libvirt/tests/securityselinuxlabeltest.c

377 lines
9.5 KiB
C
Raw Normal View History

/*
conf: prepare to track multiple host source files per <disk> It's finally time to start tracking disk backing chains in <domain> XML. The first step is to start refactoring code so that we have an object more convenient for representing each host source resource in the context of a single guest <disk>. Ultimately, I plan to move the new type into src/util where it can be reused by virStorageFile, but to make the transition easier to review, this patch just creates the new type then fixes everything until it compiles again. * src/conf/domain_conf.h (_virDomainDiskDef): Split... (_virDomainDiskSourceDef): ...to new struct. (virDomainDiskAuthClear): Use new type. * src/conf/domain_conf.c (virDomainDiskDefFree): Split... (virDomainDiskSourceDefClear): ...to new function. (virDomainDiskGetType, virDomainDiskSetType) (virDomainDiskGetSource, virDomainDiskSetSource) (virDomainDiskGetDriver, virDomainDiskSetDriver) (virDomainDiskGetFormat, virDomainDiskSetFormat) (virDomainDiskAuthClear, virDomainDiskGetActualType) (virDomainDiskDefParseXML, virDomainDiskSourceDefFormat) (virDomainDiskDefFormat, virDomainDiskDefForeachPath) (virDomainDiskDefGetSecurityLabelDef) (virDomainDiskSourceIsBlockType): Adjust all users. * src/lxc/lxc_controller.c (virLXCControllerSetupDisk): Likewise. * src/lxc/lxc_driver.c (lxcDomainAttachDeviceMknodHelper): Likewise. * src/qemu/qemu_command.c (qemuAddRBDHost, qemuParseRBDString) (qemuParseDriveURIString, qemuParseGlusterString) (qemuParseISCSIString, qemuParseNBDString) (qemuDomainDiskGetSourceString, qemuBuildDriveStr) (qemuBuildCommandLine, qemuParseCommandLineDisk) (qemuParseCommandLine): Likewise. * src/qemu/qemu_conf.c (qemuCheckSharedDevice) (qemuAddISCSIPoolSourceHost, qemuTranslateDiskSourcePool): Likewise. * src/qemu/qemu_driver.c (qemuDomainUpdateDeviceConfig) (qemuDomainPrepareDiskChainElement) (qemuDomainSnapshotCreateInactiveExternal) (qemuDomainSnapshotPrepareDiskExternalBackingInactive) (qemuDomainSnapshotPrepareDiskInternal) (qemuDomainSnapshotPrepare) (qemuDomainSnapshotCreateSingleDiskActive) (qemuDomainSnapshotUndoSingleDiskActive) (qemuDomainBlockPivot, qemuDomainBlockJobImpl) (qemuDomainBlockCopy, qemuDomainBlockCommit): Likewise. * src/qemu/qemu_migration.c (qemuMigrationIsSafe): Likewise. * src/qemu/qemu_process.c (qemuProcessGetVolumeQcowPassphrase) (qemuProcessInitPasswords): Likewise. * src/security/security_selinux.c (virSecuritySELinuxSetSecurityFileLabel): Likewise. * src/storage/storage_driver.c (virStorageFileInitFromDiskDef): Likewise. * tests/securityselinuxlabeltest.c (testSELinuxLoadDef): Likewise. Signed-off-by: Eric Blake <eblake@redhat.com>
2014-03-19 17:11:16 +00:00
* Copyright (C) 2011-2014 Red Hat, Inc.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the Free Software
* License along with this library; If not, see
* <http://www.gnu.org/licenses/>.
