From nobody Sun May  5 02:54:27 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1556180422; cv=none;
	d=zoho.com; s=zohoarc;
	b=hsUlJTO5NtOq1YxYffKLP577DkSUbKZvkpPhmms6+MxDX9WBhFEC7RP52GJbd/d/vvXWW15JxsNe2KUzWs6PRiZ8FJuEGKzF+zItlD5dABsAnaGUNZsOeZBl+Dn2wSwBWrPT0uWoKGfDNaxhsbyTHYv5WASPl7X5C9iZD2vEL7k=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com;
 s=zohoarc;
	t=1556180422;
 h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results;
	bh=gYYo9OcqBULIyI8yNLvqNtyDXRINcsVruK9cm9xNdJc=;
	b=JUrIBz6pk71xdBMGG1uVw6LiRCc43JwjpCK6xKEQPWXDomgH+RS/VTyb58BBmYB60697p1zQgdUeX6P5h/3SzLbR1/mlNbAvAMBVNGUKp9w4qYJseAx9Vx+ScEHcGz+v0BD/JcoZ56eVij+NxRnzEdnMTusl6eB/bdSZAcub0Ao=
ARC-Authentication-Results: i=1; mx.zoho.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from=<mprivozn@redhat.com> (p=none dis=none)
 header.from=<mprivozn@redhat.com>
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1556180422963993.6334134018929;
 Thu, 25 Apr 2019 01:20:22 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com
 [10.5.11.22])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id 892842DB72B;
	Thu, 25 Apr 2019 08:20:21 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 59CD91001DDE;
	Thu, 25 Apr 2019 08:20:21 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 0EF1941F3E;
	Thu, 25 Apr 2019 08:20:21 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com
	[10.5.11.12])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id x3P8K8Al013819 for <libvir-list@listman.util.phx.redhat.com>;
	Thu, 25 Apr 2019 04:20:08 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id 5BF0460BE5; Thu, 25 Apr 2019 08:20:08 +0000 (UTC)
Received: from moe.brq.redhat.com (unknown [10.43.2.30])
	by smtp.corp.redhat.com (Postfix) with ESMTP id D8F9760C70
	for <libvir-list@redhat.com>; Thu, 25 Apr 2019 08:20:07 +0000 (UTC)
From: Michal Privoznik <mprivozn@redhat.com>
To: libvir-list@redhat.com
Date: Thu, 25 Apr 2019 10:19:37 +0200
Message-Id: 
 <ae7709b5c1ddce7e864d4a0db7293c47eea925f4.1556179410.git.mprivozn@redhat.com>
In-Reply-To: <cover.1556179410.git.mprivozn@redhat.com>
References: <cover.1556179410.git.mprivozn@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12
X-loop: libvir-list@redhat.com
Subject: [libvirt] [PATCH v4 01/25] qemusecuritymock: Mock
	virProcessRunInFork
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.29]);
 Thu, 25 Apr 2019 08:20:22 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"

This test is beautiful. It checks if we haven't messed up
refcounting on security labels (well, XATTRs where the original
owner is stored). It does this by setting up tracking of XATTR
setting/removing into a hash table, then calling
qemuSecuritySetAllLabel() followed by immediate
qemuSecurityRestoreAllLabel() at which point, the hash table must
be empty. The test so beautifully written that now matter
what you do it won't fail. The reason is that all seclabel work
is done in a child process. Therefore, the hash table in the
parent is never changed and thus always empty.

There are two reasons for forking (only one of them makes sense
here though):

1) namespaces - when chown()-ing a file we have to fork() and
make the child enter desired namespace,
2) locking - because of exclusive access to XATTRs we lock the
files we chown() and this is done in a fork (see 207860927ad for
more info).

While we want to fork in real world, we don't want that in a test
suite. Override virProcessRunInFork() then.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Daniel P. Berrang=C3=A9 <berrange@redhat.com>
---
 src/util/virprocess.h    | 3 ++-
 tests/qemusecuritymock.c | 8 ++++++++
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/src/util/virprocess.h b/src/util/virprocess.h
index 8e5b0c2127..c360bfef98 100644
--- a/src/util/virprocess.h
+++ b/src/util/virprocess.h
@@ -108,7 +108,8 @@ typedef int (*virProcessForkCallback)(pid_t ppid,
                                       void *opaque);
=20
 int virProcessRunInFork(virProcessForkCallback cb,
-                        void *opaque);
+                        void *opaque)
+    ATTRIBUTE_NOINLINE;
=20
 int virProcessSetupPrivateMountNS(void);
=20
diff --git a/tests/qemusecuritymock.c b/tests/qemusecuritymock.c
index 4edc5c44ad..d170e5da8f 100644
--- a/tests/qemusecuritymock.c
+++ b/tests/qemusecuritymock.c
@@ -416,3 +416,11 @@ int checkPaths(void)
     virMutexUnlock(&m);
     return ret;
 }
+
+
+int
+virProcessRunInFork(virProcessForkCallback cb,
+                    void *opaque)
+{
+    return cb(-1, opaque);
+}
--=20
2.21.0

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
From nobody Sun May  5 02:54:27 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1556180427; cv=none;
	d=zoho.com; s=zohoarc;
	b=LVuSmUKCcaHX8MbvgyZMFE9RmUxYtrcvc+eJLpwtf8+gLpSSrqkCcuLL+ESLMHktI+43XARWB/BiezPlIstHs6jbh8NCPV+bMl/Jq4wFGh9wX24qjwRK9O27+G+DhM/HfYMhN1mUlwTKQAr2CG2cx0TmfHXAY7+tiwPTgMEwJMM=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com;
 s=zohoarc;
	t=1556180427;
 h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results;
	bh=rbAB3ObA1Nwg2yCNq2zS6Fod3g0aRSe4nQFD5XYfmBc=;
	b=iGqmOQJVfA0vKbClp+qDdIbdlfi69QymYk2IQX8eObEFZ1+6AE+oIPvq6d1+6NdP4DIQO+Iu7C4hJ7ufy0ssxj86f6xFKMQz02oWMdkcmuPpfBU68s/x8YpL5gNuxWIT4jobYnXQLxeWsZ4FFF4uL/pUCgqMGwNnteNl4kwKmmQ=
ARC-Authentication-Results: i=1; mx.zoho.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from=<mprivozn@redhat.com> (p=none dis=none)
 header.from=<mprivozn@redhat.com>
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 155618042710285.33913559731684;
 Thu, 25 Apr 2019 01:20:27 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com
 [10.5.11.23])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id 72A3D3002509;
	Thu, 25 Apr 2019 08:20:25 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 48C4E165D3;
	Thu, 25 Apr 2019 08:20:25 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 09B71181B9F5;
	Thu, 25 Apr 2019 08:20:25 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com
	[10.5.11.12])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id x3P8K9w5013826 for <libvir-list@listman.util.phx.redhat.com>;
	Thu, 25 Apr 2019 04:20:09 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id 2B6FC60BE5; Thu, 25 Apr 2019 08:20:09 +0000 (UTC)
Received: from moe.brq.redhat.com (unknown [10.43.2.30])
	by smtp.corp.redhat.com (Postfix) with ESMTP id A86B460C70
	for <libvir-list@redhat.com>; Thu, 25 Apr 2019 08:20:08 +0000 (UTC)
From: Michal Privoznik <mprivozn@redhat.com>
To: libvir-list@redhat.com
Date: Thu, 25 Apr 2019 10:19:38 +0200
Message-Id: 
 <53049b16e61097d7b527f89af30adb85ef4ce005.1556179410.git.mprivozn@redhat.com>
In-Reply-To: <cover.1556179410.git.mprivozn@redhat.com>
References: <cover.1556179410.git.mprivozn@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12
X-loop: libvir-list@redhat.com
Subject: [libvirt] [PATCH v4 02/25] qemusecuritymock: Fix bit arithmetic
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.45]);
 Thu, 25 Apr 2019 08:20:25 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"

One of the functions of this mock is that it spoofs chown() and
stat() calls. But it is doing so in a clever way: it stores the
new owner on chown() and reports it on subsequent stat(). This is
done by using a 32bit unsigned integer where one half is used to
store uid the other is for gid. Later, when stat() is called the
integer is fetched and split into halves again. Well, my bit
operation skills are poor and the code I've written does not do
that properly.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Daniel P. Berrang=C3=A9 <berrange@redhat.com>
---
 tests/qemusecuritymock.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/qemusecuritymock.c b/tests/qemusecuritymock.c
index d170e5da8f..1ca8bd721f 100644
--- a/tests/qemusecuritymock.c
+++ b/tests/qemusecuritymock.c
@@ -226,7 +226,7 @@ int virFileRemoveXAttr(const char *path,
                 sb->st_gid =3D DEFAULT_GID; \
             } else { \
                 /* Known path. Set values passed to chown() earlier */ \
-                sb->st_uid =3D *val % 16; \
+                sb->st_uid =3D *val & 0xffff; \
                 sb->st_gid =3D *val >> 16; \
             } \
 \
--=20
2.21.0

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
From nobody Sun May  5 02:54:27 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1556180419; cv=none;
	d=zoho.com; s=zohoarc;
	b=iT/YZgFhoLBnEKEZ/wuwZqeGV1B9IYyMXy1lW4NBWw5tzWri80i8l6IRRG5SrKkBak3zqUrP4O6d1k1nvQ1Nv0YR8grZg7yAcv+U75Pg7+lNw/MJxRZZkOxJL/oqxzs2KOOMrFPZ2ZHsprv97GbJq8LuY1XY6ju7O1002OmQcPY=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com;
 s=zohoarc;
	t=1556180419;
 h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results;
	bh=GvGJ9FJUEJ6/Ido8Y28BkffERwQJdDAbCRIiTc2I3YE=;
	b=BAwOXOIOKkiWKNVQRgODodcOvMKFlEG/VbI6iSq3i8uKjwrCUrxZdYuoFOyIzk7jwg/Jl1QpfVJVzHUynQXa4lFBmJXOeIqXXQ5S64iPjGL+GkjXuzU9y4M/yKdQ5PiiNRNG0lZmUzqIW3NcKoF0GIEaGGb4ROP0BRruaDW0lCg=
ARC-Authentication-Results: i=1; mx.zoho.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from=<mprivozn@redhat.com> (p=none dis=none)
 header.from=<mprivozn@redhat.com>
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1556180419391609.959753012324;
 Thu, 25 Apr 2019 01:20:19 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com
 [10.5.11.12])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id D20D0C04BE09;
	Thu, 25 Apr 2019 08:20:13 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 7D93B60BE5;
	Thu, 25 Apr 2019 08:20:13 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id C09EA181B9E0;
	Thu, 25 Apr 2019 08:20:11 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com
	[10.5.11.12])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id x3P8K95k013834 for <libvir-list@listman.util.phx.redhat.com>;
	Thu, 25 Apr 2019 04:20:10 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id F066D60C70; Thu, 25 Apr 2019 08:20:09 +0000 (UTC)
Received: from moe.brq.redhat.com (unknown [10.43.2.30])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 77D7E60BE5
	for <libvir-list@redhat.com>; Thu, 25 Apr 2019 08:20:09 +0000 (UTC)
From: Michal Privoznik <mprivozn@redhat.com>
To: libvir-list@redhat.com
Date: Thu, 25 Apr 2019 10:19:39 +0200
Message-Id: 
 <19c89443b640445fbd7fd90c6613b42a6a80d75a.1556179410.git.mprivozn@redhat.com>
In-Reply-To: <cover.1556179410.git.mprivozn@redhat.com>
References: <cover.1556179410.git.mprivozn@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12
X-loop: libvir-list@redhat.com
Subject: [libvirt] [PATCH v4 03/25] qemusecuritymock: Actually set error on
	failure
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.31]);
 Thu, 25 Apr 2019 08:20:18 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"

I don't really know what happened when I was writing the original
code, but even if error was to be set the corresponding boolean
was set to false meaning no error.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Daniel P. Berrang=C3=A9 <berrange@redhat.com>
---
 tests/qemusecuritymock.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tests/qemusecuritymock.c b/tests/qemusecuritymock.c
index 1ca8bd721f..e52a41067a 100644
--- a/tests/qemusecuritymock.c
+++ b/tests/qemusecuritymock.c
@@ -366,7 +366,7 @@ checkOwner(void *payload,
         fprintf(stderr,
                 "Path %s wasn't restored back to its original owner\n",
                 (const char *) name);
-        *chown_fail =3D false;
+        *chown_fail =3D true;
     }
=20
     return 0;
@@ -382,7 +382,7 @@ printXATTR(void *payload,
=20
     /* The fact that we are in this function means that there are
      * some XATTRs left behind. This is enough to claim an error. */
-    *xattr_fail =3D false;
+    *xattr_fail =3D true;
=20
     /* Hash table key consists of "$path:$xattr_name", xattr
      * value is then the value stored in the hash table. */
--=20
2.21.0

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
From nobody Sun May  5 02:54:27 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1556180429; cv=none;
	d=zoho.com; s=zohoarc;
	b=OCcItNJTia6sQ6ejX2yj4kt8XwImQVECPJG07JezS/Tz9EbuXf+rwnFj0Or3o6mY8/yFGRtrTfTQJLS26biEvMz60ef+jn2f33J3s7W/KsoJ6yJNfhmjbYtuzVBJWNYlEj9U53F+0ugvJj5S0SnfKk0sLGS7XPldAkqkqMUxjnM=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com;
 s=zohoarc;
	t=1556180429;
 h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results;
	bh=F2qrrwK6qXbuz9EHyVDM9A2pfLj1fRD/LIUpYiidLQg=;
	b=N+QaBnYrGzrAMsoEyYxSK8C3/yzZVFlO8AmsuzP+ezOjyckcjePKJ7nnbjB21EDkGDiCoZ2V2puNMY64P4mGsgPBTw+h9VFA4IjRFoF9Mf7pv6wliJNXYfGkTArzhr5LVC+5wu48Es3PGa2/ML+U8D/MlvjYK4o3wgGDNsi44ro=
ARC-Authentication-Results: i=1; mx.zoho.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from=<mprivozn@redhat.com> (p=none dis=none)
 header.from=<mprivozn@redhat.com>
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1556180429981201.1579782825786;
 Thu, 25 Apr 2019 01:20:29 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com
 [10.5.11.15])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id E374189C3E;
	Thu, 25 Apr 2019 08:20:28 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id AA2505D72F;
	Thu, 25 Apr 2019 08:20:28 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 719E13FB10;
	Thu, 25 Apr 2019 08:20:28 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com
	[10.5.11.12])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id x3P8KAoY013842 for <libvir-list@listman.util.phx.redhat.com>;
	Thu, 25 Apr 2019 04:20:10 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id C03A060C70; Thu, 25 Apr 2019 08:20:10 +0000 (UTC)
Received: from moe.brq.redhat.com (unknown [10.43.2.30])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 4881F60BE5
	for <libvir-list@redhat.com>; Thu, 25 Apr 2019 08:20:10 +0000 (UTC)
From: Michal Privoznik <mprivozn@redhat.com>
To: libvir-list@redhat.com
Date: Thu, 25 Apr 2019 10:19:40 +0200
Message-Id: 
 <08b37dc26d0f976cbc93c9da20d6828126bb0110.1556179410.git.mprivozn@redhat.com>
In-Reply-To: <cover.1556179410.git.mprivozn@redhat.com>
References: <cover.1556179410.git.mprivozn@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12
X-loop: libvir-list@redhat.com
Subject: [libvirt] [PATCH v4 04/25] qemusecuritymock: Introduce and use
	freePaths()
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.27]);
 Thu, 25 Apr 2019 08:20:29 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"

Problem with current approach is that if
qemuSecuritySetAllLabel() fails, then the @chown_paths and
@xattr_paths hash tables are not freed and preserve values
already stored there into the next test case.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Daniel P. Berrang=C3=A9 <berrange@redhat.com>
---
 tests/qemusecuritymock.c | 14 ++++++++++++--
 tests/qemusecuritytest.c |  1 +
 tests/qemusecuritytest.h |  2 ++
 3 files changed, 15 insertions(+), 2 deletions(-)

diff --git a/tests/qemusecuritymock.c b/tests/qemusecuritymock.c
index e52a41067a..815bd44d76 100644
--- a/tests/qemusecuritymock.c
+++ b/tests/qemusecuritymock.c
@@ -411,13 +411,23 @@ int checkPaths(void)
=20
     ret =3D 0;
  cleanup:
-    virHashRemoveAll(chown_paths);
-    virHashRemoveAll(xattr_paths);
     virMutexUnlock(&m);
     return ret;
 }
=20
=20
+void freePaths(void)
+{
+    virMutexLock(&m);
+    init_hash();
+
+    virHashFree(chown_paths);
+    virHashFree(xattr_paths);
+    chown_paths =3D xattr_paths =3D NULL;
+    virMutexUnlock(&m);
+}
+
+
 int
 virProcessRunInFork(virProcessForkCallback cb,
                     void *opaque)
diff --git a/tests/qemusecuritytest.c b/tests/qemusecuritytest.c
index 79d4f744b6..9ac953f388 100644
--- a/tests/qemusecuritytest.c
+++ b/tests/qemusecuritytest.c
@@ -125,6 +125,7 @@ testDomain(const void *opaque)
     unsetenv(ENVVAR);
     virObjectUnref(vm);
     virObjectUnref(securityManager);
+    freePaths();
     return ret;
 }
=20
diff --git a/tests/qemusecuritytest.h b/tests/qemusecuritytest.h
index a26014b5dc..29c6a9c998 100644
--- a/tests/qemusecuritytest.h
+++ b/tests/qemusecuritytest.h
@@ -23,4 +23,6 @@
=20
 extern int checkPaths(void);
=20
+extern void freePaths(void);
+
 #endif /* LIBVIRT_QEMUSECURITYTEST_H */
--=20
2.21.0

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
From nobody Sun May  5 02:54:27 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1556180419; cv=none;
	d=zoho.com; s=zohoarc;
	b=M9xOuqsYN8MEo3i1v0Mbq7aoEpezkFXmuCbmyi9xzDIdG76xeVTY7pIjByzwKyMD9gMnWvMO5fxXmEz2/BX5C4qFIO290yh5iO0XZOThvpEID9TaQ9QoXnrQveqAATQhetBzN7VlmB1A9ye5xLD8vzAwJF/DPB7CLULKgMDtwY0=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com;
 s=zohoarc;
	t=1556180419;
 h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results;
	bh=471C9na2NhUKVDLdwq4rJlCIcQqG6IYoV+pCYVmyupE=;
	b=QH+eGBZOeboeohAC+24cm8S4ytM7TOsrvHmRCoTgCADgna6R4AczYtRjdjRQPFteuFW0OW0YEg3f46Wlb1dzYx+lgg+iwk8k3ZeUowCI2x/frzCqGFOvF2fIA9hPRzi9vmQjlr3fnG8nzZOMTLpRK1Sa7IBf+yVQ3edHTIXHdck=
ARC-Authentication-Results: i=1; mx.zoho.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from=<mprivozn@redhat.com> (p=none dis=none)
 header.from=<mprivozn@redhat.com>
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 155618041939637.88143739751945;
 Thu, 25 Apr 2019 01:20:19 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com
 [10.5.11.14])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id 0F788307E055;
	Thu, 25 Apr 2019 08:20:16 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id DB1595D9C5;
	Thu, 25 Apr 2019 08:20:15 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 98954181B9E6;
	Thu, 25 Apr 2019 08:20:15 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com
	[10.5.11.12])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id x3P8KBi7013847 for <libvir-list@listman.util.phx.redhat.com>;
	Thu, 25 Apr 2019 04:20:11 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id 9284660C8E; Thu, 25 Apr 2019 08:20:11 +0000 (UTC)
Received: from moe.brq.redhat.com (unknown [10.43.2.30])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 1972B60BE5
	for <libvir-list@redhat.com>; Thu, 25 Apr 2019 08:20:10 +0000 (UTC)
From: Michal Privoznik <mprivozn@redhat.com>
To: libvir-list@redhat.com
Date: Thu, 25 Apr 2019 10:19:41 +0200
Message-Id: 
 <b837f1f171cda351f16b67941202e7ba0de8ac89.1556179410.git.mprivozn@redhat.com>
In-Reply-To: <cover.1556179410.git.mprivozn@redhat.com>
References: <cover.1556179410.git.mprivozn@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12
X-loop: libvir-list@redhat.com
Subject: [libvirt] [PATCH v4 05/25] qemusecuritytest: Drop unused variable
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.42]);
 Thu, 25 Apr 2019 08:20:18 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"

The @securityManager variable in testDomain() is unused. Drop it.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Daniel P. Berrang=C3=A9 <berrange@redhat.com>
---
 tests/qemusecuritytest.c | 2 --
 1 file changed, 2 deletions(-)

diff --git a/tests/qemusecuritytest.c b/tests/qemusecuritytest.c
index 9ac953f388..993b532329 100644
--- a/tests/qemusecuritytest.c
+++ b/tests/qemusecuritytest.c
@@ -100,7 +100,6 @@ static int
 testDomain(const void *opaque)
 {
     const struct testData *data =3D opaque;
-    virSecurityManagerPtr securityManager =3D NULL;
     virDomainObjPtr vm =3D NULL;
     int ret =3D -1;
=20
@@ -124,7 +123,6 @@ testDomain(const void *opaque)
  cleanup:
     unsetenv(ENVVAR);
     virObjectUnref(vm);
-    virObjectUnref(securityManager);
     freePaths();
     return ret;
 }
--=20
2.21.0

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
From nobody Sun May  5 02:54:27 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1556180423; cv=none;
	d=zoho.com; s=zohoarc;
	b=jHG4IZ7KoX068j/M7YAiPv7DlGtv1t7lUr2L7VxRll3pJ12nYmrQWzArb0mymCnCQez2n4UKKtERiJ5/WDuWJH1o1gphL7Vv7ubDp2kNDMZ1HST3TosMrqaoctzsZ85OggSkXuEV6HFrFVUv9iOP0DMdov80KeHcEr7iBywC/Sw=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com;
 s=zohoarc;
	t=1556180423;
 h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results;
	bh=Al3xxFSw3FkWJ7WefX2gGaGSQA7Sgajdb9Wj5dsMy4c=;
	b=eCVeCn8U7/Lz9/FKXs0bYAmMSLcnFx1LrQVHpQzuGPqFNRbWr9SCs70eNFjfwriOmgjsoUb7i13J/wZVyRA2qMwdNCXgqDK7AQNnH4H9w4jwQGEd5u4zdOH4TS0VB74L0d2z45wwYn97V4hYKfA9NJ8kzMYd4Iwy8ZodRHZyVNw=
ARC-Authentication-Results: i=1; mx.zoho.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from=<mprivozn@redhat.com> (p=none dis=none)
 header.from=<mprivozn@redhat.com>
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1556180423217679.3970166027756;
 Thu, 25 Apr 2019 01:20:23 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com
 [10.5.11.16])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id 93E4B81254;
	Thu, 25 Apr 2019 08:20:21 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 6024F5F9AC;
	Thu, 25 Apr 2019 08:20:21 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 0E19E181B9EF;
	Thu, 25 Apr 2019 08:20:21 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com
	[10.5.11.12])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id x3P8KCs8013855 for <libvir-list@listman.util.phx.redhat.com>;
	Thu, 25 Apr 2019 04:20:12 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id 6125460C8E; Thu, 25 Apr 2019 08:20:12 +0000 (UTC)
Received: from moe.brq.redhat.com (unknown [10.43.2.30])
	by smtp.corp.redhat.com (Postfix) with ESMTP id DEE3C60BE5
	for <libvir-list@redhat.com>; Thu, 25 Apr 2019 08:20:11 +0000 (UTC)
From: Michal Privoznik <mprivozn@redhat.com>
To: libvir-list@redhat.com
Date: Thu, 25 Apr 2019 10:19:42 +0200
Message-Id: 
 <5dffaf34683c45678da27dd6f9a0b59aa13f7d71.1556179410.git.mprivozn@redhat.com>
In-Reply-To: <cover.1556179410.git.mprivozn@redhat.com>
References: <cover.1556179410.git.mprivozn@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12
X-loop: libvir-list@redhat.com
Subject: [libvirt] [PATCH v4 06/25] qemusecuritytest: Use AUTOFREE/AUTOUNREF
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.25]);
 Thu, 25 Apr 2019 08:20:22 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"

