External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2024-07-11 04:15:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

qemu: Enforce qemuSecurity wrappers

Browse Source 
Now that we have some qemuSecurity wrappers over
virSecurityManager APIs, lets make sure everybody sticks with
them. We have them for a reason and calling virSecurityManager
API directly instead of wrapper may lead into accidentally
labelling a file on the host instead of namespace.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
This commit is contained in:
Michal Privoznik 2017-02-13 14:36:53 +01:00
parent e489625e13
commit 4da534c0b9
9 changed files with 122 additions and 89 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
cfg.mk
View File

@ -983,6 +983,11 @@ sc_prohibit_sysconf_pagesize:
halt='use virGetSystemPageSize[KB] instead of sysconf(_SC_PAGESIZE)' \
$(_sc_search_regexp)
sc_prohibit_virSecurity:
@grep -Pn 'virSecurityManager(?!Ptr)' $$($(VC_LIST_EXCEPT) | grep '^src/qemu/' | \
grep -v '^src/qemu/qemu_security') && \
{ echo '$(ME): prefer qemuSecurity wrappers' 1>&2; exit 1; } || :
sc_prohibit_pthread_create:
@prohibit='\bpthread_create\b' \
exclude='sc_prohibit_pthread_create' \

7
src/qemu/qemu_command.c
View File

@ -28,6 +28,7 @@
#include "qemu_capabilities.h"
#include "qemu_interface.h"
#include "qemu_alias.h"
#include "qemu_security.h"
#include "cpu/cpu.h"
#include "dirname.h"
#include "viralloc.h"
@ -8210,8 +8211,8 @@ qemuBuildInterfaceCommandLine(virQEMUDriverPtr driver,
}
for (i = 0; i < tapfdSize; i++) {
if (virSecurityManagerSetTapFDLabel(driver->securityManager,
def, tapfd[i]) < 0)
if (qemuSecuritySetTapFDLabel(driver->securityManager,
def, tapfd[i]) < 0)
goto cleanup;
virCommandPassFD(cmd, tapfd[i],
VIR_COMMAND_PASS_FD_CLOSE_PARENT);
@ -8292,7 +8293,7 @@ qemuBuildInterfaceCommandLine(virQEMUDriverPtr driver,
/* NOTE: Not using const virDomainDef here since eventually a call is made
* into virSecurityManagerSetTapFDLabel which calls it's driver
* into qemuSecuritySetTapFDLabel which calls it's driver
* API domainSetSecurityTapFDLabel that doesn't use the const format.
*/
static int

9
src/qemu/qemu_conf.c
View File

@ -38,6 +38,7 @@
#include "qemu_conf.h"
#include "qemu_capabilities.h"
#include "qemu_domain.h"
#include "qemu_security.h"
#include "viruuid.h"
#include "virbuffer.h"
#include "virconf.h"
@ -916,7 +917,7 @@ virCapsPtr virQEMUDriverCreateCapabilities(virQEMUDriverPtr driver)
}
/* access sec drivers and create a sec model for each one */
if (!(sec_managers = virSecurityManagerGetNested(driver->securityManager)))
if (!(sec_managers = qemuSecurityGetNested(driver->securityManager)))
goto error;
/* calculate length */
@ -929,14 +930,14 @@ virCapsPtr virQEMUDriverCreateCapabilities(virQEMUDriverPtr driver)
for (i = 0; sec_managers[i]; i++) {
virCapsHostSecModelPtr sm = &caps->host.secModels[i];
doi = virSecurityManagerGetDOI(sec_managers[i]);
model = virSecurityManagerGetModel(sec_managers[i]);
doi = qemuSecurityGetDOI(sec_managers[i]);
model = qemuSecurityGetModel(sec_managers[i]);
if (VIR_STRDUP(sm->model, model) < 0 ||
VIR_STRDUP(sm->doi, doi) < 0)
goto error;
for (j = 0; j < ARRAY_CARDINALITY(virtTypes); j++) {
lbl = virSecurityManagerGetBaseLabel(sec_managers[i], virtTypes[j]);
lbl = qemuSecurityGetBaseLabel(sec_managers[i], virtTypes[j]);
type = virDomainVirtTypeToString(virtTypes[j]);
if (lbl &&
virCapabilitiesHostSecModelAddBaseLabel(sm, type, lbl) < 0)

