From nobody Sat May 4 03:49:08 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1678337361; cv=none; d=zohomail.com; s=zohoarc; b=ishYItlSCNoyLLBcVmSRgRC24tLfS+B2tUfz8xNqeKolVzTtusjs1Kqlrk5mJQJmMOg5W6gPq/yPimSdjMrwcvyx12BAKtUR15omwqVGq3dKGJyrYY7Du44YQg5wDuGypU0m9rrxWdFrKQTfICqz1ear8tFcCewiH+1R83k6H/M= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1678337361; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=Kfl7Si8JVmSTEERpZFldzWyqzfU5s12BUzhhptxHPXg=; b=kSg1myKLohuyNBrmjWRFiWDzutHxbHdlJaolEHa21q5QyKUU8FXB4WmN502M6dmzR/wLvEAQ7PbIgEQZNkjsDJq3iaPBOdrmimvfUDFVjKQtisQ1M2BpM/4iEfpIWxZucQyo6DWIxYP/G08fpKwY10NUsSiWTUH8xqyp2OJRPlM= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1678337361046274.97781601516317; Wed, 8 Mar 2023 20:49:21 -0800 (PST) Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-456-tEb1szfEP4aNEvw3wK1aWg-1; Wed, 08 Mar 2023 23:49:14 -0500 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.rdu2.redhat.com [10.11.54.1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 53D1E1C06EE3; Thu, 9 Mar 2023 04:49:12 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id EEB05403570F; Thu, 9 Mar 2023 04:49:10 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 9DF111946A6C; Thu, 9 Mar 2023 04:49:09 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.rdu2.redhat.com [10.11.54.8]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id E389A19465B5 for ; Thu, 9 Mar 2023 04:49:08 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id C7BB2C15BAD; Thu, 9 Mar 2023 04:49:08 +0000 (UTC) Received: from vhost3.router.laine.org (unknown [10.2.16.63]) by smtp.corp.redhat.com (Postfix) with ESMTP id A9CE4C15BA0; Thu, 9 Mar 2023 04:49:08 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1678337360; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=Kfl7Si8JVmSTEERpZFldzWyqzfU5s12BUzhhptxHPXg=; b=f/bLzikchwKQv1swRH9Tg66psXSPwY0uClCSCQaZMtCL9WA1OtfA+yn9ETPFwGWKMjNoTR adZUcRbp7p7q5tqrBbfap84FfXnOTyP66lVcG5QoMxpjxjWUc/DTnGPVTJj0sJgchNHxnU vP1rmMC2PGNw2qYoBkSVtRFDSqTO42g= X-MC-Unique: tEb1szfEP4aNEvw3wK1aWg-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Laine Stump To: libvir-list@redhat.com Subject: [libvirt PATCH 1/4] util: add an API to retrieve the resolved path to a virCommand's binary Date: Wed, 8 Mar 2023 23:49:05 -0500 Message-Id: <20230309044908.29316-2-laine@redhat.com> In-Reply-To: <20230309044908.29316-1-laine@redhat.com> References: <20230309044908.29316-1-laine@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.8 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: passt-dev@passt.top Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.1 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1678337362641100001 Content-Type: text/plain; charset="utf-8"; x-default="true" The binary to be exec'ed by virExec() is stored in virCommand::args[0], and is resolved to a full absolute path (stored in a local of virExec() just prior to execve(). Since we will have another use for the full absolute path, lets make an API to resolve/retrieve the absolute path, and cache it in virCommand::binaryPath so we only have to do the resolution once. Signed-off-by: Laine Stump Reviewed-by: Andrea Bolognani Reviewed-by: Michal Privoznik --- src/libvirt_private.syms | 1 + src/util/vircommand.c | 51 +++++++++++++++++++++++++++++++--------- src/util/vircommand.h | 1 + 3 files changed, 42 insertions(+), 11 deletions(-) diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index 4959dcec67..6f44788233 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -2091,6 +2091,7 @@ virCommandDryRunTokenNew; virCommandExec; virCommandFree; virCommandGetArgList; +virCommandGetBinaryPath; virCommandGetGID; virCommandGetUID; virCommandHandshakeNotify; diff --git