10:47 a.m.
We offer setting seclabel for the whole domain, but we never fixed the
fact that the domain will not be able to even create its monitor
socket because the directory is owned by the default preconfigured
user and group. Moreover the selinux context can be off as well. So
this patch series fixes few preliminary problems and then changes
autogenerating so that it creates path per-domain. That way we can
start do mains with any seclabels we want without that annoying error
message (or similar ones, depends on your configuration):
error: Failed to start domain dummy
error: internal error: process exited while connecting to monitor:
2015-08-13T15:26:01.474941Z qemu-system-x86_64: -chardev
socket,id=charmonitor,path=/var/lib/libvirt/qemu/dummy.monitor,server,nowait:
Failed to unlink socket /var/lib/libvirt/qemu/dummy.monitor:
Permission denied
The idea is mentioned in this thread in which I tried fixing it pretty
badly without thinking it through (feel free to read the patch for
your amusement):
https://www.redhat.com/archives/libvir-list/2015-February/msg01051.htmlA
One thing to note here is that tests for patch 5/7 are in a separate
patch 6/7 and only minimal. We can also use qemuxml2argvtest to test
for the same thing and indeed that is patch 7/7 that I haven't sent.
I will send it if anyone wants to have that been done as well, but I
believe the qemuxml2argvtest can be left as it currently is because
the patch itself has around 350KiB. It's also enough if you just tell
me in the review that I should squash it in the previous commit (which
I don't suppose anyone will do). Or another idea, I made it available
on my github:
https://github.com/nertpinx/libvirt.git (branch bz1146886)
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1146886
Martin Kletzander (7):
security_selinux: Use proper structure to access socket data
security_dac: Label non-listening sockets
security: Expose SetChardevLabel function in security drivers
security: Label parent directories of character devices
qemu: Fix access to auto-generated socket paths
tests: Use qemuProcessPrepareMonitorChr in qemuxmlnstest
tests: Use qemuProcessPrepareMonitorChr in qemuxml2argvtest
src/conf/domain_conf.h | 1 +
src/libvirt_private.syms | 1 +
src/qemu/qemu_command.c | 2 +-
src/qemu/qemu_domain.c | 17 ++++-----
src/qemu/qemu_process.c | 43 +++++++++++++++++++++-
src/security/security_dac.c | 25 ++++++++++++-
src/security/security_driver.h | 7 +++-
src/security/security_manager.c | 19 ++++++++++
src/security/security_manager.h | 5 +++
src/security/security_selinux.c | 17 ++++++++-
src/security/security_stack.c | 21 +++++++++++
.../qemuxml2argv-aarch64-aavmf-virtio-mmio.args | 3 +-
.../qemuxml2argv-aarch64-cpu-passthrough.args | 3 +-
.../qemuxml2argvdata/qemuxml2argv-aarch64-gic.args | 3 +-
.../qemuxml2argv-aarch64-kvm-32-on-64.args | 2 +-
.../qemuxml2argv-aarch64-virt-default-nic.args | 3 +-
.../qemuxml2argv-aarch64-virt-virtio.args | 3 +-
.../qemuxml2argv-arm-vexpressa9-basic.args | 3 +-
.../qemuxml2argv-arm-vexpressa9-nodevs.args | 3 +-
.../qemuxml2argv-arm-vexpressa9-virtio.args | 3 +-
.../qemuxml2argv-arm-virt-virtio.args | 3 +-
.../qemuxml2argv-balloon-device-auto.args | 3 +-
.../qemuxml2argv-balloon-device-period.args | 3 +-
.../qemuxml2argv-balloon-device.args | 3 +-
.../qemuxml2argvdata/qemuxml2argv-bios-nvram.args | 3 +-
tests/qemuxml2argvdata/qemuxml2argv-bios.args | 3 +-
.../qemuxml2argv-blkdeviotune-max.args | 3 +-
.../qemuxml2argv-blkdeviotune.args | 3 +-
.../qemuxml2argv-blkiotune-device.args | 2 +-
tests/qemuxml2argvdata/qemuxml2argv-blkiotune.args | 2 +-
.../qemuxml2argvdata/qemuxml2argv-boot-cdrom.args | 3 +-
.../qemuxml2argv-boot-complex-bootindex.args | 2 +-
.../qemuxml2argv-boot-complex.args | 2 +-
.../qemuxml2argv-boot-floppy-q35.args | 2 +-
.../qemuxml2argvdata/qemuxml2argv-boot-floppy.args | 3 +-
...xml2argv-boot-menu-disable-drive-bootindex.args | 2 +-
.../qemuxml2argv-boot-menu-disable-drive.args | 2 +-
.../qemuxml2argv-boot-menu-disable.args | 3 +-
...qemuxml2argv-boot-menu-enable-with-timeout.args | 2 +-
.../qemuxml2argv-boot-menu-enable.args | 2 +-
.../qemuxml2argvdata/qemuxml2argv-boot-multi.args | 3 +-
.../qemuxml2argv-boot-network.args | 3 +-
.../qemuxml2argvdata/qemuxml2argv-boot-order.args | 2 +-
.../qemuxml2argvdata/qemuxml2argv-boot-strict.args | 2 +-
.../qemuxml2argv-bootindex-floppy-q35.args | 2 +-
.../qemuxml2argv-channel-guestfwd.args | 3 +-
.../qemuxml2argv-channel-spicevmc-old.args | 3 +-
.../qemuxml2argv-channel-spicevmc.args | 3 +-
.../qemuxml2argv-channel-virtio-auto.args | 2 +-
.../qemuxml2argv-channel-virtio-autoadd.args | 2 +-
.../qemuxml2argv-channel-virtio-autoassign.args | 2 +-
.../qemuxml2argv-channel-virtio-default.args | 2 +-
.../qemuxml2argv-channel-virtio-state.args | 2 +-
.../qemuxml2argv-channel-virtio-unix.args | 9 +++--
.../qemuxml2argv-channel-virtio.args | 2 +-
.../qemuxml2argv-clock-catchup.args | 3 +-
.../qemuxml2argv-clock-france.args | 3 +-
.../qemuxml2argv-clock-hpet-off.args | 3 +-
...muxml2argv-clock-localtime-basis-localtime.args | 3 +-
.../qemuxml2argv-clock-localtime.args | 3 +-
.../qemuxml2argv-clock-timer-hyperv-rtc.args | 3 +-
tests/qemuxml2argvdata/qemuxml2argv-clock-utc.args | 2 +-
.../qemuxml2argv-clock-variable.args | 3 +-
.../qemuxml2argv-console-compat-auto.args | 3 +-
.../qemuxml2argv-console-compat-chardev.args | 3 +-
.../qemuxml2argv-console-compat.args | 3 +-
.../qemuxml2argv-console-sclp.args | 2 +-
.../qemuxml2argv-console-virtio-ccw.args | 2 +-
.../qemuxml2argv-console-virtio-many.args | 2 +-
.../qemuxml2argv-console-virtio-s390.args | 2 +-
.../qemuxml2argv-console-virtio.args | 2 +-
.../qemuxml2argv-controller-order.args | 2 +-
.../qemuxml2argv-cpu-Haswell-noTSX.args | 3 +-
.../qemuxml2argvdata/qemuxml2argv-cpu-Haswell.args | 3 +-
.../qemuxml2argv-cpu-Haswell2.args | 3 +-
.../qemuxml2argv-cpu-Haswell3.args | 3 +-
.../qemuxml2argv-cpu-eoi-disabled.args | 3 +-
.../qemuxml2argv-cpu-eoi-enabled.args | 3 +-
.../qemuxml2argvdata/qemuxml2argv-cpu-exact1.args | 3 +-
.../qemuxml2argv-cpu-exact2-nofallback.args | 3 +-
.../qemuxml2argvdata/qemuxml2argv-cpu-exact2.args | 3 +-
.../qemuxml2argv-cpu-fallback.args | 2 +-
.../qemuxml2argv-cpu-host-kvmclock.args | 3 +-
.../qemuxml2argv-cpu-host-model-fallback.args | 2 +-
.../qemuxml2argv-cpu-host-model-vendor.args | 2 +-
.../qemuxml2argv-cpu-host-model.args | 2 +-
...qemuxml2argv-cpu-host-passthrough-features.args | 2 +-
.../qemuxml2argv-cpu-host-passthrough.args | 2 +-
.../qemuxml2argv-cpu-kvmclock.args | 3 +-
.../qemuxml2argv-cpu-minimum1.args | 3 +-
.../qemuxml2argv-cpu-minimum2.args | 3 +-
.../qemuxml2argv-cpu-numa-disjoint.args | 3 +-
.../qemuxml2argv-cpu-numa-no-memory-element.args | 3 +-
tests/qemuxml2argvdata/qemuxml2argv-cpu-numa1.args | 3 +-
tests/qemuxml2argvdata/qemuxml2argv-cpu-numa2.args | 3 +-
.../qemuxml2argvdata/qemuxml2argv-cpu-strict1.args | 3 +-
.../qemuxml2argv-cpu-topology1.args | 3 +-
.../qemuxml2argv-cpu-topology2.args | 3 +-
.../qemuxml2argv-cpu-topology3.args | 3 +-
.../qemuxml2argv-cputune-numatune.args | 2 +-
.../qemuxml2argv-cputune-zero-shares.args | 3 +-
tests/qemuxml2argvdata/qemuxml2argv-cputune.args | 3 +-
.../qemuxml2argv-default-kvm-host-arch.args | 3 +-
.../qemuxml2argv-default-qemu-host-arch.args | 3 +-
tests/qemuxml2argvdata/qemuxml2argv-disk-aio.args | 3 +-
.../qemuxml2argv-disk-blockio.args | 3 +-
.../qemuxml2argv-disk-cdrom-empty.args | 3 +-
.../qemuxml2argv-disk-cdrom-network-ftp.args | 3 +-
.../qemuxml2argv-disk-cdrom-network-ftps.args | 3 +-
.../qemuxml2argv-disk-cdrom-network-http.args | 3 +-
.../qemuxml2argv-disk-cdrom-network-https.args | 3 +-
.../qemuxml2argv-disk-cdrom-network-tftp.args | 3 +-
...qemuxml2argv-disk-cdrom-tray-no-device-cap.args | 3 +-
.../qemuxml2argv-disk-cdrom-tray.args | 3 +-
.../qemuxml2argvdata/qemuxml2argv-disk-cdrom.args | 3 +-
.../qemuxml2argv-disk-copy_on_read.args | 2 +-
.../qemuxml2argv-disk-drive-boot-cdrom.args | 3 +-
.../qemuxml2argv-disk-drive-boot-disk.args | 3 +-
.../qemuxml2argv-disk-drive-cache-directsync.args | 3 +-
.../qemuxml2argv-disk-drive-cache-unsafe.args | 3 +-
.../qemuxml2argv-disk-drive-cache-v1-none.args | 3 +-
.../qemuxml2argv-disk-drive-cache-v1-wb.args | 3 +-