17
src/qemu/qemu_domain.c
View File

@ -589,8 +589,8 @@ qemuDomainWriteMasterKeyFile(virQEMUDriverPtr driver,
goto cleanup;
}
if (virSecurityManagerDomainSetPathLabel(driver->securityManager,
vm->def, path) < 0)
if (qemuSecurityDomainSetPathLabel(driver->securityManager,
vm->def, path) < 0)
goto cleanup;
ret = 0;
@ -2689,7 +2689,7 @@ qemuDomainDefPostParse(virDomainDefPtr def,
if (qemuDomainRecheckInternalPaths(def, cfg, parseFlags) < 0)
goto cleanup;
if (virSecurityManagerVerify(driver->securityManager, def) < 0)
if (qemuSecurityVerify(driver->securityManager, def) < 0)
goto cleanup;
if (qemuDomainDefVcpusPostParse(def) < 0)
@ -7341,8 +7341,7 @@ qemuDomainSetupDev(virQEMUDriverConfigPtr cfg,
VIR_DEBUG("Setting up /dev/ for domain %s", vm->def->name);
mount_options = virSecurityManagerGetMountOptions(mgr,
vm->def);
mount_options = qemuSecurityGetMountOptions(mgr, vm->def);
if (!mount_options &&
VIR_STRDUP(mount_options, "") < 0)
@ -7816,7 +7815,7 @@ qemuDomainAttachDeviceMknodHelper(pid_t pid ATTRIBUTE_UNUSED,
bool delDevice = false;
bool isLink = S_ISLNK(data->sb.st_mode);
virSecurityManagerPostFork(data->driver->securityManager);
qemuSecurityPostFork(data->driver->securityManager);
if (virFileMakeParentPath(data->file) < 0) {
virReportSystemError(errno,
@ -7978,16 +7977,16 @@ qemuDomainAttachDeviceMknodRecursive(virQEMUDriverPtr driver,
#endif
if (STRPREFIX(file, DEVPREFIX)) {
if (virSecurityManagerPreFork(driver->securityManager) < 0)
if (qemuSecurityPreFork(driver->securityManager) < 0)
goto cleanup;
if (virProcessRunInMountNamespace(vm->pid,
qemuDomainAttachDeviceMknodHelper,
&data) < 0) {
virSecurityManagerPostFork(driver->securityManager);
qemuSecurityPostFork(driver->securityManager);
goto cleanup;
}
virSecurityManagerPostFork(driver->securityManager);
qemuSecurityPostFork(driver->securityManager);
}
if (isLink &&