a/src/util/vircommand.c b/src/util/vircommand.c index 1144dfb597..757d462ba1 100644 --- a/src/util/vircommand.c +++ b/src/util/vircommand.c @@ -88,6 +88,7 @@ struct _virCommandSendBuffer { struct _virCommand { int has_error; /* 0 on success, -1 on error */ =20 + char *binaryPath; /* only valid if args[0] isn't absolute path */ char **args; size_t nargs; size_t maxargs; @@ -630,6 +631,7 @@ virCommandMassClose(virCommand *cmd, =20 # endif /* ! __FreeBSD__ */ =20 + /* * virExec: * @cmd virCommand * containing all information about the program to @@ -646,22 +648,13 @@ virExec(virCommand *cmd) int childin =3D cmd->infd; int childout =3D -1; int childerr =3D -1; - g_autofree char *binarystr =3D NULL; const char *binary =3D NULL; int ret; g_autofree gid_t *groups =3D NULL; int ngroups; =20 - if (!g_path_is_absolute(cmd->args[0])) { - if (!(binary =3D binarystr =3D virFindFileInPath(cmd->args[0]))) { - virReportSystemError(ENOENT, - _("Cannot find '%s' in path"), - cmd->args[0]); - return -1; - } - } else { - binary =3D cmd->args[0]; - } + if (!(binary =3D virCommandGetBinaryPath(cmd))) + return -1; =20 if (childin < 0) { if (getDevNull(&null) < 0) @@ -2164,6 +2157,40 @@ virCommandGetArgList(virCommand *cmd, } =20 =20 +/* + * virCommandGetBinaryPath: + * @cmd: virCommand* containing all information about the program + * + * If args[0] is an absolute path, return that. If not, then resolve + * args[0] to a full absolute path, cache that in binaryPath, and + * return a pointer to this resolved string. binaryPath is only set by + * calling this function, so even other virCommand functions should + * access binaryPath via this function. + * + * returns const char* with the full path of the binary to be + * executed, or NULL on failure. + */ +const char * +virCommandGetBinaryPath(virCommand *cmd) +{ + + if (cmd->binaryPath) + return cmd->binaryPath; + + if (g_path_is_absolute(cmd->args[0])) + return cmd->args[0]; + + if (!(cmd->binaryPath =3D virFindFileInPath(cmd->args[0]))) { + virReportSystemError(ENOENT, + _("Cannot find '%s' in path"), + cmd->args[0]); + return NULL; + } + + return cmd->binaryPath; +} + + #ifndef WIN32 /* * Manage input and output to the child process. @@ -3015,6 +3042,8 @@ virCommandFree(virCommand *cmd) VIR_FORCE_CLOSE(cmd->outfd); VIR_FORCE_CLOSE(cmd->errfd); =20 + g_free(cmd->binaryPath); + for (i =3D 0; i < cmd->nargs; i++) g_free(cmd->args[i]); g_free(cmd->args); diff --git a/src/util/vircommand.h b/src/util/vircommand.h index e0002103b6..d51449ac90 100644 --- a/src/util/vircommand.h +++ b/src/util/vircommand.h @@ -170,6 +170,7 @@ int virCommandToStringBuf(virCommand *cmd, bool linebreaks, bool stripCommandPath); =20 +const char *virCommandGetBinaryPath(virCommand *cmd); int virCommandGetArgList(virCommand *cmd, char ***args); =20 int virCommandExec(virCommand *cmd, gid_t *groups, int ngroups) G_GNUC_WAR= N_UNUSED_RESULT; --=20 2.39.2 From nobody Sat May 4 03:49:08 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1678337413; cv=none; d=zohomail.com; s=zohoarc; b=cG/seUG+DOIQJULDR7Z0tBrcoMrDuH4tjO9oHsxUJtXVqCA+ZMH3ohwVWZzsa+LKYozQhU7EIsbIoNy38gSTj0E+dKpwgn4oU4WffftM6lyzVtiIGv3CeIqfySiqpMBso25mn5+t78P3yiVpybllA5SHeXJYw5L37NK1iI2eLb0= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1678337413; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=mqD4ez35RF692rcnVP6a+9oksc9hnAzuL4hyCgmYBKA=; b=YNqx1QGmCbJ18QmM37ej7cePaj5aWMjQOcV/bN3RxGdSno+pn8d2Wf9oKIezWBaWoy5L/4ZtV027HW2J1xN+A6C/+niofNvDRbWO265uhYSoASLCfWDXoqCxGDiaA9HcN4EPos+B+q1yacHauwDsrkp4n1KsZtvHEwht50PVS4E= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1678337413098333.46341699180925; Wed, 8 Mar 2023 20:50:13 -0800 (PST) Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-391-Ei3jLDVDPqaeNbccHhVJLA-1; Wed, 