External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2024-07-31 05:57:16 +00:00
Code Issues Packages Projects Releases Wiki Activity
0f082e699e
libvirt/tests
History
Eric Blake 0f082e699e selinux: distinguish failure to label from request to avoid label 
https://bugzilla.redhat.com/show_bug.cgi?id=924153

Commit 904e05a2 (v0.9.9) added a per-<disk> seclabel element with
an attribute relabel='no' in order to try and minimize the
impact of shutdown delays when an NFS server disappears.  The idea
was that if a disk is on NFS and can't be labeled in the first
place, there is no need to attempt the (no-op) relabel on domain
shutdown.  Unfortunately, the way this was implemented was by
modifying the domain XML so that the optimization would survive
libvirtd restart, but in a way that is indistinguishable from an
explicit user setting.  Furthermore, once the setting is turned
on, libvirt avoids attempts at labeling, even for operations like
snapshot or blockcopy where the chain is being extended or pivoted
onto non-NFS, where SELinux labeling is once again possible.  As
a result, it was impossible to do a blockcopy to pivot from an
NFS image file onto a local file.

The solution is to separate the semantics of a chain that must
not be labeled (which the user can set even on persistent domains)
vs. the optimization of not attempting a relabel on cleanup (a
live-only annotation), and using only the user's explicit notation
rather than the optimization as the decision on whether to skip
a label attempt in the first place.  When upgrading an older
libvirtd to a newer, an NFS volume will still attempt the relabel;
but as the avoidance of a relabel was only an optimization, this
shouldn't cause any problems.

In the ideal future, libvirt will eventually have XML describing
EVERY file in the backing chain, with each file having a separate
<seclabel> element.  At that point, libvirt will be able to track
more closely which files need a relabel attempt at shutdown.  But
until we reach that point, the single <seclabel> for the entire
<disk> chain is treated as a hint - when a chain has only one
file, then we know it is accurate; but if the chain has more than
one file, we have to attempt relabel in spite of the attribute,
in case part of the chain is local and SELinux mattered for that
portion of the chain.

* src/conf/domain_conf.h (_virSecurityDeviceLabelDef): Add new
member.
* src/conf/domain_conf.c (virSecurityDeviceLabelDefParseXML):
Parse it, for live images only.
(virSecurityDeviceLabelDefFormat): Output it.
(virDomainDiskDefParseXML, virDomainChrSourceDefParseXML)
(virDomainDiskSourceDefFormat, virDomainChrDefFormat)
(virDomainDiskDefFormat): Pass flags on through.
* src/security/security_selinux.c
(virSecuritySELinuxRestoreSecurityImageLabelInt): Honor labelskip
when possible.
(virSecuritySELinuxSetSecurityFileLabel): Set labelskip, not
norelabel, if labeling fails.
(virSecuritySELinuxSetFileconHelper): Fix indentation.
* docs/formatdomain.html.in (seclabel): Document new xml.
* docs/schemas/domaincommon.rng (devSeclabel): Allow it in RNG.
* tests/qemuxml2argvdata/qemuxml2argv-seclabel-*-labelskip.xml:
* tests/qemuxml2argvdata/qemuxml2argv-seclabel-*-labelskip.args:
* tests/qemuxml2xmloutdata/qemuxml2xmlout-seclabel-*-labelskip.xml:
New test files.
* tests/qemuxml2argvtest.c (mymain): Run the new tests.
* tests/qemuxml2xmltest.c (mymain): Likewise.

Signed-off-by: Eric Blake <eblake@redhat.com>
2013-08-20 10:39:03 -06:00
..
