-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Daniel P. Berrange wrote:
> On Fri, Feb 27, 2009 at 03:37:55PM -0500, Daniel J Walsh wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> Another patch off latest repository.
>>
>> This patch does not require the XML to include a label, although this is
>> still supported.
>>
>> Implemented most of the comments from Jim. make check and make
>> syntax-check passes, Added seclabeltest.c to run in tests, Updated
>> capability.rng, although not really sure I did it right.
>>
>> This patch will generate random MCS Labels and relabels the image files
>> to match. Seems to work well on F11.
>
> I had a few problems with label generation on my F11 machine - perhaps
> you have a newer version of the patch than the one I applied.
>
> I found I need the following additional patch..
>
> - Make domainGenSecurityLabel() give diagnostics for each type of error
> instead of using generic error message in caller
> - Change logic bug 'c1 == c2' to 'c1 < c2'
> - Change 'c%d,c%d' to 'c%d.c%d' - it doesn't like labels with
> the form "c210,c502" only wanting "c210.c502"
This does not make sense. c210,c502 is valid. c210.c502 means include
the range. c210, c211, c212...c502.
> - Fix use of STREQ - no need for == 0 in there
I am reworking this code to use INT instead of strings.
> - Use VIR_FREE/VIR_ALLOC for memory mgmt
>
> With this I can successfully start several VMs, and see them all
> using different contexts, and see the files labelled
>
> # ps -xZ | grep qemu | awk '{print $1}'
> system_u:system_r:qemu_t:s0:c35.c537
> system_u:system_r:qemu_t:s0:c210.c502
>
> # ls -Zl /var/lib/libvirt/images/
> total 504
> -rwxr-xr-x. 1 system_u:object_r:virt_image_t:s0:c210.c502 root root 1073741824 2009-03-03 12:15 demo2.img
> -rwxr-xr-x. 1 system_u:object_r:virt_image_t:s0:c35.c537 root root 1073741824 2009-03-03 11:49 demo.img
>
>
> Daniel
>
> Index: src/qemu_driver.c
> ===================================================================
> RCS file: /data/cvs/libvirt/src/qemu_driver.c,v
> retrieving revision 1.212
> diff -u -p -r1.212 qemu_driver.c
> --- src/qemu_driver.c 3 Mar 2009 12:03:44 -0000 1.212
> +++ src/qemu_driver.c 3 Mar 2009 12:25:47 -0000
> @@ -1316,13 +1316,11 @@ static int qemudStartVMDaemon(virConnect
>
> /* If you are using a SecurityDriver and there was no security label in
> database, then generate a security label for isolation */
> - if (vm->def->seclabel.label == NULL && driver->securityDriver) {
> - if (driver->securityDriver->domainGenSecurityLabel(vm) < 0) {
> - qemudReportError(conn, NULL, NULL, VIR_ERR_INTERNAL_ERROR,
> - "%s", _("Unable to generate Security Label"));
> - return -1;
> - }
> - }
> + if (vm->def->seclabel.label == NULL &&
> + driver->securityDriver &&
> + driver->securityDriver->domainGenSecurityLabel &&
> + driver->securityDriver->domainGenSecurityLabel(conn, vm) < 0)
> + return -1;
>
> FD_ZERO(&keepfd);
>
> Index: src/security.h
> ===================================================================
> RCS file: /data/cvs/libvirt/src/security.h,v
> retrieving revision 1.1
> diff -u -p -r1.1 security.h
> --- src/security.h 3 Mar 2009 09:44:42 -0000 1.1
> +++ src/security.h 3 Mar 2009 12:25:47 -0000
> @@ -37,7 +37,8 @@ typedef int (*virSecurityDomainRestoreIm
> typedef int (*virSecurityDomainSetImageLabel) (virConnectPtr conn,
> virDomainObjPtr vm,
> virDomainDeviceDefPtr dev);
> -typedef int (*virSecurityDomainGenLabel) (virDomainObjPtr sec);
> +typedef int (*virSecurityDomainGenLabel) (virConnectPtr conn,
> + virDomainObjPtr sec);
> typedef int (*virSecurityDomainGetLabel) (virConnectPtr conn,
> virDomainObjPtr vm,
