External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2025-01-11 23:37:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

security: properly chown/label bidirectional and unidirectional fifos

Browse Source 
This patch fixes the regression with using named pipes for qemu serial
devices noted in:

  https://bugzilla.redhat.com/show_bug.cgi?id=740478

The problem was that, while new code in libvirt looks for a single
bidirectional fifo of the name given in the config, then relabels that
and continues without looking for / relabelling the two unidirectional
fifos named ${name}.in and ${name}.out, qemu looks in the opposite
order. So if the user had naively created all three fifos, libvirt
would relabel the bidirectional fifo to allow qemu access, but qemu
would attempt to use the two unidirectional fifos and fail (because it
didn't have proper permissions/rights).

This patch changes the order that libvirt looks for the fifos to match
what qemu does - first it looks for the dual fifos, then it looks for
the single bidirectional fifo. If it finds the dual unidirectional
fifos first, it labels/chowns them and ignores any possible
bidirectional fifo.

(Note commit d37c6a3a (which first appeared in libvirt-0.9.2) added
the code that checked for a bidirectional fifo. Prior to that commit,
bidirectional fifos for serial devices didn't work because libvirt
always required the ${name}.(in|out) fifos to exist, and qemu would
always prefer those.
This commit is contained in:
Laine Stump 2011-09-27 14:04:53 -04:00
parent bd83b2a371
commit 46e8dc710a
2 changed files with 35 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
src/security/security_dac.c
View File

@ -406,17 +406,18 @@ virSecurityDACSetChardevLabel(virSecurityManagerPtr mgr,
break; break;
case VIR_DOMAIN_CHR_TYPE_PIPE: case VIR_DOMAIN_CHR_TYPE_PIPE:
if (virFileExists(dev->data.file.path)) {
if (virSecurityDACSetOwnership(dev->data.file.path, priv->user, priv->group) < 0)
goto done;
} else {
if ((virAsprintf(&in, "%s.in", dev->data.file.path) < 0) || if ((virAsprintf(&in, "%s.in", dev->data.file.path) < 0) ||
(virAsprintf(&out, "%s.out", dev->data.file.path) < 0)) { (virAsprintf(&out, "%s.out", dev->data.file.path) < 0)) {
virReportOOMError(); virReportOOMError();
goto done; goto done;
} }
if (virFileExists(in) && virFileExists(out)) {
if ((virSecurityDACSetOwnership(in, priv->user, priv->group) < 0) || if ((virSecurityDACSetOwnership(in, priv->user, priv->group) < 0) ||
(virSecurityDACSetOwnership(out, priv->user, priv->group) < 0)) (virSecurityDACSetOwnership(out, priv->user, priv->group) < 0)) {
goto done;
}
} else if (virSecurityDACSetOwnership(dev->data.file.path,
priv->user, priv->group) < 0) {
goto done; goto done;
} }
ret = 0; ret = 0;
@ -452,9 +453,14 @@ virSecurityDACRestoreChardevLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
virReportOOMError(); virReportOOMError();
goto done; goto done;
} }
if (virFileExists(in) && virFileExists(out)) {
if ((virSecurityDACRestoreSecurityFileLabel(out) < 0) || if ((virSecurityDACRestoreSecurityFileLabel(out) < 0) ||
(virSecurityDACRestoreSecurityFileLabel(in) < 0)) (virSecurityDACRestoreSecurityFileLabel(in) < 0)) {
goto done; goto done;
}
} else if (virSecurityDACRestoreSecurityFileLabel(dev->data.file.path) < 0) {
goto done;
}
ret = 0; ret = 0;
break; break;

17
src/security/security_selinux.c
View File

@ -806,17 +806,17 @@ SELinuxSetSecurityChardevLabel(virDomainObjPtr vm,
break; break;
case VIR_DOMAIN_CHR_TYPE_PIPE: case VIR_DOMAIN_CHR_TYPE_PIPE:
if (virFileExists(dev->data.file.path)) {
if (SELinuxSetFilecon(dev->data.file.path, secdef->imagelabel) < 0)
goto done;
} else {
if ((virAsprintf(&in, "%s.in", dev->data.file.path) < 0) || if ((virAsprintf(&in, "%s.in", dev->data.file.path) < 0) ||
(virAsprintf(&out, "%s.out", dev->data.file.path) < 0)) { (virAsprintf(&out, "%s.out", dev->data.file.path) < 0)) {
virReportOOMError(); virReportOOMError();
goto done; goto done;
} }
if (virFileExists(in) && virFileExists(out)) {
if ((SELinuxSetFilecon(in, secdef->imagelabel) < 0) || if ((SELinuxSetFilecon(in, secdef->imagelabel) < 0) ||
(SELinuxSetFilecon(out, secdef->imagelabel) < 0)) (SELinuxSetFilecon(out, secdef->imagelabel) < 0)) {
goto done;
}
} else if (SELinuxSetFilecon(dev->data.file.path, secdef->imagelabel) < 0) {
goto done; goto done;
} }
ret = 0; ret = 0;
@ -858,9 +858,14 @@ SELinuxRestoreSecurityChardevLabel(virDomainObjPtr vm,
virReportOOMError(); virReportOOMError();
goto done; goto done;
} }
if (virFileExists(in) && virFileExists(out)) {
if ((SELinuxRestoreSecurityFileLabel(out) < 0) || if ((SELinuxRestoreSecurityFileLabel(out) < 0) ||
(SELinuxRestoreSecurityFileLabel(in) < 0)) (SELinuxRestoreSecurityFileLabel(in) < 0)) {
goto done; goto done;
}
} else if (SELinuxRestoreSecurityFileLabel(dev->data.file.path) < 0) {
goto done;
}
ret = 0; ret = 0;
break; break;