[libvirt PATCH v2 06/10] util: helper to temporary elevate privileges of the current identity
When talking to the secret driver, the callers inside libvirt daemons
need to be able to run with an elevated privileges that prove the API
calls are made by a libvirt daemon, not an end user application.
The virIdentityElevateCurrent method will take the current identity
and, if not already present, add the system token. The old current
identity is returned to the caller. With the VIR_IDENTITY_AUTORESTORE
annotation, the old current identity will be restored upon leaving
the codeblock scope.
... early work with regular privileges ...
if (something needing elevated privs) {
VIR_IDENTITY_AUTORESTORE virIdentity *oldident =
virIdentityElevateCurrent();
if (!oldident)
return -1;
... do something with elevated privileges ...
}
... later work with regular privileges ...
Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com>
---
src/libvirt_private.syms | 2 ++
src/util/viridentity.c | 47 ++++++++++++++++++++++++++++++++++++++++
src/util/viridentity.h | 5 +++++
3 files changed, 54 insertions(+)
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index de5123aaa9..7db04d3d3b 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -2396,6 +2396,7 @@ virHostGetBootTime;
# util/viridentity.h
+virIdentityElevateCurrent;
virIdentityGetCurrent;
virIdentityGetGroupName;
virIdentityGetParameters;
@@ -2411,6 +2412,7 @@ virIdentityGetUserName;
virIdentityGetX509DName;
virIdentityNew;
virIdentityNewCopy;
+virIdentityRestoreHelper;
virIdentitySetCurrent;
virIdentitySetGroupName;
virIdentitySetParameters;
diff --git a/src/util/viridentity.c b/src/util/viridentity.c
index 9ffaf57da9..a9f54232b9 100644
--- a/src/util/viridentity.c
+++ b/src/util/viridentity.c
@@ -154,6 +154,53 @@ int virIdentitySetCurrent(virIdentity *ident)
}
+/**
+ * virIdentityElevateCurrent:
+ *
+ * Set the new identity to be associated with this thread,
+ * to an elevated copy of the current identity. The old
+ * current identity is returned and should be released by
+ * the caller when no longer required.
+ *
+ * Returns the previous identity, or NULL on error
+ */
+virIdentity *virIdentityElevateCurrent(void)
+{
+ g_autoptr(virIdentity) ident = virIdentityGetCurrent();
+ const char *token;
+ int rc;
+
+ if (!ident) {
+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
+ _("No current identity to elevate"));
+ return NULL;
+ }
+
+ if ((rc = virIdentityGetSystemToken(ident, &token)) < 0)
+ return NULL;
+
+ if (rc == 0) {
+ g_autoptr(virIdentity) identel = virIdentityNewCopy(ident);
+
+ if (virIdentitySetSystemToken(identel, systemToken) < 0)
+ return NULL;
+
+ if (virIdentitySetCurrent(identel) < 0)
+ return NULL;
+ }
+
+ return g_steal_pointer(&ident);
+}
+
+
+void virIdentityRestoreHelper(virIdentity **identptr)
+{
+ virIdentity *ident = *identptr;
+
+ if (ident != NULL)
+ virIdentitySetCurrent(ident);
+}
+
#define TOKEN_BYTES 16
#define TOKEN_STRLEN (TOKEN_BYTES * 2)
diff --git a/src/util/viridentity.h b/src/util/viridentity.h
index 512bca286d..848e5b2056 100644
--- a/src/util/viridentity.h
+++ b/src/util/viridentity.h
@@ -27,8 +27,13 @@
#define VIR_TYPE_IDENTITY vir_identity_get_type()
G_DECLARE_FINAL_TYPE(virIdentity, vir_identity, VIR, IDENTITY, GObject);
+#define VIR_IDENTITY_AUTORESTORE __attribute__((cleanup(virIdentityRestoreHelper)))
+
virIdentity *virIdentityGetCurrent(void);
int virIdentitySetCurrent(virIdentity *ident);
+virIdentity *virIdentityElevateCurrent(void);
+
+void virIdentityRestoreHelper(virIdentity **identptr);
virIdentity *virIdentityGetSystem(void);
--
2.31.1