This patch fixes the seclabel handling in domain_conf.c to allow
virt-manager to set the seclabel model, type and label.
Also adds missing error messages when the xml is incorrect.
How much verification should we be doing on this? I have another patch
that verifies the model as being a known model and a patch to verify the
label is a correct label. (IE SELinux verifies the label is understood
by the kernel.)
The problem with this second patch is it sucks in security.[ch],
security_selinux.[ch] into the libvirt_lxc. Should I be doing this?
--- a/src/domain_conf.c
+++ b/src/domain_conf.c
@@ -1859,12 +1859,28 @@ virSecurityLabelDefParseXML(virConnectPtr conn,
if (virXPathNode(conn, "./seclabel", ctxt) == NULL)
return 0;
+ p = virXPathStringLimit(conn, "string(./seclabel/@model)",
+ VIR_SECURITY_MODEL_BUFLEN-1, ctxt);
+ if (p == NULL) {
+ virDomainReportError(conn, VIR_ERR_XML_ERROR,
+ "%s", _("missing seclabel model"));
+ goto error;
+ }
+ def->seclabel.model = p;
+
p = virXPathStringLimit(conn, "string(./seclabel/@type)",
VIR_SECURITY_LABEL_BUFLEN-1, ctxt);
- if (p == NULL)
+ if (p == NULL) {
+ virDomainReportError(conn, VIR_ERR_XML_ERROR,
+ "%s", _("missing seclabel type"));
goto error;
- if ((def->seclabel.type = virDomainSeclabelTypeFromString(p)) < 0)
+ }
+
+ if ((def->seclabel.type = virDomainSeclabelTypeFromString(p)) < 0) {
+ virDomainReportError(conn, VIR_ERR_XML_ERROR,
+ _("unknown seclabel type %s"), p);
goto error;
+ }
VIR_FREE(p);
/* Only parse details, if using static labels, or
@@ -1872,16 +1888,14 @@ virSecurityLabelDefParseXML(virConnectPtr conn,
*/
if (def->seclabel.type == VIR_DOMAIN_SECLABEL_STATIC ||
!(flags & VIR_DOMAIN_XML_INACTIVE)) {
- p = virXPathStringLimit(conn, "string(./seclabel/@model)",
- VIR_SECURITY_MODEL_BUFLEN-1, ctxt);
- if (p == NULL)
- goto error;
- def->seclabel.model = p;
p = virXPathStringLimit(conn, "string(./seclabel/label[1])",
VIR_SECURITY_LABEL_BUFLEN-1, ctxt);
- if (p == NULL)
- goto error;
+ if (p == NULL) {
+ virDomainReportError(conn, VIR_ERR_XML_ERROR,
+ _("seclabel label is too long"));
+ goto error;
+ }
def->seclabel.label = p;
}
@@ -1890,8 +1904,11 @@ virSecurityLabelDefParseXML(virConnectPtr conn,
!(flags & VIR_DOMAIN_XML_INACTIVE)) {
p = virXPathStringLimit(conn, "string(./seclabel/imagelabel[1])",
VIR_SECURITY_LABEL_BUFLEN-1, ctxt);
- if (p == NULL)
+ if (p == NULL) {
+ virDomainReportError(conn, VIR_ERR_XML_ERROR,
+ _("seclabel image label is too long"));
goto error;
+ }
def->seclabel.imagelabel = p;
}
diff --git a/src/security_selinux.c b/src/security_selinux.c
index 1708d55..5937f48 100644
--
Libvir-list mailing list
Libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list