.../qemuxml2argv-disk-drive-cache-v1-wt.args | 3 +-
.../qemuxml2argv-disk-drive-cache-v2-none.args | 3 +-
.../qemuxml2argv-disk-drive-cache-v2-wb.args | 3 +-
.../qemuxml2argv-disk-drive-cache-v2-wt.args | 3 +-
.../qemuxml2argv-disk-drive-copy-on-read.args | 3 +-
.../qemuxml2argv-disk-drive-discard.args | 3 +-
...uxml2argv-disk-drive-error-policy-enospace.args | 2 +-
.../qemuxml2argv-disk-drive-error-policy-stop.args | 2 +-
...gv-disk-drive-error-policy-wreport-rignore.args | 2 +-
.../qemuxml2argv-disk-drive-fat.args | 3 +-
.../qemuxml2argv-disk-drive-fmt-qcow.args | 3 +-
.../qemuxml2argv-disk-drive-network-gluster.args | 3 +-
...qemuxml2argv-disk-drive-network-iscsi-auth.args | 3 +-
.../qemuxml2argv-disk-drive-network-iscsi-lun.args | 3 +-
.../qemuxml2argv-disk-drive-network-iscsi.args | 3 +-
...qemuxml2argv-disk-drive-network-nbd-export.args | 3 +-
...ml2argv-disk-drive-network-nbd-ipv6-export.args | 3 +-
.../qemuxml2argv-disk-drive-network-nbd-ipv6.args | 3 +-
.../qemuxml2argv-disk-drive-network-nbd-unix.args | 3 +-
.../qemuxml2argv-disk-drive-network-nbd.args | 3 +-
.../qemuxml2argv-disk-drive-network-rbd-auth.args | 3 +-
...muxml2argv-disk-drive-network-rbd-ceph-env.args | 3 +-
.../qemuxml2argv-disk-drive-network-rbd-ipv6.args | 3 +-
.../qemuxml2argv-disk-drive-network-rbd.args | 3 +-
.../qemuxml2argv-disk-drive-network-sheepdog.args | 3 +-
.../qemuxml2argv-disk-drive-no-boot.args | 2 +-
.../qemuxml2argv-disk-drive-readonly-disk.args | 3 +-
...qemuxml2argv-disk-drive-readonly-no-device.args | 3 +-
.../qemuxml2argv-disk-drive-shared.args | 3 +-
.../qemuxml2argv-disk-floppy-pseries.args | 3 +-
...emuxml2argv-disk-floppy-tray-no-device-cap.args | 3 +-
.../qemuxml2argv-disk-floppy-tray.args | 3 +-
.../qemuxml2argvdata/qemuxml2argv-disk-floppy.args | 3 +-
.../qemuxml2argv-disk-geometry.args | 3 +-
.../qemuxml2argv-disk-ide-drive-split.args | 3 +-
.../qemuxml2argv-disk-ide-wwn.args | 3 +-
.../qemuxml2argv-disk-ioeventfd.args | 2 +-
.../qemuxml2argvdata/qemuxml2argv-disk-iscsi.args | 3 +-
tests/qemuxml2argvdata/qemuxml2argv-disk-many.args | 3 +-
.../qemuxml2argvdata/qemuxml2argv-disk-order.args | 2 +-
.../qemuxml2argv-disk-sata-device.args | 3 +-
.../qemuxml2argv-disk-scsi-device-auto.args | 3 +-
.../qemuxml2argv-disk-scsi-device.args | 3 +-
.../qemuxml2argv-disk-scsi-disk-split.args | 3 +-
.../qemuxml2argv-disk-scsi-disk-vpd.args | 3 +-
.../qemuxml2argv-disk-scsi-disk-wwn.args | 3 +-
.../qemuxml2argv-disk-scsi-lun-passthrough.args | 3 +-
.../qemuxml2argv-disk-scsi-megasas.args | 3 +-
.../qemuxml2argv-disk-scsi-virtio-scsi.args | 3 +-
.../qemuxml2argv-disk-scsi-vscsi.args | 3 +-
.../qemuxml2argvdata/qemuxml2argv-disk-serial.args | 3 +-
.../qemuxml2argv-disk-snapshot.args | 3 +-
.../qemuxml2argv-disk-source-pool-mode.args | 3 +-
.../qemuxml2argv-disk-source-pool.args | 3 +-
.../qemuxml2argv-disk-usb-device-removable.args | 3 +-
.../qemuxml2argv-disk-usb-device.args | 3 +-
tests/qemuxml2argvdata/qemuxml2argv-disk-usb.args | 3 +-
.../qemuxml2argv-disk-virtio-ccw-many.args | 3 +-
.../qemuxml2argv-disk-virtio-ccw.args | 3 +-
.../qemuxml2argv-disk-virtio-s390.args | 3 +-
.../qemuxml2argv-disk-virtio-scsi-ccw.args | 3 +-
.../qemuxml2argv-disk-virtio-scsi-cmd_per_lun.args | 3 +-
.../qemuxml2argv-disk-virtio-scsi-ioeventfd.args | 3 +-
.../qemuxml2argv-disk-virtio-scsi-max_sectors.args | 3 +-
.../qemuxml2argv-disk-virtio-scsi-num_queues.args | 3 +-
.../qemuxml2argvdata/qemuxml2argv-disk-virtio.args | 3 +-
.../qemuxml2argvdata/qemuxml2argv-disk-xenvbd.args | 3 +-
.../qemuxml2argv-eoi-disabled.args | 3 +-
.../qemuxml2argvdata/qemuxml2argv-eoi-enabled.args | 3 +-
tests/qemuxml2argvdata/qemuxml2argv-event_idx.args | 2 +-
.../qemuxml2argv-fips-enabled.args | 3 +-
.../qemuxml2argv-floppy-drive-fat.args | 3 +-
tests/qemuxml2argvdata/qemuxml2argv-fs9p-ccw.args | 3 +-
tests/qemuxml2argvdata/qemuxml2argv-fs9p.args | 3 +-
.../qemuxml2argv-graphics-sdl-fullscreen.args | 3 +-
.../qemuxml2argv-graphics-sdl.args | 3 +-
...emuxml2argv-graphics-spice-agent-file-xfer.args | 3 +-
.../qemuxml2argv-graphics-spice-agentmouse.args | 3 +-
.../qemuxml2argv-graphics-spice-compression.args | 3 +-
.../qemuxml2argv-graphics-spice-qxl-vga.args | 3 +-
.../qemuxml2argv-graphics-spice-sasl.args | 3 +-
.../qemuxml2argv-graphics-spice-timeout.args | 3 +-
.../qemuxml2argv-graphics-spice-usb-redir.args | 2 +-
.../qemuxml2argv-graphics-spice.args | 3 +-
.../qemuxml2argv-graphics-vnc-policy.args | 3 +-
.../qemuxml2argv-graphics-vnc-sasl.args | 3 +-
.../qemuxml2argv-graphics-vnc-socket.args | 3 +-
.../qemuxml2argv-graphics-vnc-tls.args | 3 +-
.../qemuxml2argv-graphics-vnc-websocket.args | 3 +-
.../qemuxml2argv-graphics-vnc.args | 3 +-
.../qemuxml2argv-hostdev-pci-address-device.args | 2 +-
.../qemuxml2argv-hostdev-pci-address.args | 3 +-
.../qemuxml2argv-hostdev-scsi-boot.args | 2 +-
.../qemuxml2argv-hostdev-scsi-lsi-iscsi-auth.args | 2 +-
.../qemuxml2argv-hostdev-scsi-lsi-iscsi.args | 2 +-
.../qemuxml2argv-hostdev-scsi-lsi.args | 2 +-
.../qemuxml2argv-hostdev-scsi-readonly.args | 2 +-
...emuxml2argv-hostdev-scsi-virtio-iscsi-auth.args | 2 +-
.../qemuxml2argv-hostdev-scsi-virtio-iscsi.args | 2 +-
.../qemuxml2argv-hostdev-scsi-virtio-scsi.args | 2 +-
...muxml2argv-hostdev-usb-address-device-boot.args | 3 +-
.../qemuxml2argv-hostdev-usb-address-device.args | 3 +-
.../qemuxml2argv-hostdev-usb-address.args | 3 +-
.../qemuxml2argv-hostdev-vfio-multidomain.args | 2 +-
.../qemuxml2argv-hostdev-vfio.args | 2 +-
.../qemuxml2argv-hotplug-base.args | 2 +-
.../qemuxml2argv-hugepages-numa.args | 2 +-
.../qemuxml2argv-hugepages-pages.args | 3 +-
.../qemuxml2argv-hugepages-pages2.args | 3 +-
.../qemuxml2argv-hugepages-pages3.args | 3 +-
.../qemuxml2argv-hugepages-pages5.args | 3 +-
.../qemuxml2argv-hugepages-pages6.args | 3 +-
.../qemuxml2argv-hugepages-shared.args | 3 +-
tests/qemuxml2argvdata/qemuxml2argv-hugepages.args | 3 +-
.../qemuxml2argvdata/qemuxml2argv-hyperv-off.args | 2 +-
tests/qemuxml2argvdata/qemuxml2argv-hyperv.args | 3 +-
.../qemuxml2argv-input-usbmouse-addr.args | 3 +-
.../qemuxml2argv-input-usbmouse.args | 3 +-
.../qemuxml2argv-input-usbtablet.args | 3 +-
.../qemuxml2argv-iothreads-disk-virtio-ccw.args | 3 +-
.../qemuxml2argv-iothreads-disk.args | 3 +-
.../qemuxml2argv-iothreads-ids-partial.args | 3 +-
.../qemuxml2argv-iothreads-ids.args | 3 +-
tests/qemuxml2argvdata/qemuxml2argv-iothreads.args | 3 +-
.../qemuxml2argv-kvm-features-off.args | 2 +-
.../qemuxml2argv-kvm-features.args | 3 +-
.../qemuxml2argv-kvm-pit-delay.args | 2 +-
.../qemuxml2argv-kvm-pit-device.args | 2 +-
tests/qemuxml2argvdata/qemuxml2argv-kvm.args | 3 +-
.../qemuxml2argv-kvmclock+eoi-disabled.args | 3 +-
tests/qemuxml2argvdata/qemuxml2argv-kvmclock.args | 3 +-
tests/qemuxml2argvdata/qemuxml2argv-lease.args | 3 +-
.../qemuxml2argv-machine-aeskeywrap-off-argv.args | 3 +-
.../qemuxml2argv-machine-aeskeywrap-off-cap.args | 3 +-
.../qemuxml2argv-machine-aeskeywrap-off-caps.args | 3 +-
.../qemuxml2argv-machine-aeskeywrap-on-argv.args | 3 +-
.../qemuxml2argv-machine-aeskeywrap-on-cap.args | 3 +-
.../qemuxml2argv-machine-aeskeywrap-on-caps.args | 3 +-
.../qemuxml2argv-machine-aliases1.args | 3 +-
.../qemuxml2argv-machine-aliases2.args | 3 +-
.../qemuxml2argv-machine-core-off.args | 3 +-
.../qemuxml2argv-machine-core-on.args | 3 +-
.../qemuxml2argv-machine-deakeywrap-off-argv.args | 3 +-
.../qemuxml2argv-machine-deakeywrap-off-cap.args | 3 +-
.../qemuxml2argv-machine-deakeywrap-off-caps.args | 3 +-
.../qemuxml2argv-machine-deakeywrap-on-argv.args | 3 +-
.../qemuxml2argv-machine-deakeywrap-on-cap.args | 3 +-
.../qemuxml2argv-machine-deakeywrap-on-caps.args | 3 +-
.../qemuxml2argv-machine-keywrap-none-argv.args | 3 +-
.../qemuxml2argv-machine-keywrap-none-caps.args | 3 +-
.../qemuxml2argv-machine-keywrap-none.args | 3 +-
.../qemuxml2argv-machine-usb-opt.args | 3 +-
.../qemuxml2argv-machine-vmport-opt.args | 3 +-
.../qemuxml2argv-memory-hotplug-dimm-addr.args | 3 +-
.../qemuxml2argv-memory-hotplug-dimm.args | 3 +-
.../qemuxml2argv-memory-hotplug.args | 3 +-
.../qemuxml2argv-memtune-unlimited.args | 3 +-
tests/qemuxml2argvdata/qemuxml2argv-memtune.args | 3 +-