63
src/qemu/qemu_driver.c
View File

@ -405,26 +405,26 @@ qemuSecurityInit(virQEMUDriverPtr driver)
cfg->securityDriverNames[0]) {
names = cfg->securityDriverNames;
while (names && *names) {
if (!(mgr = virSecurityManagerNew(*names,
QEMU_DRIVER_NAME,
flags)))
if (!(mgr = qemuSecurityNew(*names,
QEMU_DRIVER_NAME,
flags)))
goto error;
if (!stack) {
if (!(stack = virSecurityManagerNewStack(mgr)))
if (!(stack = qemuSecurityNewStack(mgr)))
goto error;
} else {
if (virSecurityManagerStackAddNested(stack, mgr) < 0)
if (qemuSecurityStackAddNested(stack, mgr) < 0)
goto error;
}
mgr = NULL;
names++;
}
} else {
if (!(mgr = virSecurityManagerNew(NULL,
QEMU_DRIVER_NAME,
flags)))
if (!(mgr = qemuSecurityNew(NULL,
QEMU_DRIVER_NAME,
flags)))
goto error;
if (!(stack = virSecurityManagerNewStack(mgr)))
if (!(stack = qemuSecurityNewStack(mgr)))
goto error;
mgr = NULL;
}
@ -432,17 +432,17 @@ qemuSecurityInit(virQEMUDriverPtr driver)
if (virQEMUDriverIsPrivileged(driver)) {
if (cfg->dynamicOwnership)
flags |= VIR_SECURITY_MANAGER_DYNAMIC_OWNERSHIP;
if (!(mgr = virSecurityManagerNewDAC(QEMU_DRIVER_NAME,
cfg->user,
cfg->group,
flags,
qemuSecurityChownCallback)))
if (!(mgr = qemuSecurityNewDAC(QEMU_DRIVER_NAME,
cfg->user,
cfg->group,
flags,
qemuSecurityChownCallback)))
goto error;
if (!stack) {
if (!(stack = virSecurityManagerNewStack(mgr)))
if (!(stack = qemuSecurityNewStack(mgr)))
goto error;
} else {
if (virSecurityManagerStackAddNested(stack, mgr) < 0)
if (qemuSecurityStackAddNested(stack, mgr) < 0)
goto error;
}
mgr = NULL;
@ -3088,7 +3088,7 @@ qemuDomainSaveMemory(virQEMUDriverPtr driver,
if (fd < 0)
goto cleanup;
if (virSecurityManagerSetImageFDLabel(driver->securityManager, vm->def, fd) < 0)
if (qemuSecuritySetImageFDLabel(driver->securityManager, vm->def, fd) < 0)
goto cleanup;
if (!(wrapperFd = virFileWrapperFdNew(&fd, path, wrapperFlags)))
@ -3553,8 +3553,7 @@ static int qemuDumpToFd(virQEMUDriverPtr driver, virDomainObjPtr vm,
return -1;
}
if (virSecurityManagerSetImageFDLabel(driver->securityManager, vm->def,
fd) < 0)
if (qemuSecuritySetImageFDLabel(driver->securityManager, vm->def, fd) < 0)
return -1;
VIR_FREE(priv->job.current);
@ -3846,7 +3845,7 @@ qemuDomainScreenshot(virDomainPtr dom,
}
unlink_tmp = true;
virSecurityManagerSetSavedStateLabel(driver->securityManager, vm->def, tmp);
qemuSecuritySetSavedStateLabel(driver->securityManager, vm->def, tmp);
qemuDomainObjEnterMonitor(driver, vm);
if (qemuMonitorScreendump(priv->mon, tmp) < 0) {
@ -5948,8 +5947,8 @@ static int qemuDomainGetSecurityLabel(virDomainPtr dom, virSecurityLabelPtr secl
* QEMU monitor hasn't seen SIGHUP/ERR on poll().
*/
if (virDomainObjIsActive(vm)) {
if (virSecurityManagerGetProcessLabel(driver->securityManager,
vm->def, vm->pid, seclabel) < 0) {
if (qemuSecurityGetProcessLabel(driver->securityManager,
vm->def, vm->pid, seclabel) < 0) {
virReportError(VIR_ERR_INTERNAL_ERROR,
"%s", _("Failed to get security label"));
goto cleanup;
@ -5993,8 +5992,7 @@ static int qemuDomainGetSecurityLabelList(virDomainPtr dom,
ret = 0;
} else {
int len = 0;
virSecurityManagerPtr* mgrs = virSecurityManagerGetNested(
driver->securityManager);
virSecurityManagerPtr* mgrs = qemuSecurityGetNested(driver->securityManager);
if (!mgrs)
goto cleanup;
@ -6010,8 +6008,8 @@ static int qemuDomainGetSecurityLabelList(virDomainPtr dom,
/* Fill the array */
for (i = 0; i < len; i++) {
if (virSecurityManagerGetProcessLabel(mgrs[i], vm->def, vm->pid,
&(*seclabels)[i]) < 0) {
if (qemuSecurityGetProcessLabel(mgrs[i], vm->def, vm->pid,
&(*seclabels)[i]) < 0) {
virReportError(VIR_ERR_INTERNAL_ERROR,
"%s", _("Failed to get security label"));
VIR_FREE(mgrs);
@ -6389,8 +6387,8 @@ qemuDomainSaveImageStartVM(virConnectPtr conn,
cleanup:
virCommandFree(cmd);
VIR_FREE(errbuf);
if (virSecurityManagerRestoreSavedStateLabel(driver->securityManager,
vm->def, path) < 0)
if (qemuSecurityRestoreSavedStateLabel(driver->securityManager,
vm->def, path) < 0)
VIR_WARN("failed to restore save state label on %s", path);
virObjectUnref(cfg);
return ret;
@ -11216,7 +11214,7 @@ qemuDomainMemoryPeek(virDomainPtr dom,
goto endjob;
}
virSecurityManagerSetSavedStateLabel(driver->securityManager, vm->def, tmp);
qemuSecuritySetSavedStateLabel(driver->securityManager, vm->def, tmp);
priv = vm->privateData;
qemuDomainObjEnterMonitor(driver, vm);
@ -17087,8 +17085,7 @@ qemuDomainOpenGraphics(virDomainPtr dom,
goto endjob;
}
if (virSecurityManagerSetImageFDLabel(driver->securityManager, vm->def,
fd) < 0)
if (qemuSecuritySetImageFDLabel(driver->securityManager, vm->def, fd) < 0)
goto endjob;
qemuDomainObjEnterMonitor(driver, vm);
@ -17152,13 +17149,13 @@ qemuDomainOpenGraphicsFD(virDomainPtr dom,
goto cleanup;
}
if (virSecurityManagerSetSocketLabel(driver->securityManager, vm->def) < 0)
if (qemuSecuritySetSocketLabel(driver->securityManager, vm->def) < 0)
goto cleanup;
if (socketpair(PF_UNIX, SOCK_STREAM, 0, pair) < 0)
goto cleanup;
if (virSecurityManagerClearSocketLabel(driver->securityManager, vm->def) < 0)
if (qemuSecurityClearSocketLabel(driver->securityManager, vm->def) < 0)
goto cleanup;
if (qemuDomainObjBeginJob(driver, vm, QEMU_JOB_MODIFY) < 0)

