[v4] Fix and enable owner remembering

[libvirt] [PATCH v4 00/25] Fix and enable owner remembering

Posted by Michal Privoznik 5 years ago

This is meant for next release to have the most time possible for
testing. Some of the patches were ACKed in v3 already but since they
don't make sense on their own I haven't pushed them.

v4 of:

https://www.redhat.com/archives/libvir-list/2019-March/msg01948.html

As usual, you can find (not only these) patches on my github:

https://github.com/zippy2/libvirt  branch xattr_fixes_v4

diff to v3:
- Some new patches (qemusecuritytest and qemusecuritymock)
- Some other fixes raised by Cole in review of v3 (like double error
  reporting and others)
- Remembering is done only for paths that cannot be shared between
  domains. This renders refcounting needless because the refcounter
  can't ever be greater than one. Nevertheless, I'm keeping it in
  because in the long run I might come up with a solution to the problem
  of shared resources and having refcounters might help.

Michal Prívozník (25):
  qemusecuritymock: Mock virProcessRunInFork
  qemusecuritymock: Fix bit arithmetic
  qemusecuritymock: Actually set error on failure
  qemusecuritymock: Introduce and use freePaths()
  qemusecuritytest: Drop unused variable
  qemusecuritytest: Use AUTOFREE/AUTOUNREF
  qemusecuritytest: Fix capabilities loading
  tools: Slightly rework libvirt_recover_xattrs.sh
  virSecuritySELinuxRestoreAllLabel: Print @migrated in the debug
    message too
  virfile: Make virFileGetXAttr report errors
  virFileSetXAttr: Report error on failure
  virFileRemoveXAttr: Report error on failure
  security: Don't skip label restore on file systems lacking XATTRs
  security: Document @restore member of transaction list
  security_dac: Allow caller to suppress owner remembering
  security_selinux: Allow caller to suppress owner remembering
  qemusecuritymock: Allow some paths to be not restored
  security: Don't remember owner for shared resources
  security: Introduce virSecurityManagerMoveImageMetadata
  security_util: Introduce virSecurityMoveRememberedLabel
  security_dac: Implement virSecurityManagerMoveImageMetadata
  security_selinux: Implement virSecurityManagerMoveImageMetadata
  qemu_security: Implement qemuSecurityMoveImageMetadata
  qemu: Move image security metadata on snapshot activity
  Revert "qemu: Temporary disable owner remembering"

 docs/news.xml                      |  13 ++
 src/libvirt_private.syms           |   2 +
 src/qemu/libvirtd_qemu.aug         |   1 +
 src/qemu/qemu.conf                 |   5 +
 src/qemu/qemu_blockjob.c           |   6 +
 src/qemu/qemu_conf.c               |   4 +
 src/qemu/qemu_driver.c             |  17 +-
 src/qemu/qemu_security.c           |  19 +++
 src/qemu/qemu_security.h           |   5 +
 src/qemu/test_libvirtd_qemu.aug.in |   1 +
 src/security/security_dac.c        | 171 +++++++++++++++----
 src/security/security_driver.h     |   5 +
 src/security/security_manager.c    |  39 +++++
 src/security/security_manager.h    |   4 +
 src/security/security_nop.c        |  10 ++
 src/security/security_selinux.c    | 263 ++++++++++++++++++++---------
 src/security/security_stack.c      |  20 +++
 src/security/security_util.c       |  73 +++++++-
 src/security/security_util.h       |   5 +
 src/util/virfile.c                 |  78 +++++++--
 src/util/virfile.h                 |   5 +
 src/util/virprocess.h              |   3 +-
 tests/qemusecuritymock.c           |  76 +++++++--
 tests/qemusecuritytest.c           | 146 ++++++++++------
 tests/qemusecuritytest.h           |   4 +-
 tools/libvirt_recover_xattrs.sh    |  50 +++---
 26 files changed, 802 insertions(+), 223 deletions(-)

-- 
2.21.0

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCH v4 00/25] Fix and enable owner remembering

Posted by Michal Privoznik 4 years, 10 months ago

On 4/25/19 10:19 AM, Michal Privoznik wrote:
 >
> This is meant for next release to have the most time possible for
> testing. Some of the patches were ACKed in v3 already but since they
> don't make sense on their own I haven't pushed them.
> 
> v4 of:
> 
> https://www.redhat.com/archives/libvir-list/2019-March/msg01948.html
> 
> As usual, you can find (not only these) patches on my github:
> 
> https://github.com/zippy2/libvirt  branch xattr_fixes_v4

Ping?

