libvirt/src/security
Christian Ehrhardt d53f4d02d0
apparmor: let AppArmorSetSecurityImageLabel append rules
There are currently broken use cases, e.g. snapshotting more than one disk at
once like:
 $ virsh snapshot-create-as --domain eoan --disk-only --atomic
   --diskspec vda,snapshot=no  --diskspec vdb,snapshot=no
   --diskspec vdc,file=/test/disk1.snapshot1.qcow,snapshot=external
   --diskspec vdd,file=/test/disk2.snapshot1.qcow,snapshot=external
The command above will iterate from qemuDomainSnapshotCreateDiskActive and
eventually add /test/disk1.snapshot1.qcow first (appears in the rules)
to then later add /test/disk2.snapshot1.qcow and while doing so throwing
away the former rule causing it to fail.

All other calls to (re)load_profile already use append=true when adding
rules append=false is only used when restoring rules [1].

Fix this by letting AppArmorSetSecurityImageLabel use append=true as well.

Since this is removing a (unintentional) trigger to revoke all rules
appended so far we agreed on review to do some tests, but in the tests
no rules came back on:
- hot-plug
- hot-unplug
- snapshotting

Bugs:
https://bugs.launchpad.net/libvirt/+bug/1845506
https://bugzilla.redhat.com/show_bug.cgi?id=1746684

[1]: https://bugs.launchpad.net/libvirt/+bug/1845506/comments/13

Reviewed-by: Cole Robinson <crobinso@redhat.com>
Acked-by: Jamie Strandboge <jamie@canonical.com>
Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
2019-11-21 08:26:07 +01:00
..
apparmor virt-aa-helper: Drop unnecessary AppArmor rule 2019-08-22 10:58:41 +02:00
Makefile.inc.am build: link to glib library 2019-10-14 10:54:42 +01:00
security_apparmor.c apparmor: let AppArmorSetSecurityImageLabel append rules 2019-11-21 08:26:07 +01:00
security_apparmor.h src/security: use #pragma once in headers 2019-06-19 17:12:31 +02:00
security_dac.c replace use of gnulib snprintf by g_snprintf 2019-11-15 15:07:40 +01:00
security_dac.h src/security: use #pragma once in headers 2019-06-19 17:12:31 +02:00
security_driver.c Use G_N_ELEMENTS instead of ARRAY_CARDINALITY 2019-10-15 16:14:19 +02:00
security_driver.h security: Pass @migrated to virSecurityManagerSetAllLabel 2019-10-14 17:14:13 +02:00
security_manager.c Use g_steal_pointer instead of VIR_STEAL_PTR everywhere 2019-10-16 15:59:42 +02:00
security_manager.h security: Introduce virSecurityManagerGetDriver() 2019-10-14 17:20:30 +02:00
security_nop.c Use g_strdup instead of ignoring VIR_STRDUP's value 2019-10-21 12:51:55 +02:00
security_nop.h src/security: use #pragma once in headers 2019-06-19 17:12:31 +02:00
security_selinux.c security: Use g_strdup_printf() instead of virAsprintf() 2019-11-12 16:15:58 +01:00
security_selinux.h src/security: use #pragma once in headers 2019-06-19 17:12:31 +02:00
security_stack.c security: use G_GNUC_UNUSED 2019-10-15 11:25:24 +02:00
security_stack.h src/security: use #pragma once in headers 2019-06-19 17:12:31 +02:00
security_util.c security: Use g_strdup_printf() instead of virAsprintf() 2019-11-12 16:15:58 +01:00
security_util.h security_util: Introduce virSecurityMoveRememberedLabel 2019-07-03 08:36:04 +02:00
virt-aa-helper.c virt-aa-helper: clarify command line options 2019-11-21 08:26:06 +01:00