<div dir="ltr"><br><div class="gmail_extra"><br><div class="gmail_quote">On Wed, Mar 21, 2018 at 3:03 PM, Jamie Strandboge <span dir="ltr"><<a href="mailto:jamie@canonical.com" target="_blank">jamie@canonical.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="HOEnZb"><div class="h5">On Wed, 2018-03-21 at 13:10 +0100, Christian Ehrhardt wrote:<br>
> d8116b5a "security: Introduce functions for input device hot(un)plug"<br>
> implemented the code (Set|Restore)InputLabel for several security<br>
> modules,<br>
> this patch adds an AppArmor implementation for it as well.<br>
><br>
> That fixes hot-plugging event input devices by generating a rule for<br>
> the<br>
> path that needs to be accessed.<br>
><br>
> Example hot adding:<br>
> <input type='passthrough' bus='virtio'><br>
> <source evdev='/dev/input/event0' /><br>
> </input><br>
> Creates now:<br>
> "/dev/input/event0" rwk,<br>
><br>
> Fixes: <a href="https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1755153" rel="noreferrer" target="_blank">https://bugs.launchpad.net/<wbr>ubuntu/+source/libvirt/+bug/<wbr>1755153</a><br>
><br>
> Signed-off-by: Christian Ehrhardt <<a href="mailto:christian.ehrhardt@canonical.com">christian.ehrhardt@canonical.<wbr>com</a>><br>
> ---<br>
> src/security/security_<wbr>apparmor.c | 45<br>
> ++++++++++++++++++++++++++++++<wbr>++++++++++<br>
> 1 file changed, 45 insertions(+)<br>
><br>
> diff --git a/src/security/security_<wbr>apparmor.c<br>
> b/src/security/security_<wbr>apparmor.c<br>
> index 7509552..3be8eeb 100644<br>
> --- a/src/security/security_<wbr>apparmor.c<br>
> +++ b/src/security/security_<wbr>apparmor.c<br>
> @@ -758,6 +758,48 @@ AppArmorRestoreMemoryLabel(<wbr>virSecurityManagerPtr<br>
> mgr,<br>
><br>
> /* Called when hotplugging */<br>
> static int<br>
> +AppArmorSetInputLabel(<wbr>virSecurityManagerPtr mgr,<br>
> + virDomainDefPtr def,<br>
> + virDomainInputDefPtr input)<br>
> +{<br>
> + switch ((virDomainInputType) input->type) {<br>
> + case VIR_DOMAIN_INPUT_TYPE_<wbr>PASSTHROUGH:<br>
> + if (!virFileExists(input->source.<wbr>evdev)) {<br>
<br>
</div></div>Check if input->type and input->source are NULL?</blockquote><div><br></div><div>Yes, good idea for defensive coding </div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div class="h5">
> + virReportError(VIR_ERR_<wbr>INTERNAL_ERROR,<br>
> + _("%s: \'%s\' does not exist"),<br>
> + __func__, input->source.evdev);<br>
> + return -1;<br>
> + }<br>
> + return reload_profile(mgr, def, input->source.evdev, true);<br>
> + break;<br>
> +<br>
> + case VIR_DOMAIN_INPUT_TYPE_MOUSE:<br>
> + case VIR_DOMAIN_INPUT_TYPE_TABLET:<br>
> + case VIR_DOMAIN_INPUT_TYPE_KBD:<br>
> + case VIR_DOMAIN_INPUT_TYPE_LAST:<br>
> + break;<br>
> + }<br>
> +<br>
> + return 0;<br>
> +}<br>
> +<br>
> +<br>
> +static int<br>
> +AppArmorRestoreInputLabel(<wbr>virSecurityManagerPtr mgr,<br>
> + virDomainDefPtr def,<br>
> + virDomainInputDefPtr input<br>
> ATTRIBUTE_UNUSED)<br>
> +{<br>
> + virSecurityLabelDefPtr secdef =<br>
> + virDomainDefGetSecurityLabelDe<wbr>f(def,<br>
> SECURITY_APPARMOR_NAME);<br>
> +<br>
> + if (!secdef || !secdef->relabel)<br>
> + return 0;<br>
> +<br>
<br>
</div></div>secdef unneeded due to reload_profile.</blockquote><div><br></div><div>Thanks, I found why I wondered (being sure I have dropped them).</div><div>I only dropped it on the "Set" functions before.</div><div>Next version will have it dropped on "Restore" as well.</div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="HOEnZb"><div class="h5">
> + return reload_profile(mgr, def, NULL, false);<br>
> +}<br>
> +<br>
> +/* Called when hotplugging */<br>
> +static int<br>
> AppArmorSetSecurityImageLabel(<wbr>virSecurityManagerPtr mgr,<br>
> virDomainDefPtr def,<br>
> virStorageSourcePtr src)<br>
> @@ -1158,6 +1200,9 @@ virSecurityDriver virAppArmorSecurityDriver = {<br>
> .domainSetSecurityMemoryLabel = AppArmorSetMemoryLabel,<br>
> .<wbr>domainRestoreSecurityMemoryLab<wbr>el =<br>
> AppArmorRestoreMemoryLabel,<br>
><br>
> + .domainSetSecurityInputLabel = AppArmorSetInputLabel,<br>
> + .<wbr>domainRestoreSecurityInputLabe<wbr>l = AppArmorRestoreInputLabel,<br>
> +<br>
> .<wbr>domainSetSecurityDaemonSocketL<wbr>abel =<br>
> AppArmorSetSecurityDaemonSocke<wbr>tLabel,<br>
> .domainSetSecuritySocketLabel =<br>
> AppArmorSetSecuritySocketLabel<wbr>,<br>
> .<wbr>domainClearSecuritySocketLabel =<br>
> AppArmorClearSecuritySocketLab<wbr>el,<br>
--<br>
</div></div><span class="HOEnZb"><font color="#888888">Jamie Strandboge | <a href="http://www.canonical.com" rel="noreferrer" target="_blank">http://www.canonical.com</a></font></span></blockquote></div><br><br clear="all"><div><br></div>-- <br><div class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div><div dir="ltr"><span style="color:rgb(136,136,136);font-size:12.8px">Christian Ehrhardt</span><div style="color:rgb(136,136,136);font-size:12.8px">Software Engineer, Ubuntu Server</div><div style="color:rgb(136,136,136);font-size:12.8px">Canonical Ltd</div></div></div></div></div>
</div></div>