This simplifies the code a bit and removes the need for cleanup
label in one case. In the other case the label is kept because
it's going to be used later.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Daniel P. Berrang=C3=A9 <berrange@redhat.com>
---
 tests/qemusecuritytest.c | 50 +++++++++++++++++-----------------------
 1 file changed, 21 insertions(+), 29 deletions(-)

diff --git a/tests/qemusecuritytest.c b/tests/qemusecuritytest.c
index 993b532329..e7121837a1 100644
--- a/tests/qemusecuritytest.c
+++ b/tests/qemusecuritytest.c
@@ -37,29 +37,29 @@ struct testData {
 static int
 prepareObjects(virQEMUDriverPtr driver,
                const char *xmlname,
-               virDomainObjPtr *vm)
+               virDomainObjPtr *vm_ret)
 {
     qemuDomainObjPrivatePtr priv;
-    char *filename =3D NULL;
-    char *domxml =3D NULL;
-    int ret =3D -1;
+    VIR_AUTOUNREF(virDomainObjPtr) vm =3D NULL;
+    VIR_AUTOFREE(char *) filename =3D NULL;
+    VIR_AUTOFREE(char *) domxml =3D NULL;
=20
     if (virAsprintf(&filename, "%s/qemuxml2argvdata/%s.xml", abs_srcdir, x=
mlname) < 0)
         return -1;
=20
     if (virTestLoadFile(filename, &domxml) < 0)
-        goto cleanup;
+        return -1;
=20
-    if (!(*vm =3D virDomainObjNew(driver->xmlopt)))
-        goto cleanup;
+    if (!(vm =3D virDomainObjNew(driver->xmlopt)))
+        return -1;
=20
-    (*vm)->pid =3D -1;
-    priv =3D (*vm)->privateData;
+    vm->pid =3D -1;
+    priv =3D vm->privateData;
     priv->chardevStdioLogd =3D false;
     priv->rememberOwner =3D true;
=20
     if (!(priv->qemuCaps =3D virQEMUCapsNew()))
-        goto cleanup;
+        return -1;
=20
     virQEMUCapsSetList(priv->qemuCaps,
                        QEMU_CAPS_DEVICE_DMI_TO_PCI_BRIDGE,
@@ -75,24 +75,17 @@ prepareObjects(virQEMUDriverPtr driver,
                        QEMU_CAPS_LAST);
=20
     if (qemuTestCapsCacheInsert(driver->qemuCapsCache, priv->qemuCaps) < 0)
-        goto cleanup;
+        return -1;
=20
-    if (!((*vm)->def =3D virDomainDefParseString(domxml,
-                                               driver->caps,
-                                               driver->xmlopt,
-                                               NULL,
-                                               0)))
-        goto cleanup;
+    if (!(vm->def =3D virDomainDefParseString(domxml,
+                                            driver->caps,
+                                            driver->xmlopt,
+                                            NULL,
+                                            0)))
+        return -1;
=20
-    ret =3D 0;
- cleanup:
-    if (ret < 0) {
-        virObjectUnref(*vm);
-        *vm =3D NULL;
-    }
-    VIR_FREE(domxml);
-    VIR_FREE(filename);
-    return ret;
+    VIR_STEAL_PTR(*vm_ret, vm);
+    return 0;
 }
=20
=20
@@ -100,7 +93,7 @@ static int
 testDomain(const void *opaque)
 {
     const struct testData *data =3D opaque;
-    virDomainObjPtr vm =3D NULL;
+    VIR_AUTOUNREF(virDomainObjPtr) vm =3D NULL;
     int ret =3D -1;
=20
     if (prepareObjects(data->driver, data->file, &vm) < 0)
@@ -109,7 +102,7 @@ testDomain(const void *opaque)
     /* Mocking is enabled only when this env variable is set.
      * See mock code for explanation. */
     if (setenv(ENVVAR, "1", 0) < 0)
-        goto cleanup;
+        return -1;
=20
     if (qemuSecuritySetAllLabel(data->driver, vm, NULL) < 0)
         goto cleanup;
@@ -122,7 +115,6 @@ testDomain(const void *opaque)
     ret =3D 0;
  cleanup:
     unsetenv(ENVVAR);
-    virObjectUnref(vm);
     freePaths();
     return ret;
 }
--=20
2.21.0

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
From nobody Sun May  5 02:54:27 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1556180435; cv=none;
	d=zoho.com; s=zohoarc;
	b=aWe1yju0ZWOT2bmtP4aJ2Ax3Ty7ZUC7eAfupbPHnTZ9Ph2qQbbHh9o5fL8oMUnmJtCx4Ds+a85fgdw/AomoudAca4Fcm1U/zzJdbxwGyjZcnyYHjbpRMfBGDL7ikeMA57GmfnhWVUIdQ1afbR4aog2sqf3tuHJFxaDy9qeun+vA=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com;
 s=zohoarc;
	t=1556180435;
 h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results;
	bh=Q/fJTCsIiXKemSvx3kHyIQhRa653IgEyxYH/qVHwXRU=;
	b=jGTZNYQKReHBy2G2Porr1Thr4BEKtaYHyIWCtAE16moQ2aQ1Gr/YP+3/KyDRFJfo7jULHQ7JYsNOiAbR5PH6dupDJq4eurkNgfNHmM5efY5iJ5mMOSgQk6xTtX+BnQBxLOyJh1y3R5y1ygtoxL6Z6iIcA1NwoVPz2OCdnpusnqM=
ARC-Authentication-Results: i=1; mx.zoho.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from=<mprivozn@redhat.com> (p=none dis=none)
 header.from=<mprivozn@redhat.com>
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1556180435923655.9752514641979;
 Thu, 25 Apr 2019 01:20:35 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com
 [10.5.11.14])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id 707B0C0578F2;
	Thu, 25 Apr 2019 08:20:34 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 44CFB5D9CD;
	Thu, 25 Apr 2019 08:20:34 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id ED690181B9EF;
	Thu, 25 Apr 2019 08:20:33 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com
	[10.5.11.12])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id x3P8KDtb013865 for <libvir-list@listman.util.phx.redhat.com>;
	Thu, 25 Apr 2019 04:20:13 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id 3241360C99; Thu, 25 Apr 2019 08:20:13 +0000 (UTC)
Received: from moe.brq.redhat.com (unknown [10.43.2.30])
	by smtp.corp.redhat.com (Postfix) with ESMTP id AE71C60BE5
	for <libvir-list@redhat.com>; Thu, 25 Apr 2019 08:20:12 +0000 (UTC)
From: Michal Privoznik <mprivozn@redhat.com>
To: libvir-list@redhat.com
Date: Thu, 25 Apr 2019 10:19:43 +0200
Message-Id: 
 <0cc0928b4a9c7157ea3718930052f456620056dc.1556179410.git.mprivozn@redhat.com>
In-Reply-To: <cover.1556179410.git.mprivozn@redhat.com>
References: <cover.1556179410.git.mprivozn@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12
X-loop: libvir-list@redhat.com
Subject: [libvirt] [PATCH v4 07/25] qemusecuritytest: Fix capabilities
	loading
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.31]);
 Thu, 25 Apr 2019 08:20:35 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"

Having to enumerate all capabilities that we want domain to have
is too verbose and prevents us from adding more tests. Have the
domain always have the latest x86_64 capabilities. This means
that we have to drop two arm tests, but on the other hand, I'm
introducing 50 new cases. I've listed 50 biggest .args files and
added those:

  libvirt.git $ ls -Sr $(find tests/qemuxml2argvdata/ \
  -type f -iname "*.x86_64-latest.args") | tail -n 50

Except for two:
1) disk-backing-chains-noindex - this XML has some disks with
backing chain. And since set is done on the whole backing chain
and restore only on the top layer this would lead to instant test
failure. Don't worry, secdrivers will be fixed shortly too and
the test case will be added.

2) hostdev-mdev-display-spice-egl-headless - for this XML
secdriver tries to find IOMMU group that mdev lives in. Since we
are not mocking sysfs access this test case would fail.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Daniel P. Berrang=C3=A9 <berrange@redhat.com>
---
 tests/qemusecuritytest.c | 69 ++++++++++++++++++++++++++++++----------
 1 file changed, 53 insertions(+), 16 deletions(-)

diff --git a/tests/qemusecuritytest.c b/tests/qemusecuritytest.c
index e7121837a1..86347f8625 100644
--- a/tests/qemusecuritytest.c
+++ b/tests/qemusecuritytest.c
@@ -43,6 +43,7 @@ prepareObjects(virQEMUDriverPtr driver,
     VIR_AUTOUNREF(virDomainObjPtr) vm =3D NULL;
     VIR_AUTOFREE(char *) filename =3D NULL;
     VIR_AUTOFREE(char *) domxml =3D NULL;
+    VIR_AUTOFREE(char *) latestCapsFile =3D NULL;
=20
     if (virAsprintf(&filename, "%s/qemuxml2argvdata/%s.xml", abs_srcdir, x=
mlname) < 0)
         return -1;
@@ -58,21 +59,11 @@ prepareObjects(virQEMUDriverPtr driver,
     priv->chardevStdioLogd =3D false;
     priv->rememberOwner =3D true;
=20
-    if (!(priv->qemuCaps =3D virQEMUCapsNew()))
+    if (!(latestCapsFile =3D testQemuGetLatestCapsForArch("x86_64", "xml")=
))
         return -1;
=20
-    virQEMUCapsSetList(priv->qemuCaps,
-                       QEMU_CAPS_DEVICE_DMI_TO_PCI_BRIDGE,
-                       QEMU_CAPS_DEVICE_DMI_TO_PCI_BRIDGE,
-                       QEMU_CAPS_DEVICE_IOH3420,
-                       QEMU_CAPS_DEVICE_PCI_BRIDGE,
-                       QEMU_CAPS_DEVICE_PCI_BRIDGE,
-                       QEMU_CAPS_DEVICE_VIRTIO_MMIO,
-                       QEMU_CAPS_DEVICE_VIRTIO_RNG,
-                       QEMU_CAPS_OBJECT_GPEX,
-                       QEMU_CAPS_OBJECT_RNG_RANDOM,
-                       QEMU_CAPS_VIRTIO_SCSI,
-                       QEMU_CAPS_LAST);
+    if (!(priv->qemuCaps =3D qemuTestParseCapabilitiesArch(VIR_ARCH_X86_64=
, latestCapsFile)))
+        return -1;
=20
     if (qemuTestCapsCacheInsert(driver->qemuCapsCache, priv->qemuCaps) < 0)
         return -1;
@@ -148,11 +139,57 @@ mymain(void)
             ret =3D -1; \
     } while (0)
=20
+    DO_TEST_DOMAIN("acpi-table");
+    DO_TEST_DOMAIN("channel-unix-guestfwd");
+    DO_TEST_DOMAIN("console-virtio-unix");
+    DO_TEST_DOMAIN("controller-virtio-scsi");
+    DO_TEST_DOMAIN("disk-aio");
+    DO_TEST_DOMAIN("disk-cache");
+    DO_TEST_DOMAIN("disk-cdrom");
+    DO_TEST_DOMAIN("disk-cdrom-bus-other");
+    DO_TEST_DOMAIN("disk-cdrom-network");
+    DO_TEST_DOMAIN("disk-cdrom-tray");
+    DO_TEST_DOMAIN("disk-copy_on_read");
+    DO_TEST_DOMAIN("disk-detect-zeroes");
+    DO_TEST_DOMAIN("disk-error-policy");
+    DO_TEST_DOMAIN("disk-floppy");
+    DO_TEST_DOMAIN("disk-floppy-q35-2_11");
+    DO_TEST_DOMAIN("disk-floppy-q35-2_9");
+    DO_TEST_DOMAIN("disk-network-gluster");
+    DO_TEST_DOMAIN("disk-network-iscsi");
+    DO_TEST_DOMAIN("disk-network-nbd");
+    DO_TEST_DOMAIN("disk-network-rbd");
+    DO_TEST_DOMAIN("disk-network-sheepdog");
+    DO_TEST_DOMAIN("disk-network-source-auth");
+    DO_TEST_DOMAIN("disk-network-tlsx509");
+    DO_TEST_DOMAIN("disk-readonly-disk");
+    DO_TEST_DOMAIN("disk-scsi");
+    DO_TEST_DOMAIN("disk-scsi-device-auto");
+    DO_TEST_DOMAIN("disk-shared");
     DO_TEST_DOMAIN("disk-virtio");
+    DO_TEST_DOMAIN("disk-virtio-scsi-reservations");
+    DO_TEST_DOMAIN("graphics-vnc-tls-secret");
+    DO_TEST_DOMAIN("hugepages-nvdimm");
+    DO_TEST_DOMAIN("iothreads-virtio-scsi-pci");
+    DO_TEST_DOMAIN("memory-hotplug-nvdimm");
+    DO_TEST_DOMAIN("memory-hotplug-nvdimm-access");
+    DO_TEST_DOMAIN("memory-hotplug-nvdimm-align");
+    DO_TEST_DOMAIN("memory-hotplug-nvdimm-label");
+    DO_TEST_DOMAIN("memory-hotplug-nvdimm-pmem");
+    DO_TEST_DOMAIN("memory-hotplug-nvdimm-readonly");
+    DO_TEST_DOMAIN("net-vhostuser");
+    DO_TEST_DOMAIN("os-firmware-bios");
+    DO_TEST_DOMAIN("os-firmware-efi");
+    DO_TEST_DOMAIN("os-firmware-efi-secboot");
     DO_TEST_DOMAIN("pci-bridge-many-disks");
-    DO_TEST_DOMAIN("arm-virt-virtio");
-    DO_TEST_DOMAIN("aarch64-virtio-pci-manual-addresses");
-    DO_TEST_DOMAIN("acpi-table");
+    DO_TEST_DOMAIN("tseg-explicit-size");
+    DO_TEST_DOMAIN("usb-redir-unix");
+    DO_TEST_DOMAIN("virtio-non-transitional");
+    DO_TEST_DOMAIN("virtio-transitional");
+    DO_TEST_DOMAIN("x86_64-pc-graphics");
+    DO_TEST_DOMAIN("x86_64-pc-headless");
+    DO_TEST_DOMAIN("x86_64-q35-graphics");
+    DO_TEST_DOMAIN("x86_64-q35-headless");
=20
  cleanup:
     qemuTestDriverFree(&driver);
--=20
2.21.0

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
From nobody Sun May  5 02:54:27 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1556180426; cv=none;
	d=zoho.com; s=zohoarc;
	b=Uehr0oL87s/nEFzgU8Mtdc2GjgRLC+C32l5ChWQPf9gGuChBI0jHJTELzSSzkekozboLyrwlJCFKpuV1D2KTAKkpnGjzDsouAO5RPITqIFpJFMTwl/0gXjjN698+WsS0yw1MyMeVqVlSWrzpYKDzucs+6mQxdRcCwQsu/nz6Eik=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com;
 s=zohoarc;
	t=1556180426;
 h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results;
	bh=+XjlqDJn7D5kGjkXUdgx8jRtWtYaacUCufYSqnciy0Q=;
	b=SEGkeWCA5Ya2OBnluQuoqUoTWivxhiwaPpV8IHwgyAhgZ/2tQfvInbEg5Oci19zpnPAbvJEI3+YL6b/vkAddH89WmvfXvUaw9XnJ7Ay/5Dxv1X20HcIRQNmFhtP8sZhYScOBlx4MYb+3uSatAEuQ+V3XAHqVGG5aRxIs3oNYq0I=
ARC-Authentication-Results: i=1; mx.zoho.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from=<mprivozn@redhat.com> (p=none dis=none)
 header.from=<mprivozn@redhat.com>
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1556180426940663.1284633209667;
 Thu, 25 Apr 2019 01:20:26 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com
 [10.5.11.16])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id 9273CC058CA4;
	Thu, 25 Apr 2019 08:20:25 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 6A1E2508E9;
	Thu, 25 Apr 2019 08:20:25 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 2C53E181B9F1;
	Thu, 25 Apr 2019 08:20:25 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com
	[10.5.11.12])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id x3P8KE1V013875 for <libvir-list@listman.util.phx.redhat.com>;
	Thu, 25 Apr 2019 04:20:14 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id 0096A60C70; Thu, 25 Apr 2019 08:20:14 +0000 (UTC)
Received: from moe.brq.redhat.com (unknown [10.43.2.30])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 7E07A60C8E
	for <libvir-list@redhat.com>; Thu, 25 Apr 2019 08:20:13 +0000 (UTC)
From: Michal Privoznik <mprivozn@redhat.com>
To: libvir-list@redhat.com
Date: Thu, 25 Apr 2019 10:19:44 +0200
Message-Id: 
 <e03af4a75f1c0e63028fafb4fd52a81616ae9eb1.1556179410.git.mprivozn@redhat.com>
In-Reply-To: <cover.1556179410.git.mprivozn@redhat.com>
References: <cover.1556179410.git.mprivozn@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12
X-loop: libvir-list@redhat.com
Subject: [libvirt] [PATCH v4 08/25] tools: Slightly rework
	libvirt_recover_xattrs.sh
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.32]);
 Thu, 25 Apr 2019 08:20:26 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"

Firstly, there's no reason to enumerate all XATTRs since they
differ only in the prefix and we can construct them in a loop.

Secondly, and more importantly, the script was still looking for
just one prefix "trusted.libvirt.security" even on FreeBSD.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Cole Robinson <crobinso@redhat.com>
Reviewed-by: Daniel P. Berrang=C3=A9 <berrange@redhat.com>
---
 tools/libvirt_recover_xattrs.sh | 50 ++++++++++++++++-----------------
 1 file changed, 25 insertions(+), 25 deletions(-)

diff --git a/tools/libvirt_recover_xattrs.sh b/tools/libvirt_recover_xattrs=
.sh
index 69dfca0160..58f02f8dfb 100755
--- a/tools/libvirt_recover_xattrs.sh
+++ b/tools/libvirt_recover_xattrs.sh
@@ -23,14 +23,16 @@ EOF
=20
 QUIET=3D0
 DRY_RUN=3D0
-P=3D"/"
+DIR=3D"/"
=20
 # So far only qemu and lxc drivers use security driver.
 URI=3D("qemu:///system"
-     "qemu:///session"
      "lxc:///system")
=20
-LIBVIRT_XATTR_PREFIX=3D"trusted.libvirt.security"
+# On Linux we use 'trusted' namespace, on FreeBSD we use 'system'
+# as there is no 'trusted'.
+LIBVIRT_XATTR_PREFIXES=3D("trusted.libvirt.security"
+                        "system.libvirt.security")
=20
 if [ `whoami` !=3D "root" ]; then
     die "Must be run as root"
@@ -57,7 +59,7 @@ done
=20
 shift $((OPTIND - 1))
 if [ $# -gt 0 ]; then
-    P=3D$1
+    DIR=3D$1
 fi
=20
 if [ ${DRY_RUN} -eq 0 ]; then
@@ -69,28 +71,26 @@ if [ ${DRY_RUN} -eq 0 ]; then
 fi
=20
=20
-# On Linux we use 'trusted' namespace, on FreeBSD we use 'system'
-# as there is no 'trusted'.
-XATTRS=3D("trusted.libvirt.security.dac"
-        "trusted.libvirt.security.ref_dac"
-        "trusted.libvirt.security.selinux"
-        "trusted.libvirt.security.ref_selinux",
-        "system.libvirt.security.dac"
-        "system.libvirt.security.ref_dac"
-        "system.libvirt.security.selinux"
-        "system.libvirt.security.ref_selinux")
+declare -a XATTRS
+for i in "dac" "selinux"; do
+    for p in ${LIBVIRT_XATTR_PREFIXES[@]}; do
+        XATTRS+=3D("$p.$i" "$p.ref_$i")
+    done
+done
=20
-for i in $(getfattr -R -d -m ${LIBVIRT_XATTR_PREFIX} --absolute-names ${P}=
 2>/dev/null | grep "^# file:" | cut -d':' -f 2); do
-    if [ ${DRY_RUN} -ne 0 ]; then
-        echo $i
-        getfattr -d -m ${LIBVIRT_XATTR_PREFIX} $i
-        continue
-    fi
+for p in ${LIBVIRT_XATTR_PREFIXES[*]}; do
+    for i in $(getfattr -R -d -m ${p} --absolute-names ${DIR} 2>/dev/null =
| grep "^# file:" | cut -d':' -f 2); do
+        echo $i;
+        if [ ${DRY_RUN} -ne 0 ]; then
+            getfattr -d -m $p --absolute-names $i | grep -v "^# file:"
+            continue
+        fi
=20
-    if [ ${QUIET} -eq 0 ]; then
-        echo "Fixing $i";
-    fi
-    for x in ${XATTRS[*]}; do
-        setfattr -x $x $i
+        if [ ${QUIET} -eq 0 ]; then
+            echo "Fixing $i";
+        fi
+        for x in ${XATTRS[*]}; do
+            setfattr -x $x $i
+        done
     done
 done
--=20
2.21.0

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
From nobody Sun May  5 02:54:27 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1556180423; cv=none;
	d=zoho.com; s=zohoarc;
	b=Cw6cpwEzvcd+DzWX3WqYfvNB83dX6Zhd/dHOMYAHv3IpEIsCp+ZkdpkjTA+LP+1SQe2uegmIrM9Xb5PXPX9EHnKh/1IAYyvQdejCSXtDhHY4vEmkxCi+ufM5wbatiSBRSydJvJL4b75pWsRBHeaDehg01D6fuGXHE+o0OEMHNfI=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com;
 s=zohoarc;
	t=1556180423;
 h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results;
	bh=hoenoYD8KArLAfQP9FWjqahOoyIqx3x8gtAVculzLeE=;
	b=T+E5zPcsvciLw8+anWSdG8KE7vqwhPRF3kqAoNTLVXWLZ4kMUgjB0NEMdjZC75QVUujPNjIcr9F7Rd+v58/ghEGUIViVesjLznzoc9hfMMzkaG9ksG/i/ZWzOPwjrX4HdnGZJOEr9obhFZAzVksgIJ4bi1t+TGyh3mAKufD3Q18=
ARC-Authentication-Results: i=1; mx.zoho.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from=<mprivozn@redhat.com> (p=none dis=none)
 header.from=<mprivozn@redhat.com>
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1556180423218134.13109635167746;
 Thu, 25 Apr 2019 01:20:23 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com
 [10.5.11.22])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id B814281F13;
	Thu, 25 Apr 2019 08:20:21 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 667571001E71;
	Thu, 25 Apr 2019 08:20:21 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 189CD41F3F;
	Thu, 25 Apr 2019 08:20:21 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com
	[10.5.11.12])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id x3P8KEUa013882 for <libvir-list@listman.util.phx.redhat.com>;
	Thu, 25 Apr 2019 04:20:14 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id C458660C99; Thu, 25 Apr 2019 08:20:14 +0000 (UTC)
Received: from moe.brq.redhat.com (unknown [10.43.2.30])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 4E33360C8E
	for <libvir-list@redhat.com>; Thu, 25 Apr 2019 08:20:14 +0000 (UTC)
From: Michal Privoznik <mprivozn@redhat.com>
To: libvir-list@redhat.com
Date: Thu, 25 Apr 2019 10:19:45 +0200
Message-Id: 
 <e7050258da73f1c1732930502b62be45d1b96ef2.1556179410.git.mprivozn@redhat.com>
In-Reply-To: <cover.1556179410.git.mprivozn@redhat.com>
References: <cover.1556179410.git.mprivozn@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12
X-loop: libvir-list@redhat.com
Subject: [libvirt] [PATCH v4 09/25] virSecuritySELinuxRestoreAllLabel: Print
	@migrated in the debug message too
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.27]);
 Thu, 25 Apr 2019 08:20:22 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"

