On Wed, Oct 28, 2020 at 08:25:46PM +0100, Michal Privoznik wrote:
On 10/28/20 8:16 PM, Andrea Bolognani wrote:
On Mon, 2020-10-26 at 00:25 +0300, Roman Bolshakov wrote:
There're no guidelines on what namespace should be used but it seems thirdparty apps can select the one they like [1], i.e. freedekstop xattrs are prefixed with xdg.
qemusecuritytest passes after that.
1. https://www.freedesktop.org/wiki/CommonExtendedAttributes/
Signed-off-by: Roman Bolshakov <r.bolshakov@yadro.com> --- src/security/security_util.c | 2 ++ 1 file changed, 2 insertions(+)
diff --git a/src/security/security_util.c b/src/security/security_util.c index 7fa5163fe4..5d50acb574 100644 --- a/src/security/security_util.c +++ b/src/security/security_util.c @@ -56,6 +56,8 @@ VIR_LOG_INIT("security.security_util"); # define XATTR_NAMESPACE "trusted" #elif defined(__FreeBSD__) # define XATTR_NAMESPACE "system" +#elif defined(__APPLE__) +# define XATTR_NAMESPACE "org" #endif
Considering that Apple uses com.apple for its own xattrs, libvirt using org.libvirt makes sense to me.
One thing to consider here (and my rough googling did not help) is that we need the namespace to be RW only by root. If it were writable by a regular user (e.g "user." on linux) then a regular user could trick us to chown() the file to whatever user they please. Is "org" (and per your commit message in fact any XATTR namespace, since it doesn't look like mac os has any notion of namespaces after all) writable by root only?
After investigation of xnu kernel, I've found com.apple.system namespace that can be used to store system attributes but it can't be set/received/listed from userspace. $ xattr -w com.apple.system.libvirt bar foo xattr: [Errno 1] Operation not permitted: 'foo' $ sudo xattr -w com.apple.system.libvirt bar foo xattr: [Errno 1] Operation not permitted: 'foo I haven't found any kind of "trusted"/"system" namespace that can be used from user-space. But I'm not sure if libvirt on macOS is going to be used from root, rather from a user account. The feature the tests exists for is: https://patchew.org/Libvirt/cover.1544618362.git.mprivozn@redhat.com/ https://www.redhat.com/archives/libvir-list/2019-November/msg00862.html What do you think if the tests will be skipped on macOS? Thanks, Roman