tests/qemuxml2argvdata/qemuxml2argv-metadata.args | 3 +-
tests/qemuxml2argvdata/qemuxml2argv-migrate.args | 3 +-
.../qemuxml2argv-minimal-msg-timestamp.args | 2 +-
.../qemuxml2argv-minimal-s390.args | 2 +-
tests/qemuxml2argvdata/qemuxml2argv-minimal.args | 2 +-
tests/qemuxml2argvdata/qemuxml2argv-misc-acpi.args | 3 +-
.../qemuxml2argv-misc-disable-s3.args | 3 +-
.../qemuxml2argv-misc-disable-suspends.args | 3 +-
.../qemuxml2argv-misc-enable-s4.args | 3 +-
.../qemuxml2argv-misc-no-reboot.args | 3 +-
tests/qemuxml2argvdata/qemuxml2argv-misc-uuid.args | 3 +-
tests/qemuxml2argvdata/qemuxml2argv-mlock-off.args | 3 +-
tests/qemuxml2argvdata/qemuxml2argv-mlock-on.args | 3 +-
.../qemuxml2argv-mlock-unsupported.args | 3 +-
.../qemuxml2argv-monitor-json.args | 3 +-
.../qemuxml2argv-multifunction-pci-device.args | 3 +-
.../qemuxml2argvdata/qemuxml2argv-net-client.args | 3 +-
.../qemuxml2argv-net-eth-ifname.args | 3 +-
.../qemuxml2argv-net-eth-names.args | 3 +-
tests/qemuxml2argvdata/qemuxml2argv-net-eth.args | 3 +-
.../qemuxml2argv-net-hostdev-multidomain.args | 2 +-
.../qemuxml2argv-net-hostdev-vfio-multidomain.args | 2 +-
.../qemuxml2argv-net-hostdev-vfio.args | 2 +-
.../qemuxml2argvdata/qemuxml2argv-net-hostdev.args | 2 +-
tests/qemuxml2argvdata/qemuxml2argv-net-mcast.args | 3 +-
.../qemuxml2argvdata/qemuxml2argv-net-server.args | 3 +-
tests/qemuxml2argvdata/qemuxml2argv-net-user.args | 3 +-
.../qemuxml2argv-net-vhostuser-multiq.args | 3 +-
.../qemuxml2argv-net-vhostuser.args | 3 +-
.../qemuxml2argv-net-virtio-ccw.args | 3 +-
.../qemuxml2argv-net-virtio-device.args | 3 +-
.../qemuxml2argv-net-virtio-disable-offloads.args | 3 +-
.../qemuxml2argv-net-virtio-netdev.args | 3 +-
.../qemuxml2argv-net-virtio-s390.args | 3 +-
.../qemuxml2argvdata/qemuxml2argv-net-virtio.args | 3 +-
.../qemuxml2argvdata/qemuxml2argv-no-shutdown.args | 2 +-
.../qemuxml2argv-nographics-vga.args | 3 +-
.../qemuxml2argvdata/qemuxml2argv-nographics.args | 3 +-
.../qemuxml2argv-nosharepages.args | 2 +-
...qemuxml2argv-numad-auto-memory-vcpu-cpuset.args | 3 +-
...d-auto-memory-vcpu-no-cpuset-and-placement.args | 3 +-
...muxml2argv-numad-auto-vcpu-static-numatune.args | 3 +-
...qemuxml2argv-numad-static-memory-auto-vcpu.args | 3 +-
tests/qemuxml2argvdata/qemuxml2argv-numad.args | 3 +-
...qemuxml2argv-numatune-auto-nodeset-invalid.args | 3 +-
.../qemuxml2argv-numatune-auto-prefer.args | 2 +-
.../qemuxml2argv-numatune-memnode-no-memory.args | 2 +-
.../qemuxml2argv-numatune-memnode.args | 2 +-
.../qemuxml2argv-numatune-memory.args | 3 +-
.../qemuxml2argv-panic-no-address.args | 3 +-
tests/qemuxml2argvdata/qemuxml2argv-panic.args | 3 +-
.../qemuxml2argv-parallel-parport-chardev.args | 3 +-
.../qemuxml2argv-parallel-tcp-chardev.args | 3 +-
.../qemuxml2argv-parallel-tcp.args | 3 +-
.../qemuxml2argv-pci-autoadd-addr.args | 2 +-
.../qemuxml2argv-pci-autoadd-idx.args | 2 +-
.../qemuxml2argv-pci-bridge-many-disks.args | 2 +-
tests/qemuxml2argvdata/qemuxml2argv-pci-many.args | 2 +-
tests/qemuxml2argvdata/qemuxml2argv-pci-rom.args | 2 +-
.../qemuxml2argv-pci-serial-dev-chardev.args | 2 +-
.../qemuxml2argv-pcie-root-port.args | 3 +-
tests/qemuxml2argvdata/qemuxml2argv-pcie-root.args | 3 +-
.../qemuxml2argv-pcie-switch-downstream-port.args | 3 +-
.../qemuxml2argv-pcie-switch-upstream-port.args | 3 +-
.../qemuxml2argv-pcihole64-none.args | 3 +-
.../qemuxml2argv-pcihole64-q35.args | 2 +-
tests/qemuxml2argvdata/qemuxml2argv-pcihole64.args | 2 +-
.../qemuxml2argv-pmu-feature-off.args | 3 +-
.../qemuxml2argvdata/qemuxml2argv-pmu-feature.args | 3 +-
tests/qemuxml2argvdata/qemuxml2argv-ppc-dtb.args | 3 +-
.../qemuxml2argv-ppce500-serial.args | 2 +-
.../qemuxml2argv-pseries-basic.args | 2 +-
.../qemuxml2argv-pseries-cpu-compat.args | 2 +-
.../qemuxml2argv-pseries-cpu-exact.args | 2 +-
.../qemuxml2argv-pseries-cpu-le.args | 2 +-
.../qemuxml2argv-pseries-nvram.args | 2 +-
.../qemuxml2argv-pseries-panic-missing.args | 2 +-
.../qemuxml2argv-pseries-panic-no-address.args | 2 +-
.../qemuxml2argv-pseries-usb-default.args | 2 +-
.../qemuxml2argv-pseries-usb-kbd.args | 2 +-
.../qemuxml2argv-pseries-usb-multi.args | 2 +-
.../qemuxml2argv-pseries-vio-user-assigned.args | 2 +-
.../qemuxml2argvdata/qemuxml2argv-pseries-vio.args | 2 +-
.../qemuxml2argv-pv-spinlock-disabled.args | 3 +-
.../qemuxml2argv-pv-spinlock-enabled.args | 3 +-
tests/qemuxml2argvdata/qemuxml2argv-q35.args | 3 +-
.../qemuxml2argv-qemu-ns-no-env.args | 3 +-
tests/qemuxml2argvdata/qemuxml2argv-qemu-ns.args | 3 +-
.../qemuxml2argv-reboot-timeout-disabled.args | 3 +-
.../qemuxml2argv-reboot-timeout-enabled.args | 3 +-
.../qemuxml2argvdata/qemuxml2argv-restore-v1.args | 3 +-
.../qemuxml2argv-restore-v2-fd.args | 3 +-
.../qemuxml2argvdata/qemuxml2argv-restore-v2.args | 3 +-
...muxml2argv-s390-allow-bogus-usb-controller.args | 2 +-
.../qemuxml2argv-s390-allow-bogus-usb-none.args | 2 +-
.../qemuxml2argv-seclabel-dac-none.args | 3 +-
.../qemuxml2argv-seclabel-dynamic-baselabel.args | 3 +-
.../qemuxml2argv-seclabel-dynamic-labelskip.args | 3 +-
.../qemuxml2argv-seclabel-dynamic-override.args | 3 +-
.../qemuxml2argv-seclabel-dynamic-relabel.args | 3 +-
.../qemuxml2argv-seclabel-dynamic.args | 3 +-
.../qemuxml2argv-seclabel-none.args | 3 +-
.../qemuxml2argv-seclabel-static-labelskip.args | 3 +-
.../qemuxml2argv-seclabel-static-relabel.args | 2 +-
.../qemuxml2argv-seclabel-static.args | 3 +-
.../qemuxml2argv-serial-dev-chardev-iobase.args | 3 +-
.../qemuxml2argv-serial-dev-chardev.args | 3 +-
.../qemuxml2argvdata/qemuxml2argv-serial-dev.args | 3 +-
.../qemuxml2argv-serial-file-chardev.args | 3 +-
.../qemuxml2argvdata/qemuxml2argv-serial-file.args | 3 +-
.../qemuxml2argv-serial-many-chardev.args | 3 +-
.../qemuxml2argvdata/qemuxml2argv-serial-many.args | 3 +-
.../qemuxml2argv-serial-pty-chardev.args | 3 +-
.../qemuxml2argvdata/qemuxml2argv-serial-pty.args | 3 +-
.../qemuxml2argv-serial-spiceport-nospice.args | 2 +-
.../qemuxml2argv-serial-spiceport.args | 2 +-
.../qemuxml2argv-serial-tcp-chardev.args | 3 +-
.../qemuxml2argv-serial-tcp-telnet-chardev.args | 3 +-
.../qemuxml2argv-serial-tcp-telnet.args | 3 +-
.../qemuxml2argvdata/qemuxml2argv-serial-tcp.args | 3 +-
.../qemuxml2argv-serial-udp-chardev.args | 3 +-
.../qemuxml2argvdata/qemuxml2argv-serial-udp.args | 3 +-
.../qemuxml2argv-serial-unix-chardev.args | 3 +-
.../qemuxml2argvdata/qemuxml2argv-serial-unix.args | 3 +-
.../qemuxml2argv-serial-vc-chardev.args | 3 +-
tests/qemuxml2argvdata/qemuxml2argv-serial-vc.args | 3 +-
tests/qemuxml2argvdata/qemuxml2argv-shmem.args | 3 +-
.../qemuxml2argv-smartcard-controller.args | 2 +-
.../qemuxml2argv-smartcard-host-certificates.args | 2 +-
.../qemuxml2argv-smartcard-host.args | 2 +-
...emuxml2argv-smartcard-passthrough-spicevmc.args | 2 +-
.../qemuxml2argv-smartcard-passthrough-tcp.args | 2 +-
tests/qemuxml2argvdata/qemuxml2argv-smbios.args | 3 +-
tests/qemuxml2argvdata/qemuxml2argv-smp.args | 3 +-
.../qemuxml2argv-sound-device.args | 3 +-
tests/qemuxml2argvdata/qemuxml2argv-sound.args | 3 +-
.../qemuxml2argv-tpm-passthrough.args | 3 +-
.../qemuxml2argv-usb-controller.args | 2 +-
tests/qemuxml2argvdata/qemuxml2argv-usb-hub.args | 2 +-
.../qemuxml2argv-usb-ich9-companion.args | 2 +-
.../qemuxml2argv-usb-ich9-ehci-addr.args | 2 +-
tests/qemuxml2argvdata/qemuxml2argv-usb-none.args | 2 +-
.../qemuxml2argv-usb-piix3-controller.args | 2 +-
tests/qemuxml2argvdata/qemuxml2argv-usb-ports.args | 2 +-
.../qemuxml2argv-usb-redir-boot.args | 2 +-
.../qemuxml2argv-usb-redir-filter-version.args | 2 +-
.../qemuxml2argv-usb-redir-filter.args | 2 +-
tests/qemuxml2argvdata/qemuxml2argv-usb-redir.args | 2 +-
tests/qemuxml2argvdata/qemuxml2argv-usb1-usb2.args | 2 +-
.../qemuxml2argv-video-device-pciaddr-default.args | 3 +-
.../qemuxml2argv-video-qxl-device-vgamem.args | 3 +-
.../qemuxml2argv-video-qxl-device.args | 3 +-
.../qemuxml2argv-video-qxl-nodevice.args | 3 +-
.../qemuxml2argv-video-qxl-sec-device-vgamem.args | 3 +-
.../qemuxml2argv-video-qxl-sec-device.args | 3 +-
.../qemuxml2argv-video-vga-device-vgamem.args | 3 +-
.../qemuxml2argv-video-vga-device.args | 3 +-
.../qemuxml2argv-video-vga-nodevice.args | 3 +-
.../qemuxml2argvdata/qemuxml2argv-virtio-lun.args | 2 +-