Michal

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCH v4 00/25] Fix and enable owner remembering

Posted by Daniel P. Berrangé 4 years, 10 months ago

On Mon, Jun 03, 2019 at 06:07:02PM +0200, Michal Privoznik wrote:
> On 4/25/19 10:19 AM, Michal Privoznik wrote:
> >
> > This is meant for next release to have the most time possible for
> > testing. Some of the patches were ACKed in v3 already but since they
> > don't make sense on their own I haven't pushed them.
> > 
> > v4 of:
> > 
> > https://www.redhat.com/archives/libvir-list/2019-March/msg01948.html
> > 
> > As usual, you can find (not only these) patches on my github:
> > 
> > https://github.com/zippy2/libvirt  branch xattr_fixes_v4
> 
> Ping?

Looks good - just have 1 question against patch 18 before I can ack
that patch.


Regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCH v4 00/25] Fix and enable owner remembering

Posted by Michal Privoznik 4 years, 10 months ago

On 6/17/19 3:34 PM, Daniel P. Berrangé wrote:
> On Mon, Jun 03, 2019 at 06:07:02PM +0200, Michal Privoznik wrote:
>> On 4/25/19 10:19 AM, Michal Privoznik wrote:
>>>
>>> This is meant for next release to have the most time possible for
>>> testing. Some of the patches were ACKed in v3 already but since they
>>> don't make sense on their own I haven't pushed them.
>>>
>>> v4 of:
>>>
>>> https://www.redhat.com/archives/libvir-list/2019-March/msg01948.html
>>>
>>> As usual, you can find (not only these) patches on my github:
>>>
>>> https://github.com/zippy2/libvirt  branch xattr_fixes_v4
>>
>> Ping?
> 
> Looks good - just have 1 question against patch 18 before I can ack
> that patch.
> 
> 

Thank you both Dan and Cole for the review! However, given how close to 
the freeze we are and how intrusive this change is, I'd rather keep 
these in a local branch and merge only after the release to give us the 
longest window possible for test.

Michal

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCH v4 00/25] Fix and enable owner remembering

Posted by Michal Prívozník 4 years, 9 months ago

On 6/20/19 2:39 PM, Michal Privoznik wrote:
> On 6/17/19 3:34 PM, Daniel P. Berrangé wrote:
>> On Mon, Jun 03, 2019 at 06:07:02PM +0200, Michal Privoznik wrote:
>>> On 4/25/19 10:19 AM, Michal Privoznik wrote:
>>>>
>>>> This is meant for next release to have the most time possible for
>>>> testing. Some of the patches were ACKed in v3 already but since they
>>>> don't make sense on their own I haven't pushed them.
>>>>
>>>> v4 of:
>>>>
>>>> https://www.redhat.com/archives/libvir-list/2019-March/msg01948.html
>>>>
>>>> As usual, you can find (not only these) patches on my github:
>>>>
>>>> https://github.com/zippy2/libvirt  branch xattr_fixes_v4
>>>
>>> Ping?
>>
>> Looks good - just have 1 question against patch 18 before I can ack
>> that patch.
>>
>>
> 
> Thank you both Dan and Cole for the review! However, given how close to
> the freeze we are and how intrusive this change is, I'd rather keep
> these in a local branch and merge only after the release to give us the
> longest window possible for test.

This is now pushed. I'll work on the follow up patches soon.

Michal

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCH v4 00/25] Fix and enable owner remembering

Posted by Daniel P. Berrangé 4 years, 9 months ago

On Wed, Jul 03, 2019 at 08:56:29AM +0200, Michal Prívozník wrote:
> On 6/20/19 2:39 PM, Michal Privoznik wrote:
> > On 6/17/19 3:34 PM, Daniel P. Berrangé wrote:
> >> On Mon, Jun 03, 2019 at 06:07:02PM +0200, Michal Privoznik wrote:
> >>> On 4/25/19 10:19 AM, Michal Privoznik wrote:
> >>>>
> >>>> This is meant for next release to have the most time possible for
> >>>> testing. Some of the patches were ACKed in v3 already but since they
> >>>> don't make sense on their own I haven't pushed them.
> >>>>
> >>>> v4 of:
> >>>>
> >>>> https://www.redhat.com/archives/libvir-list/2019-March/msg01948.html
> >>>>
> >>>> As usual, you can find (not only these) patches on my github:
> >>>>
> >>>> https://github.com/zippy2/libvirt  branch xattr_fixes_v4
> >>>
> >>> Ping?
> >>
> >> Looks good - just have 1 question against patch 18 before I can ack
> >> that patch.
> >>
> >>
> > 
> > Thank you both Dan and Cole for the review! However, given how close to
> > the freeze we are and how intrusive this change is, I'd rather keep
> > these in a local branch and merge only after the release to give us the
> > longest window possible for test.
> 
> This is now pushed. I'll work on the follow up patches soon.

