On 12/20/18 12:39 AM, John Ferlan wrote:
>
>
> On 12/12/18 7:40 AM, Michal Privoznik wrote:
>> Similarly to what I did in DAC driver, this also requires the
>> same SELinux label to be used for shared paths. If a path is
>> already in use by a domain (or domains) then and the domain we
>> are starting now wants to access the path it has to have the same
>> SELinux label. This might look too restrictive as the new label
>> can still guarantee access to already running domains but in
>> reality it is very unlikely and usually an admin mistake.
>>
>> Signed-off-by: Michal Privoznik <mprivozn@xxxxxxxxxx>
>> ---
>> src/security/security_selinux.c | 177 +++++++++++++++++++++++---------
>> 1 file changed, 130 insertions(+), 47 deletions(-)
>>
>
> [...]
>
>> +
>> +static int
>> +virSecuritySELinuxRecallLabel(const char *path,
>> + security_context_t *con)
>> +{
>> + if (virSecurityGetRememberedLabel(SECURITY_SELINUX_NAME,
>> + path, con) < 0)
>> + return -1;
>> +
>> + if (!con)
>> + return 1;
>
> This ordering of the !con check has caused a Coverity concern that we
> use @con in the first call... When compared to the *_dac.c code which
> passes &label, I assume this should be passing &con, right?
Ooops, this hould have been if (!*con) return 1;.
security_context_t is actually char *; therefore here con is type of
char ** (just look at virSecurityGetRememberedLabel).
I wonder if this will fix the issue Marc reported (unfortunately I don't
have much time to dig into it right now).
Michal
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list