> virSecurityLabelPtr sec);
> Index: src/security_selinux.c
> ===================================================================
> RCS file: /data/cvs/libvirt/src/security_selinux.c,v
> retrieving revision 1.1
> diff -u -p -r1.1 security_selinux.c
> --- src/security_selinux.c 3 Mar 2009 10:06:49 -0000 1.1
> +++ src/security_selinux.c 3 Mar 2009 12:25:47 -0000
> @@ -24,6 +24,9 @@
> #include "util.h"
> #include "memory.h"
>
> +
> +#define VIR_FROM_THIS VIR_FROM_SECURITY
> +
> static char default_domain_context[1024];
> static char default_image_context[1024];
> #define SECURITY_SELINUX_VOID_DOI "0"
> @@ -45,10 +48,11 @@ mcsAdd(const char *mcs)
> struct MCS *ptr;
>
> for (ptr = mcsList; ptr; ptr = ptr->next) {
> - if (STREQ(ptr->mcs, mcs) == 0)
> + if (STREQ(ptr->mcs, mcs))
> return -1;
> }
> - ptr = malloc(sizeof(struct MCS));
> + if (VIR_ALLOC(ptr) < 0)
> + return -1;
> ptr->mcs = strdup(mcs);
> ptr->next = mcsList;
> mcsList = ptr;
> @@ -62,7 +66,7 @@ mcsRemove(const char *mcs)
> struct MCS *ptr = NULL;
>
> for (ptr = mcsList; ptr; ptr = ptr->next) {
> - if (STREQ(ptr->mcs, mcs) == 0) {
> + if (STREQ(ptr->mcs, mcs)) {
> if (prevptr)
> prevptr->next = ptr->next;
> else {
> @@ -149,7 +153,8 @@ SELinuxInitialize(virConnectPtr conn)
> }
>
> static int
> -SELinuxGenSecurityLabel(virDomainObjPtr vm)
> +SELinuxGenSecurityLabel(virConnectPtr conn,
> + virDomainObjPtr vm)
> {
> int rc = -1;
> char mcs[1024];
> @@ -158,8 +163,11 @@ SELinuxGenSecurityLabel(virDomainObjPtr
> int c2 = 0;
> if ( ( vm->def->seclabel.label ) ||
> ( vm->def->seclabel.model ) ||
> - ( vm->def->seclabel.imagelabel ))
> + ( vm->def->seclabel.imagelabel )) {
> + virSecurityReportError(conn, VIR_ERR_ERROR,
> + "%s", _("security labellin already defined for VM"));
> return rc;
> + }
>
> do {
> c1 = virRandom(1024);
> @@ -168,28 +176,40 @@ SELinuxGenSecurityLabel(virDomainObjPtr
> if ( c1 == c2 ) {
> sprintf(mcs, "s0:c%d", c1);
> } else {
> - if ( c1 == c2 )
> - sprintf(mcs, "s0:c%d,c%d", c1, c2);
> + if ( c1 < c2 )
> + sprintf(mcs, "s0:c%d.c%d", c1, c2);
> else
> - sprintf(mcs, "s0:c%d,c%d", c2, c1);
> + sprintf(mcs, "s0:c%d.c%d", c2, c1);
> }
> } while(mcsAdd(mcs) == -1);
>
> vm->def->seclabel.label = SELinuxGenNewContext(default_domain_context, mcs);
> - if (! vm->def->seclabel.label) goto err;
> + if (! vm->def->seclabel.label) {
> + virSecurityReportError(conn, VIR_ERR_ERROR,
> + _("cannot generate selinux context for %s"), mcs);
> + goto err;
> + }
> vm->def->seclabel.imagelabel = SELinuxGenNewContext(default_image_context, mcs);
> - if (! vm->def->seclabel.imagelabel) goto err;
> + if (! vm->def->seclabel.imagelabel) {
> + virSecurityReportError(conn, VIR_ERR_ERROR,
> + _("cannot generate selinux context for %s"), mcs);
> + goto err;
> + }
> vm->def->seclabel.model = strdup(SECURITY_SELINUX_NAME);
> - if (! vm->def->seclabel.model) goto err;
> + if (! vm->def->seclabel.model) {
> + virReportOOMError(conn);
> + goto err;
> + }
> +
>
> rc = 0;
> goto done;
> err:
> - free(vm->def->seclabel.label); vm->def->seclabel.label = NULL;
> - free(vm->def->seclabel.imagelabel); vm->def->seclabel.imagelabel = NULL;
> - free(vm->def->seclabel.model); vm->def->seclabel.model = NULL;
> + VIR_FREE(vm->def->seclabel.label);
> + VIR_FREE(vm->def->seclabel.imagelabel);
> + VIR_FREE(vm->def->seclabel.model);
> done:
> - free(scontext);
> + VIR_FREE(scontext);
> return rc;
> }
>
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iEUEARECAAYFAkmtOdQACgkQrlYvE4MpobMdwQCfQR3lSPnih5zd977k/wET4WqD
rhIAmNYlqoogrM4KFb/trH4n5lxU2fc=
=Bhc/
-----END PGP SIGNATURE-----
--
Libvir-list mailing list
Libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list