Looks like we hit a unit test failure on the FreeBSD CI systems.


Regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCH v4 00/25] Fix and enable owner remembering

Posted by Michal Prívozník 4 years, 9 months ago

On 7/3/19 1:17 PM, Daniel P. Berrangé wrote:
> On Wed, Jul 03, 2019 at 08:56:29AM +0200, Michal Prívozník wrote:
>> On 6/20/19 2:39 PM, Michal Privoznik wrote:
>>> On 6/17/19 3:34 PM, Daniel P. Berrangé wrote:
>>>> On Mon, Jun 03, 2019 at 06:07:02PM +0200, Michal Privoznik wrote:
>>>>> On 4/25/19 10:19 AM, Michal Privoznik wrote:
>>>>>>
>>>>>> This is meant for next release to have the most time possible for
>>>>>> testing. Some of the patches were ACKed in v3 already but since they
>>>>>> don't make sense on their own I haven't pushed them.
>>>>>>
>>>>>> v4 of:
>>>>>>
>>>>>> https://www.redhat.com/archives/libvir-list/2019-March/msg01948.html
>>>>>>
>>>>>> As usual, you can find (not only these) patches on my github:
>>>>>>
>>>>>> https://github.com/zippy2/libvirt  branch xattr_fixes_v4
>>>>>
>>>>> Ping?
>>>>
>>>> Looks good - just have 1 question against patch 18 before I can ack
>>>> that patch.
>>>>
>>>>
>>>
>>> Thank you both Dan and Cole for the review! However, given how close to
>>> the freeze we are and how intrusive this change is, I'd rather keep
>>> these in a local branch and merge only after the release to give us the
>>> longest window possible for test.
>>
>> This is now pushed. I'll work on the follow up patches soon.
> 
> Looks like we hit a unit test failure on the FreeBSD CI systems.

Interestingly, I'm unable to reproduce on my virtual FreeBSD. From the
CI logs it looks like the test did not pick up XATTR functions from
qemusecuritymock but the real ones from util/virfile.c. But then again,
something fishy must be going on since I cannot reproduce this on my
FreeBSD machine.

Michal

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCH v4 00/25] Fix and enable owner remembering

Posted by Daniel P. Berrangé 4 years, 9 months ago

On Thu, Jul 04, 2019 at 08:22:04AM +0200, Michal Prívozník wrote:
> On 7/3/19 1:17 PM, Daniel P. Berrangé wrote:
> > On Wed, Jul 03, 2019 at 08:56:29AM +0200, Michal Prívozník wrote:
> >> On 6/20/19 2:39 PM, Michal Privoznik wrote:
> >>> On 6/17/19 3:34 PM, Daniel P. Berrangé wrote:
> >>>> On Mon, Jun 03, 2019 at 06:07:02PM +0200, Michal Privoznik wrote:
> >>>>> On 4/25/19 10:19 AM, Michal Privoznik wrote:
> >>>>>>
> >>>>>> This is meant for next release to have the most time possible for
> >>>>>> testing. Some of the patches were ACKed in v3 already but since they
> >>>>>> don't make sense on their own I haven't pushed them.
> >>>>>>
> >>>>>> v4 of:
> >>>>>>
> >>>>>> https://www.redhat.com/archives/libvir-list/2019-March/msg01948.html
> >>>>>>
> >>>>>> As usual, you can find (not only these) patches on my github:
> >>>>>>
> >>>>>> https://github.com/zippy2/libvirt  branch xattr_fixes_v4
> >>>>>
> >>>>> Ping?
> >>>>
> >>>> Looks good - just have 1 question against patch 18 before I can ack
> >>>> that patch.
> >>>>
> >>>>
> >>>
> >>> Thank you both Dan and Cole for the review! However, given how close to
> >>> the freeze we are and how intrusive this change is, I'd rather keep
> >>> these in a local branch and merge only after the release to give us the
> >>> longest window possible for test.
> >>
> >> This is now pushed. I'll work on the follow up patches soon.
> > 
> > Looks like we hit a unit test failure on the FreeBSD CI systems.
> 
> Interestingly, I'm unable to reproduce on my virtual FreeBSD. From the
> CI logs it looks like the test did not pick up XATTR functions from
> qemusecuritymock but the real ones from util/virfile.c. But then again,
> something fishy must be going on since I cannot reproduce this on my
> FreeBSD machine.

