func (d *Daemon) PolicyInit() error {
for k, v := range labels.ResDec {
key := labels.ReservedID(uint32(v)).String()
lbl := labels.NewLabel(
key, "", common.ReservedLabelSource,
)
secLbl := labels.NewSecCtxLabel()
secLbl.ID = uint32(v)
secLbl.AddOrUpdateContainer(lbl.String())
secLbl.Labels[k] = lbl
policyMapPath := fmt.Sprintf("%sreserved_%d", common.PolicyMapPath, uint32(v))
policyMap, _, err := policymap.OpenMap(policyMapPath)
if err != nil {
return fmt.Errorf("Could not create policy BPF map '%s': %s", policyMapPath, err)
}
if c := policy.GetConsumable(uint32(v), secLbl); c == nil {
return fmt.Errorf("Unable to initialize consumable for %v", secLbl)
} else {
d.reservedConsumables = append(d.reservedConsumables, c)
c.AddMap(policyMap)
}
}
return nil
}
func (e *Endpoint) SetSecLabel(labels *labels.SecCtxLabel) {
e.SecLabel = labels
e.Consumable = policy.GetConsumable(labels.ID, labels)
}