From nobody Sun May 5 10:55:35 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) client-ip=216.205.24.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=yadro.com ARC-Seal: i=1; a=rsa-sha256; t=1603661993; cv=none; d=zohomail.com; s=zohoarc; b=fBwfFsbOsAJqJDjmkpSW9IdQ5WbHujL17aDFxl0sF3IeQp85OcjGZBVW2L3gYITWC7IwXedQoJXBSOGI615U7e1eUimFP11SCE3frdpjQasHyammp7ORrDP699KYXvRTLz9R1niH0XpPUz/kuxwLrpmaE1xTiKDRYA+SAwzBXcA= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1603661993; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Sender:Subject:To; bh=iN237HWBbqg/nXVbD5oR7Re3icmD5Qhj4+Ejd3rdiu8=; b=mW4dBWCLayXStWuA3XNeWcJTTL7w6jZkx03mznUKadyg8Zxif2xrf7drTcO70LkcSLPTpUOd2GuyetwEark6RQ3OIq0MbDJet/HDyt3DqXirtqnHq14OB6gt+3ZzK+39sY/I4jOwRm4nS+7d8vPapFBxBlPE4g6DP7fnSjm7wmA= ARC-Authentication-Results: i=1; mx.zohomail.com; spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by mx.zohomail.com with SMTPS id 1603661993834762.8788311813986; Sun, 25 Oct 2020 14:39:53 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-467-PtIhN9doP1SJ-AqDFhHg4A-1; Sun, 25 Oct 2020 17:39:50 -0400 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 6C4B28064BF; Sun, 25 Oct 2020 21:39:43 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 59BD16115F; Sun, 25 Oct 2020 21:39:40 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id D0F9992314; Sun, 25 Oct 2020 21:39:33 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com [10.11.54.4]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 09PLPLMo015378 for ; Sun, 25 Oct 2020 17:25:21 -0400 Received: by smtp.corp.redhat.com (Postfix) id 2C91E207AEBA; Sun, 25 Oct 2020 21:25:21 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast06.extmail.prod.ext.rdu2.redhat.com [10.11.55.22]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 26F8C207ADB7 for ; Sun, 25 Oct 2020 21:25:17 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-2.mimecast.com [205.139.110.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id ADCD4185A78B for ; Sun, 25 Oct 2020 21:25:17 +0000 (UTC) Received: from mta-01.yadro.com (mta-02.yadro.com [89.207.88.252]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-416-NJqmAz1dMWKMEH24b1mMPw-1; Sun, 25 Oct 2020 17:25:14 -0400 Received: from localhost (unknown [127.0.0.1]) by mta-01.yadro.com (Postfix) with ESMTP id 21C23412D2 for ; Sun, 25 Oct 2020 21:25:12 +0000 (UTC) Received: from mta-01.yadro.com ([127.0.0.1]) by localhost (mta-01.yadro.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id H0qCa0EinW4f for ; Mon, 26 Oct 2020 00:25:10 +0300 (MSK) Received: from T-EXCH-04.corp.yadro.com (t-exch-04.corp.yadro.com [172.17.100.104]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mta-01.yadro.com (Postfix) with ESMTPS id DA0B241278 for ; Mon, 26 Oct 2020 00:25:10 +0300 (MSK) Received: from localhost (172.17.204.212) by T-EXCH-04.corp.yadro.com (172.17.100.104) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.669.32; Mon, 26 Oct 2020 00:25:09 +0300 X-MC-Unique: PtIhN9doP1SJ-AqDFhHg4A-1 X-MC-Unique: NJqmAz1dMWKMEH24b1mMPw-1 X-Virus-Scanned: amavisd-new at yadro.com From: Roman Bolshakov To: Subject: [PATCH] security: Use org namespace for xattrs on macOS Date: Mon, 26 Oct 2020 00:25:08 +0300 Message-ID: <20201025212508.58713-1-r.bolshakov@yadro.com> MIME-Version: 1.0 X-Originating-IP: [172.17.204.212] X-ClientProxiedBy: T-EXCH-01.corp.yadro.com (172.17.10.101) To T-EXCH-04.corp.yadro.com (172.17.100.104) X-Mimecast-Impersonation-Protect: Policy=CLT - Impersonation Protection Definition; Similar Internal Domain=false; Similar Monitored External Domain=false; Custom External Domain=false; Mimecast External Domain=false; Newly Observed Domain=false; Internal User Name=false; Custom Display Name List=false; Reply-to Address Mismatch=false; Targeted Threat Dictionary=false; Mimecast Threat Dictionary=false; Custom Threat Dictionary=false X-Scanned-By: MIMEDefang 2.78 on 10.11.54.4 X-MIME-Autoconverted: from quoted-printable to 8bit by lists01.pubmisc.prod.ext.phx2.redhat.com id 09PLPLMo015378 X-loop: libvir-list@redhat.com Cc: Roman Bolshakov X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" There're no guidelines on what namespace should be used but it seems thirdparty apps can select the one they like [1], i.e. freedekstop xattrs are prefixed with xdg. qemusecuritytest passes after that. 1. https://www.freedesktop.org/wiki/CommonExtendedAttributes/ Signed-off-by: Roman Bolshakov Reviewed-by: Andrea Bolognani --- src/security/security_util.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/security/security_util.c b/src/security/security_util.c index 7fa5163fe4..5d50acb574 100644 --- a/src/security/security_util.c +++ b/src/security/security_util.c @@ -56,6 +56,8 @@ VIR_LOG_INIT("security.security_util"); # define XATTR_NAMESPACE "trusted" #elif defined(__FreeBSD__) # define XATTR_NAMESPACE "system" +#elif defined(__APPLE__) +# define XATTR_NAMESPACE "org" #endif =20 static char * --=20 2.28.0