08 Mar 2023 23:49:15 -0500 Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.rdu2.redhat.com [10.11.54.9]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 3FA78857A88; Thu, 9 Mar 2023 04:49:13 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 2CD3F492B04; Thu, 9 Mar 2023 04:49:13 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 16FDF1946A42; Thu, 9 Mar 2023 04:49:13 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.rdu2.redhat.com [10.11.54.8]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 196E419465B5 for ; Thu, 9 Mar 2023 04:49:09 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id F151FC15BAE; Thu, 9 Mar 2023 04:49:08 +0000 (UTC) Received: from vhost3.router.laine.org (unknown [10.2.16.63]) by smtp.corp.redhat.com (Postfix) with ESMTP id D3981C15BA0; Thu, 9 Mar 2023 04:49:08 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1678337412; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=mqD4ez35RF692rcnVP6a+9oksc9hnAzuL4hyCgmYBKA=; b=aidR1aTqu9j53o+z9ny77Xs5S0vz3kfX1hWcNP92xlDvneNN+fsXIvT0nI/xyCADuJYlOL FQmHL0ORdp9DIe1Jsqd00WmF27EStuxDKBg9mJhBYJxrPmd/FP9evJLDR2wjrpzNHQTgS4 SwUPmYfOAWyji7ajAxOMI3OgnBPuSnM= X-MC-Unique: Ei3jLDVDPqaeNbccHhVJLA-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Laine Stump To: libvir-list@redhat.com Subject: [libvirt PATCH 2/4] security: make args to virSecuritySELinuxContextAddRange() const Date: Wed, 8 Mar 2023 23:49:06 -0500 Message-Id: <20230309044908.29316-3-laine@redhat.com> In-Reply-To: <20230309044908.29316-1-laine@redhat.com> References: <20230309044908.29316-1-laine@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.8 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: passt-dev@passt.top Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.9 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1678337414827100001 Content-Type: text/plain; charset="utf-8"; x-default="true" Neither of these are modified anywhere in the function, and the function will soon be called with an arg that actually is a const. Signed-off-by: Laine Stump Reviewed-by: Andrea Bolognani Reviewed-by: Michal Privoznik --- src/security/security_selinux.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/security/security_selinux.c b/src/security/security_selinu= x.c index e43962435f..cd1d9d14f7 100644 --- a/src/security/security_selinux.c +++ b/src/security/security_selinux.c @@ -523,8 +523,8 @@ virSecuritySELinuxMCSGetProcessRange(char **sens, } =20 static char * -virSecuritySELinuxContextAddRange(char *src, - char *dst) +virSecuritySELinuxContextAddRange(const char *src, + const char *dst) { const char *str =3D NULL; char *ret =3D NULL; --=20 2.39.2 From nobody Sat May 4 03:49:08 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1678337403; cv=none; d=zohomail.com; s=zohoarc; b=IWIkzlQuwWRTrQu3UbK570A1ddFj1iRhS/OWojm3LYm3L2hjlYO5ZgucL6cXSEqLhMnTwYvT80/vXHq9nh9eaSHvb8h8naOW/Ol0IMo4AWBDa55QuDDemlZNdnMapW/VA3frlJUasOy/vzDrviwovUvwpjrdlI474+Ah5V1BUWo= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1678337403; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=noZ4NokHaL7wbYJq+XDt6uUH4Iro2sQnM0yYE6TpbFo=; b=ERsH/OUgfwq+IDNO/uDWL7Q/dS8bYB3zGek7bmEEd9AFxluiQTCf6QC8cyTFqdZFBCIeVlaG92wo1y671ETx8GcHWtSWdBO4tSgoZdqSPZ1MWil3t9RxjWlgP81q6IQRJ38l+hc0f/L5cHfkq1IggsN7HjwdLWxK2XJ5dF6py4k= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 167833740373975.8789679062669; Wed, 8 Mar 2023 20:50:03 -0800 (PST) Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-457-i4kPCxV2PD6y5nMg8lV6hg-1; Wed, 08 Mar 2023 23:49:16 -0500 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.rdu2.redhat.com [10.11.54.1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id B219C804197; Thu, 9 Mar 2023 