Just like it's DAC counterpart is doing,
virSecuritySELinuxRestoreAllLabel() could print @migrated in the
debug message.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Cole Robinson <crobinso@redhat.com>
Reviewed-by: Daniel P. Berrang=C3=A9 <berrange@redhat.com>
---
 src/security/security_selinux.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/security/security_selinux.c b/src/security/security_selinu=
x.c
index 094272e084..ec8d407351 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -2597,7 +2597,7 @@ virSecuritySELinuxRestoreAllLabel(virSecurityManagerP=
tr mgr,
     size_t i;
     int rc =3D 0;
=20
-    VIR_DEBUG("Restoring security label on %s", def->name);
+    VIR_DEBUG("Restoring security label on %s migrated=3D%d", def->name, m=
igrated);
=20
     secdef =3D virDomainDefGetSecurityLabelDef(def, SECURITY_SELINUX_NAME);
=20
--=20
2.21.0

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
From nobody Sun May  5 02:54:27 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1556180444; cv=none;
	d=zoho.com; s=zohoarc;
	b=iraf+7SHRENK2x/aIcn1S6HyS8kwuTx5tfdU2RmNbV8TtumsieWDvYlUQYi/HXCEBYmffF3BlCBIQl++ksmgCUiyVaiISN7sCak6PctfellOXWd6PZjJp9DGfG8dUN05a28M0R9rEPtbnokRNpGgYXjXl2dke9aZSb2zYTv0ERQ=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com;
 s=zohoarc;
	t=1556180444;
 h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results;
	bh=aPbhbGopsP7q78je5Zuz2wTkz8PpSYKoeYa91e7AVo0=;
	b=ETYiWdJxvy/gtZEzYV1DTyfPOXI1wwEy/5zy6KmCq1w0JxmQ2gXPJJEWonXwphwuwzzD4O/WuAvK2c2r3QhmGRz6Z33KaCm9opxQYMG2wfO93ulxYlr8rVRnvuJYj/MxX0/AyQcyBVSPwKVyp27Y7NdCMVA8MlI8z1D8Eas4hAo=
ARC-Authentication-Results: i=1; mx.zoho.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from=<mprivozn@redhat.com> (p=none dis=none)
 header.from=<mprivozn@redhat.com>
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1556180444117507.1490625986322;
 Thu, 25 Apr 2019 01:20:44 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com
 [10.5.11.15])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id ED6E7314519D;
	Thu, 25 Apr 2019 08:20:37 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id C8C3D5D721;
	Thu, 25 Apr 2019 08:20:37 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 8FD033FA48;
	Thu, 25 Apr 2019 08:20:37 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com
	[10.5.11.12])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id x3P8KFS2013888 for <libvir-list@listman.util.phx.redhat.com>;
	Thu, 25 Apr 2019 04:20:15 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id 940DC60C70; Thu, 25 Apr 2019 08:20:15 +0000 (UTC)
Received: from moe.brq.redhat.com (unknown [10.43.2.30])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 1DC9460C8E
	for <libvir-list@redhat.com>; Thu, 25 Apr 2019 08:20:14 +0000 (UTC)
From: Michal Privoznik <mprivozn@redhat.com>
To: libvir-list@redhat.com
Date: Thu, 25 Apr 2019 10:19:46 +0200
Message-Id: 
 <3b75a066e4711a4712cc14ed1e1e2284cd791184.1556179410.git.mprivozn@redhat.com>
In-Reply-To: <cover.1556179410.git.mprivozn@redhat.com>
References: <cover.1556179410.git.mprivozn@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12
X-loop: libvir-list@redhat.com
Subject: [libvirt] [PATCH v4 10/25] virfile: Make virFileGetXAttr report
	errors
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.49]);
 Thu, 25 Apr 2019 08:20:38 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"

The way that security drivers use XATTR is kind of verbose. If
error reporting was left for caller then the caller would end up
even more verbose.

There are two places where we do not want to report error if
virFileGetXAttr fails. Therefore virFileGetXAttrQuiet is
introduced as an alternative that doesn't report errors.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Cole Robinson <crobinso@redhat.com>
Reviewed-by: Daniel P. Berrang=C3=A9 <berrange@redhat.com>
---
 src/libvirt_private.syms     |  1 +
 src/security/security_util.c |  4 ++--
 src/util/virfile.c           | 42 ++++++++++++++++++++++++++++++------
 src/util/virfile.h           |  5 +++++
 tests/qemusecuritymock.c     |  6 +++---
 5 files changed, 46 insertions(+), 12 deletions(-)

diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index a03cf0b645..5368392882 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -1885,6 +1885,7 @@ virFileGetHugepageSize;
 virFileGetMountReverseSubtree;
 virFileGetMountSubtree;
 virFileGetXAttr;
+virFileGetXAttrQuiet;
 virFileInData;
 virFileIsAbsPath;
 virFileIsCDROM;
diff --git a/src/security/security_util.c b/src/security/security_util.c
index bfa78c6cca..f09a18a623 100644
--- a/src/security/security_util.c
+++ b/src/security/security_util.c
@@ -123,7 +123,7 @@ virSecurityGetRememberedLabel(const char *name,
     if (!(ref_name =3D virSecurityGetRefCountAttrName(name)))
         goto cleanup;
=20
-    if (virFileGetXAttr(path, ref_name, &value) < 0) {
+    if (virFileGetXAttrQuiet(path, ref_name, &value) < 0) {
         if (errno =3D=3D ENOSYS || errno =3D=3D ENODATA || errno =3D=3D EN=
OTSUP) {
             ret =3D 0;
         } else {
@@ -208,7 +208,7 @@ virSecuritySetRememberedLabel(const char *name,
     if (!(ref_name =3D virSecurityGetRefCountAttrName(name)))
         goto cleanup;
=20
-    if (virFileGetXAttr(path, ref_name, &value) < 0) {
+    if (virFileGetXAttrQuiet(path, ref_name, &value) < 0) {
         if (errno =3D=3D ENOSYS || errno =3D=3D ENOTSUP) {
             ret =3D 0;
             goto cleanup;
diff --git a/src/util/virfile.c b/src/util/virfile.c
index f7415cf633..00f69dce69 100644
--- a/src/util/virfile.c
+++ b/src/util/virfile.c
@@ -4364,7 +4364,7 @@ virFileWaitForExists(const char *path,
=20
 #if HAVE_LIBATTR
 /**
- * virFileGetXAttr;
+ * virFileGetXAttrQuiet;
  * @path: a filename
  * @name: name of xattr
  * @value: read value
@@ -4376,9 +4376,9 @@ virFileWaitForExists(const char *path,
  *         -1 otherwise (with errno set).
  */
 int
-virFileGetXAttr(const char *path,
-                const char *name,
-                char **value)
+virFileGetXAttrQuiet(const char *path,
+                     const char *name,
+                     char **value)
 {
     char *buf =3D NULL;
     int ret =3D -1;
@@ -4451,9 +4451,9 @@ virFileRemoveXAttr(const char *path,
 #else /* !HAVE_LIBATTR */
=20
 int
-virFileGetXAttr(const char *path ATTRIBUTE_UNUSED,
-                const char *name ATTRIBUTE_UNUSED,
-                char **value ATTRIBUTE_UNUSED)
+virFileGetXAttrQuiet(const char *path ATTRIBUTE_UNUSED,
+                     const char *name ATTRIBUTE_UNUSED,
+                     char **value ATTRIBUTE_UNUSED)
 {
     errno =3D ENOSYS;
     return -1;
@@ -4477,3 +4477,31 @@ virFileRemoveXAttr(const char *path ATTRIBUTE_UNUSED,
 }
=20
 #endif /* HAVE_LIBATTR */
+
+/**
+ * virFileGetXAttr;
+ * @path: a filename
+ * @name: name of xattr
+ * @value: read value
+ *
+ * Reads xattr with @name for given @path and stores it into
+ * @value. Caller is responsible for freeing @value.
+ *
+ * Returns: 0 on success,
+ *         -1 otherwise (with errno set AND error reported).
+ */
+int
+virFileGetXAttr(const char *path,
+                const char *name,
+                char **value)
+{
+    int ret;
+
+    if ((ret =3D virFileGetXAttrQuiet(path, name, value)) < 0) {
+        virReportSystemError(errno,
+                             _("Unable to get XATTR %s on %s"),
+                             name, path);
+    }
+
+    return ret;
+}
diff --git a/src/util/virfile.h b/src/util/virfile.h
index 641960e2ca..1cd6dfc789 100644
--- a/src/util/virfile.h
+++ b/src/util/virfile.h
@@ -384,6 +384,11 @@ int virFileGetXAttr(const char *path,
                     char **value)
     ATTRIBUTE_NOINLINE;
=20
+int virFileGetXAttrQuiet(const char *path,
+                         const char *name,
+                         char **value)
+    ATTRIBUTE_NOINLINE;
+
 int virFileSetXAttr(const char *path,
                     const char *name,
                     const char *value)
diff --git a/tests/qemusecuritymock.c b/tests/qemusecuritymock.c
index 815bd44d76..e219a9f023 100644
--- a/tests/qemusecuritymock.c
+++ b/tests/qemusecuritymock.c
@@ -126,9 +126,9 @@ get_key(const char *path,
=20
=20
 int
-virFileGetXAttr(const char *path,
-                const char *name,
-                char **value)
+virFileGetXAttrQuiet(const char *path,
+                     const char *name,
+                     char **value)
 {
     int ret =3D -1;
     char *key;
--=20
2.21.0

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
From nobody Sun May  5 02:54:27 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1556180430; cv=none;
	d=zoho.com; s=zohoarc;
	b=ez343+O++KbVwVw2W5oK1HhyHOYqvlubXqGop/DDPvmyct4TZX0piNBHmI9CdJw7l5AoYJ9QTisqqVmb9rtPPPnPXm63Ni2q1TJgsOV4M8K650R19XzgK0q6mfMwpgZuRl3i6TeBN7S7++52cLm57t1XXwD2gU72OKZSVPpFPlg=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com;
 s=zohoarc;
	t=1556180430;
 h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results;
	bh=ZFGUuw0jdF5Y/HL7XyRR5E+XOM7Pzg2nAiy4Auq8cz8=;
	b=j670Pm2oxJ7QffeNDdoyBI5qV8s5b3auGQSjiTzgxdvxpReLKv6qMcZl2U4QJvrHCoUvo0KUE/JHUdpatmd4MbfELO/Hu/eOpQK4cHlWmlCyciWWGqHJ+BXeVHOAdik9z7n0lwh+mw/HPxcF//FIdIXVmjYCRGGvYGHAtaQLxcE=
ARC-Authentication-Results: i=1; mx.zoho.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from=<mprivozn@redhat.com> (p=none dis=none)
 header.from=<mprivozn@redhat.com>
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1556180430148352.19408026539406;
 Thu, 25 Apr 2019 01:20:30 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com
 [10.5.11.13])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id EE06D3144D80;
	Thu, 25 Apr 2019 08:20:28 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id C8122648BF;
	Thu, 25 Apr 2019 08:20:28 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 903563FB12;
	Thu, 25 Apr 2019 08:20:28 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com
	[10.5.11.12])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id x3P8KG6p013895 for <libvir-list@listman.util.phx.redhat.com>;
	Thu, 25 Apr 2019 04:20:16 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id 639C760C70; Thu, 25 Apr 2019 08:20:16 +0000 (UTC)
Received: from moe.brq.redhat.com (unknown [10.43.2.30])
	by smtp.corp.redhat.com (Postfix) with ESMTP id E109E60C8E
	for <libvir-list@redhat.com>; Thu, 25 Apr 2019 08:20:15 +0000 (UTC)
From: Michal Privoznik <mprivozn@redhat.com>
To: libvir-list@redhat.com
Date: Thu, 25 Apr 2019 10:19:47 +0200
Message-Id: 
 <53f2bc6ed03d8d1a0eb10095e6c21bd396d39a78.1556179410.git.mprivozn@redhat.com>
In-Reply-To: <cover.1556179410.git.mprivozn@redhat.com>
References: <cover.1556179410.git.mprivozn@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12
X-loop: libvir-list@redhat.com
Subject: [libvirt] [PATCH v4 11/25] virFileSetXAttr: Report error on failure
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.49]);
 Thu, 25 Apr 2019 08:20:29 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"

It's better to have the function report errors, because none of
the callers does.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Cole Robinson <crobinso@redhat.com>
Reviewed-by: Daniel P. Berrang=C3=A9 <berrange@redhat.com>
---
 src/util/virfile.c | 18 ++++++++++++++----
 1 file changed, 14 insertions(+), 4 deletions(-)

diff --git a/src/util/virfile.c b/src/util/virfile.c
index 00f69dce69..75ec9e0bd8 100644
--- a/src/util/virfile.c
+++ b/src/util/virfile.c
@@ -4421,14 +4421,21 @@ virFileGetXAttrQuiet(const char *path,
  * Sets xattr of @name and @value on @path.
  *
  * Returns: 0 on success,
- *         -1 otherwise (with errno set).
+ *         -1 otherwise (with errno set AND error reported).
  */
 int
 virFileSetXAttr(const char *path,
                 const char *name,
                 const char *value)
 {
-    return setxattr(path, name, value, strlen(value), 0);
+    if (setxattr(path, name, value, strlen(value), 0) < 0) {
+        virReportSystemError(errno,
+                             _("Unable to set XATTR %s on %s"),
+                             name, path);
+        return -1;
+    }
+
+    return 0;
 }
=20
 /**
@@ -4460,11 +4467,14 @@ virFileGetXAttrQuiet(const char *path ATTRIBUTE_UNU=
SED,
 }
=20
 int
-virFileSetXAttr(const char *path ATTRIBUTE_UNUSED,
-                const char *name ATTRIBUTE_UNUSED,
+virFileSetXAttr(const char *path,
+                const char *name,
                 const char *value ATTRIBUTE_UNUSED)
 {
     errno =3D ENOSYS;
+    virReportSystemError(errno,
+                         _("Unable to set XATTR %s on %s"),
+                         name, path);
     return -1;
 }
=20
--=20
2.21.0

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
From nobody Sun May  5 02:54:27 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1556180426; cv=none;
	d=zoho.com; s=zohoarc;
	b=c+6Fx9nJLJfSG6KqUm5Hyx5BohJAnaHNSoThQPNMsdhtyhA/eMW8SsTANrKWnLViS05ue3XLuKy+yM6q+E5+ZIWdS1qA7QvjYSle/sKwPWNZGXhcm83UfzL+MgETJpmmDHB0x2e4QQJMBGI5GtggkEsSedhq5dcdCk14UhAjvSE=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com;
 s=zohoarc;
	t=1556180426;
 h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results;
	bh=8h7wvLcTEMuuFFXbDYFYVXqNi0h59sslvJLMSyYgkw4=;
	b=gDxTrSe5NztkBzpI36+u5uC4BPCdoQymVyVXDIiQpRBDAK7nqJgoMqoiku+Vad0/pZOKV8OcHblrYdlkt3vBkCUXHllxIcuVvIwgSXe+or3AugT4ANK4Sg51uwM18VG5VBS/4+T/lIIBKXVvgBIfKNfd13XtW6yPIdfCzP4WUwc=
ARC-Authentication-Results: i=1; mx.zoho.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from=<mprivozn@redhat.com> (p=none dis=none)
 header.from=<mprivozn@redhat.com>
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1556180426662377.5265261464633;
 Thu, 25 Apr 2019 01:20:26 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com
 [10.5.11.11])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id 7325C30882A5;
	Thu, 25 Apr 2019 08:20:25 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 40F7F60143;
	Thu, 25 Apr 2019 08:20:25 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 04143181B9F2;
	Thu, 25 Apr 2019 08:20:25 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com
	[10.5.11.12])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id x3P8KH85013905 for <libvir-list@listman.util.phx.redhat.com>;
	Thu, 25 Apr 2019 04:20:17 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id 33F7D60C8E; Thu, 25 Apr 2019 08:20:17 +0000 (UTC)
Received: from moe.brq.redhat.com (unknown [10.43.2.30])
	by smtp.corp.redhat.com (Postfix) with ESMTP id B174560C70
	for <libvir-list@redhat.com>; Thu, 25 Apr 2019 08:20:16 +0000 (UTC)
From: Michal Privoznik <mprivozn@redhat.com>
To: libvir-list@redhat.com
Date: Thu, 25 Apr 2019 10:19:48 +0200
Message-Id: 
 <4ea9e7dc0015b2e48a1de862a705739ddccac85c.1556179410.git.mprivozn@redhat.com>
In-Reply-To: <cover.1556179410.git.mprivozn@redhat.com>
References: <cover.1556179410.git.mprivozn@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12
X-loop: libvir-list@redhat.com
Subject: [libvirt] [PATCH v4 12/25] virFileRemoveXAttr: Report error on
	failure
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.45]);
 Thu, 25 Apr 2019 08:20:25 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"

It's better to have the function report errors, because none of
the callers does.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Cole Robinson <crobinso@redhat.com>
Reviewed-by: Daniel P. Berrang=C3=A9 <berrange@redhat.com>
---
 src/util/virfile.c | 18 ++++++++++++++----
 1 file changed, 14 insertions(+), 4 deletions(-)

diff --git a/src/util/virfile.c b/src/util/virfile.c
index 75ec9e0bd8..b351f72bef 100644
--- a/src/util/virfile.c
+++ b/src/util/virfile.c
@@ -4446,13 +4446,20 @@ virFileSetXAttr(const char *path,
  * Remove xattr of @name on @path.
  *
  * Returns: 0 on success,
- *         -1 otherwise (with errno set).
+ *         -1 otherwise (with errno set AND error reported).
  */
 int
 virFileRemoveXAttr(const char *path,
                    const char *name)
 {
-    return removexattr(path, name);
+    if (removexattr(path, name) < 0) {
+        virReportSystemError(errno,
+                             _("Unable to remove XATTR %s on %s"),
+                             name, path);
+        return -1;
+    }
+
+    return 0;
 }
=20
 #else /* !HAVE_LIBATTR */
@@ -4479,10 +4486,13 @@ virFileSetXAttr(const char *path,
 }
=20
 int
-virFileRemoveXAttr(const char *path ATTRIBUTE_UNUSED,
-                   const char *name ATTRIBUTE_UNUSED)
+virFileRemoveXAttr(const char *path,
+                   const char *name)
 {
     errno =3D ENOSYS;
+    virReportSystemError(errno,
+                         _("Unable to remove XATTR %s on %s"),
+                         name, path);
     return -1;
 }
=20
--=20
2.21.0

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
From nobody Sun May  5 02:54:27 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1556180433; cv=none;
	d=zoho.com; s=zohoarc;
	b=n5er9jX0Wgj+dTojBXMKfuyNCPKAajymJr2ZajdJD8eE5WM5ZlOOiSe/P7CpC3iCrb+lNRR51uHXyRb45xRkqgCA6NIOcHP6Xadvl0g+jRse1jZNP+R07uVUuKCBSvPCU9cNz5vVFMoIDZ9ttBVX2voX1knr5NJgVfjgBt6KyT0=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com;
 s=zohoarc;
	t=1556180433;
 h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results;
	bh=5htR9PenIQWScbtyBDOOWjBVznQNLnvvhjaQsIan95Y=;
	b=eyKcQrFUf9pGojjoE2/FCQVnzT+yxr6kYzjX7cjL8psAxDYHPm2Ak+MLykVlmFgFActtkoIGw8/ncSsftQuIEvt6T9pG2V5pUFZzyMa9BBaJrV5LFFyLrAh0+wvsDjYmbPYBiKyVAPBqfYwPpk3Xo1ZjLQPXnfVuxeEOsLq/14A=
ARC-Authentication-Results: i=1; mx.zoho.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from=<mprivozn@redhat.com> (p=none dis=none)
 header.from=<mprivozn@redhat.com>
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1556180433495671.7526417618421;
 Thu, 25 Apr 2019 01:20:33 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com
 [10.5.11.14])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id 5E020C02493B;
	Thu, 25 Apr 2019 08:20:32 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 350345D9CD;
	Thu, 25 Apr 2019 08:20:32 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id EAA97181BA07;
	Thu, 25 Apr 2019 08:20:31 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com
	[10.5.11.12])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id x3P8KIYi013915 for <libvir-list@listman.util.phx.redhat.com>;
	Thu, 25 Apr 2019 04:20:18 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id 0396260C70; Thu, 25 Apr 2019 08:20:18 +0000 (UTC)
Received: from moe.brq.redhat.com (unknown [10.43.2.30])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 80FFA60C8E
	for <libvir-list@redhat.com>; Thu, 25 Apr 2019 08:20:17 +0000 (UTC)
From: Michal Privoznik <mprivozn@redhat.com>
To: libvir-list@redhat.com
Date: Thu, 25 Apr 2019 10:19:49 +0200
Message-Id: 
 <76a71926c50cc9cd16a493b8b73937aec934d084.1556179410.git.mprivozn@redhat.com>
In-Reply-To: <cover.1556179410.git.mprivozn@redhat.com>
References: <cover.1556179410.git.mprivozn@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12
X-loop: libvir-list@redhat.com
Subject: [libvirt] [PATCH v4 13/25] security: Don't skip label restore on
	file systems lacking XATTRs
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.32]);
 Thu, 25 Apr 2019 08:20:32 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"

The way that virSecurityDACRecallLabel is currently written is
that if XATTRs are not supported for given path to the caller
this is not different than if the path is still in use. The value
of 1 is returned which makes secdrivers skip label restore.
This is clearly a bug as we are not restoring labels on say NFS
even though previously we were.

