[libvirt] [PATCH 1/2] selinux: load and free selinux active file contexts configuration database
Daniel P. Berrange
berrange at redhat.com
Mon Oct 15 10:41:53 UTC 2012
On Mon, Oct 15, 2012 at 12:40:56PM +0200, Martin Kletzander wrote:
> On 10/15/2012 12:22 PM, Daniel P. Berrange wrote:
> > On Mon, Oct 15, 2012 at 03:12:45PM +0800, Guannan Ren wrote:
> >> If we use matchpathcon() to look up selinux context for specific pathname,
> >> it'd better actively load file contexts database by matchpathcon_init()
> >> and free memory when finished using matchpathcon by matchpathcon_fini().
> >> ---
> >> src/security/security_selinux.c | 8 ++++++++
> >> 1 file changed, 8 insertions(+)
> >>
> >> diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
> >> index 10135ed..b278e2c 100644
> >> --- a/src/security/security_selinux.c
> >> +++ b/src/security/security_selinux.c
> >> @@ -667,6 +667,10 @@ virSecuritySELinuxSecurityDriverProbe(const char *virtDriver)
> >> static int
> >> virSecuritySELinuxSecurityDriverOpen(virSecurityManagerPtr mgr)
> >> {
> >> +#ifndef HAVE_SELINUX_LABEL_H
> >> + if (matchpathcon_init(NULL) < 0)
> >> + VIR_WARN("cannot load selinux active file contexts configuration");
> >> +#endif
> >> return virSecuritySELinuxInitialize(mgr);
> >> }
> >>
> >> @@ -685,6 +689,10 @@ virSecuritySELinuxSecurityDriverClose(virSecurityManagerPtr mgr)
> >> VIR_FREE(data->file_context);
> >> VIR_FREE(data->content_context);
> >>
> >> +#ifndef HAVE_SELINUX_LABEL_H
> >> + if (matchpathcon_fini() < 0)
> >> + VIR_WARN("cannot free allocated memory for selinux");
> >> +#endif
> >> return 0;
> >> }
> >
> > I'm not convinced this is safe, because the security drivers can be
> > opened multiple times, eg LXC and QEMU, and this is changing the global
> > static state of the SELinux library.
> >
>
> I didn't think the driver is opened for every other driver used. In
> this case the initialization of the matchpathcon should be dealt with in
> some other way. Or can't we open the security driver only once?
I say we ignore use of matchpathcon_fini(), and simply call
matchpathcon_init() from a VIR_GLOBAL_INIT macro
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
More information about the libvir-list
mailing list