*
*/
#include <config.h>
#include <time.h>
#include <selinux/selinux.h>
#include <selinux/context.h>
#include <sys/xattr.h>
#include "internal.h"
#include "testutils.h"
#include "testutilsqemu.h"
#include "qemu/qemu_domain.h"
#include "viralloc.h"
#include "virerror.h"
#include "virfile.h"
#include "virlog.h"
#include "security/security_manager.h"
#include "virstring.h"
#define VIR_FROM_THIS VIR_FROM_NONE
VIR_LOG_INIT("tests.securityselinuxlabeltest");
tests: Avoid use of virQEMUDriverCreateXMLConf(NULL) We use the function to create a virDomainXMLOption object that is required for some functions. However, we don't pass the driver pointer to the object anywhere - rather than pass NULL. This causes trouble later when parsing a domain XML and calling post parse callbacks: Program received signal SIGSEGV, Segmentation fault. 0x000000000043fa3e in qemuDomainDefPostParse (def=0x7d36c0, caps=0x7caf10, opaque=0x0) at qemu/qemu_domain.c:1043 1043 qemuCaps = virQEMUCapsCacheLookup(driver->qemuCapsCache, def->emulator); (gdb) bt #0 0x000000000043fa3e in qemuDomainDefPostParse (def=0x7d36c0, caps=0x7caf10, opaque=0x0) at qemu/qemu_domain.c:1043 #1 0x00007ffff2928bf9 in virDomainDefPostParse (def=0x7d36c0, caps=0x7caf10, xmlopt=0x7c82c0) at conf/domain_conf.c:4269 #2 0x00007ffff294de04 in virDomainDefParseXML (xml=0x7da8c0, root=0x7dab80, ctxt=0x7da980, caps=0x7caf10, xmlopt=0x7c82c0, flags=0) at conf/domain_conf.c:16400 #3 0x00007ffff294e5b5 in virDomainDefParseNode (xml=0x7da8c0, root=0x7dab80, caps=0x7caf10, xmlopt=0x7c82c0, flags=0) at conf/domain_conf.c:16582 #4 0x00007ffff294e424 in virDomainDefParse (xmlStr=0x0, filename=0x7c7ef0 "/home/zippy/work/libvirt/libvirt.git/tests/securityselinuxlabeldata/disks.xml", caps=0x7caf10, xmlopt=0x7c82c0, flags=0) at conf/domain_conf.c:16529 #5 0x00007ffff294e4b2 in virDomainDefParseFile (filename=0x7c7ef0 "/home/zippy/work/libvirt/libvirt.git/tests/securityselinuxlabeldata/disks.xml", caps=0x7caf10, xmlopt=0x7c82c0, flags=0) at conf/domain_conf.c:16553 #6 0x00000000004303ca in testSELinuxLoadDef (testname=0x53c929 "disks") at securityselinuxlabeltest.c:192 #7 0x00000000004309e8 in testSELinuxLabeling (opaque=0x53c929) at securityselinuxlabeltest.c:313 #8 0x0000000000431207 in virtTestRun (title=0x53c92f "Labelling \"disks\"", body=0x430964 <testSELinuxLabeling>, data=0x53c929) at testutils.c:211 #9 0x0000000000430c5d in mymain () at securityselinuxlabeltest.c:373 #10 0x00000000004325c2 in virtTestMain (argc=1, argv=0x7fffffffd7e8, func=0x430b4a <mymain>) at testutils.c:863 #11 0x0000000000430deb in main (argc=1, argv=0x7fffffffd7e8) at securityselinuxlabeltest.c:381 Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2015-09-22 14:27:57 +00:00
static virQEMUDriver driver;
static virSecurityManagerPtr mgr;
typedef struct testSELinuxFile testSELinuxFile;
struct testSELinuxFile {
char *file;
char *context;
};
static int
testUserXattrEnabled(void)
{
int ret = -1;
ssize_t len;
const char *con_value = "system_u:object_r:svirt_image_t:s0:c41,c264";
char *path = NULL;
path = g_strdup_printf("%s/securityselinuxlabeldata/testxattr", abs_builddir);
if (virFileMakePath(abs_builddir "/securityselinuxlabeldata") < 0 ||
virFileTouch(path, 0600) < 0)
goto cleanup;
len = setxattr(path, "user.libvirt.selinux", con_value,
strlen(con_value), 0);
if (len < 0) {
if (errno == EOPNOTSUPP)
ret = 0;
goto cleanup;
}
ret = 1;
cleanup:
unlink(path);
rmdir(abs_builddir "/securityselinuxlabeldata");