.../qemuxml2argv-virtio-rng-ccw.args | 2 +-
.../qemuxml2argv-virtio-rng-default.args | 3 +-
.../qemuxml2argv-virtio-rng-egd.args | 3 +-
.../qemuxml2argv-virtio-rng-multiple.args | 3 +-
.../qemuxml2argv-virtio-rng-random.args | 3 +-
.../qemuxml2argv-watchdog-device.args | 3 +-
.../qemuxml2argv-watchdog-diag288.args | 2 +-
.../qemuxml2argv-watchdog-dump.args | 3 +-
.../qemuxml2argv-watchdog-injectnmi.args | 3 +-
tests/qemuxml2argvdata/qemuxml2argv-watchdog.args | 3 +-
tests/qemuxml2argvtest.c | 19 +++++++---
.../qemuxmlns-qemu-ns-commandline-ns0.args | 2 +-
.../qemuxmlns-qemu-ns-commandline-ns1.args | 2 +-
.../qemuxmlns-qemu-ns-commandline.args | 2 +-
.../qemuxmlns-qemu-ns-domain-commandline-ns0.args | 2 +-
.../qemuxmlns-qemu-ns-domain-commandline.args | 2 +-
.../qemuxmlns-qemu-ns-domain-ns0.args | 2 +-
tests/qemuxmlnsdata/qemuxmlns-qemu-ns-domain.args | 2 +-
tests/qemuxmlnstest.c | 19 +++++++---
458 files changed, 936 insertions(+), 477 deletions(-)
--
2.5.0
10:47 a.m.
New subject: [libvirt] [PATCH 1/7] security_selinux: Use proper structure to access socket data
In virSecuritySELinuxSetSecurityChardevLabel() we are labelling unix
socket path, but accessing another structure of the union. This does
not pose a problem currently as both paths are at the same offset, but
this should be fixed for the future.
Signed-off-by: Martin Kletzander <mkletzan(a)redhat.com>
---
src/security/security_selinux.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
index 6e67a86cc27c..a37f8c140b07 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -1740,7 +1740,7 @@ virSecuritySELinuxSetSecurityChardevLabel(virDomainDefPtr def,
case VIR_DOMAIN_CHR_TYPE_UNIX:
if (!dev_source->data.nix.listen) {
- if (virSecuritySELinuxSetFilecon(dev_source->data.file.path,
+ if (virSecuritySELinuxSetFilecon(dev_source->data.nix.path,
imagelabel) < 0)
goto done;
}
--
2.5.0
10:47 a.m.
New subject: [libvirt] [PATCH 2/7] security_dac: Label non-listening sockets
SELinux security driver already does that, but DAC driver somehow missed
the memo. Let's fix it so it works the same way.
Signed-off-by: Martin Kletzander <mkletzan(a)redhat.com>
---
src/security/security_dac.c | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/src/security/security_dac.c b/src/security/security_dac.c
index deb69803095b..bed23c30ae8c 100644
--- a/src/security/security_dac.c
+++ b/src/security/security_dac.c
@@ -789,6 +789,15 @@ virSecurityDACSetChardevLabel(virSecurityManagerPtr mgr,
ret = 0;
break;
+ case VIR_DOMAIN_CHR_TYPE_UNIX:
+ if (!dev_source->data.nix.listen) {
+ if (virSecurityDACSetOwnership(dev_source->data.nix.path,
+ user, group) < 0)
+ goto done;
+ }
+ ret = 0;
+ break;
+
case VIR_DOMAIN_CHR_TYPE_SPICEPORT:
case VIR_DOMAIN_CHR_TYPE_NULL:
case VIR_DOMAIN_CHR_TYPE_VC:
@@ -796,7 +805,6 @@ virSecurityDACSetChardevLabel(virSecurityManagerPtr mgr,
case VIR_DOMAIN_CHR_TYPE_STDIO:
case VIR_DOMAIN_CHR_TYPE_UDP:
case VIR_DOMAIN_CHR_TYPE_TCP:
- case VIR_DOMAIN_CHR_TYPE_UNIX:
case VIR_DOMAIN_CHR_TYPE_SPICEVMC:
case VIR_DOMAIN_CHR_TYPE_NMDM:
case VIR_DOMAIN_CHR_TYPE_LAST:
--
2.5.0
10:47 a.m.
New subject: [libvirt] [PATCH 3/7] security: Expose SetChardevLabel function in security drivers
Functions labelling character devices can be used in the future for
labelling additional character devices that are not present in the
definition itself.
Signed-off-by: Martin Kletzander <mkletzan(a)redhat.com>
---
src/libvirt_private.syms | 1 +
src/security/security_dac.c | 2 ++
src/security/security_driver.h | 7 ++++++-
src/security/security_manager.c | 19 +++++++++++++++++++
src/security/security_manager.h | 5 +++++
src/security/security_selinux.c | 2 ++
src/security/security_stack.c | 21 +++++++++++++++++++++
7 files changed, 56 insertions(+), 1 deletion(-)
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index 45f42f502035..b1c03f00050b 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -1044,6 +1044,7 @@ virSecurityManagerRestoreHostdevLabel;
virSecurityManagerRestoreImageLabel;
virSecurityManagerRestoreSavedStateLabel;
virSecurityManagerSetAllLabel;
+virSecurityManagerSetChardevLabel;
virSecurityManagerSetChildProcessLabel;
virSecurityManagerSetDaemonSocketLabel;
virSecurityManagerSetDiskLabel;
diff --git a/src/security/security_dac.c b/src/security/security_dac.c
index bed23c30ae8c..ea34d40fac51 100644
--- a/src/security/security_dac.c
+++ b/src/security/security_dac.c
@@ -1441,4 +1441,6 @@ virSecurityDriver virSecurityDriverDAC = {
.domainGetSecurityMountOptions = virSecurityDACGetMountOptions,
.getBaseLabel = virSecurityDACGetBaseLabel,
+
+ .domainSetChardevLabel = virSecurityDACSetChardevLabel,
};
diff --git a/src/security/security_driver.h b/src/security/security_driver.h
index f0dca09177e5..08aa3e1f8747 100644
--- a/src/security/security_driver.h
+++ b/src/security/security_driver.h
@@ -118,7 +118,10 @@ typedef int (*virSecurityDomainSetImageLabel) (virSecurityManagerPtr
mgr,
typedef int (*virSecurityDomainRestoreImageLabel) (virSecurityManagerPtr mgr,
virDomainDefPtr def,
virStorageSourcePtr src);
-
+typedef int (*virSecurityDomainSetChardevLabel) (virSecurityManagerPtr mgr,
+ virDomainDefPtr def,
+ virDomainChrDefPtr dev,
+ virDomainChrSourceDefPtr src);
struct _virSecurityDriver {
size_t privateDataLen;
@@ -168,6 +171,8 @@ struct _virSecurityDriver {
virSecurityDomainSetHugepages domainSetSecurityHugepages;
virSecurityDriverGetBaseLabel getBaseLabel;
+
+ virSecurityDomainSetChardevLabel domainSetChardevLabel;
};
virSecurityDriverPtr virSecurityDriverLookup(const char *name,
diff --git a/src/security/security_manager.c b/src/security/security_manager.c
index b0cd9e856903..ec3479ae73a9 100644
--- a/src/security/security_manager.c
+++ b/src/security/security_manager.c
@@ -991,3 +991,22 @@ virSecurityManagerSetHugepages(virSecurityManagerPtr mgr,
return 0;
}
+
+
+int
+virSecurityManagerSetChardevLabel(virSecurityManagerPtr mgr,
+ virDomainDefPtr def,
+ virDomainChrDefPtr dev,
+ virDomainChrSourceDefPtr src)
+{
+ int ret;
+
+ if (!mgr->drv->domainSetChardevLabel)
+ return 0;
+
+ virObjectLock(mgr);
+ ret = mgr->drv->domainSetChardevLabel(mgr, def, dev, src);
+ virObjectUnlock(mgr);
+
+ return ret;
+}
diff --git a/src/security/security_manager.h b/src/security/security_manager.h
index 13468db3997b..25ddd5fe79a0 100644
--- a/src/security/security_manager.h
+++ b/src/security/security_manager.h
@@ -150,4 +150,9 @@ int virSecurityManagerRestoreImageLabel(virSecurityManagerPtr mgr,
virDomainDefPtr vm,
virStorageSourcePtr src);
+int virSecurityManagerSetChardevLabel(virSecurityManagerPtr mgr,
+ virDomainDefPtr def,
+ virDomainChrDefPtr dev,
+ virDomainChrSourceDefPtr src);
+
#endif /* VIR_SECURITY_MANAGER_H__ */
diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
index a37f8c140b07..7000701d0447 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -2549,4 +2549,6 @@ virSecurityDriver virSecurityDriverSELinux = {
.domainGetSecurityMountOptions = virSecuritySELinuxGetSecurityMountOptions,
.getBaseLabel = virSecuritySELinuxGetBaseLabel,
+
+ .domainSetChardevLabel = virSecuritySELinuxSetSecurityChardevLabel,
};
diff --git a/src/security/security_stack.c b/src/security/security_stack.c
index 1ded57b9604c..124d7806203c 100644
--- a/src/security/security_stack.c
+++ b/src/security/security_stack.c
@@ -599,6 +599,25 @@ virSecurityStackRestoreSecurityImageLabel(virSecurityManagerPtr mgr,
return rc;
}
+static int
+virSecurityStackSetChardevLabel(virSecurityManagerPtr mgr,
+ virDomainDefPtr def,
+ virDomainChrDefPtr dev,
+ virDomainChrSourceDefPtr src)
+{
+ virSecurityStackDataPtr priv = virSecurityManagerGetPrivateData(mgr);
+ virSecurityStackItemPtr item = priv->itemsHead;
+ int rc = 0;
+
+ for (; item; item = item->next) {
+ if (virSecurityManagerSetChardevLabel(item->securityManager,
+ def, dev, src) < 0)
+ rc = -1;
+ }
+
+ return rc;
+}
+
virSecurityDriver virSecurityDriverStack = {
.privateDataLen = sizeof(virSecurityStackData),
.name = "stack",
@@ -648,4 +667,6 @@ virSecurityDriver virSecurityDriverStack = {
.domainSetSecurityHugepages = virSecurityStackSetHugepages,
.getBaseLabel = virSecurityStackGetBaseLabel,
+
+ .domainSetChardevLabel = virSecurityStackSetChardevLabel,
};
--
2.5.0
10:47 a.m.