I could reproduce it .... once I actually installed the prereqs to
make QEMU  get enabled in configure - for some reason we have a dep
on readline in the m4/virt-yajl.m4 file that looks liek its probobly
a bug.

Anyway it turned out to be a wierd compiler optimization problem but
was easily worked around by just mocking one more symbol, so I didn't
bother to try to understand the root cause further.

Regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCH v4 00/25] Fix and enable owner remembering

Posted by Andrea Bolognani 4 years, 9 months ago

On Fri, 2019-07-05 at 18:25 +0100, Daniel P. Berrangé wrote:
> On Thu, Jul 04, 2019 at 08:22:04AM +0200, Michal Prívozník wrote:
> > Interestingly, I'm unable to reproduce on my virtual FreeBSD. From the
> > CI logs it looks like the test did not pick up XATTR functions from
> > qemusecuritymock but the real ones from util/virfile.c. But then again,
> > something fishy must be going on since I cannot reproduce this on my
> > FreeBSD machine.
> 
> I could reproduce it .... once I actually installed the prereqs to
> make QEMU  get enabled in configure

I guess you guys didn't use lcitool to prepare the FreeBSD guest in
question? Or is there some problem with it?

> for some reason we have a dep
> on readline in the m4/virt-yajl.m4 file that looks liek its probobly
> a bug.

Yeah, I told Jano to look at m4/virt-readline.m4 for inspiration but
perhaps he took it a bit too far ;) And then of course I failed to
notice during review :(

I just posted a patch fixing this oversight:

  https://www.redhat.com/archives/libvir-list/2019-July/msg00280.html

-- 
Andrea Bolognani / Red Hat / Virtualization

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCH v4 00/25] Fix and enable owner remembering

Posted by Daniel P. Berrangé 4 years, 9 months ago

On Mon, Jul 08, 2019 at 10:00:47AM +0200, Andrea Bolognani wrote:
> On Fri, 2019-07-05 at 18:25 +0100, Daniel P. Berrangé wrote:
> > On Thu, Jul 04, 2019 at 08:22:04AM +0200, Michal Prívozník wrote:
> > > Interestingly, I'm unable to reproduce on my virtual FreeBSD. From the
> > > CI logs it looks like the test did not pick up XATTR functions from
> > > qemusecuritymock but the real ones from util/virfile.c. But then again,
> > > something fishy must be going on since I cannot reproduce this on my
> > > FreeBSD machine.
> > 
> > I could reproduce it .... once I actually installed the prereqs to
> > make QEMU  get enabled in configure
> 
> I guess you guys didn't use lcitool to prepare the FreeBSD guest in
> question? Or is there some problem with it?

This is a general purpose FreeBSD I already have setup for other
purposes.

When I found it didn't reproduce the failure, then I did actually
setup a FreeBSD12 guest with lcitool.

BTW, lcitool fails when you don't have any $HOME/.ssh/id_rsa.pub
file, which is always for me, as my guests run on a remote server
and my key is on my laptop.

It ought to get the key by using "ssh-add -L" to get it from the agent
if no local key exists.


Regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCH v4 00/25] Fix and enable owner remembering

Posted by Andrea Bolognani 4 years, 9 months ago

On Tue, 2019-07-09 at 10:07 +0100, Daniel P. Berrangé wrote:
> BTW, lcitool fails when you don't have any $HOME/.ssh/id_rsa.pub
> file, which is always for me, as my guests run on a remote server
> and my key is on my laptop.
> 
> It ought to get the key by using "ssh-add -L" to get it from the agent
> if no local key exists.

Yeah, this is an issue that I've known about for a long time but
unfortunately never had the time to address :(

-- 
Andrea Bolognani / Red Hat / Virtualization

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list