[libvirt] [PATCH v4 07/11] Add SELinux and DAC labeling support for TPM passthrough
Daniel P. Berrange
berrange at redhat.com
Thu Apr 11 15:40:02 UTC 2013
On Fri, Apr 05, 2013 at 10:05:58AM -0400, Stefan Berger wrote:
> Signed-off-by: Stefan Berger <stefanb at linux.vnet.ibm.com>
> Reviewed-by: Corey Bryant <coreyb at linux.vnet.ibm.com>
> Tested-by: Corey Bryant <coreyb at linux.vnet.ibm.com>
>
> ---
> src/security/security_dac.c | 53 ++++++++++++++++++++++
> src/security/security_selinux.c | 96 ++++++++++++++++++++++++++++++++++++++++
> 2 files changed, 149 insertions(+)
>
> Index: libvirt/src/security/security_selinux.c
> ===================================================================
> --- libvirt.orig/src/security/security_selinux.c
> +++ libvirt/src/security/security_selinux.c
> @@ -45,6 +45,7 @@
> #include "virrandom.h"
> #include "virutil.h"
> #include "virconf.h"
> +#include "virtpm.h"
>
> #define VIR_FROM_THIS VIR_FROM_SECURITY
>
> @@ -76,6 +77,12 @@ struct _virSecuritySELinuxCallbackData {
> #define SECURITY_SELINUX_VOID_DOI "0"
> #define SECURITY_SELINUX_NAME "selinux"
>
> +static int
> +virSecuritySELinuxRestoreSecurityTPMFileLabelInt(virSecurityManagerPtr mgr,
> + virDomainDefPtr def,
> + virDomainTPMDefPtr tpm);
> +
> +
> /*
> * Returns 0 on success, 1 if already reserved, or -1 on fatal error
> */
> @@ -1062,6 +1069,84 @@ err:
> return rc;
> }
>
> +
> +static int
> +virSecuritySELinuxSetSecurityTPMFileLabel(virSecurityManagerPtr mgr,
> + virDomainDefPtr def,
> + virDomainTPMDefPtr tpm)
> +{
> + int rc;
> + virSecurityLabelDefPtr seclabel;
> + char *cancel_path;
> +
> + seclabel = virDomainDefGetSecurityLabelDef(def, SECURITY_SELINUX_NAME);
> + if (seclabel == NULL)
> + return -1;
> +
> + switch (tpm->type) {
> + case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH:
> + rc = virSecuritySELinuxSetFilecon(
> + tpm->data.passthrough.source.data.file.path,
> + seclabel->imagelabel);
> + if (rc < 0)
> + return -1;
> +
> + if ((cancel_path = virTPMFindCancelPath()) != NULL) {
> + rc = virSecuritySELinuxSetFilecon(cancel_path,
> + seclabel->imagelabel);
> + VIR_FREE(cancel_path);
> + if (rc < 0) {
> + virSecuritySELinuxRestoreSecurityTPMFileLabelInt(mgr, def,
> + tpm);
> + return -1;
> + }
> + } else {
> + virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
> + _("Cannot determine TPM command cancel path"));
The virTPMFindCancelPath method has already reported an error, so
you shouldn't overwrite it here with a less specific message.
> +static int
> +virSecuritySELinuxRestoreSecurityTPMFileLabelInt(virSecurityManagerPtr mgr,
> + virDomainDefPtr def,
> + virDomainTPMDefPtr tpm)
> +{
> + int rc = 0;
> + virSecurityLabelDefPtr seclabel;
> + char *cancel_path;
> +
> + seclabel = virDomainDefGetSecurityLabelDef(def, SECURITY_SELINUX_NAME);
> + if (seclabel == NULL)
> + return -1;
> +
> + switch (tpm->type) {
> + case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH:
> + rc = virSecuritySELinuxRestoreSecurityFileLabel(
> + mgr, tpm->data.passthrough.source.data.file.path);
> +
> + if ((cancel_path = virTPMFindCancelPath()) != NULL) {
> + if (virSecuritySELinuxRestoreSecurityFileLabel(mgr,
> + cancel_path) < 0)
> + rc = -1;
> + VIR_FREE(cancel_path);
> + }
Since we want to ignore errors, we should call virResetLastError()
if virTPMFindCancelPath fails.
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
More information about the libvir-list
mailing list