[libvirt] [PATCH 0/5] Override the permissions on /dev/sev when probing

The problem with /dev/sev's default permissions (0600 root:root) is that we can't make it more permissive at the moment otherwise we'd weaken the security of SEV and potentially open the door for a DOS attack. Therefore, the alternative approach is to set CAP_DAC_OVERRIDE capability for the probing QEMU process (and *only* when probing) so that libvirt truly works with SEV. As a necessary side job, this series also makes /dev/sev only available to machines that need it, thus mitigating the possible attack surface even more. Erik Skultety (5): qemu: conf: Remove /dev/sev from the default cgroup device acl list qemu: cgroup: Expose /dev/sev/ only to domains that require SEV qemu: domain: Add /dev/sev into the domain mount namespace selectively security: dac: Relabel /dev/sev in the namespace qemu: caps: Use CAP_DAC_OVERRIDE for probing to avoid permission issues docs/drvqemu.html.in | 2 +- src/qemu/qemu.conf | 2 +- src/qemu/qemu_capabilities.c | 11 +++++++ src/qemu/qemu_cgroup.c | 21 +++++++++++- src/qemu/qemu_domain.c | 24 ++++++++++++++ src/qemu/test_libvirtd_qemu.aug.in | 1 - src/security/security_dac.c | 51 ++++++++++++++++++++++++++++++ src/util/virutil.c | 31 ++++++++++++++++-- 8 files changed, 137 insertions(+), 6 deletions(-) -- 2.20.1