New subject: [libvirt] [PATCH 4/7] security: Label parent directories of character devices
We are currently unable to label parent directories for some paths.
However, we will need to have per-domain directories that we would like
to have labelled, but we can't label all of them. So let's add a
boolean variable that will determine whether parent directory for such
chardev should be labelled as well as that character device itself.
Signed-off-by: Martin Kletzander <mkletzan(a)redhat.com>
---
src/conf/domain_conf.h | 1 +
src/security/security_dac.c | 13 ++++++++++++-
src/security/security_selinux.c | 13 ++++++++++++-
3 files changed, 25 insertions(+), 2 deletions(-)
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
index e1872bca002c..9d549a395e29 100644
--- a/src/conf/domain_conf.h
+++ b/src/conf/domain_conf.h
@@ -1191,6 +1191,7 @@ struct _virDomainChrSourceDef {
} udp;
struct {
char *path;
+ bool autopath;
bool listen;
} nix;
int spicevmc;
diff --git a/src/security/security_dac.c b/src/security/security_dac.c
index ea34d40fac51..28e9f0091e74 100644
--- a/src/security/security_dac.c
+++ b/src/security/security_dac.c
@@ -29,6 +29,7 @@
#endif
#include "security_dac.h"
+#include "dirname.h"
#include "virerror.h"
#include "virfile.h"
#include "viralloc.h"
@@ -744,7 +745,7 @@ virSecurityDACSetChardevLabel(virSecurityManagerPtr mgr,
virSecurityDACDataPtr priv = virSecurityManagerGetPrivateData(mgr);
virSecurityLabelDefPtr seclabel;
virSecurityDeviceLabelDefPtr chr_seclabel = NULL;
- char *in = NULL, *out = NULL;
+ char *in = NULL, *out = NULL, *dir = NULL;
int ret = -1;
uid_t user;
gid_t group;
@@ -795,6 +796,15 @@ virSecurityDACSetChardevLabel(virSecurityManagerPtr mgr,
user, group) < 0)
goto done;
}
+ if (dev_source->data.nix.autopath) {
+ if (!(dir = mdir_name(dev_source->data.nix.path))) {
+ virReportOOMError();
+ goto done;
+ }
+
+ if (virSecurityDACSetOwnership(dir, user, group) < 0)
+ goto done;
+ }
ret = 0;
break;
@@ -813,6 +823,7 @@ virSecurityDACSetChardevLabel(virSecurityManagerPtr mgr,
}
done:
+ VIR_FREE(dir);
VIR_FREE(in);
VIR_FREE(out);
return ret;
diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
index 7000701d0447..9f5ec05b59fb 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -33,6 +33,7 @@
#include "security_driver.h"
#include "security_selinux.h"
+#include "dirname.h"
#include "virerror.h"
#include "viralloc.h"
#include "virlog.h"
@@ -1712,7 +1713,7 @@ virSecuritySELinuxSetSecurityChardevLabel(virDomainDefPtr def,
virSecurityLabelDefPtr seclabel;
virSecurityDeviceLabelDefPtr chr_seclabel = NULL;
char *imagelabel = NULL;
- char *in = NULL, *out = NULL;
+ char *in = NULL, *out = NULL, *dir = NULL;
int ret = -1;
seclabel = virDomainDefGetSecurityLabelDef(def, SECURITY_SELINUX_NAME);
@@ -1744,6 +1745,15 @@ virSecuritySELinuxSetSecurityChardevLabel(virDomainDefPtr def,
imagelabel) < 0)
goto done;
}
+ if (dev_source->data.nix.autopath) {
+ if (!(dir = mdir_name(dev_source->data.nix.path))) {
+ virReportOOMError();
+ goto done;
+ }
+
+ if (virSecuritySELinuxSetFilecon(dir, imagelabel) < 0)
+ goto done;
+ }
ret = 0;
break;
@@ -1769,6 +1779,7 @@ virSecuritySELinuxSetSecurityChardevLabel(virDomainDefPtr def,
}
done:
+ VIR_FREE(dir);
VIR_FREE(in);
VIR_FREE(out);
return ret;
--
2.5.0
10:59 a.m.
New subject: [libvirt] [PATCH 4/7] security: Label parent directories of character devices
On Thu, Aug 13, 2015 at 05:47:42PM +0200, Martin Kletzander wrote:
We are currently unable to label parent directories for some paths.
However, we will need to have per-domain directories that we would like
to have labelled, but we can't label all of them. So let's add a
boolean variable that will determine whether parent directory for such
chardev should be labelled as well as that character device itself.
Signed-off-by: Martin Kletzander <mkletzan(a)redhat.com>
---
src/conf/domain_conf.h | 1 +
src/security/security_dac.c | 13 ++++++++++++-
src/security/security_selinux.c | 13 ++++++++++++-
3 files changed, 25 insertions(+), 2 deletions(-)
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
index e1872bca002c..9d549a395e29 100644
--- a/src/conf/domain_conf.h
+++ b/src/conf/domain_conf.h
@@ -1191,6 +1191,7 @@ struct _virDomainChrSourceDef {
} udp;
struct {
char *path;
+ bool autopath;
bool listen;
} nix;
int spicevmc;
I don't think we need this - it seems we can just pass a 'bool labelParent'
parameter into virSecurityManagerSetChardevLabel() when calling it for
the monitor socket.
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
4:58 a.m.
New subject: [libvirt] [PATCH 4/7] security: Label parent directories of character devices
On Thu, Aug 13, 2015 at 04:59:47PM +0100, Daniel P. Berrange wrote:
On Thu, Aug 13, 2015 at 05:47:42PM +0200, Martin Kletzander wrote:
> We are currently unable to label parent directories for some paths.
> However, we will need to have per-domain directories that we would like
> to have labelled, but we can't label all of them. So let's add a
> boolean variable that will determine whether parent directory for such
> chardev should be labelled as well as that character device itself.
>
> Signed-off-by: Martin Kletzander <mkletzan(a)redhat.com>
> ---
> src/conf/domain_conf.h | 1 +
> src/security/security_dac.c | 13 ++++++++++++-
> src/security/security_selinux.c | 13 ++++++++++++-
> 3 files changed, 25 insertions(+), 2 deletions(-)
>
> diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
> index e1872bca002c..9d549a395e29 100644
> --- a/src/conf/domain_conf.h
> +++ b/src/conf/domain_conf.h
> @@ -1191,6 +1191,7 @@ struct _virDomainChrSourceDef {
> } udp;
> struct {
> char *path;
> + bool autopath;
> bool listen;
> } nix;
> int spicevmc;
I don't think we need this - it seems we can just pass a 'bool labelParent'
parameter into virSecurityManagerSetChardevLabel() when calling it for
the monitor socket.
It's not used only for the monitor socket, but mainly for virtio
channel's target's unix socket as well and maybe more in the future.
But I agree it could be named 'labelParent' as well. Should I resend
it with that changed?
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
5:10 a.m.
New subject: [libvirt] [PATCH 4/7] security: Label parent directories of character devices
On Fri, Aug 14, 2015 at 11:58:54AM +0200, Martin Kletzander wrote:
On Thu, Aug 13, 2015 at 04:59:47PM +0100, Daniel P. Berrange wrote:
>On Thu, Aug 13, 2015 at 05:47:42PM +0200, Martin Kletzander wrote:
>>We are currently unable to label parent directories for some paths.
>>However, we will need to have per-domain directories that we would like
>>to have labelled, but we can't label all of them. So let's add a
>>boolean variable that will determine whether parent directory for such
>>chardev should be labelled as well as that character device itself.
