v1 link: https://www.redhat.com/archives/libvir-list/2015-July/msg00926.html v2 different: -Introduce new xml element shareable to indicate whether the device is intended to be shared across multiple guests. -Make virSecuritySELinuxRestoreSecurityAllLabel and virSecuritySELinuxSetSecurityAllLabel call set/restore label -Move struct _virShmObject and _virShmObjectList in virshm.c and introduce some functions to get the parameter. -Change the return value to -1 when the function are not supported on some platform. -add the code in src/security/security_nop.c -some small pieces fix Since there is a shmobj leak when let qemu create shmobj by themselves, also the label of shmobj/shmem-server socket is not right. Guest cannot direct use the shmem-server if users enabled selinux. So it will be better to manage it in libvirt. The way i chosed is region the shmem deivce in a list, and save it status to a local file to avoid losing it after restart libvirtd, and count the guest which use it, and let the callers know if there is no guest is using it (then we can relabel/cleanup some resource). About shmem-server we decided introduce some new selinux label to fix that, however ivshmem server still not finished right now (i mean patches were still being reviewed in qemu-devel), we could implement the set up ivshmem-server part later. BTW, during some research i noticed the vhost-user network should have the same problem like the ivshmem-server, since it use the same way to connect to guest (a host app connect to guest via socket), and after some test i found the guest cannot connect to the sockect which created by app if i enable the Selinux. So i think maybe we could fix these two issue together, if there is already have a way to make vhost-usr works well with SElinux, i think we could use that way in this place. Luyao Huang (5): conf: introduce seclabels in shmem device element conf: introduce shareable in shmem device element util: introduce new helpers to manage shmem device security: add security part for shmem device qemu: call the helpers in virshm.c to manage shmem device configure.ac | 10 + docs/formatdomain.html.in | 12 + docs/schemas/domaincommon.rng | 8 + po/POTFILES.in | 3 +- src/Makefile.am | 7 +- src/conf/domain_conf.c | 103 ++- src/conf/domain_conf.h | 6 + src/libvirt_private.syms | 26 + src/qemu/qemu_conf.h | 3 + src/qemu/qemu_driver.c | 4 + src/qemu/qemu_process.c | 157 +++++ src/security/security_dac.c | 100 +++ src/security/security_driver.h | 9 + src/security/security_manager.c | 35 + src/security/security_manager.h | 6 + src/security/security_nop.c | 19 + src/security/security_selinux.c | 97 +++ src/security/security_stack.c | 39 ++ src/util/virshm.c | 739 +++++++++++++++++++++ src/util/virshm.h | 92 +++ .../qemuxml2argv-shmem-seclabel.xml | 55 ++ .../qemuxml2argv-shmem-shareable.xml | 43 ++ tests/qemuxml2xmltest.c | 5 + 23 files changed, 1545 insertions(+), 33 deletions(-) create mode 100644 src/util/virshm.c create mode 100644 src/util/virshm.h create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-shmem-seclabel.xml create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-shmem-shareable.xml -- 1.8.3.1 -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list