Strictly speaking, changes to virSecurityDACRememberLabel are not
needed, but they are done anyway so that getter and setter behave
in the same fashion.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Cole Robinson <crobinso@redhat.com>
Reviewed-by: Daniel P. Berrang=C3=A9 <berrange@redhat.com>
---
 src/security/security_dac.c     | 18 ++++++++++++------
 src/security/security_selinux.c | 21 +++++++++++++++------
 src/security/security_util.c    |  6 ++++--
 3 files changed, 31 insertions(+), 14 deletions(-)

diff --git a/src/security/security_dac.c b/src/security/security_dac.c
index 3c21dbbddb..300c383dd5 100644
--- a/src/security/security_dac.c
+++ b/src/security/security_dac.c
@@ -458,10 +458,11 @@ virSecurityDACRecallLabel(virSecurityDACDataPtr priv =
ATTRIBUTE_UNUSED,
 {
     char *label;
     int ret =3D -1;
+    int rv;
=20
-    if (virSecurityGetRememberedLabel(SECURITY_DAC_NAME,
-                                      path, &label) < 0)
-        goto cleanup;
+    rv =3D virSecurityGetRememberedLabel(SECURITY_DAC_NAME, path, &label);
+    if (rv < 0)
+        return rv;
=20
     if (!label)
         return 1;
@@ -760,7 +761,9 @@ virSecurityDACSetOwnership(virSecurityManagerPtr mgr,
         }
=20
         refcount =3D virSecurityDACRememberLabel(priv, path, sb.st_uid, sb=
.st_gid);
-        if (refcount < 0) {
+        if (refcount =3D=3D -2) {
+            /* Not supported. Don't error though. */
+        } else if (refcount < 0) {
             return -1;
         } else if (refcount > 1) {
             /* Refcount is greater than 1 which means that there
@@ -827,10 +830,13 @@ virSecurityDACRestoreFileLabelInternal(virSecurityMan=
agerPtr mgr,
=20
     if (recall && path) {
         rv =3D virSecurityDACRecallLabel(priv, path, &uid, &gid);
-        if (rv < 0)
+        if (rv =3D=3D -2) {
+            /* Not supported. Don't error though. */
+        } else if (rv < 0) {
             return -1;
-        if (rv > 0)
+        } else if (rv > 0) {
             return 0;
+        }
     }
=20
     VIR_INFO("Restoring DAC user and group on '%s' to %ld:%ld",
diff --git a/src/security/security_selinux.c b/src/security/security_selinu=
x.c
index ec8d407351..ff54d47e23 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -207,9 +207,11 @@ static int
 virSecuritySELinuxRecallLabel(const char *path,
                               security_context_t *con)
 {
-    if (virSecurityGetRememberedLabel(SECURITY_SELINUX_NAME,
-                                      path, con) < 0)
-        return -1;
+    int rv;
+
+    rv =3D virSecurityGetRememberedLabel(SECURITY_SELINUX_NAME, path, con);
+    if (rv < 0)
+        return rv;
=20
     if (!*con)
         return 1;
@@ -1337,7 +1339,9 @@ virSecuritySELinuxSetFileconHelper(virSecurityManager=
Ptr mgr,
=20
         if (econ) {
             refcount =3D virSecuritySELinuxRememberLabel(path, econ);
-            if (refcount < 0) {
+            if (refcount =3D=3D -2) {
+                /* Not supported. Don't error though. */
+            } else if (refcount < 0) {
                 goto cleanup;
             } else if (refcount > 1) {
                 /* Refcount is greater than 1 which means that there
@@ -1485,13 +1489,18 @@ virSecuritySELinuxRestoreFileLabel(virSecurityManag=
erPtr mgr,
     }
=20
     if (recall) {
-        if ((rc =3D virSecuritySELinuxRecallLabel(newpath, &fcon)) < 0) {
+        rc =3D virSecuritySELinuxRecallLabel(newpath, &fcon);
+        if (rc =3D=3D -2) {
+            /* Not supported. Lookup the default label below. */
+        } else if (rc < 0) {
             goto cleanup;
         } else if (rc > 0) {
             ret =3D 0;
             goto cleanup;
         }
-    } else {
+    }
+
+    if (!recall || rc =3D=3D -2) {
         if (stat(newpath, &buf) !=3D 0) {
             VIR_WARN("cannot stat %s: %s", newpath,
                      virStrerror(errno, ebuf, sizeof(ebuf)));
diff --git a/src/security/security_util.c b/src/security/security_util.c
index f09a18a623..3c24d7cded 100644
--- a/src/security/security_util.c
+++ b/src/security/security_util.c
@@ -105,6 +105,7 @@ virSecurityGetRefCountAttrName(const char *name ATTRIBU=
TE_UNUSED)
  * zero) and returns zero.
  *
  * Returns: 0 on success,
+ *         -2 if underlying file system doesn't support XATTRs,
  *         -1 otherwise (with error reported)
  */
 int
@@ -125,7 +126,7 @@ virSecurityGetRememberedLabel(const char *name,
=20
     if (virFileGetXAttrQuiet(path, ref_name, &value) < 0) {
         if (errno =3D=3D ENOSYS || errno =3D=3D ENODATA || errno =3D=3D EN=
OTSUP) {
-            ret =3D 0;
+            ret =3D -2;
         } else {
             virReportSystemError(errno,
                                  _("Unable to get XATTR %s on %s"),
@@ -192,6 +193,7 @@ virSecurityGetRememberedLabel(const char *name,
  * See also virSecurityGetRememberedLabel.
  *
  * Returns: the new refcount value on success,
+ *         -2 if underlying file system doesn't support XATTRs,
  *         -1 otherwise (with error reported)
  */
 int
@@ -210,7 +212,7 @@ virSecuritySetRememberedLabel(const char *name,
=20
     if (virFileGetXAttrQuiet(path, ref_name, &value) < 0) {
         if (errno =3D=3D ENOSYS || errno =3D=3D ENOTSUP) {
-            ret =3D 0;
+            ret =3D -2;
             goto cleanup;
         } else if (errno !=3D ENODATA) {
             virReportSystemError(errno,
--=20
2.21.0

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
From nobody Sun May  5 02:54:27 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1556180443; cv=none;
	d=zoho.com; s=zohoarc;
	b=jxQZxQkZMv+ZufycsI5NeHVxz2YRReM8zQYz2oRCOyO56f5VFtTMRWmTGVPczVfk2BApeSHUX0FNo6V3VH3e7CycnAYKjfC0aAipC1P0vPUGC24q296JihLb/2EjX/6ivpGba1HL4UK4afk4I/K2x149XYOXE6HrkCKjosNVESI=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com;
 s=zohoarc;
	t=1556180443;
 h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results;
	bh=2qCT8VPJYEsR8o1Xq7H5SEgAfXOhtMVt5bVI0FYosSQ=;
	b=cZror94e75vG1CmpGAXi+KBp/aMKkWGC9Y/S7fO1eb381Od+dooc1aSVOd4UPOnOJ3atPw6w3F9YUyFjtdVbjcY6RsYY0WiFsrQMoe7MV9JDJnrGs0n8RTBkCRrswGU5r3Iihxg6eJpJI+TkRWnoa44XF3ZnZomDCR8atYOs0FA=
ARC-Authentication-Results: i=1; mx.zoho.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from=<mprivozn@redhat.com> (p=none dis=none)
 header.from=<mprivozn@redhat.com>
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1556180443905846.6158023541145;
 Thu, 25 Apr 2019 01:20:43 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com
 [10.5.11.23])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id 7158A30BCE55;
	Thu, 25 Apr 2019 08:20:42 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 96A6C17A70;
	Thu, 25 Apr 2019 08:20:41 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id E2995181BA0A;
	Thu, 25 Apr 2019 08:20:40 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com
	[10.5.11.12])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id x3P8KIGk013925 for <libvir-list@listman.util.phx.redhat.com>;
	Thu, 25 Apr 2019 04:20:18 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id C8DD160C70; Thu, 25 Apr 2019 08:20:18 +0000 (UTC)
Received: from moe.brq.redhat.com (unknown [10.43.2.30])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 50C7960C8E
	for <libvir-list@redhat.com>; Thu, 25 Apr 2019 08:20:18 +0000 (UTC)
From: Michal Privoznik <mprivozn@redhat.com>
To: libvir-list@redhat.com
Date: Thu, 25 Apr 2019 10:19:50 +0200
Message-Id: 
 <a68101dec3f6f2b854a28853e973756ebcdf9464.1556179410.git.mprivozn@redhat.com>
In-Reply-To: <cover.1556179410.git.mprivozn@redhat.com>
References: <cover.1556179410.git.mprivozn@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12
X-loop: libvir-list@redhat.com
Subject: [libvirt] [PATCH v4 14/25] security: Document @restore member of
	transaction list
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.43]);
 Thu, 25 Apr 2019 08:20:43 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"

Both DAC and SELinux drivers support transactions. Each item on
the transaction list consists of various variables and @restore
is one of them. Document it so that as the list of variables grow
it's easier to spot which variable does what.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Cole Robinson <crobinso@redhat.com>
Reviewed-by: Daniel P. Berrang=C3=A9 <berrange@redhat.com>
---
 src/security/security_dac.c     | 5 ++++-
 src/security/security_selinux.c | 5 ++++-
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/src/security/security_dac.c b/src/security/security_dac.c
index 300c383dd5..c19421fa8f 100644
--- a/src/security/security_dac.c
+++ b/src/security/security_dac.c
@@ -79,7 +79,7 @@ struct _virSecurityDACChownItem {
     const virStorageSource *src;
     uid_t uid;
     gid_t gid;
-    bool restore;
+    bool restore; /* Whether current operation is 'set' or 'restore' */
 };
=20
 typedef struct _virSecurityDACChownList virSecurityDACChownList;
@@ -155,8 +155,11 @@ virSecurityDACChownListFree(void *opaque)
  * @src: disk source to chown
  * @uid: user ID
  * @gid: group ID
+ * @restore: if current operation is set or restore
  *
  * Appends an entry onto transaction list.
+ * The @restore should be true if the operation is restoring
+ * seclabel and false otherwise.
  *
  * Returns: 1 in case of successful append
  *          0 if there is no transaction enabled
diff --git a/src/security/security_selinux.c b/src/security/security_selinu=
x.c
index ff54d47e23..38f4e3afd8 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -82,7 +82,7 @@ struct _virSecuritySELinuxContextItem {
     char *path;
     char *tcon;
     bool optional;
-    bool restore;
+    bool restore; /* Whether current operation is 'set' or 'restore' */
 };
=20
 typedef struct _virSecuritySELinuxContextList virSecuritySELinuxContextLis=
t;
@@ -168,8 +168,11 @@ virSecuritySELinuxContextListFree(void *opaque)
  * @path: Path to chown
  * @tcon: target context
  * @optional: true if setting @tcon is optional
+ * @restore: if current operation is set or restore
  *
  * Appends an entry onto transaction list.
+ * The @restore should be true if the operation is restoring
+ * seclabel and false otherwise.
  *
  * Returns: 1 in case of successful append
  *          0 if there is no transaction enabled
--=20
2.21.0

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
From nobody Sun May  5 02:54:27 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1556180446; cv=none;
	d=zoho.com; s=zohoarc;
	b=NnbOOAYVYd7H3aidISfqAM6/grSvMM+WY160UfysViBTDlMXHqvDy9dpEzW2W24xHITTNdAIueSbU5tuWBymXY8v7LG/EmIMoB103+Vz0tYFlDS74TWKxXN0c/aQTcP+a2lJKL/0M8B+TJG1kzmWXwU3GnQ4OqIF4jEYoXoy3KU=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com;
 s=zohoarc;
	t=1556180446;
 h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results;
	bh=Tq9ug51l8urHrnvB2OLxqGfclfwgyRMRURb4OInmb2k=;
	b=YSaZVulOW0aGV8gbQ38K86ipPzk0tZChz4BvRV8sMyp/20ifwg/u+2o3vCdRf5Z/OFo2wMuUtcLKYwI70a37EJpAqCuc9LHWeqStN1Ao+EywRbXnODeSlksyGN+oxmjNFpwfuRxaZiPJY45j/RMjrdvlMvTbZgNnq2a2DdTIqMg=
ARC-Authentication-Results: i=1; mx.zoho.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from=<mprivozn@redhat.com> (p=none dis=none)
 header.from=<mprivozn@redhat.com>
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1556180446959815.4431089171769;
 Thu, 25 Apr 2019 01:20:46 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com
 [10.5.11.22])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id A407330ABF35;
	Thu, 25 Apr 2019 08:20:45 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id EDD081001E92;
	Thu, 25 Apr 2019 08:20:44 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id AA8DD181BA11;
	Thu, 25 Apr 2019 08:20:44 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com
	[10.5.11.12])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id x3P8KJIE013932 for <libvir-list@listman.util.phx.redhat.com>;
	Thu, 25 Apr 2019 04:20:19 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id 988C460C70; Thu, 25 Apr 2019 08:20:19 +0000 (UTC)
Received: from moe.brq.redhat.com (unknown [10.43.2.30])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 21A0960BE5
	for <libvir-list@redhat.com>; Thu, 25 Apr 2019 08:20:18 +0000 (UTC)
From: Michal Privoznik <mprivozn@redhat.com>
To: libvir-list@redhat.com
Date: Thu, 25 Apr 2019 10:19:51 +0200
Message-Id: 
 <d9c561abd780b1131c5d33951798bc00ebcdc5c0.1556179410.git.mprivozn@redhat.com>
In-Reply-To: <cover.1556179410.git.mprivozn@redhat.com>
References: <cover.1556179410.git.mprivozn@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12
X-loop: libvir-list@redhat.com
Subject: [libvirt] [PATCH v4 15/25] security_dac: Allow caller to suppress
	owner remembering
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.40]);
 Thu, 25 Apr 2019 08:20:46 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"

One caller in particular (virSecurityDACSetImageLabelInternal)
will want to have the feature turned on only in some cases.
Introduce @remember member to _virSecurityDACChownItem to track
whether caller wants to do owner remembering or not.
The actual remembering is then enabled if both caller wanted it
and the feature is turned on in the config file.

Technically, we could skip over paths that don't have remember
enabled when creating a list of paths to lock. We won't touch
their XATTRs after all. Well, I rather play it safe and keep them
on the locking list for now.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Cole Robinson <crobinso@redhat.com>
Reviewed-by: Daniel P. Berrang=C3=A9 <berrange@redhat.com>
---
 src/security/security_dac.c | 63 ++++++++++++++++++++++---------------
 1 file changed, 37 insertions(+), 26 deletions(-)

diff --git a/src/security/security_dac.c b/src/security/security_dac.c
index c19421fa8f..a39dae5226 100644
--- a/src/security/security_dac.c
+++ b/src/security/security_dac.c
@@ -79,6 +79,7 @@ struct _virSecurityDACChownItem {
     const virStorageSource *src;
     uid_t uid;
     gid_t gid;
+    bool remember; /* Whether owner remembering should be done for @path/@=
src */
     bool restore; /* Whether current operation is 'set' or 'restore' */
 };
=20
@@ -100,6 +101,7 @@ virSecurityDACChownListAppend(virSecurityDACChownListPt=
r list,
                               const virStorageSource *src,
                               uid_t uid,
                               gid_t gid,
+                              bool remember,
                               bool restore)
 {
     int ret =3D -1;
@@ -116,6 +118,7 @@ virSecurityDACChownListAppend(virSecurityDACChownListPt=
r list,
     item->src =3D src;
     item->uid =3D uid;
     item->gid =3D gid;
+    item->remember =3D remember;
     item->restore =3D restore;
=20
     if (VIR_APPEND_ELEMENT(list->items, list->nItems, item) < 0)
@@ -155,9 +158,12 @@ virSecurityDACChownListFree(void *opaque)
  * @src: disk source to chown
  * @uid: user ID
  * @gid: group ID
+ * @remember: if the original owner should be recorded/recalled
  * @restore: if current operation is set or restore
  *
  * Appends an entry onto transaction list.
+ * The @remember should be true if caller wishes to record/recall
+ * the original owner of @path/@src.
  * The @restore should be true if the operation is restoring
  * seclabel and false otherwise.
  *
@@ -170,13 +176,15 @@ virSecurityDACTransactionAppend(const char *path,
                                 const virStorageSource *src,
                                 uid_t uid,
                                 gid_t gid,
+                                bool remember,
                                 bool restore)
 {
     virSecurityDACChownListPtr list =3D virThreadLocalGet(&chownList);
     if (!list)
         return 0;
=20
-    if (virSecurityDACChownListAppend(list, path, src, uid, gid, restore) =
< 0)
+    if (virSecurityDACChownListAppend(list, path, src,
+                                      uid, gid, remember, restore) < 0)
         return -1;
=20
     return 1;
@@ -235,6 +243,7 @@ virSecurityDACTransactionRun(pid_t pid ATTRIBUTE_UNUSED,
=20
     for (i =3D 0; i < list->nItems; i++) {
         virSecurityDACChownItemPtr item =3D list->items[i];
+        const bool remember =3D item->remember && list->lock;
=20
         if (!item->restore) {
             rv =3D virSecurityDACSetOwnership(list->manager,
@@ -242,12 +251,12 @@ virSecurityDACTransactionRun(pid_t pid ATTRIBUTE_UNUS=
ED,
                                             item->path,
                                             item->uid,
                                             item->gid,
-                                            list->lock);
+                                            remember);
         } else {
             rv =3D virSecurityDACRestoreFileLabelInternal(list->manager,
                                                         item->src,
                                                         item->path,
-                                                        list->lock);
+                                                        remember);
         }
=20
         if (rv < 0)
@@ -256,12 +265,13 @@ virSecurityDACTransactionRun(pid_t pid ATTRIBUTE_UNUS=
ED,
=20
     for (; rv < 0 && i > 0; i--) {
         virSecurityDACChownItemPtr item =3D list->items[i - 1];
+        const bool remember =3D item->remember && list->lock;
=20
         if (!item->restore) {
             virSecurityDACRestoreFileLabelInternal(list->manager,
                                                    item->src,
                                                    item->path,
-                                                   list->lock);
+                                                   remember);
         } else {
             VIR_WARN("Ignoring failed restore attempt on %s",
                      NULLSTR(item->src ? item->src->path : item->path));
@@ -752,7 +762,8 @@ virSecurityDACSetOwnership(virSecurityManagerPtr mgr,
     /* Be aware that this function might run in a separate process.
      * Therefore, any driver state changes would be thrown away. */
=20
-    if ((rc =3D virSecurityDACTransactionAppend(path, src, uid, gid, false=
)) < 0)
+    if ((rc =3D virSecurityDACTransactionAppend(path, src,
+                                              uid, gid, remember, false)) =
< 0)
         return -1;
     else if (rc > 0)
         return 0;
@@ -826,7 +837,7 @@ virSecurityDACRestoreFileLabelInternal(virSecurityManag=
erPtr mgr,
     /* Be aware that this function might run in a separate process.
      * Therefore, any driver state changes would be thrown away. */
=20
-    if ((rv =3D virSecurityDACTransactionAppend(path, src, uid, gid, true)=
) < 0)
+    if ((rv =3D virSecurityDACTransactionAppend(path, src, uid, gid, recal=
l, true)) < 0)
         return -1;
     else if (rv > 0)
         return 0;
@@ -853,7 +864,7 @@ static int
 virSecurityDACRestoreFileLabel(virSecurityManagerPtr mgr,
                                const char *path)
 {
-    return virSecurityDACRestoreFileLabelInternal(mgr, NULL, path, false);
+    return virSecurityDACRestoreFileLabelInternal(mgr, NULL, path, true);
 }
=20
=20
@@ -900,7 +911,7 @@ virSecurityDACSetImageLabelInternal(virSecurityManagerP=
tr mgr,
             return -1;
     }
=20
-    return virSecurityDACSetOwnership(mgr, src, NULL, user, group, false);
+    return virSecurityDACSetOwnership(mgr, src, NULL, user, group, true);
 }
=20
=20
@@ -967,7 +978,7 @@ virSecurityDACRestoreImageLabelInt(virSecurityManagerPt=
r mgr,
         }
     }
=20
-    return virSecurityDACRestoreFileLabelInternal(mgr, src, NULL, false);
+    return virSecurityDACRestoreFileLabelInternal(mgr, src, NULL, true);
 }
=20
=20
@@ -995,7 +1006,7 @@ virSecurityDACSetHostdevLabelHelper(const char *file,
     if (virSecurityDACGetIds(secdef, priv, &user, &group, NULL, NULL) < 0)
         return -1;
=20
-    return virSecurityDACSetOwnership(mgr, NULL, file, user, group, false);
+    return virSecurityDACSetOwnership(mgr, NULL, file, user, group, true);
 }
=20
=20
@@ -1371,7 +1382,7 @@ virSecurityDACSetChardevLabel(virSecurityManagerPtr m=
gr,
     case VIR_DOMAIN_CHR_TYPE_FILE:
         ret =3D virSecurityDACSetOwnership(mgr, NULL,
                                          dev_source->data.file.path,
-                                         user, group, false);
+                                         user, group, true);
         break;
=20
     case VIR_DOMAIN_CHR_TYPE_PIPE:
@@ -1379,12 +1390,12 @@ virSecurityDACSetChardevLabel(virSecurityManagerPtr=
 mgr,
             virAsprintf(&out, "%s.out", dev_source->data.file.path) < 0)
             goto done;
         if (virFileExists(in) && virFileExists(out)) {
-            if (virSecurityDACSetOwnership(mgr, NULL, in, user, group, fal=
se) < 0 ||
-                virSecurityDACSetOwnership(mgr, NULL, out, user, group, fa=
lse) < 0)
+            if (virSecurityDACSetOwnership(mgr, NULL, in, user, group, tru=
e) < 0 ||
+                virSecurityDACSetOwnership(mgr, NULL, out, user, group, tr=
ue) < 0)
                 goto done;
         } else if (virSecurityDACSetOwnership(mgr, NULL,
                                               dev_source->data.file.path,
-                                              user, group, false) < 0) {
+                                              user, group, true) < 0) {
             goto done;
         }
         ret =3D 0;
@@ -1399,7 +1410,7 @@ virSecurityDACSetChardevLabel(virSecurityManagerPtr m=
gr,
              * and passed via FD */
             if (virSecurityDACSetOwnership(mgr, NULL,
                                            dev_source->data.nix.path,
-                                           user, group, false) < 0)
+                                           user, group, true) < 0)
                 goto done;
         }
         ret =3D 0;
@@ -1589,7 +1600,7 @@ virSecurityDACSetGraphicsLabel(virSecurityManagerPtr =
mgr,
     if (virSecurityDACGetIds(seclabel, priv, &user, &group, NULL, NULL) < =
0)
         return -1;
=20
-    if (virSecurityDACSetOwnership(mgr, NULL, rendernode, user, group, fal=
se) < 0)
+    if (virSecurityDACSetOwnership(mgr, NULL, rendernode, user, group, tru=
e) < 0)
         return -1;
=20
     return 0;
@@ -1632,7 +1643,7 @@ virSecurityDACSetInputLabel(virSecurityManagerPtr mgr,
=20
         ret =3D virSecurityDACSetOwnership(mgr, NULL,
                                          input->source.evdev,
-                                         user, group, false);
+                                         user, group, true);
         break;
=20
     case VIR_DOMAIN_INPUT_TYPE_MOUSE:
@@ -1837,7 +1848,7 @@ virSecurityDACSetMemoryLabel(virSecurityManagerPtr mg=
r,
=20
         ret =3D virSecurityDACSetOwnership(mgr, NULL,
                                          mem->nvdimmPath,
-                                         user, group, false);
+                                         user, group, true);
         break;
=20
     case VIR_DOMAIN_MEMORY_MODEL_DIMM:
@@ -1874,7 +1885,7 @@ virSecurityDACSetSEVLabel(virSecurityManagerPtr mgr,
         return -1;
=20
     if (virSecurityDACSetOwnership(mgr, NULL, DEV_SEV,
-                                   user, group, false) < 0)
+                                   user, group, true) < 0)
         return -1;
=20
     return 0;
@@ -1961,31 +1972,31 @@ virSecurityDACSetAllLabel(virSecurityManagerPtr mgr,
     if (def->os.loader && def->os.loader->nvram &&
         virSecurityDACSetOwnership(mgr, NULL,
                                    def->os.loader->nvram,
-                                   user, group, false) < 0)
+                                   user, group, true) < 0)
         return -1;
=20
     if (def->os.kernel &&
         virSecurityDACSetOwnership(mgr, NULL,
                                    def->os.kernel,
-                                   user, group, false) < 0)
+                                   user, group, true) < 0)
         return -1;
=20
     if (def->os.initrd &&
         virSecurityDACSetOwnership(mgr, NULL,
                                    def->os.initrd,
-                                   user, group, false) < 0)
+                                   user, group, true) < 0)
         return -1;
=20
     if (def->os.dtb &&
         virSecurityDACSetOwnership(mgr, NULL,
                                    def->os.dtb,
-                                   user, group, false) < 0)
+                                   user, group, true) < 0)
         return -1;
=20
     if (def->os.slic_table &&
         virSecurityDACSetOwnership(mgr, NULL,
                                    def->os.slic_table,
-                                   user, group, false) < 0)
+                                   user, group, true) < 0)
         return -1;
=20
     return 0;
@@ -2007,7 +2018,7 @@ virSecurityDACSetSavedStateLabel(virSecurityManagerPt=
r mgr,
     if (virSecurityDACGetImageIds(secdef, priv, &user, &group) < 0)
         return -1;
=20
-    return virSecurityDACSetOwnership(mgr, NULL, savefile, user, group, fa=
lse);
+    return virSecurityDACSetOwnership(mgr, NULL, savefile, user, group, tr=
ue);
 }
=20
=20
@@ -2327,7 +2338,7 @@ virSecurityDACDomainSetPathLabel(virSecurityManagerPt=
r mgr,
     if (virSecurityDACGetIds(seclabel, priv, &user, &group, NULL, NULL) < =
0)
         return -1;
=20
-    return virSecurityDACSetOwnership(mgr, NULL, path, user, group, false);
+    return virSecurityDACSetOwnership(mgr, NULL, path, user, group, true);
 }
=20
 virSecurityDriver virSecurityDriverDAC =3D {
--=20
2.21.0