4
src/qemu/qemu_hotplug.c
View File

@ -1137,8 +1137,8 @@ qemuDomainAttachNetDevice(virQEMUDriverPtr driver,
}
for (i = 0; i < tapfdSize; i++) {
if (virSecurityManagerSetTapFDLabel(driver->securityManager,
vm->def, tapfd[i]) < 0)
if (qemuSecuritySetTapFDLabel(driver->securityManager,
vm->def, tapfd[i]) < 0)
goto cleanup;
}

13
src/qemu/qemu_migration.c
View File

@ -40,6 +40,7 @@
#include "qemu_cgroup.h"
#include "qemu_hotplug.h"
#include "qemu_blockjob.h"
#include "qemu_security.h"
#include "domain_audit.h"
#include "virlog.h"
@ -4597,7 +4598,7 @@ qemuMigrationConnect(virQEMUDriverPtr driver,
spec->destType = MIGRATION_DEST_FD;
spec->dest.fd.qemu = -1;
if (virSecurityManagerSetSocketLabel(driver->securityManager, vm->def) < 0)
if (qemuSecuritySetSocketLabel(driver->securityManager, vm->def) < 0)
goto cleanup;
if (virNetSocketNewConnectTCP(host, port,
AF_UNSPEC,
@ -4605,7 +4606,7 @@ qemuMigrationConnect(virQEMUDriverPtr driver,
spec->dest.fd.qemu = virNetSocketDupFD(sock, true);
virObjectUnref(sock);
}
if (virSecurityManagerClearSocketLabel(driver->securityManager, vm->def) < 0 ||
if (qemuSecurityClearSocketLabel(driver->securityManager, vm->def) < 0 ||
spec->dest.fd.qemu == -1)
goto cleanup;
@ -5076,8 +5077,8 @@ static int doTunnelMigrate(virQEMUDriverPtr driver,
spec.dest.fd.local = fds[0];
}
if (spec.dest.fd.qemu == -1 ||
virSecurityManagerSetImageFDLabel(driver->securityManager, vm->def,
spec.dest.fd.qemu) < 0) {
qemuSecuritySetImageFDLabel(driver->securityManager, vm->def,
spec.dest.fd.qemu) < 0) {
virReportSystemError(errno, "%s",
_("cannot create pipe for tunnelled migration"));
goto cleanup;
@ -6463,8 +6464,8 @@ qemuMigrationToFile(virQEMUDriverPtr driver, virDomainObjPtr vm,
* doesn't have to open() the file, so while we still have to
* grant SELinux access, we can do it on fd and avoid cleanup
* later, as well as skip futzing with cgroup. */
if (virSecurityManagerSetImageFDLabel(driver->securityManager, vm->def,
compressor ? pipeFD[1] : fd) < 0)
if (qemuSecuritySetImageFDLabel(driver->securityManager, vm->def,
compressor ? pipeFD[1] : fd) < 0)
goto cleanup;
if (qemuDomainObjEnterMonitorAsync(driver, vm, asyncJob) < 0)

