[libvirt] [PATCHv2 2/2] security: Add a new func use stat to get process DAC label

Ján Tomko jtomko at redhat.com
Thu Dec 4 16:58:30 UTC 2014 

On 12/03/2014 11:08 AM, Luyao Huang wrote:
> When use qemuProcessAttach to attach a qemu process, cannot
> get a right DAC label. Add a new func to get process label
> via stat func. Do not remove virDomainDefGetSecurityLabelDef
> before try to use stat to get process DAC label, because
> There are some other func call virSecurityDACGetProcessLabel.
> 
> v2 add support freeBSD.
> 
> Signed-off-by: Luyao Huang <lhuang at redhat.com>
> ---
>  src/security/security_dac.c | 95 ++++++++++++++++++++++++++++++++++++++++++++-
>  1 file changed, 93 insertions(+), 2 deletions(-)
> 
> diff --git a/src/security/security_dac.c b/src/security/security_dac.c
> index 85253af..89cafa3 100644
> --- a/src/security/security_dac.c
> +++ b/src/security/security_dac.c
> @@ -23,6 +23,11 @@
>  #include <sys/stat.h>
>  #include <fcntl.h>
>  
> +#ifdef  __FreeBSD__
> +# include <sys/sysctl.h>
> +# include <sys/user.h>
> +#endif
> +
>  #include "security_dac.h"
>  #include "virerror.h"
>  #include "virfile.h"
> @@ -1236,18 +1241,104 @@ virSecurityDACReserveLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
>      return 0;
>  }
>  
> +#ifdef __linux__
> +static int
> +virSecurityDACGetProcessLabelInternal(pid_t pid,
> +                                      virSecurityLabelPtr seclabel)
> +{
> +    struct stat sb;
> +    char *path = NULL;
> +    char *label = NULL;
> +    int ret = -1;
> +
> +    VIR_INFO("Getting DAC user and group on process '%d'", pid);
> +
> +    if (virAsprintf(&path, "/proc/%d", (int) pid) < 0)
> +        goto cleanup;
> +

> +    if (lstat(path, &sb) < 0)
> +        goto cleanup;

A more specific error should be reported here via virReportSystemError.

> +
> +    if (virAsprintf(&label, "+%u:+%u",
> +                    (unsigned int) sb.st_uid,
> +                    (unsigned int) sb.st_gid) < 0)
> +        goto cleanup;
> +
> +    if (virStrcpy(seclabel->label, label,VIR_SECURITY_LABEL_BUFLEN) == NULL)
> +        goto cleanup;

Using snprintf would simplify this code.

> +    ret = 0;
> +
> +cleanup:
> +    VIR_FREE(path);
> +    VIR_FREE(label);
> +    return ret;
> +}
> +#elif defined(__FreeBSD__)
> +static int
> +virSecurityDACGetProcessLabelInternal(pid_t pid,
> +                                      virSecurityLabelPtr seclabel)
> +{
> +    struct kinfo_proc p;
> +    int mib[4];
> +    size_t len = 4;
> +    char *label = NULL;
> +    int ret = -1;
> +
> +    sysctlnametomib("kern.proc.pid", mib, &len);
> +
> +    len = sizeof(struct kinfo_proc);
> +    mib[3] = pid;
> +
> +    if (sysctl(mib, 4, &p, &len, NULL, 0) < 0)
> +        goto cleanup;
> +

sysctlbyname would remove the need for a separate nametomib call and get rid
of a few variables.

> +    if (virAsprintf(&label, "+%u:+%u",
> +                    (unsigned int) p.ki_ruid,
> +                    (unsigned int) p.ki_rgid) < 0)
> +        goto cleanup;
> +
> +    if (virStrcpy(seclabel->label, label,VIR_SECURITY_LABEL_BUFLEN) == NULL)
> +        goto cleanup;

Same comment as above.

> +    ret = 0;
> +
> +cleanup:
> +    VIR_FREE(label);
> +    return ret;
> +}
> +#else
> +static int
> +virSecurityDACGetProcessLabelInternal(pid_t pid,
> +                                      virSecurityLabelPtr seclabel)
> +{
> +    return -1;
> +}
> +#endif
> +
>  static int
>  virSecurityDACGetProcessLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
>                                virDomainDefPtr def,
> -                              pid_t pid ATTRIBUTE_UNUSED,
> +                              pid_t pid,
>                                virSecurityLabelPtr seclabel)
>  {
>      virSecurityLabelDefPtr secdef =
>          virDomainDefGetSecurityLabelDef(def, SECURITY_DAC_NAME);
>  
> -    if (!secdef || !seclabel)
> +    if (!seclabel)
>          return -1;

The SELinux version of this function does not check if seclabel is non-NULL, I
think we can safely remove the check here as well.

>  
> +    if (secdef == NULL) {
> +        VIR_DEBUG("missing label for DAC security "
> +                  "driver in domain %s", def->name);
> +
> +        if (virSecurityDACGetProcessLabelInternal(pid, seclabel) < 0) {
> +            virReportError(VIR_ERR_INTERNAL_ERROR,
> +                           _("Cannot get process %d DAC label"),pid);

This would overwrite the more-specific error message from the
virSecurityDACGetProcessLabelInternal function.

> +            return -1;
> +        }
> +
> +        return 0;
> +    }
> +
>      if (secdef->label)
>          ignore_value(virStrcpy(seclabel->label, secdef->label,
>                                 VIR_SECURITY_LABEL_BUFLEN));
> 

Jan


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20141204/2e2e0f59/attachment-0001.sig>

More information about the libvir-list mailing list