VIR_FREE(path);
return ret;
}
static int
testSELinuxMungePath(char **path)
{
char *tmp;
tmp = g_strdup_printf("%s/securityselinuxlabeldata%s", abs_builddir, *path);
VIR_FREE(*path);
*path = tmp;
return 0;
}
static int
testSELinuxLoadFileList(const char *testname,
testSELinuxFile **files,
size_t *nfiles)
{
int ret = -1;
char *path = NULL;
FILE *fp = NULL;
char *line = NULL;
*files = NULL;
*nfiles = 0;
path = g_strdup_printf("%s/securityselinuxlabeldata/%s.txt", abs_srcdir,
testname);
if (!(fp = fopen(path, "r")))
goto cleanup;
line = g_new0(char, 1024);
while (!feof(fp)) {
char *file = NULL, *context = NULL, *tmp;
if (!fgets(line, 1024, fp)) {
if (!feof(fp))
goto cleanup;
break;
}
tmp = strchr(line, ';');
if (!tmp) {
virReportError(VIR_ERR_INTERNAL_ERROR,
"unexpected format for line '%s'",
line);
goto cleanup;
}
*tmp = '\0';
tmp++;
file = g_strdup_printf("%s/securityselinuxlabeldata%s", abs_builddir,
line);
if (*tmp != '\0' && *tmp != '\n') {
context = g_strdup(tmp);
tmp = strchr(context, '\n');
if (tmp)
*tmp = '\0';
}
if (VIR_EXPAND_N(*files, *nfiles, 1) < 0) {
VIR_FREE(file);
VIR_FREE(context);
goto cleanup;
}
(*files)[(*nfiles)-1].file = file;
(*files)[(*nfiles)-1].context = context;
}
ret = 0;
cleanup:
VIR_FORCE_FCLOSE(fp);
VIR_FREE(path);
VIR_FREE(line);
return ret;
}
static virDomainDefPtr
testSELinuxLoadDef(const char *testname)
{
char *xmlfile = NULL;
virDomainDefPtr def = NULL;
size_t i;
xmlfile = g_strdup_printf("%s/securityselinuxlabeldata/%s.xml", abs_srcdir,
testname);
if (!(def = virDomainDefParseFile(xmlfile, driver.xmlopt,
NULL, 0)))
goto cleanup;
for (i = 0; i < def->ndisks; i++) {
if (def->disks[i]->src->type != VIR_STORAGE_TYPE_FILE &&
def->disks[i]->src->type != VIR_STORAGE_TYPE_BLOCK)
continue;
if (testSELinuxMungePath(&def->disks[i]->src->path) < 0)
goto cleanup;
}
for (i = 0; i < def->nserials; i++) {
if (def->serials[i]->source->type != VIR_DOMAIN_CHR_TYPE_FILE &&
def->serials[i]->source->type != VIR_DOMAIN_CHR_TYPE_PIPE &&
def->serials[i]->source->type != VIR_DOMAIN_CHR_TYPE_DEV &&
def->serials[i]->source->type != VIR_DOMAIN_CHR_TYPE_UNIX)
continue;
if (def->serials[i]->source->type == VIR_DOMAIN_CHR_TYPE_UNIX) {
if (testSELinuxMungePath(&def->serials[i]->source->data.nix.path) < 0)
goto cleanup;
} else {
if (testSELinuxMungePath(&def->serials[i]->source->data.file.path) < 0)
goto cleanup;
}
}
if (def->os.kernel &&
testSELinuxMungePath(&def->os.kernel) < 0)
goto cleanup;
if (def->os.initrd &&
testSELinuxMungePath(&def->os.initrd) < 0)
goto cleanup;
cleanup:
VIR_FREE(xmlfile);
return def;
}
static int
testSELinuxCreateDisks(testSELinuxFile *files, size_t nfiles)
{
size_t i;
if (virFileMakePath(abs_builddir "/securityselinuxlabeldata/nfs") < 0)
return -1;
for (i = 0; i < nfiles; i++) {
if (virFileTouch(files[i].file, 0600) < 0)
return -1;
}
return 0;
}
static int
testSELinuxDeleteDisks(testSELinuxFile *files, size_t nfiles)
{
size_t i;
for (i = 0; i < nfiles; i++) {
if (unlink(files[i].file) < 0)
return -1;
}
if (rmdir(abs_builddir "/securityselinuxlabeldata/nfs") < 0)
return -1;
/* Ignore failure to remove non-empty directory with in-tree build */
rmdir(abs_builddir "/securityselinuxlabeldata");
return 0;
}
static int
testSELinuxCheckLabels(testSELinuxFile *files, size_t nfiles)
{
size_t i;
char *ctx;
for (i = 0; i < nfiles; i++) {
ctx = NULL;
if (getfilecon(files[i].file, &ctx) < 0) {
if (errno == ENODATA) {
/* nothing to do */
} else if (errno == EOPNOTSUPP) {
