Since there is a shmobj leak when let qemu create shmobj by
themselves, also the label of shmobj/shmem-server socket
is not right. Guest cannot direct use the shmem-server
if users enabled selinux. So it will be better to manage it
in libvirt.
The way i chosed is region the shmem deivce in a list, and
save it status to a local file to avoid losing it after restart
libvirtd, and count the guest which use it, and let the callers
know if there is no guest is using it (then we can relabel/cleanup
some resource).
Notice: you still cannot use the ivshmem-server if the process label
is not correct, just set the socket label is not enought, selinux
still will forbid qemu use it, because the shmem-server's process is
not correct, you will find the AVC like this (i set up the ivshmem
server via shell):
type=AVC msg=audit(1437642157.227:73784): avc: denied { connectto } for \
pid=6137 comm="qemu-kvm" path="/tmp/ivshmem_socket" \
scontext=system_u:system_r:svirt_t:s0:c703,c707 \
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
But the problem is we cannot change the running shm-server process label,
We need wait ivshmem-server to be a part of qemu progrem, then setup the
ivshmem-server by libvirt. we cannot do nothing for the ivshmem-server right now.
Luyao Huang (4):
conf: introduce seclabels in shmem device element
security: add security part for shmem device
util: introduce new helpers to manage shmem device
qemu: call the helpers in virshm.c to manage shmem device
configure.ac | 10 +
docs/formatdomain.html.in | 7 +
docs/schemas/domaincommon.rng | 3 +
po/POTFILES.in | 3 +-
src/Makefile.am | 5 +-
src/conf/domain_conf.c | 55 +++-
src/conf/domain_conf.h | 5 +
src/libvirt_private.syms | 18 ++
src/qemu/qemu_conf.h | 3 +
src/qemu/qemu_driver.c | 4 +
src/qemu/qemu_process.c | 158 ++++++++++
src/security/security_dac.c | 67 +++++
src/security/security_driver.h | 11 +
src/security/security_manager.c | 38 +++
src/security/security_manager.h | 8 +
src/security/security_selinux.c | 70 +++++
src/security/security_stack.c | 41 +++
src/util/virshm.c | 623 ++++++++++++++++++++++++++++++++++++++++
src/util/virshm.h | 104 +++++++
19 files changed, 1220 insertions(+), 13 deletions(-)
create mode 100644 src/util/virshm.c
create mode 100644 src/util/virshm.h
--
1.8.3.1