61
src/qemu/qemu_process.c
View File

@ -221,8 +221,7 @@ qemuConnectAgent(virQEMUDriverPtr driver, virDomainObjPtr vm)
return 0;
}
if (virSecurityManagerSetDaemonSocketLabel(driver->securityManager,
vm->def) < 0) {
if (qemuSecuritySetDaemonSocketLabel(driver->securityManager, vm->def) < 0) {
VIR_ERROR(_("Failed to set security context for agent for %s"),
vm->def->name);
goto cleanup;
@ -250,8 +249,7 @@ qemuConnectAgent(virQEMUDriverPtr driver, virDomainObjPtr vm)
return -1;
}
if (virSecurityManagerClearSocketLabel(driver->securityManager,
vm->def) < 0) {
if (qemuSecurityClearSocketLabel(driver->securityManager, vm->def) < 0) {
VIR_ERROR(_("Failed to clear security context for agent for %s"),
vm->def->name);
qemuAgentClose(agent);
@ -1657,8 +1655,7 @@ qemuConnectMonitor(virQEMUDriverPtr driver, virDomainObjPtr vm, int asyncJob,
int ret = -1;
qemuMonitorPtr mon = NULL;
if (virSecurityManagerSetDaemonSocketLabel(driver->securityManager,
vm->def) < 0) {
if (qemuSecuritySetDaemonSocketLabel(driver->securityManager, vm->def) < 0) {
VIR_ERROR(_("Failed to set security context for monitor for %s"),
vm->def->name);
return -1;
@ -1695,7 +1692,7 @@ qemuConnectMonitor(virQEMUDriverPtr driver, virDomainObjPtr vm, int asyncJob,
}
priv->mon = mon;
if (virSecurityManagerClearSocketLabel(driver->securityManager, vm->def) < 0) {
if (qemuSecurityClearSocketLabel(driver->securityManager, vm->def) < 0) {
VIR_ERROR(_("Failed to clear security context for monitor for %s"),
vm->def->name);
return -1;
@ -2611,7 +2608,7 @@ static int qemuProcessHook(void *data)
* protected across fork()
*/
virSecurityManagerPostFork(h->driver->securityManager);
qemuSecurityPostFork(h->driver->securityManager);
/* Some later calls want pid present */
h->vm->pid = getpid();
@ -2624,7 +2621,7 @@ static int qemuProcessHook(void *data)
* sockets the lock driver opens that we don't want
* labelled. So far we're ok though.
*/
if (virSecurityManagerSetSocketLabel(h->driver->securityManager, h->vm->def) < 0)
if (qemuSecuritySetSocketLabel(h->driver->securityManager, h->vm->def) < 0)
goto cleanup;
if (virDomainLockProcessStart(h->driver->lockManager,
h->cfg->uri,
@ -2633,7 +2630,7 @@ static int qemuProcessHook(void *data)
true,
&fd) < 0)
goto cleanup;
if (virSecurityManagerClearSocketLabel(h->driver->securityManager, h->vm->def) < 0)
if (qemuSecurityClearSocketLabel(h->driver->securityManager, h->vm->def) < 0)
goto cleanup;
if (qemuDomainBuildNamespace(h->cfg, h->driver->securityManager, h->vm) < 0)
@ -3233,8 +3230,8 @@ qemuProcessBuildDestroyHugepagesPath(virQEMUDriverPtr driver,
goto cleanup;
}
if (virSecurityManagerDomainSetPathLabel(driver->securityManager,
vm->def, hugepagePath) < 0) {
if (qemuSecurityDomainSetPathLabel(driver->securityManager,
vm->def, hugepagePath) < 0) {
virReportError(VIR_ERR_INTERNAL_ERROR,
"%s", _("Unable to set huge path in security driver"));
goto cleanup;
@ -3410,13 +3407,13 @@ qemuProcessReconnect(void *opaque)
/* if domain requests security driver we haven't loaded, report error, but
* do not kill the domain
*/
ignore_value(virSecurityManagerCheckAllLabel(driver->securityManager,
obj->def));
ignore_value(qemuSecurityCheckAllLabel(driver->securityManager,
obj->def));
if (qemuDomainRefreshVcpuInfo(driver, obj, QEMU_ASYNC_JOB_NONE, true) < 0)
goto error;
if (virSecurityManagerReserveLabel(driver->securityManager, obj->def, obj->pid) < 0)
if (qemuSecurityReserveLabel(driver->securityManager, obj->def, obj->pid) < 0)
goto error;
if (qemuProcessNotifyNets(obj->def) < 0)
@ -4423,8 +4420,8 @@ qemuProcessMakeDir(virQEMUDriverPtr driver,
goto cleanup;
}
if (virSecurityManagerDomainSetPathLabel(driver->securityManager,
vm->def, path) < 0)