>>
>>Signed-off-by: Martin Kletzander <mkletzan(a)redhat.com>
>>---
>> src/conf/domain_conf.h | 1 +
>> src/security/security_dac.c | 13 ++++++++++++-
>> src/security/security_selinux.c | 13 ++++++++++++-
>> 3 files changed, 25 insertions(+), 2 deletions(-)
>>
>>diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
>>index e1872bca002c..9d549a395e29 100644
>>--- a/src/conf/domain_conf.h
>>+++ b/src/conf/domain_conf.h
>>@@ -1191,6 +1191,7 @@ struct _virDomainChrSourceDef {
>> } udp;
>> struct {
>> char *path;
>>+ bool autopath;
>> bool listen;
>> } nix;
>> int spicevmc;
>
>I don't think we need this - it seems we can just pass a 'bool
labelParent'
>parameter into virSecurityManagerSetChardevLabel() when calling it for
>the monitor socket.
>
It's not used only for the monitor socket, but mainly for virtio
channel's target's unix socket as well and maybe more in the future.
But I agree it could be named 'labelParent' as well. Should I resend
it with that changed?
In the non-monitor cases how will we decide whether it is appropriate
to set labelParent or not ? Those paths are broadly user specified,
so we can't assume the parent is per-VM
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
5:20 a.m.
New subject: [libvirt] [PATCH 4/7] security: Label parent directories of character devices
On Fri, Aug 14, 2015 at 11:10:05AM +0100, Daniel P. Berrange wrote:
On Fri, Aug 14, 2015 at 11:58:54AM +0200, Martin Kletzander wrote:
> On Thu, Aug 13, 2015 at 04:59:47PM +0100, Daniel P. Berrange wrote:
> >On Thu, Aug 13, 2015 at 05:47:42PM +0200, Martin Kletzander wrote:
> >>We are currently unable to label parent directories for some paths.
> >>However, we will need to have per-domain directories that we would like
> >>to have labelled, but we can't label all of them. So let's add a
> >>boolean variable that will determine whether parent directory for such
> >>chardev should be labelled as well as that character device itself.
> >>
> >>Signed-off-by: Martin Kletzander <mkletzan(a)redhat.com>
> >>---
> >> src/conf/domain_conf.h | 1 +
> >> src/security/security_dac.c | 13 ++++++++++++-
> >> src/security/security_selinux.c | 13 ++++++++++++-
> >> 3 files changed, 25 insertions(+), 2 deletions(-)
> >>
> >>diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
> >>index e1872bca002c..9d549a395e29 100644
> >>--- a/src/conf/domain_conf.h
> >>+++ b/src/conf/domain_conf.h
> >>@@ -1191,6 +1191,7 @@ struct _virDomainChrSourceDef {
> >> } udp;
> >> struct {
> >> char *path;
> >>+ bool autopath;
> >> bool listen;
> >> } nix;
> >> int spicevmc;
> >
> >I don't think we need this - it seems we can just pass a 'bool
labelParent'
> >parameter into virSecurityManagerSetChardevLabel() when calling it for
> >the monitor socket.
> >
>
> It's not used only for the monitor socket, but mainly for virtio
> channel's target's unix socket as well and maybe more in the future.
> But I agree it could be named 'labelParent' as well. Should I resend
> it with that changed?
In the non-monitor cases how will we decide whether it is appropriate
to set labelParent or not ? Those paths are broadly user specified,
so we can't assume the parent is per-VM
We will label only those that we are sure that are per-VM, so only
those that are generated by the qemu driver itself. That's exactly
what the parameter is used for -- labelling parent directories only
for those paths that are auto-generated by us, but leaving all
user-specified ones alone.
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
6:09 a.m.
New subject: [libvirt] [PATCH 4/7] security: Label parent directories of character devices
On Fri, Aug 14, 2015 at 12:20:46PM +0200, Martin Kletzander wrote:
On Fri, Aug 14, 2015 at 11:10:05AM +0100, Daniel P. Berrange wrote:
>On Fri, Aug 14, 2015 at 11:58:54AM +0200, Martin Kletzander wrote:
>>On Thu, Aug 13, 2015 at 04:59:47PM +0100, Daniel P. Berrange wrote:
>>>On Thu, Aug 13, 2015 at 05:47:42PM +0200, Martin Kletzander wrote:
>>>>We are currently unable to label parent directories for some paths.
>>>>However, we will need to have per-domain directories that we would like
>>>>to have labelled, but we can't label all of them. So let's add
a
>>>>boolean variable that will determine whether parent directory for such
>>>>chardev should be labelled as well as that character device itself.
>>>>
>>>>Signed-off-by: Martin Kletzander <mkletzan(a)redhat.com>
>>>>---
>>>> src/conf/domain_conf.h | 1 +
>>>> src/security/security_dac.c | 13 ++++++++++++-
>>>> src/security/security_selinux.c | 13 ++++++++++++-
>>>> 3 files changed, 25 insertions(+), 2 deletions(-)
>>>>
>>>>diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
>>>>index e1872bca002c..9d549a395e29 100644
>>>>--- a/src/conf/domain_conf.h
>>>>+++ b/src/conf/domain_conf.h
>>>>@@ -1191,6 +1191,7 @@ struct _virDomainChrSourceDef {
>>>> } udp;
>>>> struct {
>>>> char *path;
>>>>+ bool autopath;
>>>> bool listen;
>>>> } nix;
>>>> int spicevmc;
>>>
>>>I don't think we need this - it seems we can just pass a 'bool
labelParent'
>>>parameter into virSecurityManagerSetChardevLabel() when calling it for
>>>the monitor socket.
>>>
>>
>>It's not used only for the monitor socket, but mainly for virtio
>>channel's target's unix socket as well and maybe more in the future.
>>But I agree it could be named 'labelParent' as well. Should I resend
>>it with that changed?
>
>In the non-monitor cases how will we decide whether it is appropriate
>to set labelParent or not ? Those paths are broadly user specified,
>so we can't assume the parent is per-VM
>
We will label only those that we are sure that are per-VM, so only
those that are generated by the qemu driver itself. That's exactly
what the parameter is used for -- labelling parent directories only
for those paths that are auto-generated by us, but leaving all
user-specified ones alone.
IIUC, the paths generated by us will all end up in the same directory.
So if we label that directory when setting up the monitor, then it
will be correct for all the other paths too, so it doesn't seem like
we need to store this parameter in virDomainDef. In fact, I tend to
think we should perhaps add a virSecurityManagerSetDirLabel() that
we just invoke once for the per-VM directory we created, and not try
to associate it with any chardev
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
6:43 a.m.
New subject: [libvirt] [PATCH 4/7] security: Label parent directories of character devices
On Fri, Aug 14, 2015 at 12:09:13PM +0100, Daniel P. Berrange wrote:
On Fri, Aug 14, 2015 at 12:20:46PM +0200, Martin Kletzander wrote:
> On Fri, Aug 14, 2015 at 11:10:05AM +0100, Daniel P. Berrange wrote:
> >On Fri, Aug 14, 2015 at 11:58:54AM +0200, Martin Kletzander wrote:
> >>On Thu, Aug 13, 2015 at 04:59:47PM +0100, Daniel P. Berrange wrote:
> >>>On Thu, Aug 13, 2015 at 05:47:42PM +0200, Martin Kletzander wrote:
> >>>>We are currently unable to label parent directories for some paths.
> >>>>However, we will need to have per-domain directories that we would
like
> >>>>to have labelled, but we can't label all of them. So let's
add a
> >>>>boolean variable that will determine whether parent directory for
such
> >>>>chardev should be labelled as well as that character device itself.
> >>>>
> >>>>Signed-off-by: Martin Kletzander <mkletzan(a)redhat.com>
> >>>>---
> >>>> src/conf/domain_conf.h | 1 +
> >>>> src/security/security_dac.c | 13 ++++++++++++-
> >>>> src/security/security_selinux.c | 13 ++++++++++++-
> >>>> 3 files changed, 25 insertions(+), 2 deletions(-)
> >>>>
> >>>>diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
> >>>>index e1872bca002c..9d549a395e29 100644
> >>>>--- a/src/conf/domain_conf.h
> >>>>+++ b/src/conf/domain_conf.h
> >>>>@@ -1191,6 +1191,7 @@ struct _virDomainChrSourceDef {
> >>>> } udp;
> >>>> struct {
> >>>> char *path;
> >>>>+ bool autopath;
> >>>> bool listen;
> >>>> } nix;
> >>>> int spicevmc;
> >>>
> >>>I don't think we need this - it seems we can just pass a 'bool
labelParent'
> >>>parameter into virSecurityManagerSetChardevLabel() when calling it for
> >>>the monitor socket.
> >>>
> >>
> >>It's not used only for the monitor socket, but mainly for virtio
> >>channel's target's unix socket as well and maybe more in the future.
> >>But I agree it could be named 'labelParent' as well. Should I
resend
> >>it with that changed?
> >
> >In the non-monitor cases how will we decide whether it is appropriate
> >to set labelParent or not ? Those paths are broadly user specified,
> >so we can't assume the parent is per-VM
> >
>
> We will label only those that we are sure that are per-VM, so only
> those that are generated by the qemu driver itself. That's exactly
> what the parameter is used for -- labelling parent directories only
> for those paths that are auto-generated by us, but leaving all
> user-specified ones alone.
IIUC, the paths generated by us will all end up in the same directory.
So if we label that directory when setting up the monitor, then it
will be correct for all the other paths too, so it doesn't seem like
we need to store this parameter in virDomainDef. In fact, I tend to
think we should perhaps add a virSecurityManagerSetDirLabel() that
we just invoke once for the per-VM directory we created, and not try
to associate it with any chardev
Monitor socket goes to $LIBDIR/libvirt/qemu/domain-$DOM/monitor.sock,
the other mentioned sockets go to
$LIBDIR/libvirt/qemu/channel/target/domain-$DOM/$NAME due to the fact
that it was pre-existing. It's also good to have that separated so
users can specify targets with name 'monitor.sock'.
I thought about the virSecurityManagerSetDirLabel(), but I didn't want
to make this more complicated than it already is.
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
7:58 a.m.
New subject: [libvirt] [PATCH 4/7] security: Label parent directories of character devices
On Fri, Aug 14, 2015 at 01:43:16PM +0200, Martin Kletzander wrote:
On Fri, Aug 14, 2015 at 12:09:13PM +0100, Daniel P. Berrange wrote:
>On Fri, Aug 14, 2015 at 12:20:46PM +0200, Martin Kletzander wrote:
>>On Fri, Aug 14, 2015 at 11:10:05AM +0100, Daniel P. Berrange wrote:
>>>On Fri, Aug 14, 2015 at 11:58:54AM +0200, Martin Kletzander wrote:
>>>>On Thu, Aug 13, 2015 at 04:59:47PM +0100, Daniel P. Berrange wrote:
>>>>>I don't think we need this - it seems we can just pass a
'bool labelParent'
>>>>>parameter into virSecurityManagerSetChardevLabel() when calling it
for
>>>>>the monitor socket.
>>>>>
>>>>
>>>>It's not used only for the monitor socket, but mainly for virtio
>>>>channel's target's unix socket as well and maybe more in the
future.
