v1 link:
https://www.redhat.com/archives/libvir-list/2015-July/msg00926.html
v2 different:
-Introduce new xml element shareable to indicate whether the
device is intended to be shared across multiple guests.
-Make virSecuritySELinuxRestoreSecurityAllLabel and
virSecuritySELinuxSetSecurityAllLabel call set/restore label
-Move struct _virShmObject and _virShmObjectList in virshm.c
and introduce some functions to get the parameter.
-Change the return value to -1 when the function are not supported
on some platform.
-add the code in src/security/security_nop.c
-some small pieces fix
Since there is a shmobj leak when let qemu create shmobj by
themselves, also the label of shmobj/shmem-server socket
is not right. Guest cannot direct use the shmem-server
if users enabled selinux. So it will be better to manage it
in libvirt.
The way i chosed is region the shmem deivce in a list, and
save it status to a local file to avoid losing it after restart
libvirtd, and count the guest which use it, and let the callers
know if there is no guest is using it (then we can relabel/cleanup
some resource).
About shmem-server we decided introduce some new selinux label to
fix that, however ivshmem server still not finished right now (i mean
patches were still being reviewed in qemu-devel), we could implement
the set up ivshmem-server part later.
BTW, during some research i noticed the vhost-user network should have
the same problem like the ivshmem-server, since it use the same way to connect
to guest (a host app connect to guest via socket), and after some test
i found the guest cannot connect to the sockect which created by app if i enable
the Selinux. So i think maybe we could fix these two issue together, if
there is already have a way to make vhost-usr works well with SElinux,
i think we could use that way in this place.
Luyao Huang (5):
conf: introduce seclabels in shmem device element
conf: introduce shareable in shmem device element
util: introduce new helpers to manage shmem device
security: add security part for shmem device
qemu: call the helpers in virshm.c to manage shmem device
configure.ac | 10 +
docs/formatdomain.html.in | 12 +
docs/schemas/domaincommon.rng | 8 +
po/POTFILES.in | 3 +-
src/Makefile.am | 7 +-
src/conf/domain_conf.c | 103 ++-
src/conf/domain_conf.h | 6 +
src/libvirt_private.syms | 26 +
src/qemu/qemu_conf.h | 3 +
src/qemu/qemu_driver.c | 4 +
src/qemu/qemu_process.c | 157 +++++
src/security/security_dac.c | 100 +++
src/security/security_driver.h | 9 +
src/security/security_manager.c | 35 +
src/security/security_manager.h | 6 +
src/security/security_nop.c | 19 +
src/security/security_selinux.c | 97 +++
src/security/security_stack.c | 39 ++
src/util/virshm.c | 739 +++++++++++++++++++++
src/util/virshm.h | 92 +++
.../qemuxml2argv-shmem-seclabel.xml | 55 ++
.../qemuxml2argv-shmem-shareable.xml | 43 ++
tests/qemuxml2xmltest.c | 5 +
23 files changed, 1545 insertions(+), 33 deletions(-)
create mode 100644 src/util/virshm.c
create mode 100644 src/util/virshm.h
create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-shmem-seclabel.xml
create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-shmem-shareable.xml
--
1.8.3.1