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
From nobody Sun May  5 02:54:27 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1556180450; cv=none;
	d=zoho.com; s=zohoarc;
	b=X+Lk4QLj9POGBfLDBg/Ffo8hCUsR41ImhE/tSzSefnohyXu87aSG8H269Fl+bAjcDS8cdWsrA4cNhyLXqFY121wUG8GxNdY8oh5BxbNUpj9APZqdaztuQ1utkPMF8+t+8zSbGB4qVIv5TlDNZevbaERPXRhWbW8lY4PTETb0Pqk=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com;
 s=zohoarc;
	t=1556180450;
 h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results;
	bh=fmJFIgoc2SMB0qB3R4A6uV/JQStyrbhPHgpSs/IwOiw=;
	b=mGTQJD18CsdB9fq5TV09c35zUzpRNUcoNKuoVY+HGIjvO3rJWa1EBMF7XueC1UVJI06f00PBZM6QPodv9FM9wjH5/YsvCXwY3PYZVBuD+LaJ/crsTokRgn+Hpz4Jt+60HbyEBh1FBGpZfsBE4WsiEaclx9mviRDOoL3ICE9P5EA=
ARC-Authentication-Results: i=1; mx.zoho.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from=<mprivozn@redhat.com> (p=none dis=none)
 header.from=<mprivozn@redhat.com>
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1556180450183994.5282526298832;
 Thu, 25 Apr 2019 01:20:50 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com
 [10.5.11.22])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id B69AC7F3F0;
	Thu, 25 Apr 2019 08:20:48 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 7C22A1001E9E;
	Thu, 25 Apr 2019 08:20:48 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 3D3B63FA51;
	Thu, 25 Apr 2019 08:20:48 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com
	[10.5.11.12])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id x3P8KKtg013937 for <libvir-list@listman.util.phx.redhat.com>;
	Thu, 25 Apr 2019 04:20:20 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id 8EA4D60C99; Thu, 25 Apr 2019 08:20:20 +0000 (UTC)
Received: from moe.brq.redhat.com (unknown [10.43.2.30])
	by smtp.corp.redhat.com (Postfix) with ESMTP id E575160C8E
	for <libvir-list@redhat.com>; Thu, 25 Apr 2019 08:20:19 +0000 (UTC)
From: Michal Privoznik <mprivozn@redhat.com>
To: libvir-list@redhat.com
Date: Thu, 25 Apr 2019 10:19:52 +0200
Message-Id: 
 <4ced0d08cdbc38246d56175902e62ebb16557877.1556179410.git.mprivozn@redhat.com>
In-Reply-To: <cover.1556179410.git.mprivozn@redhat.com>
References: <cover.1556179410.git.mprivozn@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12
X-loop: libvir-list@redhat.com
Subject: [libvirt] [PATCH v4 16/25] security_selinux: Allow caller to
	suppress owner remembering
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.25]);
 Thu, 25 Apr 2019 08:20:49 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"

Just like previous commit allowed to enable or disable owner
remembering for each individual path, do the same for SELinux
driver. This is going to be needed in the next commit.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Cole Robinson <crobinso@redhat.com>
Reviewed-by: Daniel P. Berrang=C3=A9 <berrange@redhat.com>
---
 src/security/security_selinux.c | 163 ++++++++++++++++++--------------
 1 file changed, 94 insertions(+), 69 deletions(-)

diff --git a/src/security/security_selinux.c b/src/security/security_selinu=
x.c
index 38f4e3afd8..3ac3b83e45 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -82,6 +82,7 @@ struct _virSecuritySELinuxContextItem {
     char *path;
     char *tcon;
     bool optional;
+    bool remember; /* Whether owner remembering should be done for @path/@=
src */
     bool restore; /* Whether current operation is 'set' or 'restore' */
 };
=20
@@ -122,6 +123,7 @@ virSecuritySELinuxContextListAppend(virSecuritySELinuxC=
ontextListPtr list,
                                     const char *path,
                                     const char *tcon,
                                     bool optional,
+                                    bool remember,
                                     bool restore)
 {
     int ret =3D -1;
@@ -134,6 +136,7 @@ virSecuritySELinuxContextListAppend(virSecuritySELinuxC=
ontextListPtr list,
         goto cleanup;
=20
     item->optional =3D optional;
+    item->remember =3D remember;
     item->restore =3D restore;
=20
     if (VIR_APPEND_ELEMENT(list->items, list->nItems, item) < 0)
@@ -168,9 +171,12 @@ virSecuritySELinuxContextListFree(void *opaque)
  * @path: Path to chown
  * @tcon: target context
  * @optional: true if setting @tcon is optional
+ * @remember: if the original owner should be recorded/recalled
  * @restore: if current operation is set or restore
  *
  * Appends an entry onto transaction list.
+ * The @remember should be true if caller wishes to record/recall
+ * the original owner of @path/@src.
  * The @restore should be true if the operation is restoring
  * seclabel and false otherwise.
  *
@@ -182,6 +188,7 @@ static int
 virSecuritySELinuxTransactionAppend(const char *path,
                                     const char *tcon,
                                     bool optional,
+                                    bool remember,
                                     bool restore)
 {
     virSecuritySELinuxContextListPtr list;
@@ -190,7 +197,8 @@ virSecuritySELinuxTransactionAppend(const char *path,
     if (!list)
         return 0;
=20
-    if (virSecuritySELinuxContextListAppend(list, path, tcon, optional, re=
store) < 0)
+    if (virSecuritySELinuxContextListAppend(list, path, tcon,
+                                            optional, remember, restore) <=
 0)
         return -1;
=20
     return 1;
@@ -276,17 +284,18 @@ virSecuritySELinuxTransactionRun(pid_t pid ATTRIBUTE_=
UNUSED,
     rv =3D 0;
     for (i =3D 0; i < list->nItems; i++) {
         virSecuritySELinuxContextItemPtr item =3D list->items[i];
+        const bool remember =3D item->remember && list->lock;
=20
         if (!item->restore) {
             rv =3D virSecuritySELinuxSetFileconHelper(list->manager,
                                                     item->path,
                                                     item->tcon,
                                                     item->optional,
-                                                    list->lock);
+                                                    remember);
         } else {
             rv =3D virSecuritySELinuxRestoreFileLabel(list->manager,
                                                     item->path,
-                                                    list->lock);
+                                                    remember);
         }
=20
         if (rv < 0)
@@ -295,11 +304,12 @@ virSecuritySELinuxTransactionRun(pid_t pid ATTRIBUTE_=
UNUSED,
=20
     for (; rv < 0 && i > 0; i--) {
         virSecuritySELinuxContextItemPtr item =3D list->items[i - 1];
+        const bool remember =3D item->remember && list->lock;
=20
         if (!item->restore) {
             virSecuritySELinuxRestoreFileLabel(list->manager,
                                                item->path,
-                                               list->lock);
+                                               remember);
         } else {
             VIR_WARN("Ignoring failed restore attempt on %s", item->path);
         }
@@ -1326,7 +1336,8 @@ virSecuritySELinuxSetFileconHelper(virSecurityManager=
Ptr mgr,
     int rc;
     int ret =3D -1;
=20
-    if ((rc =3D virSecuritySELinuxTransactionAppend(path, tcon, optional, =
false)) < 0)
+    if ((rc =3D virSecuritySELinuxTransactionAppend(path, tcon,
+                                                  optional, remember, fals=
e)) < 0)
         return -1;
     else if (rc > 0)
         return 0;
@@ -1389,16 +1400,20 @@ virSecuritySELinuxSetFileconHelper(virSecurityManag=
erPtr mgr,
=20
 static int
 virSecuritySELinuxSetFileconOptional(virSecurityManagerPtr mgr,
-                                     const char *path, const char *tcon)
+                                     const char *path,
+                                     const char *tcon,
+                                     bool remember)
 {
-    return virSecuritySELinuxSetFileconHelper(mgr, path, tcon, true, false=
);
+    return virSecuritySELinuxSetFileconHelper(mgr, path, tcon, true, remem=
ber);
 }
=20
 static int
 virSecuritySELinuxSetFilecon(virSecurityManagerPtr mgr,
-                             const char *path, const char *tcon)
+                             const char *path,
+                             const char *tcon,
+                             bool remember)
 {
-    return virSecuritySELinuxSetFileconHelper(mgr, path, tcon, false, fals=
e);
+    return virSecuritySELinuxSetFileconHelper(mgr, path, tcon, false, reme=
mber);
 }
=20
 static int
@@ -1484,7 +1499,8 @@ virSecuritySELinuxRestoreFileLabel(virSecurityManager=
Ptr mgr,
         goto cleanup;
     }
=20
-    if ((rc =3D virSecuritySELinuxTransactionAppend(path, NULL, false, tru=
e)) < 0) {
+    if ((rc =3D virSecuritySELinuxTransactionAppend(path, NULL,
+                                                  false, recall, true)) < =
0) {
         goto cleanup;
     } else if (rc > 0) {
         ret =3D 0;
@@ -1545,7 +1561,7 @@ virSecuritySELinuxSetInputLabel(virSecurityManagerPtr=
 mgr,
     switch ((virDomainInputType)input->type) {
     case VIR_DOMAIN_INPUT_TYPE_PASSTHROUGH:
         if (virSecuritySELinuxSetFilecon(mgr, input->source.evdev,
-                                         seclabel->imagelabel) < 0)
+                                         seclabel->imagelabel, true) < 0)
             return -1;
         break;
=20
@@ -1574,7 +1590,7 @@ virSecuritySELinuxRestoreInputLabel(virSecurityManage=
rPtr mgr,
=20
     switch ((virDomainInputType)input->type) {
     case VIR_DOMAIN_INPUT_TYPE_PASSTHROUGH:
-        rc =3D virSecuritySELinuxRestoreFileLabel(mgr, input->source.evdev=
, false);
+        rc =3D virSecuritySELinuxRestoreFileLabel(mgr, input->source.evdev=
, true);
         break;
=20
     case VIR_DOMAIN_INPUT_TYPE_MOUSE:
@@ -1602,7 +1618,7 @@ virSecuritySELinuxSetMemoryLabel(virSecurityManagerPt=
r mgr,
             return 0;
=20
         if (virSecuritySELinuxSetFilecon(mgr, mem->nvdimmPath,
-                                         seclabel->imagelabel) < 0)
+                                         seclabel->imagelabel, true) < 0)
             return -1;
         break;
=20
@@ -1630,7 +1646,7 @@ virSecuritySELinuxRestoreMemoryLabel(virSecurityManag=
erPtr mgr,
         if (!seclabel || !seclabel->relabel)
             return 0;
=20
-        ret =3D virSecuritySELinuxRestoreFileLabel(mgr, mem->nvdimmPath, f=
alse);
+        ret =3D virSecuritySELinuxRestoreFileLabel(mgr, mem->nvdimmPath, t=
rue);
         break;
=20
     case VIR_DOMAIN_MEMORY_MODEL_DIMM:
@@ -1661,14 +1677,14 @@ virSecuritySELinuxSetTPMFileLabel(virSecurityManage=
rPtr mgr,
     switch (tpm->type) {
     case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH:
         tpmdev =3D tpm->data.passthrough.source.data.file.path;
-        rc =3D virSecuritySELinuxSetFilecon(mgr, tpmdev, seclabel->imagela=
bel);
+        rc =3D virSecuritySELinuxSetFilecon(mgr, tpmdev, seclabel->imagela=
bel, true);
         if (rc < 0)
             return -1;
=20
         if ((cancel_path =3D virTPMCreateCancelPath(tpmdev)) !=3D NULL) {
             rc =3D virSecuritySELinuxSetFilecon(mgr,
                                               cancel_path,
-                                              seclabel->imagelabel);
+                                              seclabel->imagelabel, true);
             VIR_FREE(cancel_path);
             if (rc < 0) {
                 virSecuritySELinuxRestoreTPMFileLabelInt(mgr, def, tpm);
@@ -1680,7 +1696,7 @@ virSecuritySELinuxSetTPMFileLabel(virSecurityManagerP=
tr mgr,
         break;
     case VIR_DOMAIN_TPM_TYPE_EMULATOR:
         tpmdev =3D tpm->data.emulator.source.data.nix.path;
-        rc =3D virSecuritySELinuxSetFilecon(mgr, tpmdev, seclabel->imagela=
bel);
+        rc =3D virSecuritySELinuxSetFilecon(mgr, tpmdev, seclabel->imagela=
bel, true);
         if (rc < 0)
             return -1;
         break;
@@ -1709,10 +1725,10 @@ virSecuritySELinuxRestoreTPMFileLabelInt(virSecurit=
yManagerPtr mgr,
     switch (tpm->type) {
     case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH:
         tpmdev =3D tpm->data.passthrough.source.data.file.path;
-        rc =3D virSecuritySELinuxRestoreFileLabel(mgr, tpmdev, false);
+        rc =3D virSecuritySELinuxRestoreFileLabel(mgr, tpmdev, true);
=20
         if ((cancel_path =3D virTPMCreateCancelPath(tpmdev)) !=3D NULL) {
-            if (virSecuritySELinuxRestoreFileLabel(mgr, cancel_path, false=
) < 0)
+            if (virSecuritySELinuxRestoreFileLabel(mgr, cancel_path, true)=
 < 0)
                 rc =3D -1;
             VIR_FREE(cancel_path);
         }
@@ -1779,7 +1795,7 @@ virSecuritySELinuxRestoreImageLabelInt(virSecurityMan=
agerPtr mgr,
         }
     }
=20
-    return virSecuritySELinuxRestoreFileLabel(mgr, src->path, false);
+    return virSecuritySELinuxRestoreFileLabel(mgr, src->path, true);
 }
=20
=20
@@ -1822,32 +1838,38 @@ virSecuritySELinuxSetImageLabelInternal(virSecurity=
ManagerPtr mgr,
         if (!disk_seclabel->relabel)
             return 0;
=20
-        ret =3D virSecuritySELinuxSetFilecon(mgr, src->path, disk_seclabel=
->label);
+        ret =3D virSecuritySELinuxSetFilecon(mgr, src->path,
+                                           disk_seclabel->label, true);
     } else if (parent_seclabel && (!parent_seclabel->relabel || parent_sec=
label->label)) {
         if (!parent_seclabel->relabel)
             return 0;
=20
-        ret =3D virSecuritySELinuxSetFilecon(mgr, src->path, parent_seclab=
el->label);
+        ret =3D virSecuritySELinuxSetFilecon(mgr, src->path,
+                                           parent_seclabel->label, true);
     } else if (!parent || parent =3D=3D src) {
         if (src->shared) {
             ret =3D virSecuritySELinuxSetFileconOptional(mgr,
                                                        src->path,
-                                                       data->file_context);
+                                                       data->file_context,
+                                                       true);
         } else if (src->readonly) {
             ret =3D virSecuritySELinuxSetFileconOptional(mgr,
                                                        src->path,
-                                                       data->content_conte=
xt);
+                                                       data->content_conte=
xt,
+                                                       true);
         } else if (secdef->imagelabel) {
             ret =3D virSecuritySELinuxSetFileconOptional(mgr,
                                                        src->path,
-                                                       secdef->imagelabel);
+                                                       secdef->imagelabel,
+                                                       true);
         } else {
             ret =3D 0;
         }
     } else {
         ret =3D virSecuritySELinuxSetFileconOptional(mgr,
                                                    src->path,
-                                                   data->content_context);
+                                                   data->content_context,
+                                                   true);
     }
=20
     if (ret =3D=3D 1 && !disk_seclabel) {
@@ -1900,7 +1922,7 @@ virSecuritySELinuxSetHostdevLabelHelper(const char *f=
ile, void *opaque)
     secdef =3D virDomainDefGetSecurityLabelDef(def, SECURITY_SELINUX_NAME);
     if (secdef =3D=3D NULL)
         return 0;
-    return virSecuritySELinuxSetFilecon(mgr, file, secdef->imagelabel);
+    return virSecuritySELinuxSetFilecon(mgr, file, secdef->imagelabel, tru=
e);
 }
=20
 static int
@@ -1932,13 +1954,13 @@ virSecuritySELinuxSetSCSILabel(virSCSIDevicePtr dev,
=20
     if (virSCSIDeviceGetShareable(dev))
         return virSecuritySELinuxSetFileconOptional(mgr, file,
-                                                    data->file_context);
+                                                    data->file_context, tr=
ue);
     else if (virSCSIDeviceGetReadonly(dev))
         return virSecuritySELinuxSetFileconOptional(mgr, file,
-                                                    data->content_context);
+                                                    data->content_context,=
 true);
     else
         return virSecuritySELinuxSetFileconOptional(mgr, file,
-                                                    secdef->imagelabel);
+                                                    secdef->imagelabel, tr=
ue);
 }
=20
 static int
@@ -2093,7 +2115,7 @@ virSecuritySELinuxSetHostdevCapsLabel(virSecurityMana=
gerPtr mgr,
             if (VIR_STRDUP(path, dev->source.caps.u.storage.block) < 0)
                 return -1;
         }
-        ret =3D virSecuritySELinuxSetFilecon(mgr, path, secdef->imagelabel=
);
+        ret =3D virSecuritySELinuxSetFilecon(mgr, path, secdef->imagelabel=
, true);
         VIR_FREE(path);
         break;
     }
@@ -2107,7 +2129,7 @@ virSecuritySELinuxSetHostdevCapsLabel(virSecurityMana=
gerPtr mgr,
             if (VIR_STRDUP(path, dev->source.caps.u.misc.chardev) < 0)
                 return -1;
         }
-        ret =3D virSecuritySELinuxSetFilecon(mgr, path, secdef->imagelabel=
);
+        ret =3D virSecuritySELinuxSetFilecon(mgr, path, secdef->imagelabel=
, true);
         VIR_FREE(path);
         break;
     }
@@ -2153,7 +2175,7 @@ virSecuritySELinuxRestorePCILabel(virPCIDevicePtr dev=
 ATTRIBUTE_UNUSED,
 {
     virSecurityManagerPtr mgr =3D opaque;
=20
-    return virSecuritySELinuxRestoreFileLabel(mgr, file, false);
+    return virSecuritySELinuxRestoreFileLabel(mgr, file, true);
 }
=20
 static int
@@ -2163,7 +2185,7 @@ virSecuritySELinuxRestoreUSBLabel(virUSBDevicePtr dev=
 ATTRIBUTE_UNUSED,
 {
     virSecurityManagerPtr mgr =3D opaque;
=20
-    return virSecuritySELinuxRestoreFileLabel(mgr, file, false);
+    return virSecuritySELinuxRestoreFileLabel(mgr, file, true);
 }
=20
=20
@@ -2180,7 +2202,7 @@ virSecuritySELinuxRestoreSCSILabel(virSCSIDevicePtr d=
ev,
     if (virSCSIDeviceGetShareable(dev) || virSCSIDeviceGetReadonly(dev))
         return 0;
=20
-    return virSecuritySELinuxRestoreFileLabel(mgr, file, false);
+    return virSecuritySELinuxRestoreFileLabel(mgr, file, true);
 }
=20
 static int
@@ -2190,7 +2212,7 @@ virSecuritySELinuxRestoreHostLabel(virSCSIVHostDevice=
Ptr dev ATTRIBUTE_UNUSED,
 {
     virSecurityManagerPtr mgr =3D opaque;
=20
-    return virSecuritySELinuxRestoreFileLabel(mgr, file, false);
+    return virSecuritySELinuxRestoreFileLabel(mgr, file, true);
 }
=20
=20
@@ -2294,7 +2316,7 @@ virSecuritySELinuxRestoreHostdevSubsysLabel(virSecuri=
tyManagerPtr mgr,
         if (!(vfiodev =3D virMediatedDeviceGetIOMMUGroupDev(mdevsrc->uuids=
tr)))
             goto done;
=20
-        ret =3D virSecuritySELinuxRestoreFileLabel(mgr, vfiodev, false);
+        ret =3D virSecuritySELinuxRestoreFileLabel(mgr, vfiodev, true);
=20
         VIR_FREE(vfiodev);
         break;
@@ -2328,7 +2350,7 @@ virSecuritySELinuxRestoreHostdevCapsLabel(virSecurity=
ManagerPtr mgr,
             if (VIR_STRDUP(path, dev->source.caps.u.storage.block) < 0)
                 return -1;
         }
-        ret =3D virSecuritySELinuxRestoreFileLabel(mgr, path, false);
+        ret =3D virSecuritySELinuxRestoreFileLabel(mgr, path, true);
         VIR_FREE(path);
         break;
     }
@@ -2342,7 +2364,7 @@ virSecuritySELinuxRestoreHostdevCapsLabel(virSecurity=
ManagerPtr mgr,
             if (VIR_STRDUP(path, dev->source.caps.u.misc.chardev) < 0)
                 return -1;
         }
-        ret =3D virSecuritySELinuxRestoreFileLabel(mgr, path, false);
+        ret =3D virSecuritySELinuxRestoreFileLabel(mgr, path, true);
         VIR_FREE(path);
         break;
     }
@@ -2420,14 +2442,16 @@ virSecuritySELinuxSetChardevLabel(virSecurityManage=
rPtr mgr,
     case VIR_DOMAIN_CHR_TYPE_FILE:
         ret =3D virSecuritySELinuxSetFilecon(mgr,
                                            dev_source->data.file.path,
-                                           imagelabel);
+                                           imagelabel,
+                                           true);
         break;
=20
     case VIR_DOMAIN_CHR_TYPE_UNIX:
         if (!dev_source->data.nix.listen) {
             if (virSecuritySELinuxSetFilecon(mgr,
                                              dev_source->data.nix.path,
-                                             imagelabel) < 0)
+                                             imagelabel,
+                                             true) < 0)
                 goto done;
         }
         ret =3D 0;
@@ -2438,13 +2462,14 @@ virSecuritySELinuxSetChardevLabel(virSecurityManage=
rPtr mgr,
             (virAsprintf(&out, "%s.out", dev_source->data.file.path) < 0))
             goto done;
         if (virFileExists(in) && virFileExists(out)) {
-            if ((virSecuritySELinuxSetFilecon(mgr, in, imagelabel) < 0) ||
-                (virSecuritySELinuxSetFilecon(mgr, out, imagelabel) < 0)) {
+            if ((virSecuritySELinuxSetFilecon(mgr, in, imagelabel, true) <=
 0) ||
+                (virSecuritySELinuxSetFilecon(mgr, out, imagelabel, true) =
< 0)) {
                 goto done;
             }
         } else if (virSecuritySELinuxSetFilecon(mgr,
                                                 dev_source->data.file.path,
-                                                imagelabel) < 0) {
+                                                imagelabel,
+                                                true) < 0) {
             goto done;
         }
         ret =3D 0;
@@ -2492,7 +2517,7 @@ virSecuritySELinuxRestoreChardevLabel(virSecurityMana=
gerPtr mgr,
     case VIR_DOMAIN_CHR_TYPE_FILE:
         if (virSecuritySELinuxRestoreFileLabel(mgr,
                                                dev_source->data.file.path,
-                                               false) < 0)
+                                               true) < 0)
             goto done;
         ret =3D 0;
         break;
@@ -2501,7 +2526,7 @@ virSecuritySELinuxRestoreChardevLabel(virSecurityMana=
gerPtr mgr,
         if (!dev_source->data.nix.listen) {
             if (virSecuritySELinuxRestoreFileLabel(mgr,
                                                    dev_source->data.file.p=
ath,
-                                                   false) < 0)
+                                                   true) < 0)
                 goto done;
         }
         ret =3D 0;
@@ -2512,13 +2537,13 @@ virSecuritySELinuxRestoreChardevLabel(virSecurityMa=
nagerPtr mgr,
             (virAsprintf(&in, "%s.in", dev_source->data.file.path) < 0))
             goto done;
         if (virFileExists(in) && virFileExists(out)) {
-            if ((virSecuritySELinuxRestoreFileLabel(mgr, out, false) < 0) =
||
-                (virSecuritySELinuxRestoreFileLabel(mgr, in, false) < 0)) {
+            if ((virSecuritySELinuxRestoreFileLabel(mgr, out, true) < 0) ||
+                (virSecuritySELinuxRestoreFileLabel(mgr, in, true) < 0)) {
                 goto done;
             }
         } else if (virSecuritySELinuxRestoreFileLabel(mgr,
                                                       dev_source->data.fil=
e.path,
-                                                      false) < 0) {
+                                                      true) < 0) {
             goto done;
         }
         ret =3D 0;
@@ -2570,7 +2595,7 @@ virSecuritySELinuxRestoreSecuritySmartcardCallback(vi=
rDomainDefPtr def,
         database =3D dev->data.cert.database;
         if (!database)
             database =3D VIR_DOMAIN_SMARTCARD_DEFAULT_DATABASE;
-        return virSecuritySELinuxRestoreFileLabel(mgr, database, false);
+        return virSecuritySELinuxRestoreFileLabel(mgr, database, true);
=20
     case VIR_DOMAIN_SMARTCARD_TYPE_PASSTHROUGH:
         return virSecuritySELinuxRestoreChardevLabel(mgr, def,
@@ -2665,23 +2690,23 @@ virSecuritySELinuxRestoreAllLabel(virSecurityManage=
rPtr mgr,
         rc =3D -1;
=20
     if (def->os.loader && def->os.loader->nvram &&
-        virSecuritySELinuxRestoreFileLabel(mgr, def->os.loader->nvram, fal=
se) < 0)
+        virSecuritySELinuxRestoreFileLabel(mgr, def->os.loader->nvram, tru=
e) < 0)
         rc =3D -1;
=20
     if (def->os.kernel &&
-        virSecuritySELinuxRestoreFileLabel(mgr, def->os.kernel, false) < 0)
+        virSecuritySELinuxRestoreFileLabel(mgr, def->os.kernel, true) < 0)
         rc =3D -1;
=20
     if (def->os.initrd &&
-        virSecuritySELinuxRestoreFileLabel(mgr, def->os.initrd, false) < 0)
+        virSecuritySELinuxRestoreFileLabel(mgr, def->os.initrd, true) < 0)
         rc =3D -1;
=20
     if (def->os.dtb &&
-        virSecuritySELinuxRestoreFileLabel(mgr, def->os.dtb, false) < 0)
+        virSecuritySELinuxRestoreFileLabel(mgr, def->os.dtb, true) < 0)
         rc =3D -1;
=20
     if (def->os.slic_table &&
-        virSecuritySELinuxRestoreFileLabel(mgr, def->os.slic_table, false)=
 < 0)
+        virSecuritySELinuxRestoreFileLabel(mgr, def->os.slic_table, true) =
< 0)
         rc =3D -1;
=20
     return rc;
@@ -2726,7 +2751,7 @@ virSecuritySELinuxSetSavedStateLabel(virSecurityManag=
erPtr mgr,
     if (!secdef || !secdef->relabel)
         return 0;
=20
-    return virSecuritySELinuxSetFilecon(mgr, savefile, secdef->imagelabel);
+    return virSecuritySELinuxSetFilecon(mgr, savefile, secdef->imagelabel,=
 true);
 }
=20
=20
@@ -2741,7 +2766,7 @@ virSecuritySELinuxRestoreSavedStateLabel(virSecurityM=
anagerPtr mgr,
     if (!secdef || !secdef->relabel)
         return 0;
=20
-    return virSecuritySELinuxRestoreFileLabel(mgr, savefile, false);
+    return virSecuritySELinuxRestoreFileLabel(mgr, savefile, true);
 }
=20
=20
@@ -2984,7 +3009,7 @@ virSecuritySELinuxSetSecuritySmartcardCallback(virDom=
ainDefPtr def,
         database =3D dev->data.cert.database;
         if (!database)
             database =3D VIR_DOMAIN_SMARTCARD_DEFAULT_DATABASE;
-        return virSecuritySELinuxSetFilecon(mgr, database, data->content_c=
ontext);
+        return virSecuritySELinuxSetFilecon(mgr, database, data->content_c=
ontext, true);
=20
     case VIR_DOMAIN_SMARTCARD_TYPE_PASSTHROUGH:
         return virSecuritySELinuxSetChardevLabel(mgr, def,
@@ -3075,32 +3100,32 @@ virSecuritySELinuxSetAllLabel(virSecurityManagerPtr=
 mgr,
     if (def->os.loader && def->os.loader->nvram &&
         secdef && secdef->imagelabel &&
         virSecuritySELinuxSetFilecon(mgr, def->os.loader->nvram,
-                                     secdef->imagelabel) < 0)
+                                     secdef->imagelabel, true) < 0)
         return -1;
=20
     if (def->os.kernel &&
         virSecuritySELinuxSetFilecon(mgr, def->os.kernel,
-                                     data->content_context) < 0)
+                                     data->content_context, true) < 0)
         return -1;
=20
     if (def->os.initrd &&
         virSecuritySELinuxSetFilecon(mgr, def->os.initrd,
-                                     data->content_context) < 0)
+                                     data->content_context, true) < 0)
         return -1;
=20
     if (def->os.dtb &&
         virSecuritySELinuxSetFilecon(mgr, def->os.dtb,
-                                     data->content_context) < 0)
+                                     data->content_context, true) < 0)
         return -1;
=20
     if (def->os.slic_table &&
         virSecuritySELinuxSetFilecon(mgr, def->os.slic_table,
-                                     data->content_context) < 0)
+                                     data->content_context, true) < 0)
         return -1;
=20
     if (stdin_path &&
         virSecuritySELinuxSetFilecon(mgr, stdin_path,
-                                     data->content_context) < 0)
+                                     data->content_context, true) < 0)
         return -1;
=20
     return 0;
@@ -3259,7 +3284,7 @@ virSecuritySELinuxDomainSetPathLabel(virSecurityManag=
erPtr mgr,
     if (!seclabel || !seclabel->relabel)
         return 0;
=20
-    return virSecuritySELinuxSetFilecon(mgr, path, seclabel->imagelabel);
+    return virSecuritySELinuxSetFilecon(mgr, path, seclabel->imagelabel, t=
rue);
 }
=20
=20
@@ -3284,7 +3309,7 @@ virSecuritySELinuxSetFileLabels(virSecurityManagerPtr=
 mgr,
     char *filename =3D NULL;
     DIR *dir;
=20
-    if ((ret =3D virSecuritySELinuxSetFilecon(mgr, path, seclabel->imagela=
bel)))
+    if ((ret =3D virSecuritySELinuxSetFilecon(mgr, path, seclabel->imagela=
bel, true)))
         return ret;
=20
     if (!virFileIsDir(path))
@@ -3299,7 +3324,7 @@ virSecuritySELinuxSetFileLabels(virSecurityManagerPtr=
 mgr,
             break;
         }
         ret =3D virSecuritySELinuxSetFilecon(mgr, filename,
-                                           seclabel->imagelabel);
+                                           seclabel->imagelabel, true);
         VIR_FREE(filename);
         if (ret < 0)
             break;
@@ -3333,7 +3358,7 @@ virSecuritySELinuxRestoreFileLabels(virSecurityManage=
rPtr mgr,
     char *filename =3D NULL;
     DIR *dir;
=20
-    if ((ret =3D virSecuritySELinuxRestoreFileLabel(mgr, path, false)))
+    if ((ret =3D virSecuritySELinuxRestoreFileLabel(mgr, path, true)))
         return ret;
=20
     if (!virFileIsDir(path))
@@ -3347,7 +3372,7 @@ virSecuritySELinuxRestoreFileLabels(virSecurityManage=
rPtr mgr,
             ret =3D -1;
             break;
         }
-        ret =3D virSecuritySELinuxRestoreFileLabel(mgr, filename, false);
+        ret =3D virSecuritySELinuxRestoreFileLabel(mgr, filename, true);
         VIR_FREE(filename);
         if (ret < 0)
             break;
--=20
2.21.0