ctx = g_strdup("EOPNOTSUPP");
} else {
virReportSystemError(errno,
"Cannot read label on %s",
files[i].file);
return -1;
}
}
if (STRNEQ_NULLABLE(files[i].context, ctx)) {
virReportError(VIR_ERR_INTERNAL_ERROR,
"File %s context '%s' did not match expected '%s'",
files[i].file, ctx, files[i].context);
VIR_FREE(ctx);
return -1;
}
VIR_FREE(ctx);
}
return 0;
}
static int
testSELinuxLabeling(const void *opaque)
{
const char *testname = opaque;
int ret = -1;
testSELinuxFile *files = NULL;
size_t nfiles = 0;
size_t i;
virDomainDefPtr def = NULL;
if (testSELinuxLoadFileList(testname, &files, &nfiles) < 0)
goto cleanup;
if (testSELinuxCreateDisks(files, nfiles) < 0)
goto cleanup;
if (!(def = testSELinuxLoadDef(testname)))
goto cleanup;
if (virSecurityManagerSetAllLabel(mgr, def, NULL, false, false) < 0)
goto cleanup;
if (testSELinuxCheckLabels(files, nfiles) < 0)
goto cleanup;
ret = 0;
cleanup:
if (testSELinuxDeleteDisks(files, nfiles) < 0)
VIR_WARN("unable to fully clean up");
virDomainDefFree(def);
for (i = 0; i < nfiles; i++) {
VIR_FREE(files[i].file);
VIR_FREE(files[i].context);
}
VIR_FREE(files);
if (ret < 0)
VIR_TEST_VERBOSE("%s", virGetLastErrorMessage());
return ret;
}
static int
mymain(void)
{
int ret = 0;
int rc = testUserXattrEnabled();
g_autoptr(virQEMUCaps) qemuCaps = NULL;
if (rc < 0)
return EXIT_FAILURE;
if (!rc)
return EXIT_AM_SKIP;
if (!(mgr = virSecurityManagerNew("selinux", "QEMU",
VIR_SECURITY_MANAGER_DEFAULT_CONFINED |
VIR_SECURITY_MANAGER_PRIVILEGED))) {
VIR_TEST_VERBOSE("Unable to initialize security driver: %s",
virGetLastErrorMessage());
return EXIT_FAILURE;
}
tests: Avoid use of virQEMUDriverCreateXMLConf(NULL) We use the function to create a virDomainXMLOption object that is required for some functions. However, we don't pass the driver pointer to the object anywhere - rather than pass NULL. This causes trouble later when parsing a domain XML and calling post parse callbacks: Program received signal SIGSEGV, Segmentation fault. 0x000000000043fa3e in qemuDomainDefPostParse (def=0x7d36c0, caps=0x7caf10, opaque=0x0) at qemu/qemu_domain.c:1043 1043 qemuCaps = virQEMUCapsCacheLookup(driver->qemuCapsCache, def->emulator); (gdb) bt #0 0x000000000043fa3e in qemuDomainDefPostParse (def=0x7d36c0, caps=0x7caf10, opaque=0x0) at qemu/qemu_domain.c:1043 #1 0x00007ffff2928bf9 in virDomainDefPostParse (def=0x7d36c0, caps=0x7caf10, xmlopt=0x7c82c0) at conf/domain_conf.c:4269 #2 0x00007ffff294de04 in virDomainDefParseXML (xml=0x7da8c0, root=0x7dab80, ctxt=0x7da980, caps=0x7caf10, xmlopt=0x7c82c0, flags=0) at conf/domain_conf.c:16400 #3 0x00007ffff294e5b5 in virDomainDefParseNode (xml=0x7da8c0, root=0x7dab80, caps=0x7caf10, xmlopt=0x7c82c0, flags=0) at conf/domain_conf.c:16582 #4 0x00007ffff294e424 in virDomainDefParse (xmlStr=0x0, filename=0x7c7ef0 "/home/zippy/work/libvirt/libvirt.git/tests/securityselinuxlabeldata/disks.xml", caps=0x7caf10, xmlopt=0x7c82c0, flags=0) at conf/domain_conf.c:16529 #5 0x00007ffff294e4b2 in virDomainDefParseFile (filename=0x7c7ef0 "/home/zippy/work/libvirt/libvirt.git/tests/securityselinuxlabeldata/disks.xml", caps=0x7caf10, xmlopt=0x7c82c0, flags=0) at conf/domain_conf.c:16553 #6 0x00000000004303ca in testSELinuxLoadDef (testname=0x53c929 "disks") at securityselinuxlabeltest.c:192 #7 0x00000000004309e8 in testSELinuxLabeling (opaque=0x53c929) at securityselinuxlabeltest.c:313 #8 0x0000000000431207 in virtTestRun (title=0x53c92f "Labelling \"disks\"", body=0x430964 <testSELinuxLabeling>, data=0x53c929) at testutils.c:211 #9 0x0000000000430c5d in mymain () at securityselinuxlabeltest.c:373 #10 0x00000000004325c2 in virtTestMain (argc=1, argv=0x7fffffffd7e8, func=0x430b4a <mymain>) at testutils.c:863 #11 0x0000000000430deb in main (argc=1, argv=0x7fffffffd7e8) at securityselinuxlabeltest.c:381 Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2015-09-22 14:27:57 +00:00