capabilityschemadata qemu: Implement CPUs check against machine type's cpu-max 2013-07-01 14:30:42 +02:00
commanddata build: clean up stray files found by 'make distcheck' 2013-05-06 14:01:08 -06:00
confdata Change the default of mdns_adv to false 2012-03-27 09:54:49 -06:00
cputestdata Add flag to BaselineCPU API to return detailed CPU features 2013-08-16 15:31:18 -06:00
domainschemadata Add XML config for resource partitions 2013-04-15 17:35:31 +01:00
domainsnapshotxml2xmlin snapshot: new XML for external system checkpoint 2012-11-02 09:56:23 -06:00
domainsnapshotxml2xmlout qemu: auto-add pci-root controller for pc machine types 2013-04-25 13:05:10 +02:00
fchostdata/fc_host tests: Add tests for fc_host 2013-05-13 17:24:18 +08:00
interfaceschemadata Update interface.rng and xml test files to match netcf 0.1.5 2010-01-19 21:13:03 +01:00
lxcxml2xmldata Add 'nbd' as a valid filesystem driver type 2013-05-13 13:15:19 +01:00
networkxml2confdata network: permit upstream forwarding of unqualified DNS names 2013-08-14 09:46:22 -04:00
networkxml2xmlin network: permit upstream forwarding of unqualified DNS names 2013-08-14 09:46:22 -04:00
networkxml2xmlout network: permit upstream forwarding of unqualified DNS names 2013-08-14 09:46:22 -04:00
nodedevschemadata nodedev: add iommuGroup to node device object 2013-06-26 14:10:56 -04:00
nodeinfodata nodeinfotest: Add test data from a AMD bulldozer machine. 2012-11-13 00:35:36 +01:00
nwfilterxml2xmlin nwfilter: Add support for ipset 2012-05-21 06:26:34 -04:00
nwfilterxml2xmlout nwfilter: Add support for ipset 2012-05-21 06:26:34 -04:00
qemuhelpdata qemu: New cap flags for scsi-generic 2013-05-13 18:30:26 +08:00
qemuhotplugtestdata qemuhotplugtest: Introduce test for chardev hotplug 2013-07-16 11:47:39 +02:00
qemuxml2argvdata selinux: distinguish failure to label from request to avoid label 2013-08-20 10:39:03 -06:00
qemuxml2xmloutdata selinux: distinguish failure to label from request to avoid label 2013-08-20 10:39:03 -06:00
qemuxmlnsdata qemu: pass -usb and usb hubs earlier, so USB disks with static address are handled properly 2012-10-30 08:54:32 +01:00
securityselinuxlabeldata Add a test suite for validating SELinux labelling 2013-01-14 13:40:04 +00:00
sexpr2xmldata storage: treat 'aio' like 'raw' at parse time 2012-10-19 17:35:09 -06:00
storagepoolschemadata schema: require target path in storage pool xml 2013-05-17 08:33:22 +02:00
storagepoolxml2xmlin Make logical pools independent on target path 2013-07-16 12:16:37 +02:00
storagepoolxml2xmlout Make logical pools independent on target path 2013-07-16 12:16:37 +02:00
storagevolschemadata schema: make source optional in volume XML 2013-05-17 08:35:08 +02:00
storagevolxml2argvdata Add inputpool to storagevolxml2argvtest 2013-07-25 13:27:41 +02:00
storagevolxml2xmlin Move volume XMLs out of storagevolxml2argvdata 2013-07-25 13:26:41 +02:00
storagevolxml2xmlout Move volume XMLs out of storagevolxml2argvdata 2013-07-25 13:26:41 +02:00
sysinfodata Implement minimal sysinfo for ARM platforms 2013-04-04 11:07:31 +01:00
vmx2xmldata vmx: handle shared folders parsing 2012-07-21 20:15:02 +02:00
xencapsdata Add suspend info to Xen, LXC and UML hypervisor capabilities 2011-11-30 10:12:30 +00:00
xmconfigdata numad: Always output 'placement' of <vcpu> 2012-05-08 16:57:37 -06:00
xml2sexprdata Xen: Fix <clock> handling 2012-04-02 09:33:54 -06:00
xml2vmxdata util: Change virMacAddrFormat to lowercase hex characters 2013-04-02 15:53:43 +02:00
.valgrind.supp valgrind: Adjust filter for _dl_allocate_tls 2013-08-01 17:04:28 -04:00