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
From nobody Sun May  5 02:54:27 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1556180437; cv=none;
	d=zoho.com; s=zohoarc;
	b=M5Y69gcyMtt8EHr76AJVQTBFE0h/tzertQgTY3aJhhjj2PX0hSz4xzjiMnOByQQn1AvC0KTkGHPMbJXl1EaQkFjySw0WRBSBp61KwBvvc5zqyQHjwTAOpcMCxfI/D6s1f7MmNgyHLrRvoUkeelfq4ENylIxkbbyr4/spdK8LIZI=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com;
 s=zohoarc;
	t=1556180437;
 h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results;
	bh=SsrtsY1qPaikh1JUPVY2kFQU9WuO2OqtPUBHzdTcTBs=;
	b=ANhr6RsdxC1zepCHG5PtzCuuJvUrHIDw5guzcFvURRjzmlNkA6MPGDICFxeJYiZYipi0TiiwYDGaXwgfASlw47FxMMedCGH/JLGjoLp6mDFTAjgPyGrhXXmqwkTkgCJYFHBoKw04UCB5+DAK5BwtndzGxmvHNTHKyiwuFnBDikU=
ARC-Authentication-Results: i=1; mx.zoho.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from=<mprivozn@redhat.com> (p=none dis=none)
 header.from=<mprivozn@redhat.com>
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1556180437206584.0205285185816;
 Thu, 25 Apr 2019 01:20:37 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com
 [10.5.11.14])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id E106A31587AD;
	Thu, 25 Apr 2019 08:20:35 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id B453E5DD91;
	Thu, 25 Apr 2019 08:20:35 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 73FD63FAF6;
	Thu, 25 Apr 2019 08:20:35 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com
	[10.5.11.12])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id x3P8KLI2013943 for <libvir-list@listman.util.phx.redhat.com>;
	Thu, 25 Apr 2019 04:20:21 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id 5E32660C70; Thu, 25 Apr 2019 08:20:21 +0000 (UTC)
Received: from moe.brq.redhat.com (unknown [10.43.2.30])
	by smtp.corp.redhat.com (Postfix) with ESMTP id DC2FE60C8E
	for <libvir-list@redhat.com>; Thu, 25 Apr 2019 08:20:20 +0000 (UTC)
From: Michal Privoznik <mprivozn@redhat.com>
To: libvir-list@redhat.com
Date: Thu, 25 Apr 2019 10:19:53 +0200
Message-Id: 
 <5980b9158a3ac3f6834f8597a9c07d12f62923e8.1556179410.git.mprivozn@redhat.com>
In-Reply-To: <cover.1556179410.git.mprivozn@redhat.com>
References: <cover.1556179410.git.mprivozn@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12
X-loop: libvir-list@redhat.com
Subject: [libvirt] [PATCH v4 17/25] qemusecuritymock: Allow some paths to be
	not restored
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.41]);
 Thu, 25 Apr 2019 08:20:36 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"

Some paths will not be restored. Because we can't possibly know
if they are still in use or not. Reflect this in the test so that
we can test more domains. Also see next commit for more detailed
explanation.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Daniel P. Berrang=C3=A9 <berrange@redhat.com>
---
 tests/qemusecuritymock.c | 44 ++++++++++++++++++++++++++++++++--------
 tests/qemusecuritytest.c |  2 +-
 tests/qemusecuritytest.h |  2 +-
 3 files changed, 37 insertions(+), 11 deletions(-)

diff --git a/tests/qemusecuritymock.c b/tests/qemusecuritymock.c
index e219a9f023..2a9095e1bf 100644
--- a/tests/qemusecuritymock.c
+++ b/tests/qemusecuritymock.c
@@ -353,20 +353,28 @@ int virFileUnlock(int fd ATTRIBUTE_UNUSED,
 }
=20
=20
+typedef struct _checkOwnerData checkOwnerData;
+struct _checkOwnerData {
+    const char **paths;
+    bool chown_fail;
+};
+
+
 static int
 checkOwner(void *payload,
            const void *name,
-           void *data)
+           void *opaque)
 {
-    bool *chown_fail =3D data;
+    checkOwnerData *data =3D opaque;
     uint32_t owner =3D *((uint32_t*) payload);
=20
-    if (owner % 16 !=3D DEFAULT_UID ||
-        owner >> 16 !=3D DEFAULT_GID) {
+    if ((owner % 16 !=3D DEFAULT_UID ||
+         owner >> 16 !=3D DEFAULT_GID) &&
+        !virStringListHasString(data->paths, name)) {
         fprintf(stderr,
                 "Path %s wasn't restored back to its original owner\n",
                 (const char *) name);
-        *chown_fail =3D true;
+        data->chown_fail =3D true;
     }
=20
     return 0;
@@ -391,22 +399,40 @@ printXATTR(void *payload,
 }
=20
=20
-int checkPaths(void)
+/**
+ * checkPaths:
+ * @paths: a NULL terminated list of paths expected not to be restored
+ *
+ * Check if all paths were restored and if no XATTR was left
+ * behind. Since restore is not done on all domain's paths, some
+ * paths are expected to be not restored. A list of such paths
+ * can be passed in @paths argument. If a path is not restored
+ * but it's on the list no error is indicated.
+ */
+int checkPaths(const char **paths)
 {
     int ret =3D -1;
-    bool chown_fail =3D false;
+    checkOwnerData data =3D { .paths =3D paths, .chown_fail =3D false };
     bool xattr_fail =3D false;
+    size_t i;
=20
     virMutexLock(&m);
     init_hash();
=20
-    if ((virHashForEach(chown_paths, checkOwner, &chown_fail)) < 0)
+    for (i =3D 0; paths && paths[i]; i++) {
+        if (!virHashLookup(chown_paths, paths[i])) {
+            fprintf(stderr, "Unexpected path restored: %s\n", paths[i]);
+            goto cleanup;
+        }
+    }
+
+    if ((virHashForEach(chown_paths, checkOwner, &data)) < 0)
         goto cleanup;
=20
     if ((virHashForEach(xattr_paths, printXATTR, &xattr_fail)) < 0)
         goto cleanup;
=20
-    if (chown_fail || xattr_fail)
+    if (data.chown_fail || xattr_fail)
         goto cleanup;
=20
     ret =3D 0;
diff --git a/tests/qemusecuritytest.c b/tests/qemusecuritytest.c
index 86347f8625..65e08b4503 100644
--- a/tests/qemusecuritytest.c
+++ b/tests/qemusecuritytest.c
@@ -100,7 +100,7 @@ testDomain(const void *opaque)
=20
     qemuSecurityRestoreAllLabel(data->driver, vm, false);
=20
-    if (checkPaths() < 0)
+    if (checkPaths(NULL) < 0)
         goto cleanup;
=20
     ret =3D 0;
diff --git a/tests/qemusecuritytest.h b/tests/qemusecuritytest.h
index 29c6a9c998..b76277a6d5 100644
--- a/tests/qemusecuritytest.h
+++ b/tests/qemusecuritytest.h
@@ -21,7 +21,7 @@
=20
 # define ENVVAR "LIBVIRT_QEMU_SECURITY_TEST"
=20
-extern int checkPaths(void);
+extern int checkPaths(const char **paths);
=20
 extern void freePaths(void);
=20
--=20
2.21.0

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
From nobody Sun May  5 02:54:27 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1556180443; cv=none;
	d=zoho.com; s=zohoarc;
	b=RzL3H8g9zz06P8adY9o2u2DnmkGequHN2n1NHR0o0ETXp5tdCTWFXbpaFrq3yPoZnS8WwiKvmuO343uNV1gi6Yy18KkofHKxdO4vpAC6IjnxR2Z+OfbRZxIUg7OtLT3LWWO2gNr/r7WWbTED5adYTDho9IHZgBmr1WJ8/Ks/93o=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com;
 s=zohoarc;
	t=1556180443;
 h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results;
	bh=sawMxw+O/wxR/4DnZD5RvKLJgpCBI/trrsXbgvlf6qI=;
	b=MBWAAN1NWbyiI/fJGZXyQhkETOTJa1C5D2jz8HUMU7rjwiOFcYa2+P0rXgAnaT2wCyBXI6ZT7mZ1tXbH0vGLazNihVgV12TPT7g7UeWAJYtIfs2i8wMSjFSfkcx1ekSlyvKprl+6uSEz1KY80t9iYH99kozISi3omU2x7WzACZg=
ARC-Authentication-Results: i=1; mx.zoho.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from=<mprivozn@redhat.com> (p=none dis=none)
 header.from=<mprivozn@redhat.com>
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1556180443372178.10823223846842;
 Thu, 25 Apr 2019 01:20:43 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com
 [10.5.11.16])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id 4C1D73098495;
	Thu, 25 Apr 2019 08:20:39 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 24FA361D06;
	Thu, 25 Apr 2019 08:20:39 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id E0AFE181B9F5;
	Thu, 25 Apr 2019 08:20:38 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com
	[10.5.11.12])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id x3P8KM5e013948 for <libvir-list@listman.util.phx.redhat.com>;
	Thu, 25 Apr 2019 04:20:22 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id 2ECD660C8E; Thu, 25 Apr 2019 08:20:22 +0000 (UTC)
Received: from moe.brq.redhat.com (unknown [10.43.2.30])
	by smtp.corp.redhat.com (Postfix) with ESMTP id AC38460C70
	for <libvir-list@redhat.com>; Thu, 25 Apr 2019 08:20:21 +0000 (UTC)
From: Michal Privoznik <mprivozn@redhat.com>
To: libvir-list@redhat.com
Date: Thu, 25 Apr 2019 10:19:54 +0200
Message-Id: 
 <6410154882564a930b4c60b57c96ea7a004240fc.1556179410.git.mprivozn@redhat.com>
In-Reply-To: <cover.1556179410.git.mprivozn@redhat.com>
References: <cover.1556179410.git.mprivozn@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12
X-loop: libvir-list@redhat.com
Subject: [libvirt] [PATCH v4 18/25] security: Don't remember owner for
	shared resources
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.42]);
 Thu, 25 Apr 2019 08:20:39 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"

This effectively reverts d7420430ce6 and adds new code.

Here is the problem: Imagine a file X that is to be shared
between two domains as a disk. Let the first domain (vm1) have
seclabel remembering turned on and the other (vm2) has it turned
off. Assume that both domains will run under the same user, but
the original owner of X is different (i.e. trying to access X
without relabelling leads to EPERM).

Let's start vm1 first. This will cause X to be relabelled and to
gain new attributes:

  trusted.libvirt.security.ref_dac=3D"1"
  trusted.libvirt.security.dac=3D"$originalOwner"

When vm2 is started, X will again be relabelled, but since the
new label is the same as X already has (because of vm1) nothing
changes and vm1 and vm2 can access X just fine. Note that no
XATTR is changed (especially the refcounter keeps its value of 1)
because the vm2 domain has the feature turned off.

Now, vm1 is shut off and vm2 continues running. In seclabel
restore process we would get to X and since its refcounter is 1
we would restore the $originalOwner on it. But this is unsafe to
do because vm2 is still using X (remember the assumption that
$originalOwner and vm2's seclabel are distinct?).

