[libvirt] [PATCHv2 2/2] security_dac: Honor norelabel attribute

Thu Apr 17 11:02:50 UTC 2014

On 04/04/2014 02:34 PM, Michal Privoznik wrote:
> The inspiration for this patch comes from a question on the list
> asking if there's a way to not label some disks. Well, in DAC driver
> there's not. Even if user have requested norelabel:
> 
>     <disk type='file' device='disk'>
>       <driver name='qemu' type='raw'/>
>       <source file='/some/dummy/path/test.bin'>
>         <seclabel model='dac' relabel='no'/>
>       </source>
>       <target dev='vdb' bus='virtio'/>
>       <readonly/>
>       <address type='pci' domain='0x0000' bus='0x00' slot='0x07' function='0x0'/>
>     </disk>
> 
> the DAC driver ignores this completely.

I've found a bug for this:
https://bugzilla.redhat.com/show_bug.cgi?id=999301

> 
> Signed-off-by: Michal Privoznik <mprivozn at redhat.com>
> ---
>  src/security/security_dac.c | 92 +++++++++++++++++++++++++++++++++++----------
>  1 file changed, 73 insertions(+), 19 deletions(-)
> 
> diff --git a/src/security/security_dac.c b/src/security/security_dac.c
> index 8835d49..f15a0e9 100644
> --- a/src/security/security_dac.c
> +++ b/src/security/security_dac.c
> @@ -286,7 +286,7 @@ virSecurityDACRestoreSecurityFileLabel(const char *path)
>  
>  
>  static int
> -virSecurityDACSetSecurityFileLabel(virDomainDiskDefPtr disk ATTRIBUTE_UNUSED,
> +virSecurityDACSetSecurityFileLabel(virDomainDiskDefPtr disk,
>                                     const char *path,
>                                     size_t depth ATTRIBUTE_UNUSED,
>                                     void *opaque)
> @@ -295,11 +295,23 @@ virSecurityDACSetSecurityFileLabel(virDomainDiskDefPtr disk ATTRIBUTE_UNUSED,
>      virSecurityManagerPtr mgr = cbdata->manager;
>      virSecurityLabelDefPtr secdef = cbdata->secdef;
>      virSecurityDACDataPtr priv = virSecurityManagerGetPrivateData(mgr);
> +    virSecurityDeviceLabelDefPtr disk_seclabel;
>      uid_t user;
>      gid_t group;
>  
> -    if (virSecurityDACGetImageIds(secdef, priv, &user, &group) < 0)
> -        return -1;
> +    disk_seclabel = virDomainDiskDefGetSecurityLabelDef(disk,
> +                                                        SECURITY_DAC_NAME);
> +
> +    if (disk_seclabel && disk_seclabel->norelabel)
> +        return 0;

What if the domain label has relabel='no', but the disk label has relabel='yes'?

> +
> +    if (disk_seclabel && disk_seclabel->label) {
> +        if (virParseOwnershipIds(disk_seclabel->label, &user, &group) < 0)
> +            return -1;
> +    } else {
> +        if (virSecurityDACGetImageIds(secdef, priv, &user, &group))
> +            return -1;
> +    }
>  
>      return virSecurityDACSetOwnership(path, user, group);
>  }

Jan

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20140417/5a3b3a63/attachment-0001.sig>