if (qemuTestDriverInit(&driver) < 0)
return EXIT_FAILURE;
if (!(qemuCaps = virQEMUCapsNew()))
return EXIT_FAILURE;
virQEMUCapsSet(qemuCaps, QEMU_CAPS_DEVICE_CIRRUS_VGA);
virQEMUCapsSet(qemuCaps, QEMU_CAPS_VNC);
if (qemuTestCapsCacheInsert(driver.qemuCapsCache, qemuCaps) < 0)
return EXIT_FAILURE;
#define DO_TEST_LABELING(name) \
if (virTestRun("Labelling " # name, testSELinuxLabeling, name) < 0) \
ret = -1;
setcon("system_r:system_u:libvirtd_t:s0:c0.c1023");
DO_TEST_LABELING("disks");
DO_TEST_LABELING("kernel");
DO_TEST_LABELING("chardev");
DO_TEST_LABELING("nfs");
tests: Avoid use of virQEMUDriverCreateXMLConf(NULL) We use the function to create a virDomainXMLOption object that is required for some functions. However, we don't pass the driver pointer to the object anywhere - rather than pass NULL. This causes trouble later when parsing a domain XML and calling post parse callbacks: Program received signal SIGSEGV, Segmentation fault. 0x000000000043fa3e in qemuDomainDefPostParse (def=0x7d36c0, caps=0x7caf10, opaque=0x0) at qemu/qemu_domain.c:1043 1043 qemuCaps = virQEMUCapsCacheLookup(driver->qemuCapsCache, def->emulator); (gdb) bt #0 0x000000000043fa3e in qemuDomainDefPostParse (def=0x7d36c0, caps=0x7caf10, opaque=0x0) at qemu/qemu_domain.c:1043 #1 0x00007ffff2928bf9 in virDomainDefPostParse (def=0x7d36c0, caps=0x7caf10, xmlopt=0x7c82c0) at conf/domain_conf.c:4269 #2 0x00007ffff294de04 in virDomainDefParseXML (xml=0x7da8c0, root=0x7dab80, ctxt=0x7da980, caps=0x7caf10, xmlopt=0x7c82c0, flags=0) at conf/domain_conf.c:16400 #3 0x00007ffff294e5b5 in virDomainDefParseNode (xml=0x7da8c0, root=0x7dab80, caps=0x7caf10, xmlopt=0x7c82c0, flags=0) at conf/domain_conf.c:16582 #4 0x00007ffff294e424 in virDomainDefParse (xmlStr=0x0, filename=0x7c7ef0 "/home/zippy/work/libvirt/libvirt.git/tests/securityselinuxlabeldata/disks.xml", caps=0x7caf10, xmlopt=0x7c82c0, flags=0) at conf/domain_conf.c:16529 #5 0x00007ffff294e4b2 in virDomainDefParseFile (filename=0x7c7ef0 "/home/zippy/work/libvirt/libvirt.git/tests/securityselinuxlabeldata/disks.xml", caps=0x7caf10, xmlopt=0x7c82c0, flags=0) at conf/domain_conf.c:16553 #6 0x00000000004303ca in testSELinuxLoadDef (testname=0x53c929 "disks") at securityselinuxlabeltest.c:192 #7 0x00000000004309e8 in testSELinuxLabeling (opaque=0x53c929) at securityselinuxlabeltest.c:313 #8 0x0000000000431207 in virtTestRun (title=0x53c92f "Labelling \"disks\"", body=0x430964 <testSELinuxLabeling>, data=0x53c929) at testutils.c:211 #9 0x0000000000430c5d in mymain () at securityselinuxlabeltest.c:373 #10 0x00000000004325c2 in virtTestMain (argc=1, argv=0x7fffffffd7e8, func=0x430b4a <mymain>) at testutils.c:863 #11 0x0000000000430deb in main (argc=1, argv=0x7fffffffd7e8) at securityselinuxlabeltest.c:381 Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2015-09-22 14:27:57 +00:00
qemuTestDriverFree(&driver);
return (ret == 0) ? EXIT_SUCCESS : EXIT_FAILURE;
}
VIR_TEST_MAIN_PRELOAD(mymain,
VIR_TEST_MOCK("domaincaps"),
abs_builddir "/libsecurityselinuxhelper.so")