The problem is that refcounter stored in XATTRs doesn't reflect
the actual times a resource is in use. Since I don't see any easy
way around it let's just not store original owner on shared
resources. Shared resource in world of domain disks is:

  - whole backing chain but the top layer,
  - read only disk (we don't require CDROM to be explicitly
    marked as shareable),
  - disk marked as shareable.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
---
 src/security/security_dac.c     | 25 ++++++++++++++++++++++++-
 src/security/security_selinux.c | 27 +++++++++++++++++++++------
 tests/qemusecuritytest.c        | 24 +++++++++++++++++++++++-
 3 files changed, 68 insertions(+), 8 deletions(-)

diff --git a/src/security/security_dac.c b/src/security/security_dac.c
index a39dae5226..56416e6f6a 100644
--- a/src/security/security_dac.c
+++ b/src/security/security_dac.c
@@ -878,6 +878,7 @@ virSecurityDACSetImageLabelInternal(virSecurityManagerP=
tr mgr,
     virSecurityDeviceLabelDefPtr disk_seclabel;
     virSecurityDeviceLabelDefPtr parent_seclabel =3D NULL;
     virSecurityDACDataPtr priv =3D virSecurityManagerGetPrivateData(mgr);
+    bool remember;
     uid_t user;
     gid_t group;
=20
@@ -911,7 +912,21 @@ virSecurityDACSetImageLabelInternal(virSecurityManager=
Ptr mgr,
             return -1;
     }
=20
-    return virSecurityDACSetOwnership(mgr, src, NULL, user, group, true);
+    /* We can't do restore on shared resources safely. Not even
+     * with refcounting implemented in XATTRs because if there
+     * was a domain running with the feature turned off the
+     * refcounter in XATTRs would not reflect the actual number
+     * of times the resource is in use and thus the last restore
+     * on the resource (which actually restores the original
+     * owner) might cut off access to the domain with the feature
+     * disabled.
+     * For disks, a shared resource is the whole backing chain
+     * but the top layer, or read only image, or disk explicitly
+     * marked as shared.
+     */
+    remember =3D src =3D=3D parent && !src->readonly && !src->shared;
+
+    return virSecurityDACSetOwnership(mgr, src, NULL, user, group, remembe=
r);
 }
=20
=20
@@ -948,6 +963,14 @@ virSecurityDACRestoreImageLabelInt(virSecurityManagerP=
tr mgr,
     if (!priv->dynamicOwnership)
         return 0;
=20
+    /* Don't restore labels on readoly/shared disks, because other VMs may
+     * still be accessing these. Alternatively we could iterate over all
+     * running domains and try to figure out if it is in use, but this wou=
ld
+     * not work for clustered filesystems, since we can't see running VMs =
using
+     * the file on other nodes. Safest bet is thus to skip the restore ste=
p. */
+    if (src->readonly || src->shared)
+        return 0;
+
     secdef =3D virDomainDefGetSecurityLabelDef(def, SECURITY_DAC_NAME);
     if (secdef && !secdef->relabel)
         return 0;
diff --git a/src/security/security_selinux.c b/src/security/security_selinu=
x.c
index 3ac3b83e45..cb46004896 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -1819,6 +1819,7 @@ virSecuritySELinuxSetImageLabelInternal(virSecurityMa=
nagerPtr mgr,
     virSecurityLabelDefPtr secdef;
     virSecurityDeviceLabelDefPtr disk_seclabel;
     virSecurityDeviceLabelDefPtr parent_seclabel =3D NULL;
+    bool remember;
     int ret;
=20
     if (!src->path || !virStorageSourceIsLocalStorage(src))
@@ -1828,6 +1829,20 @@ virSecuritySELinuxSetImageLabelInternal(virSecurityM=
anagerPtr mgr,
     if (!secdef || !secdef->relabel)
         return 0;
=20
+    /* We can't do restore on shared resources safely. Not even
+     * with refcounting implemented in XATTRs because if there
+     * was a domain running with the feature turned off the
+     * refcounter in XATTRs would not reflect the actual number
+     * of times the resource is in use and thus the last restore
+     * on the resource (which actually restores the original
+     * owner) might cut off access to the domain with the feature
+     * disabled.
+     * For disks, a shared resource is the whole backing chain
+     * but the top layer, or read only image, or disk explicitly
+     * marked as shared.
+     */
+    remember =3D src =3D=3D parent && !src->readonly && !src->shared;
+
     disk_seclabel =3D virStorageSourceGetSecurityLabelDef(src,
                                                         SECURITY_SELINUX_N=
AME);
     if (parent)
@@ -1839,29 +1854,29 @@ virSecuritySELinuxSetImageLabelInternal(virSecurity=
ManagerPtr mgr,
             return 0;
=20
         ret =3D virSecuritySELinuxSetFilecon(mgr, src->path,
-                                           disk_seclabel->label, true);
+                                           disk_seclabel->label, remember);
     } else if (parent_seclabel && (!parent_seclabel->relabel || parent_sec=
label->label)) {
         if (!parent_seclabel->relabel)
             return 0;
=20
         ret =3D virSecuritySELinuxSetFilecon(mgr, src->path,
-                                           parent_seclabel->label, true);
+                                           parent_seclabel->label, remembe=
r);
     } else if (!parent || parent =3D=3D src) {
         if (src->shared) {
             ret =3D virSecuritySELinuxSetFileconOptional(mgr,
                                                        src->path,
                                                        data->file_context,
-                                                       true);
+                                                       remember);
         } else if (src->readonly) {
             ret =3D virSecuritySELinuxSetFileconOptional(mgr,
                                                        src->path,
                                                        data->content_conte=
xt,
-                                                       true);
+                                                       remember);
         } else if (secdef->imagelabel) {
             ret =3D virSecuritySELinuxSetFileconOptional(mgr,
                                                        src->path,
                                                        secdef->imagelabel,
-                                                       true);
+                                                       remember);
         } else {
             ret =3D 0;
         }
@@ -1869,7 +1884,7 @@ virSecuritySELinuxSetImageLabelInternal(virSecurityMa=
nagerPtr mgr,
         ret =3D virSecuritySELinuxSetFileconOptional(mgr,
                                                    src->path,
                                                    data->content_context,
-                                                   true);
+                                                   remember);
     }
=20
     if (ret =3D=3D 1 && !disk_seclabel) {
diff --git a/tests/qemusecuritytest.c b/tests/qemusecuritytest.c
index 65e08b4503..2d88979168 100644
--- a/tests/qemusecuritytest.c
+++ b/tests/qemusecuritytest.c
@@ -85,11 +85,32 @@ testDomain(const void *opaque)
 {
     const struct testData *data =3D opaque;
     VIR_AUTOUNREF(virDomainObjPtr) vm =3D NULL;
+    VIR_AUTOSTRINGLIST notRestored =3D NULL;
+    size_t i;
     int ret =3D -1;
=20
     if (prepareObjects(data->driver, data->file, &vm) < 0)
         return -1;
=20
+    for (i =3D 0; i < vm->def->ndisks; i++) {
+        virStorageSourcePtr src =3D vm->def->disks[i]->src;
+        virStorageSourcePtr n;
+
+        if (!src)
+            continue;
+
+        if (virStorageSourceIsLocalStorage(src) && src->path &&
+            (src->shared || src->readonly) &&
+            virStringListAdd(&notRestored, src->path) < 0)
+            return -1;
+
+        for (n =3D src->backingStore; virStorageSourceIsBacking(n); n =3D =
n->backingStore) {
+            if (virStorageSourceIsLocalStorage(n) && n->path &&
+                virStringListAdd(&notRestored, n->path) < 0)
+                return -1;
+        }
+    }
+
     /* Mocking is enabled only when this env variable is set.
      * See mock code for explanation. */
     if (setenv(ENVVAR, "1", 0) < 0)
@@ -100,7 +121,7 @@ testDomain(const void *opaque)
=20
     qemuSecurityRestoreAllLabel(data->driver, vm, false);
=20
-    if (checkPaths(NULL) < 0)
+    if (checkPaths((const char **) notRestored) < 0)
         goto cleanup;
=20
     ret =3D 0;
@@ -144,6 +165,7 @@ mymain(void)
     DO_TEST_DOMAIN("console-virtio-unix");
     DO_TEST_DOMAIN("controller-virtio-scsi");
     DO_TEST_DOMAIN("disk-aio");
+    DO_TEST_DOMAIN("disk-backing-chains-noindex");
     DO_TEST_DOMAIN("disk-cache");
     DO_TEST_DOMAIN("disk-cdrom");
     DO_TEST_DOMAIN("disk-cdrom-bus-other");
--=20
2.21.0

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
From nobody Sun May  5 02:54:27 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1556180435; cv=none;
	d=zoho.com; s=zohoarc;
	b=j7Hb2oEd/Vuq90NrWwhzmKHDO+0wfdUtiTddOZNlnqTN7d44lvjLgp54OOI48Vh6ipICdzb4luYkY2hl0KHZPyGLGFfd7TafOHp2YiVAkrFwx5Njg4AZoEBOCbVMGrTkACcWrpw4EEEYZnBNhDrli/0cMBXLmVHXsrqRTYN2zIo=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com;
 s=zohoarc;
	t=1556180435;
 h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results;
	bh=W0Y6rPwaUUiNg/284a1RUl/JLAqgwkmj0BsbKTFVJzc=;
	b=Xt1Qh5K9CAX55J+JH21+eR0+rbB2yXgvfv5SAvse/7CbbJ1aMXdtIFSd9IcUYfweXq3sNBlPDhp27UzIGtL0C9wYMpP2URJ213xoFPhcFXfczFh2DUTOzxwOJjb79XDx2GKF0Gdd30i/br3k4ASrm0bNn/ENpy6PB1F71vBnC3U=
ARC-Authentication-Results: i=1; mx.zoho.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from=<mprivozn@redhat.com> (p=none dis=none)
 header.from=<mprivozn@redhat.com>
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 15561804354191011.796701544945;
 Thu, 25 Apr 2019 01:20:35 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com
 [10.5.11.16])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id 095883095868;
	Thu, 25 Apr 2019 08:20:34 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id D0D7C508E9;
	Thu, 25 Apr 2019 08:20:33 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 88B2F3FB30;
	Thu, 25 Apr 2019 08:20:33 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com
	[10.5.11.12])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id x3P8KNjk013956 for <libvir-list@listman.util.phx.redhat.com>;
	Thu, 25 Apr 2019 04:20:23 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id 0088260C8E; Thu, 25 Apr 2019 08:20:23 +0000 (UTC)
Received: from moe.brq.redhat.com (unknown [10.43.2.30])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 7CCC360C70
	for <libvir-list@redhat.com>; Thu, 25 Apr 2019 08:20:22 +0000 (UTC)
From: Michal Privoznik <mprivozn@redhat.com>
To: libvir-list@redhat.com
Date: Thu, 25 Apr 2019 10:19:55 +0200
Message-Id: 
 <20a98c6a9879fe468946abb7b3c30bf23e577dff.1556179410.git.mprivozn@redhat.com>
In-Reply-To: <cover.1556179410.git.mprivozn@redhat.com>
References: <cover.1556179410.git.mprivozn@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12
X-loop: libvir-list@redhat.com
Subject: [libvirt] [PATCH v4 19/25] security: Introduce
	virSecurityManagerMoveImageMetadata
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.46]);
 Thu, 25 Apr 2019 08:20:34 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"

The purpose of this API is to allow caller move XATTRs (or remove
them) from one file to another. This will be needed when moving
top level of disk chain (either by introducing new HEAD or
removing it).

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Cole Robinson <crobinso@redhat.com>
Reviewed-by: Daniel P. Berrang=C3=A9 <berrange@redhat.com>
---
 src/libvirt_private.syms        |  1 +
 src/security/security_driver.h  |  5 +++++
 src/security/security_manager.c | 39 +++++++++++++++++++++++++++++++++
 src/security/security_manager.h |  4 ++++
 src/security/security_nop.c     | 10 +++++++++
 src/security/security_stack.c   | 20 +++++++++++++++++
 6 files changed, 79 insertions(+)

diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index 5368392882..670daae5a2 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -1388,6 +1388,7 @@ virSecurityManagerGetModel;
 virSecurityManagerGetMountOptions;
 virSecurityManagerGetNested;
 virSecurityManagerGetProcessLabel;
+virSecurityManagerMoveImageMetadata;
 virSecurityManagerNew;
 virSecurityManagerNewDAC;
 virSecurityManagerNewStack;
diff --git a/src/security/security_driver.h b/src/security/security_driver.h
index 36cf9da037..998fe9697c 100644
--- a/src/security/security_driver.h
+++ b/src/security/security_driver.h
@@ -120,6 +120,10 @@ typedef int (*virSecurityDomainRestoreImageLabel) (vir=
SecurityManagerPtr mgr,
                                                    virDomainDefPtr def,
                                                    virStorageSourcePtr src,
                                                    virSecurityDomainImageL=
abelFlags flags);
+typedef int (*virSecurityDomainMoveImageMetadata) (virSecurityManagerPtr m=
gr,
+                                                   pid_t pid,
+                                                   virStorageSourcePtr src,
+                                                   virStorageSourcePtr dst=
);
 typedef int (*virSecurityDomainSetMemoryLabel) (virSecurityManagerPtr mgr,
                                                 virDomainDefPtr def,
                                                 virDomainMemoryDefPtr mem);
@@ -170,6 +174,7 @@ struct _virSecurityDriver {
=20
     virSecurityDomainSetImageLabel domainSetSecurityImageLabel;
     virSecurityDomainRestoreImageLabel domainRestoreSecurityImageLabel;
+    virSecurityDomainMoveImageMetadata domainMoveImageMetadata;
=20
     virSecurityDomainSetMemoryLabel domainSetSecurityMemoryLabel;
     virSecurityDomainRestoreMemoryLabel domainRestoreSecurityMemoryLabel;
diff --git a/src/security/security_manager.c b/src/security/security_manage=
r.c
index 74ab0d0dd3..c205c3bf17 100644
--- a/src/security/security_manager.c
+++ b/src/security/security_manager.c
@@ -432,6 +432,45 @@ virSecurityManagerRestoreImageLabel(virSecurityManager=
Ptr mgr,
 }
=20
=20
+/**
+ * virSecurityManagerMoveImageMetadata:
+ * @mgr: security manager
+ * @pid: domain's PID
+ * @src: source of metadata
+ * @dst: destination to move metadata to
+ *
+ * For given source @src, metadata is moved to destination @dst.
+ *
+ * If @dst is NULL then metadata is removed from @src and not
+ * stored anywhere.
+ *
+ * If @pid is not -1 enther the @pid mount namespace (usually
+ * @pid refers to a domain) and perform the move from there. If
+ * @pid is -1 then the move is performed from the caller's
+ * namespace.
+ *
+ * Returns: 0 on success,
+ *         -1 otherwise.
+ */
+int
+virSecurityManagerMoveImageMetadata(virSecurityManagerPtr mgr,
+                                    pid_t pid,
+                                    virStorageSourcePtr src,
+                                    virStorageSourcePtr dst)
+{
+    if (mgr->drv->domainMoveImageMetadata) {
+        int ret;
+        virObjectLock(mgr);
+        ret =3D mgr->drv->domainMoveImageMetadata(mgr, pid, src, dst);
+        virObjectUnlock(mgr);
+        return ret;
+    }
+
+    virReportUnsupportedError();
+    return -1;
+}
+
+
 int
 virSecurityManagerSetDaemonSocketLabel(virSecurityManagerPtr mgr,
                                        virDomainDefPtr vm)
diff --git a/src/security/security_manager.h b/src/security/security_manage=
r.h
index 7e174a33ee..33e79b2095 100644
--- a/src/security/security_manager.h
+++ b/src/security/security_manager.h
@@ -160,6 +160,10 @@ int virSecurityManagerRestoreImageLabel(virSecurityMan=
agerPtr mgr,
                                         virDomainDefPtr vm,
                                         virStorageSourcePtr src,
                                         virSecurityDomainImageLabelFlags f=
lags);
+int virSecurityManagerMoveImageMetadata(virSecurityManagerPtr mgr,
+                                        pid_t pid,
+                                        virStorageSourcePtr src,
+                                        virStorageSourcePtr dst);
=20
 int virSecurityManagerSetMemoryLabel(virSecurityManagerPtr mgr,
                                      virDomainDefPtr vm,
diff --git a/src/security/security_nop.c b/src/security/security_nop.c
index 9b3263ad77..966b9d41a1 100644
--- a/src/security/security_nop.c
+++ b/src/security/security_nop.c
@@ -224,6 +224,15 @@ virSecurityDomainSetImageLabelNop(virSecurityManagerPt=
r mgr ATTRIBUTE_UNUSED,
     return 0;
 }
=20
+static int
+virSecurityDomainMoveImageMetadataNop(virSecurityManagerPtr mgr ATTRIBUTE_=
UNUSED,
+                                      pid_t pid ATTRIBUTE_UNUSED,
+                                      virStorageSourcePtr src ATTRIBUTE_UN=
USED,
+                                      virStorageSourcePtr dst ATTRIBUTE_UN=
USED)
+{
+    return 0;
+}
+
 static int
 virSecurityDomainSetMemoryLabelNop(virSecurityManagerPtr mgr ATTRIBUTE_UNU=
SED,
                                    virDomainDefPtr def ATTRIBUTE_UNUSED,
@@ -280,6 +289,7 @@ virSecurityDriver virSecurityDriverNop =3D {
=20
     .domainSetSecurityImageLabel        =3D virSecurityDomainSetImageLabel=
Nop,
     .domainRestoreSecurityImageLabel    =3D virSecurityDomainRestoreImageL=
abelNop,
+    .domainMoveImageMetadata            =3D virSecurityDomainMoveImageMeta=
dataNop,
=20
     .domainSetSecurityMemoryLabel       =3D virSecurityDomainSetMemoryLabe=
lNop,
     .domainRestoreSecurityMemoryLabel   =3D virSecurityDomainRestoreMemory=
LabelNop,
diff --git a/src/security/security_stack.c b/src/security/security_stack.c
index eba918e257..d445c0773e 100644
--- a/src/security/security_stack.c
+++ b/src/security/security_stack.c
@@ -599,6 +599,25 @@ virSecurityStackRestoreImageLabel(virSecurityManagerPt=
r mgr,
     return rc;
 }
=20
+static int
+virSecurityStackMoveImageMetadata(virSecurityManagerPtr mgr,
+                                  pid_t pid,
+                                  virStorageSourcePtr src,
+                                  virStorageSourcePtr dst)
+{
+    virSecurityStackDataPtr priv =3D virSecurityManagerGetPrivateData(mgr);
+    virSecurityStackItemPtr item =3D priv->itemsHead;
+    int rc =3D 0;
+
+    for (; item; item =3D item->next) {
+        if (virSecurityManagerMoveImageMetadata(item->securityManager,
+                                                pid, src, dst) < 0)
+            rc =3D -1;
+    }
+
+    return rc;
+}
+
 static int
 virSecurityStackSetMemoryLabel(virSecurityManagerPtr mgr,
                                virDomainDefPtr vm,
@@ -785,6 +804,7 @@ virSecurityDriver virSecurityDriverStack =3D {
=20
     .domainSetSecurityImageLabel        =3D virSecurityStackSetImageLabel,
     .domainRestoreSecurityImageLabel    =3D virSecurityStackRestoreImageLa=
bel,
+    .domainMoveImageMetadata            =3D virSecurityStackMoveImageMetad=
ata,
=20
     .domainSetSecurityMemoryLabel       =3D virSecurityStackSetMemoryLabel,
     .domainRestoreSecurityMemoryLabel   =3D virSecurityStackRestoreMemoryL=
abel,
--=20
2.21.0

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
From nobody Sun May  5 02:54:27 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1556180455; cv=none;
	d=zoho.com; s=zohoarc;
	b=BJ925rgUrC9khQHC0kFllAHRDLDxgn96sQ5/n58JK8wsztctrxcQwCpmPGAZlZrEBGWQTocwujLP8q1/Xd86a7oVrE52pRKHZnktlCZklpbEYs08t6UWSIAYkNZn57Z4GifRQTRhipzhCplqgReA5odfztzLggg4MngbrNThHSk=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com;
 s=zohoarc;
	t=1556180455;
 h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results;
	bh=jJbqjxRyQeVOCpPphaApA/BhIjJD+Kh478yzeImnsdQ=;
	b=a+j7+I4gIR1hpKT4C0Vihm7T2p8qXLwexn0i2EVSuh1iYL4Q28pYRueUKgItFa0vjnUosukEDW10U2IUkkypaFxTmOnQRpC7IfX2PqaTHN7zKMyGNrVW6zGuqyN1YYdA7jIRqWJM2RewFv/aqh5UbAjNY0g8nfH7dvon7+LjIys=
ARC-Authentication-Results: i=1; mx.zoho.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from=<mprivozn@redhat.com> (p=none dis=none)
 header.from=<mprivozn@redhat.com>
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1556180455317566.7597937621309;
 Thu, 25 Apr 2019 01:20:55 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com
 [10.5.11.11])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id 2C604A12A5;
	Thu, 25 Apr 2019 08:20:54 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 87F8960199;
	Thu, 25 Apr 2019 08:20:53 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 4502E41F3D;
	Thu, 25 Apr 2019 08:20:53 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com
	[10.5.11.12])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id x3P8KPgR013979 for <libvir-list@listman.util.phx.redhat.com>;
	Thu, 25 Apr 2019 04:20:25 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id EA5D260C99; Thu, 25 Apr 2019 08:20:25 +0000 (UTC)
Received: from moe.brq.redhat.com (unknown [10.43.2.30])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 727B360C70
	for <libvir-list@redhat.com>; Thu, 25 Apr 2019 08:20:23 +0000 (UTC)
From: Michal Privoznik <mprivozn@redhat.com>
To: libvir-list@redhat.com
Date: Thu, 25 Apr 2019 10:19:56 +0200
Message-Id: 
 <69ddcb168a9214d7edac36f8a03b78f080bb0bd9.1556179410.git.mprivozn@redhat.com>
In-Reply-To: <cover.1556179410.git.mprivozn@redhat.com>
References: <cover.1556179410.git.mprivozn@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12
X-loop: libvir-list@redhat.com
Subject: [libvirt] [PATCH v4 20/25] security_util: Introduce
	virSecurityMoveRememberedLabel
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.27]);
 Thu, 25 Apr 2019 08:20:54 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"

A simple helper function that would be used from DAC and SELinux
drivers.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Cole Robinson <crobinso@redhat.com>
Reviewed-by: Daniel P. Berrang=C3=A9 <berrange@redhat.com>
---
 src/security/security_util.c | 63 ++++++++++++++++++++++++++++++++++++
 src/security/security_util.h |  5 +++
 2 files changed, 68 insertions(+)

diff --git a/src/security/security_util.c b/src/security/security_util.c
index 3c24d7cded..ad265b0bc5 100644
--- a/src/security/security_util.c
+++ b/src/security/security_util.c
@@ -256,3 +256,66 @@ virSecuritySetRememberedLabel(const char *name,
     VIR_FREE(ref_name);
     return ret;
 }
+
+
+int
+virSecurityMoveRememberedLabel(const char *name,
+                               const char *src,
+                               const char *dst)
+{
+    VIR_AUTOFREE(char *) ref_name =3D NULL;
+    VIR_AUTOFREE(char *) ref_value =3D NULL;
+    VIR_AUTOFREE(char *) attr_name =3D NULL;
+    VIR_AUTOFREE(char *) attr_value =3D NULL;
+
+    if (!(ref_name =3D virSecurityGetRefCountAttrName(name)) |
+        !(attr_name =3D virSecurityGetAttrName(name)))
+        return -1;
+
+    if (virFileGetXAttrQuiet(src, ref_name, &ref_value) < 0) {
+        if (errno =3D=3D ENOSYS || errno =3D=3D ENOTSUP) {
+            return -2;
+        } else if (errno !=3D ENODATA) {
+            virReportSystemError(errno,
+                                 _("Unable to get XATTR %s on %s"),
+                                 ref_name, src);
+            return -1;
+        }
+    }
+
+    if (virFileGetXAttrQuiet(src, attr_name, &attr_value) < 0) {
+        if (errno =3D=3D ENOSYS || errno =3D=3D ENOTSUP) {
+            return -2;
+        } else if (errno !=3D ENODATA) {
+            virReportSystemError(errno,
+                                 _("Unable to get XATTR %s on %s"),
+                                 attr_name, src);
+            return -1;
+        }
+    }
+
+    if (ref_value &&
+        virFileRemoveXAttr(src, ref_name) < 0) {
+        return -1;
+    }
+
+    if (attr_value &&
+        virFileRemoveXAttr(src, attr_name) < 0) {
+        return -1;
+    }
+
+    if (dst) {
+        if (ref_value &&
+            virFileSetXAttr(dst, ref_name, ref_value) < 0) {
+            return -1;
+        }
+
+        if (attr_value &&
+            virFileSetXAttr(dst, attr_name, attr_value) < 0) {
+            ignore_value(virFileRemoveXAttr(dst, ref_name));
+            return -1;
+        }
+    }
+
+    return 0;
+}
diff --git a/src/security/security_util.h b/src/security/security_util.h
index bc977ed65d..f727e2e3e5 100644
--- a/src/security/security_util.h
+++ b/src/security/security_util.h
@@ -29,4 +29,9 @@ virSecuritySetRememberedLabel(const char *name,
                               const char *path,
                               const char *label);
=20
+int
+virSecurityMoveRememberedLabel(const char *name,
+                               const char *src,
+                               const char *dst);
+
 #endif /* LIBVIRT_SECURITY_UTIL_H */
--=20
2.21.0