capabilityschematest Make test suite output less verbose 2010-01-15 16:28:05 +00:00
commandhelper.c testutils: Resolve Coverity issues 2013-07-11 14:18:11 -04:00
commandtest.c Merge virCommandPreserveFD / virCommandTransferFD 2013-07-18 12:18:24 +01:00
cpuset use virBitmap to store cpumask info. 2012-09-17 14:59:37 -04:00
cputest.c Add flag to BaselineCPU API to return detailed CPU features 2013-08-16 15:31:18 -06:00
define-dev-segfault numad: Always output 'placement' of <vcpu> 2012-05-08 16:57:37 -06:00
domainschematest Add LXC XML files to schema test & fix problems this uncovers 2012-03-27 15:52:25 +01:00
domainsnapshotschematest Domain snapshot RNG and tests. 2010-05-20 13:50:03 -04:00
domainsnapshotxml2xmltest.c Introduce OOM reporting to virAsprintf 2013-07-10 11:07:31 +02:00
esxutilstest.c Convert 'int i' to 'size_t i' in tests/ files 2013-07-10 17:40:13 +01:00
eventtest.c Convert 'int i' to 'size_t i' in tests/ files 2013-07-10 17:40:13 +01:00
fchosttest.c Introduce OOM reporting to virAsprintf 2013-07-10 11:07:31 +02:00
fdstreamtest.c Introduce virFilePrintf() as a portable fprintf() 2013-05-31 10:51:33 -06:00
int-overflow tests: Don't use bash if we don't have to 2011-07-29 17:17:21 +02:00
interfaceschematest Make test suite output less verbose 2010-01-15 16:28:05 +00:00
interfacexml2xmltest.c Introduce OOM reporting to virAsprintf 2013-07-10 11:07:31 +02:00
jsontest.c tests: Coverity found new NULL_RETURNS 2013-08-01 17:04:28 -04:00
libvirtd-fail Fix up "make check" 2009-10-07 12:18:13 +02:00
libvirtd-pool Fix up "make check" 2009-10-07 12:18:13 +02:00
libvirtdconftest.c Adapt to VIR_ALLOC and virAsprintf in tests/* 2013-07-10 11:07:33 +02:00
lxcxml2xmltest.c Introduce OOM reporting to virAsprintf 2013-07-10 11:07:31 +02:00
Makefile.am Directly link against needed libraries 2013-08-13 17:42:12 +02:00
networkschematest Make test suite output less verbose 2010-01-15 16:28:05 +00:00
networkxml2conftest.c network: permit upstream forwarding of unqualified DNS names 2013-08-14 09:46:22 -04:00
networkxml2xmltest.c network: permit upstream forwarding of unqualified DNS names 2013-08-14 09:46:22 -04:00
nodedevschematest Make test suite output less verbose 2010-01-15 16:28:05 +00:00
nodedevxml2xmltest.c Introduce OOM reporting to virAsprintf 2013-07-10 11:07:31 +02:00
nodeinfotest.c Convert 'int i' to 'size_t i' in tests/ files 2013-07-10 17:40:13 +01:00
nwfilterschematest nwfilter: Add filter schema for nwfilter XML, extend domain XML schema 2010-04-06 11:09:46 -04:00
nwfilterxml2xmltest.c Introduce OOM reporting to virAsprintf 2013-07-10 11:07:31 +02:00
object-locking.ml Rename 'DeviceMonitor' to 'NodeDeviceDriver' 2013-04-24 10:59:53 +01:00
oomtrace.pl Remove tabs from all perl files & enforce this 2012-07-30 13:09:57 +01:00
openvzutilstest.c Convert 'int i' to 'size_t i' in tests/ files 2013-07-10 17:40:13 +01:00
openvzutilstest.conf openvz: Add simple test for openvzReadNetworkConf 2011-06-01 11:58:15 +02:00
pkix_asn1_tab.c Add a test case for certificate validation 2011-07-22 15:18:32 +01:00
qemuagenttest.c qemuagenttest: Test timeout of agent commands 2013-08-12 18:35:14 +02:00
qemuargv2xmltest.c Introduce OOM reporting to virAsprintf 2013-07-10 11:07:31 +02:00
qemuhelptest.c caps: use -device for primary video when qemu >=1.6 2013-07-29 13:31:20 +08:00
qemuhotplugtest.c qemu: Emit VIR_DOMAIN_EVENT_ID_DEVICE_REMOVED events 2013-07-18 15:28:45 +02:00
qemumonitorjsontest.c tests: Free test at the end of GetDeviceAliases JSON test 2013-07-22 16:59:14 +02:00
qemumonitortest.c Convert 'int i' to 'size_t i' in tests/ files 2013-07-10 17:40:13 +01:00