>>>>But I agree it could be named 'labelParent' as well. Should I
resend
>>>>it with that changed?
>>>
>>>In the non-monitor cases how will we decide whether it is appropriate
>>>to set labelParent or not ? Those paths are broadly user specified,
>>>so we can't assume the parent is per-VM
>>>
>>
>>We will label only those that we are sure that are per-VM, so only
>>those that are generated by the qemu driver itself. That's exactly
>>what the parameter is used for -- labelling parent directories only
>>for those paths that are auto-generated by us, but leaving all
>>user-specified ones alone.
>
>IIUC, the paths generated by us will all end up in the same directory.
>So if we label that directory when setting up the monitor, then it
>will be correct for all the other paths too, so it doesn't seem like
>we need to store this parameter in virDomainDef. In fact, I tend to
>think we should perhaps add a virSecurityManagerSetDirLabel() that
>we just invoke once for the per-VM directory we created, and not try
>to associate it with any chardev
>
Monitor socket goes to $LIBDIR/libvirt/qemu/domain-$DOM/monitor.sock,
the other mentioned sockets go to
$LIBDIR/libvirt/qemu/channel/target/domain-$DOM/$NAME due to the fact
that it was pre-existing. It's also good to have that separated so
users can specify targets with name 'monitor.sock'.
Ok, so we have 2 distinct "well known" directories that we can
expect to need to label.
I thought about the virSecurityManagerSetDirLabel(), but I didn't
want
to make this more complicated than it already is.
I rather think it will be clearer/simpler if we use a SetDirLabel()
approach, as we know for sure we're labelling a directory that we
have explicitly designated as per-VM, and not have to try to determine
that indirectly by looking at the chardev path each time.
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
10:47 a.m.
New subject: [libvirt] [PATCH 5/7] qemu: Fix access to auto-generated socket paths
We are automatically generating some socket paths for domains, but all
those paths end up in a directory that's the same for multiple domains.
The problem is that multiple domains can each run with different
seclabels (users, selinux contexts, etc.). The idea here is to create a
per-domain directory labelled in a way that each domain can access its
own unix sockets.
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1146886
Signed-off-by: Martin Kletzander <mkletzan(a)redhat.com>
---
src/qemu/qemu_command.c | 2 +-
src/qemu/qemu_domain.c | 17 ++++-----
src/qemu/qemu_process.c | 43 +++++++++++++++++++++-
.../qemuxml2argv-channel-virtio-unix.args | 7 ++--
4 files changed, 54 insertions(+), 15 deletions(-)
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index 5a92ad4b2edb..2a0e4aceb9af 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -8045,7 +8045,7 @@ qemuBuildGraphicsVNCCommandLine(virQEMUDriverConfigPtr cfg,
if (graphics->data.vnc.socket || cfg->vncAutoUnixSocket) {
if (!graphics->data.vnc.socket &&
virAsprintf(&graphics->data.vnc.socket,
- "%s/%s.vnc", cfg->libDir, def->name) == -1)
+ "%s/domain-%s/vnc.sock", cfg->libDir, def->name)
== -1)
goto error;
virBufferAsprintf(&opt, "unix:%s", graphics->data.vnc.socket);
diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index 84e5fa530cba..7dae93bc477c 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -1307,17 +1307,14 @@ qemuDomainDeviceDefPostParse(virDomainDeviceDefPtr dev,
goto cleanup;
}
- if (dev->data.chr->target.name) {
- if (virAsprintf(&dev->data.chr->source.data.nix.path,
"%s/%s.%s",
- cfg->channelTargetDir,
- def->name, dev->data.chr->target.name) < 0)
- goto cleanup;
- } else {
- if (virAsprintf(&dev->data.chr->source.data.nix.path,
"%s/%s",
- cfg->channelTargetDir, def->name) < 0)
- goto cleanup;
- }
+ if (virAsprintf(&dev->data.chr->source.data.nix.path,
+ "%s/domain-%s/%s",
+ cfg->channelTargetDir, def->name,
+ dev->data.chr->target.name ?
dev->data.chr->target.name
+ : "unknown.sock") < 0)
+ goto cleanup;
+ dev->data.chr->source.data.nix.autopath = true;
dev->data.chr->source.data.nix.listen = true;
}
diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
index 505778ec2f05..4d2670b1bdc0 100644
--- a/src/qemu/qemu_process.c
+++ b/src/qemu/qemu_process.c
@@ -3264,10 +3264,14 @@ qemuProcessPrepareMonitorChr(virQEMUDriverConfigPtr cfg,
{
monConfig->type = VIR_DOMAIN_CHR_TYPE_UNIX;
monConfig->data.nix.listen = true;
+ monConfig->data.nix.autopath = true;
- if (virAsprintf(&monConfig->data.nix.path, "%s/%s.monitor",
+ if (virAsprintf(&monConfig->data.nix.path,
"%s/domain-%s/monitor.sock",
cfg->libDir, vm) < 0)
return -1;
+
+ monConfig->data.nix.autopath = true;
+
return 0;
}
@@ -4389,6 +4393,7 @@ int qemuProcessStart(virConnectPtr conn,
unsigned int hostdev_flags = 0;
size_t nnicindexes = 0;
int *nicindexes = NULL;
+ char *tmppath = NULL;
VIR_DEBUG("vm=%p name=%s id=%d asyncJob=%d migrateFrom=%s stdin_fd=%d "
"stdin_path=%s snapshot=%p vmop=%d flags=0x%x",
@@ -4725,6 +4730,22 @@ int qemuProcessStart(virConnectPtr conn,
&nnicindexes, &nicindexes)))
goto cleanup;
+ /*
+ * Create all per-domain directories in order to make sure domain
+ * with any possible seclabels can access it.
+ */
+ if (virAsprintf(&tmppath, "%s/domain-%s",
+ cfg->libDir, vm->def->name) < 0 ||
+ virFileMakePath(tmppath) < 0)
+ goto cleanup;
+ VIR_FREE(tmppath);
+
+ if (virAsprintf(&tmppath, "%s/domain-%s",
+ cfg->channelTargetDir, vm->def->name) < 0 ||
+ virFileMakePath(tmppath) < 0)
+ goto cleanup;
+ VIR_FREE(tmppath);
+
/* now that we know it is about to start call the hook if present */
if (virHookPresent(VIR_HOOK_DRIVER_QEMU)) {
char *xml = qemuDomainDefFormatXML(driver, vm->def, 0);
@@ -4861,6 +4882,12 @@ int qemuProcessStart(virConnectPtr conn,
vm->def, stdin_path) < 0)
goto cleanup;
+ VIR_DEBUG("Setting additional domain security label for monitor socket");
+ if (virSecurityManagerSetChardevLabel(driver->securityManager,
+ vm->def, NULL,
+ priv->monConfig) < 0)
+ goto cleanup;
+
/* Security manager labeled all devices, therefore
* if any operation from now on fails and we goto cleanup,
* where virSecurityManagerRestoreAllLabel() is called
@@ -5078,6 +5105,7 @@ int qemuProcessStart(virConnectPtr conn,
/* We jump here if we failed to start the VM for any reason, or
* if we failed to initialize the now running VM. kill it off and
* pretend we never started it */
+ VIR_FREE(tmppath);
VIR_FREE(nodeset);
virCommandFree(cmd);
VIR_FORCE_CLOSE(logfile);
@@ -5140,6 +5168,7 @@ void qemuProcessStop(virQEMUDriverPtr driver,
size_t i;
int logfile = -1;
char *timestamp;
+ char *tmppath = NULL;
char ebuf[1024];
virQEMUDriverConfigPtr cfg = virQEMUDriverGetConfig(driver);
@@ -5230,6 +5259,18 @@ void qemuProcessStop(virQEMUDriverPtr driver,
priv->monConfig = NULL;
}
+ ignore_value(virAsprintf(&tmppath, "%s/domain-%s",
+ cfg->libDir, vm->def->name));
+ if (tmppath)
+ virFileDeleteTree(tmppath);
+ VIR_FREE(tmppath);
+
+ ignore_value(virAsprintf(&tmppath, "%s/domain-%s",
+ cfg->channelTargetDir, vm->def->name));
+ if (tmppath)
+ virFileDeleteTree(tmppath);
+ VIR_FREE(tmppath);
+
ignore_value(virDomainChrDefForeach(vm->def,
false,
qemuProcessCleanupChardevDevice,
diff --git a/tests/qemuxml2argvdata/qemuxml2argv-channel-virtio-unix.args
b/tests/qemuxml2argvdata/qemuxml2argv-channel-virtio-unix.args
index 43a34ced80ed..289b9d700b15 100644
--- a/tests/qemuxml2argvdata/qemuxml2argv-channel-virtio-unix.args
+++ b/tests/qemuxml2argvdata/qemuxml2argv-channel-virtio-unix.args
@@ -9,11 +9,12 @@ LC_ALL=C PATH=/bin HOME=/home/test USER=test LOGNAME=test
QEMU_AUDIO_DRV=none \
-usb \
-hda /dev/HostVG/QEMUGuest1 \
-chardev socket,id=charchannel0,path=\
-/tmp/QEMUGuest1.org.qemu.guest_agent.0,server,nowait \
+/tmp/domain-QEMUGuest1/org.qemu.guest_agent.0,server,nowait \
-device virtserialport,bus=virtio-serial0.0,nr=1,chardev=charchannel0,id=channel0,\
name=org.qemu.guest_agent.0 \
--chardev socket,id=charchannel1,path=/tmp/QEMUGuest1,server,nowait \
+-chardev \
+socket,id=charchannel1,path=/tmp/domain-QEMUGuest1/unknown.sock,server,nowait \
-device virtserialport,bus=virtio-serial0.0,nr=2,chardev=charchannel1,id=channel1 \
--chardev socket,id=charchannel2,path=/tmp/QEMUGuest1.ble,server,nowait \
+-chardev socket,id=charchannel2,path=/tmp/domain-QEMUGuest1/ble,server,nowait \
-device virtserialport,bus=virtio-serial0.0,nr=3,chardev=charchannel2,id=channel2,\
name=ble
--
2.5.0
10:47 a.m.
New subject: [libvirt] [PATCH 6/7] tests: Use qemuProcessPrepareMonitorChr in qemuxmlnstest
The output of that function was not tested until now. In order to keep
the paths in /tmp, the test driver config is "fixed" as well.
