From nobody Sun Feb  8 16:31:01 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of redhat.com designates
 170.10.133.124 as permitted sender) client-ip=170.10.133.124;
 envelope-from=libvir-list-bounces@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1620404713; cv=none;
	d=zohomail.com; s=zohoarc;
	b=negtwYYPcDuqKnt5t1N/eov6CoYEfs+txPtJq7wgDdI984qEBNRM8QpPxm2res8OXogds+qG7nBAQjLxPh2ySSe+Nu/Y6JZjv2QP1F5mh3Fr/Al+E6adCEoBAFGupmbsGx4UPGUMrLh0DkOIojZUGU5soXp2C2k2hRKvz5UqAPI=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1620404713;
 h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To;
	bh=Q/DEYFR9i6SP3iySMAubmUr8G9+F2sV5b2gJQIJKmm8=;
	b=B0HixxEvGe+FhcELB1R7xVKxNzceYygkLi2gdFsQjCIdWYfhJiGihFPhp5Im5IWJKw6s09A12nicYMxa0ETo2866CrxvJYPOPeE75UgOtjp4qhqQqys71X4U59QgPsGB/pfvOaQLu/cg5VZNz8SVuxL3U95TYMGgbMc/7ohZuP0=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from=<berrange@redhat.com> (p=none dis=none)
 header.from=<berrange@redhat.com>
Return-Path: <libvir-list-bounces@redhat.com>
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com
	with SMTPS id 1620404713136778.7398867182851;
 Fri, 7 May 2021 09:25:13 -0700 (PDT)
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
 [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
 us-mta-510-YoX5b92FOe6VdsXzWe0SXg-1; Fri, 07 May 2021 12:25:08 -0400
Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com
 [10.5.11.22])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 06C74A40C3;
	Fri,  7 May 2021 16:25:03 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id D0A6C1037F28;
	Fri,  7 May 2021 16:25:02 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 8BCC455355;
	Fri,  7 May 2021 16:25:02 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com
	[10.5.11.11])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id 147GOuSZ003347 for <libvir-list@listman.util.phx.redhat.com>;
	Fri, 7 May 2021 12:24:56 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id 5965D60636; Fri,  7 May 2021 16:24:56 +0000 (UTC)
Received: from foo.redhat.com (ovpn-114-155.ams2.redhat.com [10.36.114.155])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 601AD63B8C;
	Fri,  7 May 2021 16:24:55 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1620404712;
	h=from:from:sender:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:list-id:list-help:
	 list-unsubscribe:list-subscribe:list-post;
	bh=Q/DEYFR9i6SP3iySMAubmUr8G9+F2sV5b2gJQIJKmm8=;
	b=BUK1s3tlt1T3DutNOSO+C6Fi4U9bfTPMA7DU3MEaDa3qfsKgovPFyye16iRQrz/izuTo2i
	FkRy+GXT+LXaiGCTpqfXKT4NKD06TCCXb6tt5+7qBA0Ez4wAXB+M0NuicLiW61zilo9wQ2
	bS4sumYe+52otkpf5Fdzpjmb1YD6vfs=
X-MC-Unique: YoX5b92FOe6VdsXzWe0SXg-1
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
To: libvir-list@redhat.com
Subject: [libvirt PATCH v2 02/10] util: introduce concept of a system token
	into identities
Date: Fri,  7 May 2021 17:24:40 +0100
Message-Id: <20210507162448.660074-3-berrange@redhat.com>
In-Reply-To: <20210507162448.660074-1-berrange@redhat.com>
References: <20210507162448.660074-1-berrange@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11
X-loop: libvir-list@redhat.com
Cc: Michal Privoznik <mprivozn@redhat.com>
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://listman.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://listman.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://listman.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22
Authentication-Results: relay.mimecast.com;
	auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @redhat.com)

We want a way to distinguish between calls from a libvirt daemon, and a
regular client application when both are running as the same user
account. This is not possible with the current set of attributes
recorded against an identity, as there is nothing that is common to all
of the modular libvirt daemons, while distinct to all other processes.

