From nobody Wed Apr 1 22:20:02 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=pass(p=reject dis=none) header.from=lists.libvirt.org ARC-Seal: i=1; a=rsa-sha256; t=1775043815; cv=none; d=zohomail.com; s=zohoarc; b=m/01EEl46XNw4M1E/mFdC4CZywTnfxTubsMZATinkU7E6fxHtEUTDONZOi5e22dn8B9Jamm16l8F/pwj2BsliEryr0jWF2qHhf7aRghTq+pmN+PMXuR/TvKMF1MWBPCl1rH9uOErf74yfk50FvVuhrwuKMgJD5TPBo1ZaRx7yvQ= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1775043815; h=Content-Type:Content-Transfer-Encoding:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Owner:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:Reply-To:References:Subject:Subject:To:To:Message-Id:Cc; bh=2NZWE/aZM96jYm6GFxImf4xDyi8awNSX7WRD9Y2lUec=; b=j890zBzD3m3aGJsqmhC2US0Vj4ueDDvB6rIcw8qw7VBhUizJ9GDKJEPcCGMJv8i0MKVnjzSghd3nlHMYVfhOZTYlW/nVo9hVRzRX9VfNr6pS9b0P/trNe6ywQJp7ZzasR0AuqWt41oF+t/PRbJhvY4YercutlREatYvriKexOwM= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1775043815387308.34543919726684; Wed, 1 Apr 2026 04:43:35 -0700 (PDT) Received: by lists.libvirt.org (Postfix, from userid 993) id 92C353F8A1; Wed, 1 Apr 2026 07:43:34 -0400 (EDT) Received: from [172.19.199.12] (lists.libvirt.org [8.43.85.245]) by lists.libvirt.org (Postfix) with ESMTP id 333CB41992; Wed, 1 Apr 2026 07:41:12 -0400 (EDT) Received: by lists.libvirt.org (Postfix, from userid 993) id 2E64F3F35C; Wed, 1 Apr 2026 07:41:05 -0400 (EDT) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (3072 bits) server-digest SHA256) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id C9D2D3F282 for ; Wed, 1 Apr 2026 07:41:04 -0400 (EDT) Received: from mx-prod-mc-08.mail-002.prod.us-west-2.aws.redhat.com (ec2-35-165-154-97.us-west-2.compute.amazonaws.com [35.165.154.97]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-665-VWEepFL6Ne2u01HhDqPAZQ-1; Wed, 01 Apr 2026 07:41:03 -0400 Received: from mx-prod-int-03.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-03.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.12]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-08.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 94C8418002C8 for ; Wed, 1 Apr 2026 11:41:02 +0000 (UTC) Received: from moe (unknown [10.43.3.236]) by mx-prod-int-03.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id F3B7519560AB for ; Wed, 1 Apr 2026 11:41:01 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-1.8 required=5.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,HELO_MISC_IP,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED,RCVD_IN_VALIDITY_RPBL_BLOCKED, RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_PASS autolearn=no autolearn_force=no version=4.0.1 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1775043664; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=2NZWE/aZM96jYm6GFxImf4xDyi8awNSX7WRD9Y2lUec=; b=GADRQNqVRafp/IiNVL8AEBIR8ELVKu+D1y1FHt3kKTiw8TZPthdI1boiiLvzYz2hUaRaf3 EIPJB6Lq3yRHTrGPXmipkUDoN6NyhWCZJb1Zpuzozi56sgGjUl1+XPCKJ/wiF85S2MUeyk JB3muNpUQWHyVfYn3xD5AzreOCHFkOM= X-MC-Unique: VWEepFL6Ne2u01HhDqPAZQ-1 X-Mimecast-MFC-AGG-ID: VWEepFL6Ne2u01HhDqPAZQ_1775043662 To: devel@lists.libvirt.org Subject: [PATCH v2 3/3] security: Don't error out on seclabels of type='none' Date: Wed, 1 Apr 2026 13:40:55 +0200 Message-ID: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.0 on 10.30.177.12 X-Mimecast-Spam-Score: 0 X-Mimecast-MFC-PROC-ID: piYo1UJSxVjcbbP9kJKg5vE3VcehInkatonPzRTmLZ4_1775043662 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Message-ID-Hash: 