04:49:13 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 9DC154097544; Thu, 9 Mar 2023 04:49:13 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 8141D1946A42; Thu, 9 Mar 2023 04:49:13 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.rdu2.redhat.com [10.11.54.8]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 4616519465B5 for ; Thu, 9 Mar 2023 04:49:09 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 2A46FC15BAD; Thu, 9 Mar 2023 04:49:09 +0000 (UTC) Received: from vhost3.router.laine.org (unknown [10.2.16.63]) by smtp.corp.redhat.com (Postfix) with ESMTP id 0A50CC15BA0; Thu, 9 Mar 2023 04:49:08 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1678337402; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=noZ4NokHaL7wbYJq+XDt6uUH4Iro2sQnM0yYE6TpbFo=; b=i+mS+fTq6Lpd6WZwWTLAEZFUeUvvCm7FNG6e1Vig5LWLJoZlGSQYb8+BKzPWCr6FlJtJSL XiouGv+aL2FUdegrqvc90FljsEWDVowk4GV/92QP3tsquttiN8+fOOXmcIl/EANq3V2T5f 4q49cR4DL7uw8ahmV1ySgRtpsS1yxNc= X-MC-Unique: i4kPCxV2PD6y5nMg8lV6hg-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Laine Stump To: libvir-list@redhat.com Subject: [libvirt PATCH 3/4] security: make it possible to set SELinux label of child process from its binary Date: Wed, 8 Mar 2023 23:49:07 -0500 Message-Id: <20230309044908.29316-4-laine@redhat.com> In-Reply-To: <20230309044908.29316-1-laine@redhat.com> References: <20230309044908.29316-1-laine@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.8 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: passt-dev@passt.top Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.1 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1678337404865100001 Content-Type: text/plain; charset="utf-8"; x-default="true" Normally when a child process is started by libvirt, the SELinux label of that process is set to virtd_t (plus an MCS range). In at least one case (passt) we need for the SELinux label of a child process label to match the label that the binary would have transitioned to automatically if it had been run standalone (in the case of passt, that label is passt_t). This patch modifies virSecuritySELinuxSetChildProcessLabel() (and all the functions above it in the call chain) so that the toplevel function can set a new argument "useBinarySpecificLabel" to true. If it is true, then virSecuritySELinuxSetChildProcessLabel() will call the new function virSecuritySELinuxContextSetFromFile(), which uses the selinux library function security_compute_create() to determine what would be the label of the new process if it had been run standalone (rather than being run by libvirt) - the MCS range from the normally-used label is added to this newly derived label, and that is what is used for the new process rather than whatever is in the domain's security label (which will usually be virtd_t). In order to easily verify that nothing was broken by these changes to the call chain, all callers currently set useBinarySpecificPath =3D false, so all behavior should be completely unchanged. (The next patch will set it to true only for the case of running passt.) https://bugzilla.redhat.com/2172267 Signed-off-by: Laine Stump Reviewed-by: Andrea Bolognani Reviewed-by: Michal Privoznik --- src/qemu/qemu_dbus.c | 2 +- src/qemu/qemu_passt.c | 2 +- src/qemu/qemu_process.c | 2 +- src/qemu/qemu_security.c | 5 ++- src/qemu/qemu_security.h | 1 + src/qemu/qemu_slirp.c | 2 +- src/qemu/qemu_tpm.c | 3 +- src/qemu/qemu_vhost_user_gpu.c | 2 +- src/security/security_apparmor.c | 1 + src/security/security_dac.c | 1 + src/security/security_driver.h | 1 + src/security/security_manager.c | 8 +++- src/security/security_manager.h | 1 + src/security/security_nop.c | 1 + src/security/security_selinux.c | 73 +++++++++++++++++++++++++++++++- src/security/security_stack.c | 5 ++- 16 files changed, 99 insertions(+), 11 deletions(-) diff --git a/src/qemu/qemu_dbus.c b/src/qemu/qemu_dbus.c index a6dc802637..2e4067e704 100644 --- a/src/qemu/qemu_dbus.c +++ b/src/qemu/qemu_dbus.c @@ -217,7 +217,7 @@ qemuDBusStart(virQEMUDriver *driver, virCommandDaemonize(cmd); virCommandAddArgFormat(cmd, "--config-file=3D%s", configfile); =20 - if (qemuSecurityCommandRun(driver, vm, cmd, -1, -1, NULL) < 0) + if (qemuSecurityCommandRun(driver, vm, cmd, -1, -1, false, NULL) < 0) goto cleanup; =20 if (virPidFileReadPath(pidfile, &cpid) < 0) { diff --git a/src/qemu/qemu_passt.c b/src/qemu/qemu_passt.c index 0afa8bdb3a..fd0076077e 100644 --- a/src/qemu/qemu_passt.c +++ b/src/qemu/qemu_passt.c @@ -281,7 +281,7 @@ qemuPasstStart(virDomainObj *vm, if (qemuExtDeviceLogCommand(driver, vm, cmd, "passt") < 0) return -1; =20 - if (qemuSecurityCommandRun(driver, vm, cmd, -1, -1, NULL) < 0) + if (qemuSecurityCommandRun(driver, vm, cmd, -1, -1, false, NULL) < 0) goto error; =20 return 0; diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c index deebd03717..be418ad8e6 100644 --- a/src/qemu/qemu_process.c +++ b/src/qemu/qemu_process.c @@ -7747,7 +7747,7 @@ qemuProcessLaunch(virConnectPtr conn, =20 VIR_DEBUG("Setting up security labelling"); if (qemuSecuritySetChildProcessLabel(driver->securityManager, - vm->def, cmd) < 0) + vm->def, false, cmd) < 0) goto cleanup; =20 virCommandSetOutputFD(cmd, &logfile); diff --git a/src/qemu/qemu_security.c b/src/qemu/qemu_security.c index ee03e2225e..8bcef14d08 100644 --- a/src/qemu/qemu_security.c +++ b/src/qemu/qemu_security.c @@ -636,6 +636,7 @@ qemuSecurityCommandRun(virQEMUDriver *driver, virCommand *cmd, uid_t uid, gid_t gid, + bool useBinarySpecificLabel, int *exitstatus) { g_autoptr(virQEMUDriverConfig) cfg =3D virQEMUDriverGetConfig(driver); @@ -643,8 +644,10 @@ qemuSecurityCommandRun(virQEMUDriver *driver, int ret =3D -1; =20 if (virSecurityManagerSetChildProcessLabel(driver->securityManager, - vm->def, cmd) < 0) + vm->def, useBinarySpecificL= abel, + cmd) < 0) { return -1; + } =20 if (uid !=3D (uid_t) -1) virCommandSetUID(cmd, uid); diff --git a/src/qemu/qemu_security.h b/src/qemu/qemu_security.h index dc8e67cc81..10f11771b4 100644 --- a/src/qemu/qemu_security.h +++ b/src/qemu/qemu_security.h @@ -115,6 +115,7 @@ int qemuSecurityCommandRun(virQEMUDriver *driver, virCommand *cmd, uid_t uid, gid_t gid, + bool useBinarySpecificLabel, int *exitstatus); =20 /* Please note that for these APIs there is no wrapper yet. Do NOT blindly= add diff --git a/src/qemu/qemu_slirp.c b/src/qemu/qemu_slirp.c index 9697542cd3..fdf0823d03 100644 --- a/src/qemu/qemu_slirp.c +++ b/src/qemu/qemu_slirp.c @@ -325,7 +325,7 @@ qemuSlirpStart(virDomainObj *vm, if (qemuExtDeviceLogCommand(driver, vm, cmd, "slirp") < 0) goto error; =20 - if (qemuSecurityCommandRun(driver, vm, cmd, -1, -1, NULL) < 0) + if (qemuSecurityCommandRun(driver, vm, cmd, -1, -1, false, NULL) < 0) goto error; =20 rc =3D virPidFileReadPath(pidfile, &pid); diff --git a/src/qemu/qemu_tpm.c b/src/qemu/qemu_tpm.c index 982e5f13b6..abe0ba7429 100644 --- a/src/qemu/qemu_tpm.c +++ b/src/qemu/qemu_tpm.c @@ -962,8 +962,9 @@ qemuTPMEmulatorStart(virQEMUDriver *driver, return -1; =20 if (qemuSecurityCommandRun(driver, vm, cmd, cfg->swtpm_user, - cfg->swtpm_group, NULL) < 0) + cfg->swtpm_group, false, NULL) < 0) { goto error; + } =20 if (virPidFileReadPath(pidfile, &pid) < 0) { virReportError(VIR_ERR_INTERNAL_ERROR, "%s", diff --git a/src/qemu/qemu_vhost_user_gpu.c b/src/qemu/qemu_vhost_user_gpu.c index 5b49ef4e28..ced41b0466 100644 --- a/src/qemu/qemu_vhost_user_gpu.c +++ b/src/qemu/qemu_vhost_user_gpu.c @@ -152,7 +152,7 @@ int qemuExtVhostUserGPUStart(virQEMUDriver *driver, virCommandAddArgFormat(cmd, "--render-node=3D%s", video->accel= ->rendernode); } =20 - if (qemuSecurityCommandRun(driver, vm, cmd, -1, -1, NULL) < 0) + if (qemuSecurityCommandRun(driver, vm, cmd, -1, -1, false, NULL) < 0) goto error; =20 rc =3D virPidFileReadPath(pidfile, &pid); diff --git a/src/security/security_apparmor.c b/src/security/security_appar= mor.c index b63b248975..b5642c9a28 100644 --- a/src/security/security_apparmor.c +++ b/src/security/security_apparmor.c @@ -570,6 +570,7 @@ AppArmorSetSecurityProcessLabel(virSecurityManager *mgr= G_GNUC_UNUSED, static int AppArmorSetSecurityChildProcessLabel(virSecurityManager *mgr G_GNUC_UNUSED, virDomainDef *def, + bool useBinarySpecificLabel G_GNUC_UN= USED, virCommand *cmd) { g_autofree char *profile_name =3D NULL; diff --git a/src/security/security_dac.c b/src/security/security_dac.c index 9be8f458d1..ca3f4d2dc5 100644 --- a/src/security/security_dac.c +++ b/src/security/security_dac.c @@ -2273,6 +2273,7 @@ virSecurityDACSetProcessLabel(virSecurityManager *mgr, static int virSecurityDACSetChildProcessLabel(virSecurityManager *mgr, virDomainDef *def, + bool useBinarySpecificLabel G_GNUC_UNUS= ED, virCommand *cmd) { virSecurityDACData *priv =3D virSecurityManagerGetPrivateData(mgr); diff --git a/src/security/security_driver.h b/src/security/security_driver.h index fe6982ceca..aa1fb2125d 100644 --- a/src/security/security_driver.h +++ b/src/security/security_driver.h @@ -96,6 +96,7 @@ typedef int (*virSecurityDomainSetProcessLabel) (virSecur= ityManager *mgr, virDomainDef *def); typedef int (*virSecurityDomainSetChildProcessLabel) (virSecurityManager *= mgr, virDomainDef *def, + bool useBinarySpecif= icLabel, virCommand *cmd); typedef int (*virSecurityDomainSecurityVerify) (virSecurityManager *mgr, virDomainDef *def); diff --git a/src/security/security_manager.c b/src/security/security_manage= r.c index 2f8e89cb04..b0578d7209 100644 --- a/src/security/security_manager.c +++ b/src/security/security_manager.c @@ -885,10 +885,14 @@ virSecurityManagerSetProcessLabel(virSecurityManager = *mgr, int virSecurityManagerSetChildProcessLabel(virSecurityManager *mgr, virDomainDef *vm, + bool useBinarySpecificLabel, virCommand *cmd) { - if (mgr->drv->domainSetSecurityChildProcessLabel) - return mgr->drv->domainSetSecurityChildProcessLabel(mgr, vm, cmd); + if (mgr->drv->domainSetSecurityChildProcessLabel) { + return mgr->drv->domainSetSecurityChildProcessLabel(mgr, vm, + useBinarySpecif= icLabel, + cmd); + } =20 virReportUnsupportedError(); return -1; diff --git a/src/security/security_manager.h b/src/security/security_manage= r.h index 4afdcc167b..97add3294d 100644 --- a/src/security/security_manager.h +++ b/src/security/security_manager.h @@ -145,6 +145,7 @@ int virSecurityManagerSetProcessLabel(virSecurityManage= r *mgr, virDomainDef *def); int virSecurityManagerSetChildProcessLabel(virSecurityManager *mgr, virDomainDef *def, + bool useBinarySpecificLabel, virCommand *cmd); int virSecurityManagerVerify(virSecurityManager *mgr, virDomainDef *def); diff --git a/src/security/security_nop.c b/src/security/security_nop.c index 0dbc547feb..1413f43d57 100644 --- a/src/security/security_nop.c +++ b/src/security/security_nop.c @@ -152,6 +152,7 @@ virSecurityDomainSetProcessLabelNop(virSecurityManager = *mgr G_GNUC_UNUSED, static int virSecurityDomainSetChildProcessLabelNop(virSecurityManager *mgr G_GNUC_UN= USED, virDomainDef *vm G_GNUC_UNUSED, + bool useBinarySpecificLabel G_GNU= C_UNUSED, virCommand *cmd G_GNUC_UNUSED) { return 0; diff --git a/src/security/security_selinux.c b/src/security/security_selinu= x.c index cd1d9d14f7..7f409af525 100644 --- a/src/security/security_selinux.c +++ b/src/security/security_selinux.c @@ -560,6 +560,52 @@ virSecuritySELinuxContextAddRange(const char *src, return ret; } =20 + +static char * +virSecuritySELinuxContextSetFromFile(const char *origLabel, + const char *binaryPath) +{ + g_autofree char *currentCon =3D NULL; + g_autofree char *binaryCon =3D NULL; + g_autofree char *naturalLabel =3D NULL; + g_autofree char *updatedLabel =3D NULL; + + /* First learn what would be the context set + * if binaryPath was exec'ed from this process. + */ + if (getcon(¤tCon) < 0) { + virReportSystemError(errno, "%s", + _("unable to get SELinux context for current = process")); + return NULL; + } + + if (getfilecon(binaryPath, &binaryCon) < 0) { + virReportSystemError(errno, _("unable to get SELinux context for '= %s'"), + binaryPath); + return NULL; + } + + if (security_compute_create(currentCon, binaryCon, + string_to_security_class("process"), + &naturalLabel) < 0) { + virReportSystemError(errno, + _("unable create new SELinux label based on l= abel '%s' and file '%s'"), + origLabel, binaryPath); + return NULL; + } + + /* now get the type from the original label + * (which already has proper MCS set) and add it to + * the new label + */ + updatedLabel =3D virSecuritySELinuxContextAddRange(origLabel, naturalL= abel); + + VIR_DEBUG("original label: '%s' binary: '%s' binary-specific label: '%= s'", + origLabel, binaryPath, NULLSTR(updatedLabel)); + return g_steal_pointer(&updatedLabel); +} + + static char * virSecuritySELinuxGenNewContext(const char *basecontext, const char *mcs, @@ -2986,10 +3032,13 @@ virSecuritySELinuxSetProcessLabel(virSecurityManage= r *mgr G_GNUC_UNUSED, static int virSecuritySELinuxSetChildProcessLabel(virSecurityManager *mgr G_GNUC_UNUS= ED, virDomainDef *def, + bool useBinarySpecificLabel G_GNUC_= UNUSED, virCommand *cmd) { /* TODO: verify DOI */ virSecurityLabelDef *secdef; + g_autofree char *tmpLabel =3D NULL; + const char *label =3D NULL; =20 secdef =3D virDomainDefGetSecurityLabelDef(def, SECURITY_SELINUX_NAME); if (!secdef || !secdef->label) @@ -3006,8 +3055,30 @@ virSecuritySELinuxSetChildProcessLabel(virSecurityMa= nager *mgr G_GNUC_UNUSED, return -1; } =20 + /* pick either the common label used by most binaries exec'ed by + * libvirt, or the specific label of this binary. + */ + if (useBinarySpecificLabel) { + const char *binaryPath =3D virCommandGetBinaryPath(cmd); + + if (!binaryPath) + return -1; /* error was already logged */ + + tmpLabel =3D virSecuritySELinuxContextSetFromFile(secdef->label, + binaryPath); + if (!tmpLabel) + return -1; + + label =3D tmpLabel; + + } else { + + label =3D secdef->label; + + } + /* save in cmd to be set after fork/before child process is exec'ed */ - virCommandSetSELinuxLabel(cmd, secdef->label); + virCommandSetSELinuxLabel(cmd, label); return 0; } =20 diff --git a/src/security/security_stack.c b/src/security/security_stack.c index 560f797030..369b5dd3a6 100644 --- a/src/security/security_stack.c +++ b/src/security/security_stack.c @@ -458,6 +458,7 @@ virSecurityStackSetProcessLabel(virSecurityManager *mgr, static int virSecurityStackSetChildProcessLabel(virSecurityManager *mgr, virDomainDef *vm, + bool useBinarySpecificLabel, virCommand *cmd) { virSecurityStackData *priv =3D virSecurityManagerGetPrivateData(mgr); @@ -465,8 +466,10 @@ virSecurityStackSetChildProcessLabel(virSecurityManage= r *mgr, int rc =3D 0; =20 for (; item; item =3D item->next) { - if (virSecurityManagerSetChildProcessLabel(item->securityManager, = vm, cmd) < 0) + if (virSecurityManagerSetChildProcessLabel(item->securityManager, = vm, + useBinarySpecificLabel,= cmd) < 0) { rc =3D -1; + } } =20 return rc; --=20 2.39.2 From nobody Sat May 4 03:49:08 