qemumonitortestutils.c qemumonitortestutils: Don't skip va_end() on error path 2013-08-02 12:28:58 +02:00
qemumonitortestutils.h qemumonitortestutils: Add the ability to check arguments of commands 2013-07-31 14:25:43 +02:00
qemuxml2argvtest.c selinux: distinguish failure to label from request to avoid label 2013-08-20 10:39:03 -06:00
qemuxml2xmltest.c selinux: distinguish failure to label from request to avoid label 2013-08-20 10:39:03 -06:00
qemuxmlnstest.c qemu: Add callback struct for qemuBuildCommandLine 2013-05-20 20:14:19 +08:00
read-bufsiz maint: avoid regression on copyright listings 2012-07-27 07:42:34 -06:00
read-non-seekable maint: avoid regression on copyright listings 2012-07-27 07:42:34 -06:00
reconnect.c Replace two-state local integers with bool 2013-06-06 17:22:53 +02:00
schematestutils.sh tests: use portable shell code 2013-05-09 11:46:45 -06:00
seclabeltest.c tests: uniformly report test failures 2013-02-25 17:38:11 -07:00
securityselinuxhelper.c Adapt to VIR_STRDUP and VIR_STRNDUP in tests/* 2013-05-10 11:54:29 +02:00
securityselinuxlabeltest.c Adapt to VIR_ALLOC and virAsprintf in tests/* 2013-07-10 11:07:33 +02:00
securityselinuxtest.c Adapt to VIR_ALLOC and virAsprintf in tests/* 2013-07-10 11:07:33 +02:00
sexpr2xmltest.c Introduce OOM reporting to virAsprintf 2013-07-10 11:07:31 +02:00
shunloadhelper.c shunloadtest: Resolve Coverity CHECKED_RETURN error 2013-05-21 09:22:21 -04:00
shunloadtest.c build: fix shunloadtest breakage 2013-07-29 13:09:39 -06:00
sockettest.c virsocket: Introduce virSocketAddrIsWildcard 2013-06-07 15:21:57 +02:00
ssh.c build: fix shunloadtest breakage 2013-07-29 13:09:39 -06:00
start maint: avoid regression on copyright listings 2012-07-27 07:42:34 -06:00
statstest.c Rename stats_linux.{c,h} to virstatslinux.{c,h} 2012-12-21 11:19:48 +00:00
storagebackendsheepdogtest.c Build breaker - requires VIR_FROM_THIS 2013-05-10 08:52:43 -04:00
storagepoolschematest schema: require target path in storage pool xml 2013-05-17 08:33:22 +02:00
storagepoolxml2xmltest.c Make logical pools independent on target path 2013-07-16 12:16:37 +02:00
storagevolschematest schema: make source optional in volume XML 2013-05-17 08:35:08 +02:00
storagevolxml2argvtest.c Resolve Coverity complaint in storagevolxml2argvtest 2013-07-26 14:17:02 +02:00
storagevolxml2xmltest.c Move volume XMLs out of storagevolxml2argvdata 2013-07-25 13:26:41 +02:00
sysinfotest.c Introduce OOM reporting to virAsprintf 2013-07-10 11:07:31 +02:00
test_conf.c viralloc: Report OOM error on failure 2013-07-10 11:07:31 +02:00
test_conf.sh rename tests/conftest.c 2013-03-19 13:13:28 -06:00
test-lib.sh tests: add helper to determine when to skip expensive tests 2013-08-12 10:06:41 -06:00
testutils.c tests: add helper to determine when to skip expensive tests 2013-08-12 10:06:41 -06:00
testutils.h tests: add helper to determine when to skip expensive tests 2013-08-12 10:06:41 -06:00
testutilslxc.c virCaps: get rid of defaultConsoleTargetType callback 2013-04-04 22:42:39 +02:00
testutilslxc.h Add support for setting init argv for LXC 2012-03-27 15:52:25 +01:00
testutilsqemu.c qemu: Add callback struct for qemuBuildCommandLine 2013-05-20 20:14:19 +08:00
testutilsqemu.h build: skip qemu in tests when !WITH_QEMU 2013-05-31 11:35:34 -06:00
testutilsxen.c virCaps: get rid of defaultConsoleTargetType callback 2013-04-04 22:42:39 +02:00
testutilsxen.h virCaps: get rid of defaultConsoleTargetType callback 2013-04-04 22:42:39 +02:00
utiltest.c Convert 'int i' to 'size_t i' in tests/ files 2013-07-10 17:40:13 +01:00
vcpupin maint: avoid regression on copyright listings 2012-07-27 07:42:34 -06:00
