External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2025-01-11 07:17:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

security_selinux: Move transaction handling up one level

Browse Source 
So far the whole transaction handling is done
virSecuritySELinuxSetFileconHelper(). This needs to change for
the sake of security label remembering and locking. Otherwise we
would be locking a path when only appending it to transaction
list and not when actually relabelling it.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
This commit is contained in:
Michal Privoznik 2018-09-10 10:10:25 +02:00
parent 4a7a7808dc
commit 62fd05194a
1 changed files with 26 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
src/security/security_selinux.c
View File

@ -1146,20 +1146,14 @@ virSecuritySELinuxGetProcessLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
* return 1 if labelling was not possible. Otherwise, require a label * return 1 if labelling was not possible. Otherwise, require a label
* change, and return 0 for success, -1 for failure. */ * change, and return 0 for success, -1 for failure. */
static int static int
virSecuritySELinuxSetFileconHelper(const char *path, const char *tcon, virSecuritySELinuxSetFileconImpl(const char *path, const char *tcon,
bool optional, bool privileged) bool optional, bool privileged)
{ {
security_context_t econ; security_context_t econ;
int rc;
/* Be aware that this function might run in a separate process. /* Be aware that this function might run in a separate process.
* Therefore, any driver state changes would be thrown away. */ * Therefore, any driver state changes would be thrown away. */
if ((rc = virSecuritySELinuxTransactionAppend(path, tcon, optional)) < 0)
return -1;
else if (rc > 0)
return 0;
VIR_INFO("Setting SELinux context on '%s' to '%s'", path, tcon); VIR_INFO("Setting SELinux context on '%s' to '%s'", path, tcon);
if (setfilecon_raw(path, (VIR_SELINUX_CTX_CONST char *)tcon) < 0) { if (setfilecon_raw(path, (VIR_SELINUX_CTX_CONST char *)tcon) < 0) {
@ -1213,6 +1207,22 @@ virSecuritySELinuxSetFileconHelper(const char *path, const char *tcon,
return 0; return 0;
} }
static int
virSecuritySELinuxSetFileconHelper(const char *path, const char *tcon,
bool optional, bool privileged)
{
int rc;
if ((rc = virSecuritySELinuxTransactionAppend(path, tcon, optional)) < 0)
return -1;
else if (rc > 0)
return 0;
return virSecuritySELinuxSetFileconImpl(path, tcon, optional, privileged);
}
static int static int
virSecuritySELinuxSetFileconOptional(virSecurityManagerPtr mgr, virSecuritySELinuxSetFileconOptional(virSecurityManagerPtr mgr,
const char *path, const char *tcon) const char *path, const char *tcon)
@ -1289,10 +1299,12 @@ static int
virSecuritySELinuxRestoreFileLabel(virSecurityManagerPtr mgr, virSecuritySELinuxRestoreFileLabel(virSecurityManagerPtr mgr,
const char *path) const char *path)
{ {
bool privileged = virSecurityManagerGetPrivileged(mgr);
struct stat buf; struct stat buf;
security_context_t fcon = NULL; security_context_t fcon = NULL;
char *newpath = NULL; char *newpath = NULL;
char ebuf[1024]; char ebuf[1024];
int rc;
int ret = -1; int ret = -1;
/* Some paths are auto-generated, so let's be safe here and do /* Some paths are auto-generated, so let's be safe here and do
@ -1324,7 +1336,12 @@ virSecuritySELinuxRestoreFileLabel(virSecurityManagerPtr mgr,
goto cleanup; goto cleanup;
} }
if (virSecuritySELinuxSetFilecon(mgr, newpath, fcon) < 0) if ((rc = virSecuritySELinuxTransactionAppend(path, fcon, false)) < 0)
return -1;
else if (rc > 0)
return 0;
if (virSecuritySELinuxSetFileconImpl(newpath, fcon, false, privileged) < 0)
goto cleanup; goto cleanup;
ret = 0; ret = 0;