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1678337405; cv=none; d=zohomail.com; s=zohoarc; b=JJtP3d8s67Jri9qHu5mquTbe5pegZlfHjZD31P1kSEO08rY+cy1ibVRzLFou75cJEkYWefp+fc/v+hvgamSBWLrrILQT8J4PlwGwRtVbJJeTVNut4zbpRPO+gpGWVv+tdUuq9HomLjQXQnKZrrV1kc//bBdUzpYYOd4BDSe3AXE= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1678337405; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=WlgmTigGD2XGFMX7h2aVjonrp7582+ohZkzih5aYGF4=; b=khAoJorKEoe9wLBMBcp9nmPjMFg6ef021F+odarRHOeeDefaZf+kQzJP16NzvAcR2i3VSQXyhhnVs8t56JURiEGcqtFcv9mNJ6JeZgorgFLVDnGVc0FYdq+E4/H9CxdnlwowzJifAqTF2Gzi9DGsMpxDQ1eomlrxOayWuLPxz1I= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1678337405292113.83658134430846; Wed, 8 Mar 2023 20:50:05 -0800 (PST) Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-435-rNUkYlVBNkG6hnfUkcrYxw-1; Wed, 08 Mar 2023 23:49:15 -0500 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.rdu2.redhat.com [10.11.54.7]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 55BB61C06EE4; Thu, 9 Mar 2023 04:49:12 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 9201014171C3; Thu, 9 Mar 2023 04:49:11 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id D4F9A1946A49; Thu, 9 Mar 2023 04:49:10 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.rdu2.redhat.com [10.11.54.8]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 608D019465B5 for ; Thu, 9 Mar 2023 04:49:09 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 52A40C15BA0; Thu, 9 Mar 2023 04:49:09 +0000 (UTC) Received: from vhost3.router.laine.org (unknown [10.2.16.63]) by smtp.corp.redhat.com (Postfix) with ESMTP id 361A9C15BAE; Thu, 9 Mar 2023 04:49:09 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1678337404; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=WlgmTigGD2XGFMX7h2aVjonrp7582+ohZkzih5aYGF4=; b=Ej2b/qwsz70ksVNrq35TzN8q98m2ezb3UzPTLpJUhnsCFaB9zXlLaQcMhqsGfUbJpeGZ8c VMZ+CjVFcACod7B2D8/tuTPLaFTog8JGuog2M2TIqqrYQQzU5e1zLeGgN2zVyLYarR1KML 61qbW2xz/jT92pXewvEKYI8qOa2pQmg= X-MC-Unique: rNUkYlVBNkG6hnfUkcrYxw-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Laine Stump To: libvir-list@redhat.com Subject: [libvirt PATCH 4/4] qemu: set SELinux label of passt process to its own binary's label Date: Wed, 8 Mar 2023 23:49:08 -0500 Message-Id: <20230309044908.29316-5-laine@redhat.com> In-Reply-To: <20230309044908.29316-1-laine@redhat.com> References: <20230309044908.29316-1-laine@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.8 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: passt-dev@passt.top Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.7 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1678337406821100003 Content-Type: text/plain; charset="utf-8"; x-default="true" set useBinarySpecificLabel =3D true when calling qemuSecurityCommandRun for the passt process, so that the new process context will include the binary-specific label that should be used for passt (passt_t) rather than svirt_t (as would happen if useBinarySpecificLabel was false). (The MCS part of the label, which is common to all child processes related to a particular qemu domain instance, is also set). Resolves: https://bugzilla.redhat.com/2172267 Signed-off-by: Laine Stump Reviewed-by: Andrea Bolognani Reviewed-by: Michal Privoznik --- src/qemu/qemu_passt.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/qemu/qemu_passt.c b/src/qemu/qemu_passt.c index fd0076077e..2153c0ac46 100644 --- a/src/qemu/qemu_passt.c +++ b/src/qemu/qemu_passt.c @@ -281,7 +281,7 @@ qemuPasstStart(virDomainObj *vm, if (qemuExtDeviceLogCommand(driver, vm, cmd, "passt") < 0) return -1; =20 - if (qemuSecurityCommandRun(driver, vm, cmd, -1, -1, false, NULL) < 0) + if (qemuSecurityCommandRun(driver, vm, cmd, -1, -1, true, NULL) < 0) goto error; =20 return 0; --=20 2.39.2