We thus introduce the idea of a system token, which is simply a random
hex string that is only known by the libvirt daemons, to be recored
against the system identity.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrang=C3=A9 <berrange@redhat.com>
---
 src/libvirt_private.syms |  2 ++
 src/util/viridentity.c   | 34 ++++++++++++++++++++++++++++++++++
 src/util/viridentity.h   |  4 ++++
 3 files changed, 40 insertions(+)

diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index 23621fcfd0..aaae1c8002 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -2404,6 +2404,7 @@ virIdentityGetProcessTime;
 virIdentityGetSASLUserName;
 virIdentityGetSELinuxContext;
 virIdentityGetSystem;
+virIdentityGetSystemToken;
 virIdentityGetUNIXGroupID;
 virIdentityGetUNIXUserID;
 virIdentityGetUserName;
@@ -2416,6 +2417,7 @@ virIdentitySetProcessID;
 virIdentitySetProcessTime;
 virIdentitySetSASLUserName;
 virIdentitySetSELinuxContext;
+virIdentitySetSystemToken;
 virIdentitySetUNIXGroupID;
 virIdentitySetUNIXUserID;
 virIdentitySetUserName;
diff --git a/src/util/viridentity.c b/src/util/viridentity.c
index 7edb6a171a..7da4ea12f5 100644
--- a/src/util/viridentity.c
+++ b/src/util/viridentity.c
@@ -40,6 +40,8 @@
=20
 #define VIR_FROM_THIS VIR_FROM_IDENTITY
=20
+#define VIR_CONNECT_IDENTITY_SYSTEM_TOKEN "system.token"
+
 VIR_LOG_INIT("util.identity");
=20
 struct _virIdentity {
@@ -382,6 +384,17 @@ int virIdentityGetSELinuxContext(virIdentity *ident,
 }
=20
=20
+int virIdentityGetSystemToken(virIdentity *ident,
+                              const char **token)
+{
+    *token =3D NULL;
+    return virTypedParamsGetString(ident->params,
+                                   ident->nparams,
+                                   VIR_CONNECT_IDENTITY_SYSTEM_TOKEN,
+                                   token);
+}
+
+
 int virIdentitySetUserName(virIdentity *ident,
                            const char *username)
 {
@@ -554,6 +567,25 @@ int virIdentitySetSELinuxContext(virIdentity *ident,
 }
=20
=20
+int virIdentitySetSystemToken(virIdentity *ident,
+                              const char *token)
+{
+    if (virTypedParamsGet(ident->params,
+                          ident->nparams,
+                          VIR_CONNECT_IDENTITY_SYSTEM_TOKEN)) {
+        virReportError(VIR_ERR_OPERATION_DENIED, "%s",
+                       _("Identity attribute is already set"));
+        return -1;
+    }
+
+    return virTypedParamsAddString(&ident->params,
+                                   &ident->nparams,
+                                   &ident->maxparams,
+                                   VIR_CONNECT_IDENTITY_SYSTEM_TOKEN,
+                                   token);
+}
+
+
 int virIdentitySetParameters(virIdentity *ident,
                              virTypedParameterPtr params,
                              int nparams)
@@ -577,6 +609,8 @@ int virIdentitySetParameters(virIdentity *ident,
                                VIR_TYPED_PARAM_STRING,
                                VIR_CONNECT_IDENTITY_SELINUX_CONTEXT,
                                VIR_TYPED_PARAM_STRING,
+                               VIR_CONNECT_IDENTITY_SYSTEM_TOKEN,
+                               VIR_TYPED_PARAM_STRING,
                                NULL) < 0)
         return -1;
=20
diff --git a/src/util/viridentity.h b/src/util/viridentity.h
index fa3f46788c..640a7ba2e4 100644
--- a/src/util/viridentity.h
+++ b/src/util/viridentity.h
@@ -52,6 +52,8 @@ int virIdentityGetX509DName(virIdentity *ident,
                             const char **dname);
 int virIdentityGetSELinuxContext(virIdentity *ident,
                                  const char **context);
+int virIdentityGetSystemToken(virIdentity *ident,
+                              const char **token);
=20
=20
 int virIdentitySetUserName(virIdentity *ident,
@@ -72,6 +74,8 @@ int virIdentitySetX509DName(virIdentity *ident,
                             const char *dname);
 int virIdentitySetSELinuxContext(virIdentity *ident,
                                  const char *context);
+int virIdentitySetSystemToken(virIdentity *ident,
+                              const char *token);
=20
 int virIdentitySetParameters(virIdentity *ident,
                              virTypedParameterPtr params,
--=20
2.31.1