viratomictest.c Convert 'int i' to 'size_t i' in tests/ files 2013-07-10 17:40:13 +01:00
virauthconfigtest.c virutil: Move string related functions to virstring.c 2013-05-02 16:56:55 +02:00
virbitmaptest.c virbitmaptest: Shut coverity up in case of broken test 2013-08-19 15:54:43 +02:00
virbuftest.c Introduce OOM reporting to virAsprintf 2013-07-10 11:07:31 +02:00
vircgroupmock.c Workaround issue with clang and inline functions with static vars 2013-05-14 15:00:22 +01:00
vircgrouptest.c Add support for systemd cgroup mount 2013-07-31 19:27:19 +01:00
virdbustest.c tests: test negative number through dbus 2013-08-09 08:57:01 -06:00
virdrivermoduletest.c virutil: Move string related functions to virstring.c 2013-05-02 16:56:55 +02:00
virendiantest.c util: add virendian.h macros 2013-02-12 09:00:15 -07:00
virhashdata.h Rename hash.h and hash.c to virhash.h and virhash.c 2012-01-26 14:11:13 +00:00
virhashtest.c virAsprintf: correctly check return value 2013-07-18 14:05:46 +02:00
viridentitytest.c virutil: Move string related functions to virstring.c 2013-05-02 16:56:55 +02:00
virkeycodetest.c Add a test suite for keycode mapping functions 2013-04-08 10:03:20 +01:00
virkeyfiletest.c virutil: Move string related functions to virstring.c 2013-05-02 16:56:55 +02:00
virlockspacetest.c util: move virFile* functions from virutil.c to virfile.c 2013-05-10 13:09:30 -04:00
virnetmessagetest.c Adapt to VIR_ALLOC and virAsprintf in tests/* 2013-07-10 11:07:33 +02:00
virnetsockettest.c Convert 'int i' to 'size_t i' in tests/ files 2013-07-10 17:40:13 +01:00
virnettlscontexttest.c tests: Fix parallel runs of TLS test suites 2013-08-12 20:20:00 -06:00
virnettlshelpers.c Fix parallel runs of TLS test suites 2013-08-09 11:54:41 +01:00
virnettlshelpers.h Fix parallel runs of TLS test suites 2013-08-09 11:54:41 +01:00
virnettlssessiontest.c tests: Fix parallel runs of TLS test suites 2013-08-12 20:20:00 -06:00
virportallocatortest.c util: move virFile* functions from virutil.c to virfile.c 2013-05-10 13:09:30 -04:00
virsh-all tests: Skip virsh-all test as expensive 2013-08-12 18:47:56 +02:00
virsh-optparse virsh: add snapshot-create-as memspec support 2012-11-07 09:04:18 -07:00
virsh-schedinfo Allow multiple parameters for schedinfo 2013-04-03 08:49:30 +02:00
virsh-synopsis maint: avoid regression on copyright listings 2012-07-27 07:42:34 -06:00
virsh-undefine build: avoid confusing make with raw name 'undefine' 2012-09-12 11:27:22 -06:00
virshtest.c Introduce OOM reporting to virAsprintf 2013-07-10 11:07:31 +02:00
virstoragetest.c Convert 'int i' to 'size_t i' in tests/ files 2013-07-10 17:40:13 +01:00
virstringtest.c Introduce virFilePrintf() as a portable fprintf() 2013-05-31 10:51:33 -06:00
virsystemdmock.c tests: work with older dbus 2013-08-08 16:33:55 -06:00
virsystemdtest.c Add APIs for formatting systemd slice/scope names 2013-07-31 19:24:53 +01:00
virt-aa-helper-test add vnc unix sockets to apparmor policy 2012-12-11 14:32:39 -07:00
virtimetest.c virutil: Move string related functions to virstring.c 2013-05-02 16:56:55 +02:00
viruritest.c tests/: Remove the whitespace before ";" 2013-05-21 23:41:45 +08:00
vmx2xmltest.c Adapt to VIR_STRDUP and VIR_STRNDUP in tests/* 2013-05-10 11:54:29 +02:00
xencapstest.c Introduce OOM reporting to virAsprintf 2013-07-10 11:07:31 +02:00
xmconfigtest.c viralloc: Report OOM error on failure 2013-07-10 11:07:31 +02:00
xml2sexprtest.c Introduce OOM reporting to virAsprintf 2013-07-10 11:07:31 +02:00
xml2vmxtest.c Adapt to VIR_STRDUP and VIR_STRNDUP in tests/* 2013-05-10 11:54:29 +02:00