Signed-off-by: Martin Kletzander <mkletzan(a)redhat.com>
---
.../qemuxmlns-qemu-ns-commandline-ns0.args | 2 +-
.../qemuxmlns-qemu-ns-commandline-ns1.args | 2 +-
.../qemuxmlnsdata/qemuxmlns-qemu-ns-commandline.args | 2 +-
.../qemuxmlns-qemu-ns-domain-commandline-ns0.args | 2 +-
.../qemuxmlns-qemu-ns-domain-commandline.args | 2 +-
tests/qemuxmlnsdata/qemuxmlns-qemu-ns-domain-ns0.args | 2 +-
tests/qemuxmlnsdata/qemuxmlns-qemu-ns-domain.args | 2 +-
tests/qemuxmlnstest.c | 19 +++++++++++++------
8 files changed, 20 insertions(+), 13 deletions(-)
diff --git a/tests/qemuxmlnsdata/qemuxmlns-qemu-ns-commandline-ns0.args
b/tests/qemuxmlnsdata/qemuxmlns-qemu-ns-commandline-ns0.args
index ad16f43ed00e..dac865140aec 100644
--- a/tests/qemuxmlnsdata/qemuxmlns-qemu-ns-commandline-ns0.args
+++ b/tests/qemuxmlnsdata/qemuxmlns-qemu-ns-commandline-ns0.args
@@ -1,4 +1,4 @@
LC_ALL=C PATH=/bin HOME=/home/test USER=test LOGNAME=test QEMU_AUDIO_DRV=none \
/usr/bin/qemu -S -M pc -m 214 -smp 1 -nographic -monitor \
-unix:/tmp/test-monitor,server,nowait -no-acpi -boot c -usb -hda \
+unix:/tmp/domain-QEMUGuest1/monitor.sock,server,nowait -no-acpi -boot c -usb -hda \
/dev/HostVG/QEMUGuest1 -net none -serial none -parallel none ARGUMENT
diff --git a/tests/qemuxmlnsdata/qemuxmlns-qemu-ns-commandline-ns1.args
b/tests/qemuxmlnsdata/qemuxmlns-qemu-ns-commandline-ns1.args
index ad16f43ed00e..dac865140aec 100644
--- a/tests/qemuxmlnsdata/qemuxmlns-qemu-ns-commandline-ns1.args
+++ b/tests/qemuxmlnsdata/qemuxmlns-qemu-ns-commandline-ns1.args
@@ -1,4 +1,4 @@
LC_ALL=C PATH=/bin HOME=/home/test USER=test LOGNAME=test QEMU_AUDIO_DRV=none \
/usr/bin/qemu -S -M pc -m 214 -smp 1 -nographic -monitor \
-unix:/tmp/test-monitor,server,nowait -no-acpi -boot c -usb -hda \
+unix:/tmp/domain-QEMUGuest1/monitor.sock,server,nowait -no-acpi -boot c -usb -hda \
/dev/HostVG/QEMUGuest1 -net none -serial none -parallel none ARGUMENT
diff --git a/tests/qemuxmlnsdata/qemuxmlns-qemu-ns-commandline.args
b/tests/qemuxmlnsdata/qemuxmlns-qemu-ns-commandline.args
index ad16f43ed00e..dac865140aec 100644
--- a/tests/qemuxmlnsdata/qemuxmlns-qemu-ns-commandline.args
+++ b/tests/qemuxmlnsdata/qemuxmlns-qemu-ns-commandline.args
@@ -1,4 +1,4 @@
LC_ALL=C PATH=/bin HOME=/home/test USER=test LOGNAME=test QEMU_AUDIO_DRV=none \
/usr/bin/qemu -S -M pc -m 214 -smp 1 -nographic -monitor \
-unix:/tmp/test-monitor,server,nowait -no-acpi -boot c -usb -hda \
+unix:/tmp/domain-QEMUGuest1/monitor.sock,server,nowait -no-acpi -boot c -usb -hda \
/dev/HostVG/QEMUGuest1 -net none -serial none -parallel none ARGUMENT
diff --git a/tests/qemuxmlnsdata/qemuxmlns-qemu-ns-domain-commandline-ns0.args
b/tests/qemuxmlnsdata/qemuxmlns-qemu-ns-domain-commandline-ns0.args
index ad16f43ed00e..dac865140aec 100644
--- a/tests/qemuxmlnsdata/qemuxmlns-qemu-ns-domain-commandline-ns0.args
+++ b/tests/qemuxmlnsdata/qemuxmlns-qemu-ns-domain-commandline-ns0.args
@@ -1,4 +1,4 @@
LC_ALL=C PATH=/bin HOME=/home/test USER=test LOGNAME=test QEMU_AUDIO_DRV=none \
/usr/bin/qemu -S -M pc -m 214 -smp 1 -nographic -monitor \
-unix:/tmp/test-monitor,server,nowait -no-acpi -boot c -usb -hda \
+unix:/tmp/domain-QEMUGuest1/monitor.sock,server,nowait -no-acpi -boot c -usb -hda \
/dev/HostVG/QEMUGuest1 -net none -serial none -parallel none ARGUMENT
diff --git a/tests/qemuxmlnsdata/qemuxmlns-qemu-ns-domain-commandline.args
b/tests/qemuxmlnsdata/qemuxmlns-qemu-ns-domain-commandline.args
index ad16f43ed00e..dac865140aec 100644
--- a/tests/qemuxmlnsdata/qemuxmlns-qemu-ns-domain-commandline.args
+++ b/tests/qemuxmlnsdata/qemuxmlns-qemu-ns-domain-commandline.args
@@ -1,4 +1,4 @@
LC_ALL=C PATH=/bin HOME=/home/test USER=test LOGNAME=test QEMU_AUDIO_DRV=none \
/usr/bin/qemu -S -M pc -m 214 -smp 1 -nographic -monitor \
-unix:/tmp/test-monitor,server,nowait -no-acpi -boot c -usb -hda \
+unix:/tmp/domain-QEMUGuest1/monitor.sock,server,nowait -no-acpi -boot c -usb -hda \
/dev/HostVG/QEMUGuest1 -net none -serial none -parallel none ARGUMENT
diff --git a/tests/qemuxmlnsdata/qemuxmlns-qemu-ns-domain-ns0.args
b/tests/qemuxmlnsdata/qemuxmlns-qemu-ns-domain-ns0.args
index ad16f43ed00e..dac865140aec 100644
--- a/tests/qemuxmlnsdata/qemuxmlns-qemu-ns-domain-ns0.args
+++ b/tests/qemuxmlnsdata/qemuxmlns-qemu-ns-domain-ns0.args
@@ -1,4 +1,4 @@
LC_ALL=C PATH=/bin HOME=/home/test USER=test LOGNAME=test QEMU_AUDIO_DRV=none \
/usr/bin/qemu -S -M pc -m 214 -smp 1 -nographic -monitor \
-unix:/tmp/test-monitor,server,nowait -no-acpi -boot c -usb -hda \
+unix:/tmp/domain-QEMUGuest1/monitor.sock,server,nowait -no-acpi -boot c -usb -hda \
/dev/HostVG/QEMUGuest1 -net none -serial none -parallel none ARGUMENT
diff --git a/tests/qemuxmlnsdata/qemuxmlns-qemu-ns-domain.args
b/tests/qemuxmlnsdata/qemuxmlns-qemu-ns-domain.args
index 26038a032793..ce2bf40978dc 100644
--- a/tests/qemuxmlnsdata/qemuxmlns-qemu-ns-domain.args
+++ b/tests/qemuxmlnsdata/qemuxmlns-qemu-ns-domain.args
@@ -1,4 +1,4 @@
LC_ALL=C PATH=/bin HOME=/home/test USER=test LOGNAME=test QEMU_AUDIO_DRV=none \
/usr/bin/qemu -S -M pc -m 214 -smp 1 -nographic -monitor \
-unix:/tmp/test-monitor,server,nowait -no-acpi -boot c -usb -hda \
+unix:/tmp/domain-QEMUGuest1/monitor.sock,server,nowait -no-acpi -boot c -usb -hda \
/dev/HostVG/QEMUGuest1 -net none -serial none -parallel none
diff --git a/tests/qemuxmlnstest.c b/tests/qemuxmlnstest.c
index 8eaab8a5a871..a68e7620153c 100644
--- a/tests/qemuxmlnstest.c
+++ b/tests/qemuxmlnstest.c
@@ -16,6 +16,7 @@
# include "qemu/qemu_capabilities.h"
# include "qemu/qemu_command.h"
# include "qemu/qemu_domain.h"
+# include "qemu/qemu_process.h"
# include "datatypes.h"
# include "cpu/cpu_map.h"
# include "testutilsqemu.h"
@@ -37,7 +38,7 @@ static int testCompareXMLToArgvFiles(const char *xml,
char *actualargv = NULL;
int ret = -1;
virDomainDefPtr vmdef = NULL;
- virDomainChrSourceDef monitor_chr;
+ virDomainChrSourceDefPtr monitor_chr = NULL;
virConnectPtr conn;
char *log = NULL;
char *emulator = NULL;
@@ -77,10 +78,12 @@ static int testCompareXMLToArgvFiles(const char *xml,
vmdef->id = -1;
- memset(&monitor_chr, 0, sizeof(monitor_chr));
- monitor_chr.type = VIR_DOMAIN_CHR_TYPE_UNIX;
- monitor_chr.data.nix.path = (char *)"/tmp/test-monitor";
- monitor_chr.data.nix.listen = true;
+ if (VIR_ALLOC(monitor_chr) < 0)
+ goto fail;
+ if (qemuProcessPrepareMonitorChr(driver.config,
+ monitor_chr,
+ vmdef->name) < 0)
+ goto fail;
virQEMUCapsSetList(extraFlags,
QEMU_CAPS_VNC_COLON,
@@ -104,7 +107,7 @@ static int testCompareXMLToArgvFiles(const char *xml,
goto fail;
if (!(cmd = qemuBuildCommandLine(conn, &driver,
- vmdef, &monitor_chr, json, extraFlags,
+ vmdef, monitor_chr, json, extraFlags,
migrateFrom, migrateFd, NULL,
VIR_NETDEV_VPORT_PROFILE_OP_NO_OP,
&testCallbacks, false, false, NULL,
@@ -142,6 +145,7 @@ static int testCompareXMLToArgvFiles(const char *xml,
ret = 0;
fail:
+ virDomainChrSourceDefFree(monitor_chr);
VIR_FREE(log);
VIR_FREE(emulator);
VIR_FREE(actualargv);
@@ -199,6 +203,9 @@ mymain(void)
if (!(driver.config = virQEMUDriverConfigNew(false)))
return EXIT_FAILURE;
+ VIR_FREE(driver.config->libDir);
+ if (VIR_STRDUP_QUIET(driver.config->libDir, "/tmp") < 0)
+ return EXIT_FAILURE;
if ((driver.caps = testQemuCapsInit()) == NULL)
return EXIT_FAILURE;
if (!(driver.xmlopt = virQEMUDriverCreateXMLConf(&driver)))
--
2.5.0
3353
days inactive
3354
days old
13 comments
2 participants
participants (2)
-
Daniel P. Berrange -
Martin Kletzander