Re: [PATCH 1/4] conf: introduce seclabels in shmem device element

[lhuang <lhuang@xxxxxxxxxx>]

On 07/30/2015 06:28 PM, Daniel P. Berrange wrote:
> On Thu, Jul 23, 2015 at 06:13:46PM +0800, Luyao Huang wrote:
> > Introduce a new element in shmem device element, this
> > could help users to change the shm label to a specified
> > label.
> >
> > Signed-off-by: Luyao Huang <lhuang@xxxxxxxxxx>
> > ---
> >   docs/formatdomain.html.in     |  7 ++++++
> >   docs/schemas/domaincommon.rng |  3 +++
> >   src/conf/domain_conf.c        | 55 ++++++++++++++++++++++++++++++++++---------
> >   src/conf/domain_conf.h        |  5 ++++
> >   4 files changed, 59 insertions(+), 11 deletions(-)
> >
> > diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in
> > index d0c1741..e02c67c 100644
> > --- a/docs/formatdomain.html.in
> > +++ b/docs/formatdomain.html.in
> > @@ -6098,6 +6098,13 @@ qemu-kvm -net nic,model=? /dev/null
> >         vectors. The <code>ioeventd</code> attribute enables/disables (values
> >         "on"/"off", respectively) ioeventfd.
> >       </dd>
> > +    <dt><code>seclabel</code></dt>
> > +    <dd>
> > +      The  optional <code>seclabel</code> to override the way that labelling
> > +      is done on the shm object path or shm server path.  If this
> > +      element is not present, the <a href="#seclabel">security label is inherited
> > +      from the per-domain setting</a>.
> > +    </dd>
> >     </dl>
> >   
> >       <h4><a name="elementsMemory">Memory devices</a></h4>
> > diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng
> > index 1120003..f58e8de 100644
> > --- a/docs/schemas/domaincommon.rng
> > +++ b/docs/schemas/domaincommon.rng
> > @@ -3323,6 +3323,9 @@
> >               </optional>
> >             </element>
> >           </optional>
> > +        <zeroOrMore>
> > +          <ref name='devSeclabel'/>
> > +        </zeroOrMore>
> >           <optional>
> >             <ref name="address"/>
> >           </optional>
> So in the <disk> XML we have an explicit element to indicate whether the
> device is intended to be shared across multiple guests. <shareable/>
>
> I think we need to have the same flag added to the shm device too, so
> that we sanity check whether a particular shm was intended to be shared
> or whether it is a mistake when multiple guests use it. This will also
> allow us to integrate with the virtlockd to acquire exclusive locks
> against the shm device to actively prevent admin mistakes starting
> 2 guests with the same shm. It will also let us automatically choose
> the right default SELinux label ie svirt_image_t:s0:c214,c3242 for
> exclusive access vs svirt_image_t:s0 for shared access

Good idea! i will introduce this new element in next version.

Thanks a lot for your advise.

> Regards,
> Daniel

Luyao

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list