[libvirt] [PATCH 1/2] conf: Fix parsing of seclabels without model

Daniel Veillard veillard at redhat.com
Fri Aug 31 12:18:51 UTC 2012 

On Fri, Aug 31, 2012 at 01:40:40PM +0200, Jiri Denemark wrote:
> From: Marcelo Cerri <mhcerri at linux.vnet.ibm.com>
> 
> With this patch libvirt tries to assign a model to a single seclabel
> when model is missing. Libvirt will look up at host's capabilities and
> assign the first model to seclabel.
> 
> This patch fixes:
> 
> 1. The problem with existing guests that have a seclabel defined in its XML.
> 2. A XML parse error when a guest is restored.
> 
> Signed-off-by: Marcelo Cerri <mhcerri at linux.vnet.ibm.com>
> ---
>  src/conf/domain_conf.c | 63 ++++++++++++++++++++++++++++++++------------------
>  1 file changed, 41 insertions(+), 22 deletions(-)
> 
> diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
> index 554298d..5d2de72 100644
> --- a/src/conf/domain_conf.c
> +++ b/src/conf/domain_conf.c
> @@ -3106,22 +3106,10 @@ virSecurityLabelDefParseXML(xmlXPathContextPtr ctxt,
>          def->baselabel = p;
>      }
>  
> -    /* Only parse model, if static labelling, or a base
> -     * label is set, or doing active XML
> -     */
> -    if (def->type == VIR_DOMAIN_SECLABEL_STATIC ||
> -        def->baselabel ||
> -        (!(flags & VIR_DOMAIN_XML_INACTIVE) &&
> -         def->type != VIR_DOMAIN_SECLABEL_NONE)) {
> -
> -        p = virXPathStringLimit("string(./@model)",
> -                                VIR_SECURITY_MODEL_BUFLEN-1, ctxt);
> -        if (p == NULL && def->type != VIR_DOMAIN_SECLABEL_NONE) {
> -            virReportError(VIR_ERR_XML_ERROR,
> -                           "%s", _("missing security model"));
> -        }
> -        def->model = p;
> -    }
> +    /* Always parse model */
> +    p = virXPathStringLimit("string(./@model)",
> +                            VIR_SECURITY_MODEL_BUFLEN-1, ctxt);
> +    def->model = p;
>  
>      return def;
>  
> @@ -3133,10 +3121,12 @@ error:
>  static int
>  virSecurityLabelDefsParseXML(virDomainDefPtr def,
>                              xmlXPathContextPtr ctxt,
> +                            virCapsPtr caps,
>                              unsigned int flags)
>  {
>      int i = 0, n;
>      xmlNodePtr *list = NULL, saved_node;
> +    virCapsHostPtr host = &caps->host;
>  
>      /* Check args and save context */
>      if (def == NULL || ctxt == NULL)
> @@ -3163,18 +3153,47 @@ virSecurityLabelDefsParseXML(virDomainDefPtr def,
>      ctxt->node = saved_node;
>      VIR_FREE(list);
>  
> -    /* Checking missing model information
> -     * when there is more than one seclabel */
> -    if (n > 1) {
> +    /* libvirt versions prior to 0.10.0 support just a single seclabel element
> +     * in guest's XML and model attribute can be suppressed if type is none or
> +     * type is dynamic, baselabel is not defined and INACTIVE flag is set.
> +     *
> +     * To avoid compatibility issues, for this specific case the first model
> +     * defined in host's capabilities is used as model for the seclabel.
> +     */
> +    if (def->nseclabels == 1 &&
> +        !def->seclabels[0]->model &&
> +        host->nsecModels > 0) {
> +        if (def->seclabels[0]->type == VIR_DOMAIN_SECLABEL_NONE ||
> +            (def->seclabels[0]->type == VIR_DOMAIN_SECLABEL_DYNAMIC &&
> +             !def->seclabels[0]->baselabel &&
> +             (flags & VIR_DOMAIN_XML_INACTIVE))) {
> +            /* Copy model from host. */
> +            VIR_DEBUG("Found seclabel without a model, using '%s'",
> +                      host->secModels[0].model);
> +            def->seclabels[0]->model = strdup(host->secModels[0].model);
> +            if (!def->seclabels[0]->model) {
> +                virReportOOMError();
> +                goto error;
> +            }
> +        } else {
> +            virReportError(VIR_ERR_XML_ERROR, "%s",
> +                           _("missing security model in domain seclabel"));
> +            goto error;
> +        }
> +    }
> +
> +    /* Checking missing model information */
> +    if (def->nseclabels > 1) {
>          for(; n; n--) {
>              if (def->seclabels[n - 1]->model == NULL) {
>                  virReportError(VIR_ERR_XML_ERROR, "%s",
> -                                     _("missing security model "
> -                                       "when using multiple labels"));
> +                               _("missing security model "
> +                                 "when using multiple labels"));
>                  goto error;
>              }
>          }
>      }
> +
>      return 0;
>  
>  error:
> @@ -8170,7 +8189,7 @@ static virDomainDefPtr virDomainDefParseXML(virCapsPtr caps,
>  
>      /* analysis of security label, done early even though we format it
>       * late, so devices can refer to this for defaults */
> -    if (virSecurityLabelDefsParseXML(def, ctxt, flags) == -1)
> +    if (virSecurityLabelDefsParseXML(def, ctxt, caps, flags) == -1)
>          goto error;
>  
>      /* Extract domain memory */

  Okay, ACK,

  thanks !

Daniel

-- 
Daniel Veillard      | libxml Gnome XML XSLT toolkit  http://xmlsoft.org/
daniel at veillard.com  | Rpmfind RPM search engine http://rpmfind.net/
http://veillard.com/ | virtualization library  http://libvirt.org/

More information about the libvir-list mailing list