6XNPSDIGHWBJ5RDLVVUCYJTZMJXZZA22 X-Message-ID-Hash: 6XNPSDIGHWBJ5RDLVVUCYJTZMJXZZA22 X-MailFrom: mprivozn@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; header-match-devel.lists.libvirt.org-0; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.10 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: From: Michal Privoznik via Devel Reply-To: Michal Privoznik X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1775043815734158500 Content-Type: text/plain; charset="utf-8"; x-default="true" From: Michal Privoznik Ever since of commit v1.2.13-rc1~66 the model attribute of a is validated against secdriver names enabled. In nearly all cases this is something users want so that domain XML does not claim to set seclabels of a model that's not enabled. However, consider the following seclabel: It tells us to not bother setting selinux labels on given domain. A mgmt app might format this into domain XML if it sees selinux is disabled on the host. But if that's the case, selinux driver is not loaded and this virSecurityManagerCheckModel() doesn't find it and reports an error. Well, the error doesn't need to be reported as we will just ignore selinux as each driver callback checks if relabel is false (which it is for type=3D'none'). This is true for other secdrivers too. Resolves: https://redhat.atlassian.net/browse/RHEL-156689 Signed-off-by: Michal Privoznik --- src/security/security_manager.c | 23 +++++++++++++++++++---- 1 file changed, 19 insertions(+), 4 deletions(-) diff --git a/src/security/security_manager.c b/src/security/security_manage= r.c index f2f3bb4f19..bef9863799 100644 --- a/src/security/security_manager.c +++ b/src/security/security_manager.c @@ -727,7 +727,8 @@ virSecurityManagerReleaseLabel(virSecurityManager *mgr, =20 =20 static int virSecurityManagerCheckModel(virSecurityManager *mgr, - char *secmodel) + char *secmodel, + bool relabel) { g_autofree virSecurityManager **sec_managers =3D NULL; size_t i; @@ -744,6 +745,11 @@ static int virSecurityManagerCheckModel(virSecurityMan= ager *mgr, } } =20 + if (relabel =3D=3D false) { + VIR_INFO("Ignoring seclabel with model %s and relabel=3Dno", secmo= del); + return 0; + } + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, _("Security driver model '%1$s' is not available"), secmodel); @@ -758,8 +764,11 @@ virSecurityManagerCheckDomainLabel(virSecurityManager = *mgr, size_t i; =20 for (i =3D 0; i < def->nseclabels; i++) { - if (virSecurityManagerCheckModel(mgr, def->seclabels[i]->model) < = 0) + if (virSecurityManagerCheckModel(mgr, + def->seclabels[i]->model, + def->seclabels[i]->relabel) < 0) { return -1; + } } =20 return 0; @@ -773,8 +782,11 @@ virSecurityManagerCheckDiskLabel(virSecurityManager *m= gr, size_t i; =20 for (i =3D 0; i < disk->src->nseclabels; i++) { - if (virSecurityManagerCheckModel(mgr, disk->src->seclabels[i]->mod= el) < 0) + if (virSecurityManagerCheckModel(mgr, + disk->src->seclabels[i]->model, + disk->src->seclabels[i]->relabel)= < 0) { return -1; + } } =20 return 0; @@ -788,8 +800,11 @@ virSecurityManagerCheckChardevLabel(virSecurityManager= *mgr, size_t i; =20 for (i =3D 0; i < dev->source->nseclabels; i++) { - if (virSecurityManagerCheckModel(mgr, dev->source->seclabels[i]->m= odel) < 0) + if (virSecurityManagerCheckModel(mgr, + dev->source->seclabels[i]->model, + dev->source->seclabels[i]->relabe= l) < 0) { return -1; + } } =20 return 0; --=20 2.52.0