if (qemuSecurityDomainSetPathLabel(driver->securityManager,
vm->def, path) < 0)
goto cleanup;
ret = 0;
@ -4670,7 +4667,7 @@ qemuProcessStartValidate(virQEMUDriverPtr driver,
}
VIR_DEBUG("Checking domain and device security labels");
if (virSecurityManagerCheckAllLabel(driver->securityManager, vm->def) < 0)
if (qemuSecurityCheckAllLabel(driver->securityManager, vm->def) < 0)
return -1;
}
@ -5237,7 +5234,7 @@ qemuProcessPrepareDomain(virConnectPtr conn,
/* If you are using a SecurityDriver with dynamic labelling,
then generate a security label for isolation */
VIR_DEBUG("Generating domain security label (if required)");
if (virSecurityManagerGenLabel(driver->securityManager, vm->def) < 0) {
if (qemuSecurityGenLabel(driver->securityManager, vm->def) < 0) {
virDomainAuditSecurityLabel(vm, false);
goto cleanup;
}
@ -5548,8 +5545,8 @@ qemuProcessLaunch(virConnectPtr conn,
virCommandSetUmask(cmd, 0x002);
VIR_DEBUG("Setting up security labelling");
if (virSecurityManagerSetChildProcessLabel(driver->securityManager,
vm->def, cmd) < 0)
if (qemuSecuritySetChildProcessLabel(driver->securityManager,
vm->def, cmd) < 0)
goto cleanup;
virCommandSetOutputFD(cmd, &logfile);
@ -5559,10 +5556,10 @@ qemuProcessLaunch(virConnectPtr conn,
virCommandDaemonize(cmd);
virCommandRequireHandshake(cmd);
if (virSecurityManagerPreFork(driver->securityManager) < 0)
if (qemuSecurityPreFork(driver->securityManager) < 0)
goto cleanup;
rv = virCommandRun(cmd, NULL);
virSecurityManagerPostFork(driver->securityManager);
qemuSecurityPostFork(driver->securityManager);
/* wait for qemu process to show up */
if (rv == 0) {
@ -5639,8 +5636,8 @@ qemuProcessLaunch(virConnectPtr conn,
goto cleanup;
}
if (S_ISFIFO(stdin_sb.st_mode) &&
virSecurityManagerSetImageFDLabel(driver->securityManager,
vm->def, incoming->fd) < 0)
qemuSecuritySetImageFDLabel(driver->securityManager,
vm->def, incoming->fd) < 0)
goto cleanup;
}
@ -6157,7 +6154,7 @@ void qemuProcessStop(virQEMUDriverPtr driver,
qemuSecurityRestoreAllLabel(driver, vm,
!!(flags & VIR_QEMU_PROCESS_STOP_MIGRATED));
virSecurityManagerReleaseLabel(driver->securityManager, vm->def);
qemuSecurityReleaseLabel(driver->securityManager, vm->def);
for (i = 0; i < vm->def->ndisks; i++) {
virDomainDeviceDef dev;
@ -6401,13 +6398,13 @@ int qemuProcessAttach(virConnectPtr conn ATTRIBUTE_UNUSED,
vm->pid = pid;
VIR_DEBUG("Detect security driver config");
sec_managers = virSecurityManagerGetNested(driver->securityManager);
sec_managers = qemuSecurityGetNested(driver->securityManager);
if (sec_managers == NULL)
goto error;
for (i = 0; sec_managers[i]; i++) {
seclabelgen = false;
model = virSecurityManagerGetModel(sec_managers[i]);
model = qemuSecurityGetModel(sec_managers[i]);
seclabeldef = virDomainDefGetSecurityLabelDef(vm->def, model);
if (seclabeldef == NULL) {
if (!(seclabeldef = virSecurityLabelDefNew(model)))
@ -6417,8 +6414,8 @@ int qemuProcessAttach(virConnectPtr conn ATTRIBUTE_UNUSED,
seclabeldef->type = VIR_DOMAIN_SECLABEL_STATIC;
if (VIR_ALLOC(seclabel) < 0)
goto error;
if (virSecurityManagerGetProcessLabel(sec_managers[i],
vm->def, vm->pid, seclabel) < 0)
if (qemuSecurityGetProcessLabel(sec_managers[i], vm->def,
vm->pid, seclabel) < 0)
goto error;
if (VIR_STRDUP(seclabeldef->model, model) < 0)
@ -6435,9 +6432,9 @@ int qemuProcessAttach(virConnectPtr conn ATTRIBUTE_UNUSED,
}
}
if (virSecurityManagerCheckAllLabel(driver->securityManager, vm->def) < 0)
if (qemuSecurityCheckAllLabel(driver->securityManager, vm->def) < 0)
goto error;
if (virSecurityManagerGenLabel(driver->securityManager, vm->def) < 0)
if (qemuSecurityGenLabel(driver->securityManager, vm->def) < 0)
goto error;
if (qemuDomainPerfRestart(vm) < 0)

