On 02/08/2017 02:32 PM, Peter Krempa wrote:
On Wed, Feb 08, 2017 at 11:37:05 +0100, Michal Privoznik wrote:
> Now that we have some qemuSecurity wrappers over
> virSecurityManager APIs, lets make sure everybody sticks with
> them. We have them for a reason and calling virSecurityManager
> API directly instead of wrapper may lead into accidentally
> labelling a file on the host instead of namespace.
>
> Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
> ---
> cfg.mk | 8 ++++++++
> 1 file changed, 8 insertions(+)
>
> diff --git a/cfg.mk b/cfg.mk
> index 69e3f3a1a..6fb2fc961 100644
> --- a/cfg.mk
> +++ b/cfg.mk
> @@ -585,6 +585,14 @@ sc_prohibit_unsigned_pid:
> halt='use signed type for pid values' \
> $(_sc_search_regexp)
>
> +sc_prohibit_direct_secdriver:
> + @for i in $$(grep -i ^WRAP.\( src/qemu/qemu_security.c | \
> + awk 'BEGIN {FS = "[^[:alnum:]]"} {print
"virSecurityManager" $$2 }'); do \
> + grep -n $$i $$($(VC_LIST_EXCEPT) | grep -E '^src/qemu/') && \
> + { echo "$(ME): prefer qemuSecurity$${i#virSecurityManager} over $$i"
1>&2; exit 1; } \
> + done || :
This won't work without the "WRAP" stuff so you'll need to come up
with
something else.
Without WRAP it's going to be super tricky as I'd have try to match
functions from qemu_security.h with those from security_manager.h. If
you have some bright idea, please do share it, because frankly I'm out
of them.
Michal