The need to have something like this in the first place is driven by
KubeVirt (see [1] and [2]). A draft version of this series has been
integrated into KubeVirt and it has been confirmed that it was
effective in removing the need to use LD_PRELOAD hacks in the storage
provider.
Changes from [v6]:
* only skip metadata locking for the swtpm lock file;
* other tweaks based on review feedback.
Changes from [v5]:
* make migration of domains with TPM work (patches 12 and 13);
* fixed all typos for "remember";
* added R-bs for Peter's patches.
Changes from [v4] (v5 was posted by Peter):
* added patch 7 cleaning up a helper function (noticed just while
reading the code)
* added patch 8 properly unrefing security labels in dac/selinux
drivers on outgoing migration
* patch 11: added handling of the 'nvram' image file (and refactored
the function to
allow reuse)
Changes from [v3] (v4 was posted by Peter):
* patch 2/8 was modified to change the docs for the new option.
* patches 1-5 will get an R-b by me as I've adopted them.
* patches 6, 9-11 are new.
* patches 7, 8 were not part of v3
Changes from [v2]:
* added canonicalization for user-provided paths;
* fixed compilation issues when AppArmor support is enabled.
Changes from [v1]:
* documented more explicitly that the newly introduced option is
intended for very specific scenarios and not general usage; as
part of this, the NEWS update has been dropped too;
* made a few tweaks and addressed a few oversight based on review
feedback;
* several preparatory cleanup patches have been pushed.
Changes from [v0]:
* reworked approach.
[v6] https://lists.libvirt.org/archives/list/devel@xxxxxxxxxxxxxxxxx/thread/7TTRJTALVO4HDQ7ONQJAF2S4CZI47YGT/
[v5] https://lists.libvirt.org/archives/list/devel@xxxxxxxxxxxxxxxxx/thread/HNF576CP4LSJJTSNP5MKG32MCBTCCDQ6/
[v4] https://lists.libvirt.org/archives/list/devel@xxxxxxxxxxxxxxxxx/thread/FWR7YCZJUHBZH33EX465GSE4EQI6KRWA/
[v3] https://lists.libvirt.org/archives/list/devel@xxxxxxxxxxxxxxxxx/thread/PISBZCI5MAQQWPN7NMMEGV4VPLJKGEFJ/
[v2] https://lists.libvirt.org/archives/list/devel@xxxxxxxxxxxxxxxxx/thread/XPCPYID6ZS5NXQCAYCUHFMCXJFL6C3TP/
[v1] https://lists.libvirt.org/archives/list/devel@xxxxxxxxxxxxxxxxx/thread/XEISMPGRJHFRT4LZ3MJ3L3XR7OPOQKPM/
[v0] https://lists.libvirt.org/archives/list/devel@xxxxxxxxxxxxxxxxx/thread/MMKVR54LD3SDG5CMSXUECV7I57LMJJTH/
[1] https://issues.redhat.com/browse/CNV-34322
[2] https://issues.redhat.com/browse/CNV-39370
Andrea Bolognani (8):
security: Fix alignment
qemu: Introduce shared_filesystems configuration option
qemu: Propagate shared_filesystems
utils: Use overrides in virFileIsSharedFS()
qemu: Always set labels for TPM state
security: Always forget labels for TPM state directory
security: Allow skipping locking when labeling lock files
qemu: Handle locking of TPM state directory for incoming migration
Peter Krempa (6):
virFileIsSharedFSOverride: Export
virParseOwnershipIds: Refactor
virSecuritySELinuxRestoreImageLabelInt: Move FD image relabeling after
'migrated' check
security_(dac|selinux): Unref remembered security labels on outgoing
migration
storage_source: Add field for skipping seclabel remembering
qemu: migration: Don't remember seclabel for images shared from
current host
src/conf/storage_source_conf.c | 3 +
src/conf/storage_source_conf.h | 9 ++
src/libvirt_private.syms | 1 +
src/lxc/lxc_controller.c | 3 +-
src/lxc/lxc_driver.c | 2 +-
src/lxc/lxc_process.c | 4 +-
src/qemu/libvirtd_qemu.aug | 3 +
src/qemu/qemu.conf.in | 26 +++++
src/qemu/qemu_conf.c | 31 ++++++
src/qemu/qemu_conf.h | 2 +
src/qemu/qemu_domain.c | 7 +-
src/qemu/qemu_extdevice.c | 2 +-
src/qemu/qemu_migration.c | 83 ++++++++++++++--
src/qemu/qemu_security.c | 147 ++++++++++++++++++++--------
src/qemu/qemu_security.h | 6 +-
src/qemu/qemu_tpm.c | 51 +++++++---
src/qemu/qemu_tpm.h | 10 +-
src/qemu/test_libvirtd_qemu.aug.in | 5 +
src/security/security_apparmor.c | 8 +-
src/security/security_dac.c | 61 +++++++++---
src/security/security_driver.h | 11 ++-
src/security/security_manager.c | 54 ++++++++---
src/security/security_manager.h | 15 ++-
src/security/security_nop.c | 5 +
src/security/security_selinux.c | 151 +++++++++++++++++++++++------
src/security/security_stack.c | 38 ++++++--
src/util/virfile.c | 63 +++++++++++-
src/util/virfile.h | 5 +-
src/util/virutil.c | 20 ++--
tests/securityselinuxlabeltest.c | 2 +-
tests/virfiletest.c | 2 +-
31 files changed, 666 insertions(+), 164 deletions(-)
--
2.46.2
