagerSetDiskLabel and virSecurityManagerRestoreDiskLabel
don't have complementary semantics. Document the semantics to avoid
possible problems.
---
 src/security/security_manager.c | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

diff --git a/src/security/security_manager.c b/src/security/security_manager.c
index bb12e8ec20..06e5123db1 100644
--- a/src/security/security_manager.c
+++ b/src/security/security_manager.c
@@ -331,6 +331,17 @@ virSecurityManagerGetRequireConfined(virSecurityManagerPtr mgr)
 }
 
 
+/**
+ * virSecurityManagerRestoreDiskLabel:
+ * @mgr: security manager object
+ * @vm: domain definition object
+ * @disk: disk definition to operate on
+ *
+ * Removes security label from the source image of the disk. Note that this
+ * function doesn't restore labels on backing chain elements of @disk.
+ *
+ * Returns: 0 on success, -1 on error.
+ */
 int
 virSecurityManagerRestoreDiskLabel(virSecurityManagerPtr mgr,
                                    virDomainDefPtr vm,
@@ -400,6 +411,17 @@ virSecurityManagerClearSocketLabel(virSecurityManagerPtr mgr,
 }
 
 
+/**
+ * virSecurityManagerSetDiskLabel:
+ * @mgr: security manager object
+ * @vm: domain definition object
+ * @disk: disk definition to operate on
+ *
+ * Labels the disk image and all images in the backing chain with the configured
+ * security label.
+ *
+ * Returns: 0 on success, -1 on error.
+ */
 int
 virSecurityManagerSetDiskLabel(virSecurityManagerPtr mgr,
                                virDomainDefPtr vm,
-- 
2.47.2