32
src/qemu/qemu_security.h
View File

@ -28,6 +28,7 @@
# include "qemu_conf.h"
# include "domain_conf.h"
# include "security/security_manager.h"
int qemuSecuritySetAllLabel(virQEMUDriverPtr driver,
virDomainObjPtr vm,
@ -60,4 +61,35 @@ int qemuSecuritySetHostdevLabel(virQEMUDriverPtr driver,
int qemuSecurityRestoreHostdevLabel(virQEMUDriverPtr driver,
virDomainObjPtr vm,
virDomainHostdevDefPtr hostdev);
/* Please note that for these APIs there is no wrapper yet. Do NOT blindly add
* new APIs here. If an API can touch a /dev file add a proper wrapper instead.
*/
# define qemuSecurityCheckAllLabel virSecurityManagerCheckAllLabel
# define qemuSecurityClearSocketLabel virSecurityManagerClearSocketLabel
# define qemuSecurityDomainSetPathLabel virSecurityManagerDomainSetPathLabel
# define qemuSecurityGenLabel virSecurityManagerGenLabel
# define qemuSecurityGetBaseLabel virSecurityManagerGetBaseLabel
# define qemuSecurityGetDOI virSecurityManagerGetDOI
# define qemuSecurityGetModel virSecurityManagerGetModel
# define qemuSecurityGetMountOptions virSecurityManagerGetMountOptions
# define qemuSecurityGetNested virSecurityManagerGetNested
# define qemuSecurityGetProcessLabel virSecurityManagerGetProcessLabel
# define qemuSecurityNew virSecurityManagerNew
# define qemuSecurityNewDAC virSecurityManagerNewDAC
# define qemuSecurityNewStack virSecurityManagerNewStack
# define qemuSecurityPostFork virSecurityManagerPostFork
# define qemuSecurityPreFork virSecurityManagerPreFork
# define qemuSecurityReleaseLabel virSecurityManagerReleaseLabel
# define qemuSecurityReserveLabel virSecurityManagerReserveLabel
# define qemuSecurityRestoreSavedStateLabel virSecurityManagerRestoreSavedStateLabel
# define qemuSecuritySetChildProcessLabel virSecurityManagerSetChildProcessLabel
# define qemuSecuritySetDaemonSocketLabel virSecurityManagerSetDaemonSocketLabel
# define qemuSecuritySetImageFDLabel virSecurityManagerSetImageFDLabel
# define qemuSecuritySetSavedStateLabel virSecurityManagerSetSavedStateLabel
# define qemuSecuritySetSocketLabel virSecurityManagerSetSocketLabel
# define qemuSecuritySetTapFDLabel virSecurityManagerSetTapFDLabel
# define qemuSecurityStackAddNested virSecurityManagerStackAddNested
# define qemuSecurityVerify virSecurityManagerVerify
#endif /* __QEMU_SECURITY_H__ */