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
From nobody Sun May  5 02:54:27 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1556180444; cv=none;
	d=zoho.com; s=zohoarc;
	b=GAAjzIJMuJFmWnIgxsOCjD1KryECtSxYKjEzBz1F9nqSEsDLzvNuF5SAHJYpvF00D2OixaLuXFxxVKdMyUT6gyPzQkPZ1jlZOKUhfR8g6gbDcGg9FN2v+kXt61qs1YBiBzvkiZyGHIPB41yQv2gb+UKGmtRb9oGo0N2ryJ8q8Yg=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com;
 s=zohoarc;
	t=1556180444;
 h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results;
	bh=o4wsde61h35MqS+PAWOegxww951We4lkPAHSCbHgtSI=;
	b=Keuf6CDS3UueMvwTADb7RUux21ipuvYKBHb/B+KZMw16ubJF2tjIjhoe0QeCSNQD8zbZaNssjQjP9NHAwjfHySFh2j+nLD56SgiMY7i/oo96nwy6fMY2G3LZHU4qNBXmTXPLTjDd1Bu29KyDV3nk++LmxPhO+xrcv/7Gr+ZmKsI=
ARC-Authentication-Results: i=1; mx.zoho.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from=<mprivozn@redhat.com> (p=none dis=none)
 header.from=<mprivozn@redhat.com>
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1556180444411345.5520178254171;
 Thu, 25 Apr 2019 01:20:44 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com
 [10.5.11.12])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id 38018308A11E;
	Thu, 25 Apr 2019 08:20:43 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id ECBDA60FFE;
	Thu, 25 Apr 2019 08:20:42 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 8F1B9181BA0E;
	Thu, 25 Apr 2019 08:20:42 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com
	[10.5.11.12])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id x3P8KQxT013986 for <libvir-list@listman.util.phx.redhat.com>;
	Thu, 25 Apr 2019 04:20:26 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id B956E60C70; Thu, 25 Apr 2019 08:20:26 +0000 (UTC)
Received: from moe.brq.redhat.com (unknown [10.43.2.30])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 4271C60C99
	for <libvir-list@redhat.com>; Thu, 25 Apr 2019 08:20:26 +0000 (UTC)
From: Michal Privoznik <mprivozn@redhat.com>
To: libvir-list@redhat.com
Date: Thu, 25 Apr 2019 10:19:57 +0200
Message-Id: 
 <74e3104ace855a92534228a1459f011aa23e59c7.1556179410.git.mprivozn@redhat.com>
In-Reply-To: <cover.1556179410.git.mprivozn@redhat.com>
References: <cover.1556179410.git.mprivozn@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12
X-loop: libvir-list@redhat.com
Subject: [libvirt] [PATCH v4 21/25] security_dac: Implement
	virSecurityManagerMoveImageMetadata
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.44]);
 Thu, 25 Apr 2019 08:20:43 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Cole Robinson <crobinso@redhat.com>
Reviewed-by: Daniel P. Berrang=C3=A9 <berrange@redhat.com>
---
 src/security/security_dac.c | 62 +++++++++++++++++++++++++++++++++++++
 1 file changed, 62 insertions(+)

diff --git a/src/security/security_dac.c b/src/security/security_dac.c
index 56416e6f6a..137daf5d28 100644
--- a/src/security/security_dac.c
+++ b/src/security/security_dac.c
@@ -1015,6 +1015,67 @@ virSecurityDACRestoreImageLabel(virSecurityManagerPt=
r mgr,
 }
=20
=20
+struct virSecurityDACMoveImageMetadataData {
+    virSecurityManagerPtr mgr;
+    const char *src;
+    const char *dst;
+};
+
+
+static int
+virSecurityDACMoveImageMetadataHelper(pid_t pid ATTRIBUTE_UNUSED,
+                                      void *opaque)
+{
+    struct virSecurityDACMoveImageMetadataData *data =3D opaque;
+    const char *paths[2] =3D { data->src, data->dst };
+    virSecurityManagerMetadataLockStatePtr state;
+    int ret;
+
+    if (!(state =3D virSecurityManagerMetadataLock(data->mgr, paths, ARRAY=
_CARDINALITY(paths))))
+        return -1;
+
+    ret =3D virSecurityMoveRememberedLabel(SECURITY_DAC_NAME, data->src, d=
ata->dst);
+    virSecurityManagerMetadataUnlock(data->mgr, &state);
+    return ret;
+}
+
+
+static int
+virSecurityDACMoveImageMetadata(virSecurityManagerPtr mgr,
+                                pid_t pid,
+                                virStorageSourcePtr src,
+                                virStorageSourcePtr dst)
+{
+    virSecurityDACDataPtr priv =3D virSecurityManagerGetPrivateData(mgr);
+    struct virSecurityDACMoveImageMetadataData data =3D { .mgr =3D mgr, 0 =
};
+    int rc;
+
+    /* If dynamicOwnership is turned off, or owner remembering is
+     * not enabled there's nothing for us to do. */
+    if (!priv->dynamicOwnership)
+        return 0;
+
+    if (src && virStorageSourceIsLocalStorage(src))
+        data.src =3D src->path;
+
+    if (dst && virStorageSourceIsLocalStorage(dst))
+        data.dst =3D dst->path;
+
+    if (!data.src)
+        return 0;
+
+    if (pid =3D=3D -1) {
+        rc =3D virProcessRunInFork(virSecurityDACMoveImageMetadataHelper, =
&data);
+    } else {
+        rc =3D virProcessRunInMountNamespace(pid,
+                                           virSecurityDACMoveImageMetadata=
Helper,
+                                           &data);
+    }
+
+    return rc;
+}
+
+
 static int
 virSecurityDACSetHostdevLabelHelper(const char *file,
                                     void *opaque)
@@ -2384,6 +2445,7 @@ virSecurityDriver virSecurityDriverDAC =3D {
=20
     .domainSetSecurityImageLabel        =3D virSecurityDACSetImageLabel,
     .domainRestoreSecurityImageLabel    =3D virSecurityDACRestoreImageLabe=
l,
+    .domainMoveImageMetadata            =3D virSecurityDACMoveImageMetadat=
a,
=20
     .domainSetSecurityMemoryLabel       =3D virSecurityDACSetMemoryLabel,
     .domainRestoreSecurityMemoryLabel   =3D virSecurityDACRestoreMemoryLab=
el,
--=20
2.21.0

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
From nobody Sun May  5 02:54:27 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1556180447; cv=none;
	d=zoho.com; s=zohoarc;
	b=LEbUUR5OO9XDJwZv+oHHvlKCXxfTC8RHGysHb61VqujIGlt8iQu4pqTc0OgdC9p237FuT5xDn/wd7zW5j8ffFCDK8YjpkRGqgwWkox8dcRPk5uJ8OVj7xmndsPU7PNae46L0NLg7MWHT138VjN4ydnjm09wAv5RHyo1YBzZjJXo=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com;
 s=zohoarc;
	t=1556180447;
 h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results;
	bh=rFCUjKDBG4maHpUTwoLhMJoHvo0DZmg14zEkXWaVt1Y=;
	b=MRNP1skNe1lV26qLpJkBWXN0yQJRjyPYHB4FN0m88cIqFjYMiQ4Xbiv0Uwhju6D0cre6rh2fzh7e1WfKooAQRDRmYHUw3R6V/LAIae0RQbTWU5Yk7KIfgXz5pIc7fKJMDw+A6pFb9o+YMhNVM13zTlMfZQFzQnocApO4LTQoVeo=
ARC-Authentication-Results: i=1; mx.zoho.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from=<mprivozn@redhat.com> (p=none dis=none)
 header.from=<mprivozn@redhat.com>
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1556180447740735.1300448113687;
 Thu, 25 Apr 2019 01:20:47 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com
 [10.5.11.23])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id 6A513308A119;
	Thu, 25 Apr 2019 08:20:46 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 40FBD165DF;
	Thu, 25 Apr 2019 08:20:46 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id EF9873FA4B;
	Thu, 25 Apr 2019 08:20:45 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com
	[10.5.11.12])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id x3P8KR2r013996 for <libvir-list@listman.util.phx.redhat.com>;
	Thu, 25 Apr 2019 04:20:27 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id 87F8960C8E; Thu, 25 Apr 2019 08:20:27 +0000 (UTC)
Received: from moe.brq.redhat.com (unknown [10.43.2.30])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 11B8A60C70
	for <libvir-list@redhat.com>; Thu, 25 Apr 2019 08:20:26 +0000 (UTC)
From: Michal Privoznik <mprivozn@redhat.com>
To: libvir-list@redhat.com
Date: Thu, 25 Apr 2019 10:19:58 +0200
Message-Id: 
 <ffe48a439a179831f4af5b2f406293cfb7f92479.1556179410.git.mprivozn@redhat.com>
In-Reply-To: <cover.1556179410.git.mprivozn@redhat.com>
References: <cover.1556179410.git.mprivozn@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12
X-loop: libvir-list@redhat.com
Subject: [libvirt] [PATCH v4 22/25] security_selinux: Implement
	virSecurityManagerMoveImageMetadata
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.44]);
 Thu, 25 Apr 2019 08:20:47 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Cole Robinson <crobinso@redhat.com>
Reviewed-by: Daniel P. Berrang=C3=A9 <berrange@redhat.com>
---
 src/security/security_selinux.c | 57 +++++++++++++++++++++++++++++++++
 1 file changed, 57 insertions(+)

diff --git a/src/security/security_selinux.c b/src/security/security_selinu=
x.c
index cb46004896..ea20373a90 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -1926,6 +1926,62 @@ virSecuritySELinuxSetImageLabel(virSecurityManagerPt=
r mgr,
 }
=20
=20
+struct virSecuritySELinuxMoveImageMetadataData {
+    virSecurityManagerPtr mgr;
+    const char *src;
+    const char *dst;
+};
+
+
+static int
+virSecuritySELinuxMoveImageMetadataHelper(pid_t pid ATTRIBUTE_UNUSED,
+                                          void *opaque)
+{
+    struct virSecuritySELinuxMoveImageMetadataData *data =3D opaque;
+    const char *paths[2] =3D { data->src, data->dst };
+    virSecurityManagerMetadataLockStatePtr state;
+    int ret;
+
+    if (!(state =3D virSecurityManagerMetadataLock(data->mgr, paths, ARRAY=
_CARDINALITY(paths))))
+        return -1;
+
+    ret =3D virSecurityMoveRememberedLabel(SECURITY_SELINUX_NAME, data->sr=
c, data->dst);
+    virSecurityManagerMetadataUnlock(data->mgr, &state);
+    return ret;
+}
+
+
+static int
+virSecuritySELinuxMoveImageMetadata(virSecurityManagerPtr mgr,
+                                    pid_t pid,
+                                    virStorageSourcePtr src,
+                                    virStorageSourcePtr dst)
+{
+    struct virSecuritySELinuxMoveImageMetadataData data =3D { .mgr =3D mgr=
, 0 };
+    int rc;
+
+    if (src && virStorageSourceIsLocalStorage(src))
+        data.src =3D src->path;
+
+    if (dst && virStorageSourceIsLocalStorage(dst))
+        data.dst =3D dst->path;
+
+    if (!data.src)
+        return 0;
+
+    if (pid =3D=3D -1) {
+        rc =3D virProcessRunInFork(virSecuritySELinuxMoveImageMetadataHelp=
er,
+                                 &data);
+    } else {
+        rc =3D virProcessRunInMountNamespace(pid,
+                                           virSecuritySELinuxMoveImageMeta=
dataHelper,
+                                           &data);
+    }
+
+    return rc;
+}
+
+
 static int
 virSecuritySELinuxSetHostdevLabelHelper(const char *file, void *opaque)
 {
@@ -3475,6 +3531,7 @@ virSecurityDriver virSecurityDriverSELinux =3D {
=20
     .domainSetSecurityImageLabel        =3D virSecuritySELinuxSetImageLabe=
l,
     .domainRestoreSecurityImageLabel    =3D virSecuritySELinuxRestoreImage=
Label,
+    .domainMoveImageMetadata            =3D virSecuritySELinuxMoveImageMet=
adata,
=20
     .domainSetSecurityMemoryLabel       =3D virSecuritySELinuxSetMemoryLab=
el,
     .domainRestoreSecurityMemoryLabel   =3D virSecuritySELinuxRestoreMemor=
yLabel,
--=20
2.21.0

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
From nobody Sun May  5 02:54:27 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1556180442; cv=none;
	d=zoho.com; s=zohoarc;
	b=dKVZ2dCoAIlt9ZM7t3ah+6CuvBBU2H5blyC5SPCJAMGsxd+F/P6TMKZ7Bnu9KzEMZ0aYVaOA536dBjQBGm1blUhijZj3HB628+tBccPbEcSSIVEuA4GX6fUUZ9hwplcR7L7KT5IGLMYppoelLQumMfsROfy6RIpMYV+sJFl/2oE=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com;
 s=zohoarc;
	t=1556180442;
 h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results;
	bh=LQ0arNVh2DA3gYJ3+Rt3qf5dQbQAno+mp+XQsHmnjO8=;
	b=av7EWcbypcc8syI9pJhK6P+yHIxBKX2b1YewGMsPDSnA7+n9ochJT/pNYajr0i+cTjRblmdzZMYzVzsMrdWQ5+x4CWOlyXI75CV5/yKcQeyn3fPaIwncLfu0RIg+Tpm9RbLhJUd7WznIhyOb4xV5EbDbDpfQJfmpSeX1jsrVgbQ=
ARC-Authentication-Results: i=1; mx.zoho.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from=<mprivozn@redhat.com> (p=none dis=none)
 header.from=<mprivozn@redhat.com>
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1556180442622822.168415207008;
 Thu, 25 Apr 2019 01:20:42 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com
 [10.5.11.13])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id 89917309CC2A;
	Thu, 25 Apr 2019 08:20:37 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 613A2648C4;
	Thu, 25 Apr 2019 08:20:37 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 1DFCC181AC92;
	Thu, 25 Apr 2019 08:20:37 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com
	[10.5.11.12])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id x3P8KSrj014006 for <libvir-list@listman.util.phx.redhat.com>;
	Thu, 25 Apr 2019 04:20:28 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id 58B0260C9C; Thu, 25 Apr 2019 08:20:28 +0000 (UTC)
Received: from moe.brq.redhat.com (unknown [10.43.2.30])
	by smtp.corp.redhat.com (Postfix) with ESMTP id D5B0F60C70
	for <libvir-list@redhat.com>; Thu, 25 Apr 2019 08:20:27 +0000 (UTC)
From: Michal Privoznik <mprivozn@redhat.com>
To: libvir-list@redhat.com
Date: Thu, 25 Apr 2019 10:19:59 +0200
Message-Id: 
 <b6936901ae38c5abeb5f601e0f7e83d496b483cd.1556179410.git.mprivozn@redhat.com>
In-Reply-To: <cover.1556179410.git.mprivozn@redhat.com>
References: <cover.1556179410.git.mprivozn@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12
X-loop: libvir-list@redhat.com
Subject: [libvirt] [PATCH v4 23/25] qemu_security: Implement
	qemuSecurityMoveImageMetadata
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.48]);
 Thu, 25 Apr 2019 08:20:38 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Cole Robinson <crobinso@redhat.com>
Reviewed-by: Daniel P. Berrang=C3=A9 <berrange@redhat.com>
---
 src/qemu/qemu_security.c | 19 +++++++++++++++++++
 src/qemu/qemu_security.h |  5 +++++
 2 files changed, 24 insertions(+)

diff --git a/src/qemu/qemu_security.c b/src/qemu/qemu_security.c
index 229581a757..87209d3781 100644
--- a/src/qemu/qemu_security.c
+++ b/src/qemu/qemu_security.c
@@ -162,6 +162,25 @@ qemuSecurityRestoreImageLabel(virQEMUDriverPtr driver,
 }
=20
=20
+int
+qemuSecurityMoveImageMetadata(virQEMUDriverPtr driver,
+                              virDomainObjPtr vm,
+                              virStorageSourcePtr src,
+                              virStorageSourcePtr dst)
+{
+    qemuDomainObjPrivatePtr priv =3D vm->privateData;
+    pid_t pid =3D -1;
+
+    if (!priv->rememberOwner)
+        return 0;
+
+    if (qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT))
+        pid =3D vm->pid;
+
+    return virSecurityManagerMoveImageMetadata(driver->securityManager, pi=
d, src, dst);
+}
+
+
 int
 qemuSecuritySetHostdevLabel(virQEMUDriverPtr driver,
                             virDomainObjPtr vm,
diff --git a/src/qemu/qemu_security.h b/src/qemu/qemu_security.h
index 546a66f284..c62724ed05 100644
--- a/src/qemu/qemu_security.h
+++ b/src/qemu/qemu_security.h
@@ -44,6 +44,11 @@ int qemuSecurityRestoreImageLabel(virQEMUDriverPtr drive=
r,
                                   virStorageSourcePtr src,
                                   bool backingChain);
=20
+int qemuSecurityMoveImageMetadata(virQEMUDriverPtr driver,
+                                  virDomainObjPtr vm,
+                                  virStorageSourcePtr src,
+                                  virStorageSourcePtr dst);
+
 int qemuSecuritySetHostdevLabel(virQEMUDriverPtr driver,
                                 virDomainObjPtr vm,
                                 virDomainHostdevDefPtr hostdev);
--=20
2.21.0

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
From nobody Sun May  5 02:54:27 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1556180459; cv=none;
	d=zoho.com; s=zohoarc;
	b=N2Ib1FD+NFGbbQv7K5RU6shFeEprpnnoWrdzq17ReKVCKH8hQ0+fDITV2XcB3WqdQXHuc4eUq6WCYEyUfDkB43cv04jHfkv/3VGV7cur3gXipw6d65Bj80drsqvN+kzG5b98ZcHsralwT0eSbMjEy0UjnPaUSQxno1aquaXkdxQ=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com;
 s=zohoarc;
	t=1556180459;
 h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results;
	bh=rJ/9nv4bDpLbJPJxxaHZ/99x9j/fX/RMne397SUFY/I=;
	b=GrnmOkswCAodUUQ+av+Hfrn3JFxv5BRJEgfa19xg6b9VHHispG/G2igNojmF98x9/SW8iDxkXcbtf5mMJDrUDtGpHurbeh8xv1XelfCZ9pGAVW2u1AMNZrYzK9/kmomSuWPuMe2lMb8Z3CBuvCm9Fvx2ibDb5LBWn4jQMsIFxmQ=
ARC-Authentication-Results: i=1; mx.zoho.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from=<mprivozn@redhat.com> (p=none dis=none)
 header.from=<mprivozn@redhat.com>
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1556180459084915.0822413775853;
 Thu, 25 Apr 2019 01:20:59 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com
 [10.5.11.14])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id D5D93C085EC7;
	Thu, 25 Apr 2019 08:20:57 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 9D02A5DEFC;
	Thu, 25 Apr 2019 08:20:57 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id C75A14EA49;
	Thu, 25 Apr 2019 08:20:56 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com
	[10.5.11.12])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id x3P8KTfx014019 for <libvir-list@listman.util.phx.redhat.com>;
	Thu, 25 Apr 2019 04:20:29 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id 2897860C8E; Thu, 25 Apr 2019 08:20:29 +0000 (UTC)
Received: from moe.brq.redhat.com (unknown [10.43.2.30])
	by smtp.corp.redhat.com (Postfix) with ESMTP id A5BEC60C9C
	for <libvir-list@redhat.com>; Thu, 25 Apr 2019 08:20:28 +0000 (UTC)
From: Michal Privoznik <mprivozn@redhat.com>
To: libvir-list@redhat.com
Date: Thu, 25 Apr 2019 10:20:00 +0200
Message-Id: 
 <d36a387f003c65af95417cefdd467de7031bd5b8.1556179410.git.mprivozn@redhat.com>
In-Reply-To: <cover.1556179410.git.mprivozn@redhat.com>
References: <cover.1556179410.git.mprivozn@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12
X-loop: libvir-list@redhat.com
Subject: [libvirt] [PATCH v4 24/25] qemu: Move image security metadata on
	snapshot activity
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.32]);
 Thu, 25 Apr 2019 08:20:58 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Cole Robinson <crobinso@redhat.com>
Reviewed-by: Daniel P. Berrang=C3=A9 <berrange@redhat.com>
---
 src/qemu/qemu_blockjob.c |  6 ++++++
 src/qemu/qemu_driver.c   | 17 ++++++++++++++---
 2 files changed, 20 insertions(+), 3 deletions(-)

diff --git a/src/qemu/qemu_blockjob.c b/src/qemu/qemu_blockjob.c
index fa7e4c8625..1b4e30ba01 100644
--- a/src/qemu/qemu_blockjob.c
+++ b/src/qemu/qemu_blockjob.c
@@ -37,6 +37,7 @@
 #include "locking/domain_lock.h"
 #include "viralloc.h"
 #include "virstring.h"
+#include "qemu_security.h"
=20
 #define VIR_FROM_THIS VIR_FROM_QEMU
=20
@@ -275,6 +276,11 @@ qemuBlockJobEventProcessLegacyCompleted(virQEMUDriverP=
tr driver,
          * want to only revoke the non-shared portion of the chain); so for
          * now, we leak the access to the original.  */
         virDomainLockImageDetach(driver->lockManager, vm, disk->src);
+
+        /* Move secret driver metadata */
+        if (qemuSecurityMoveImageMetadata(driver, vm, disk->src, disk->mir=
ror) < 0)
+            VIR_WARN("Unable to move disk metadata on vm %s", vm->def->nam=
e);
+
         virObjectUnref(disk->src);
         disk->src =3D disk->mirror;
     } else {
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index 31d8647eee..82770b49ad 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -15159,22 +15159,33 @@ qemuDomainSnapshotUpdateDiskSourcesRenumber(virSt=
orageSourcePtr src)
=20
 /**
  * qemuDomainSnapshotUpdateDiskSources:
+ * @driver: QEMU driver
+ * @vm: domain object
  * @dd: snapshot disk data object
  * @persist: set to true if persistent config of the VM was changed
  *
  * Updates disk definition after a successful snapshot.
  */
 static void
-qemuDomainSnapshotUpdateDiskSources(qemuDomainSnapshotDiskDataPtr dd,
+qemuDomainSnapshotUpdateDiskSources(virQEMUDriverPtr driver,
+                                    virDomainObjPtr vm,
+                                    qemuDomainSnapshotDiskDataPtr dd,
                                     bool *persist)
 {
-    if (!dd->src)
+    if (!dd->src) {
+        /* Remove old metadata */
+        if (qemuSecurityMoveImageMetadata(driver, vm, dd->disk->src, NULL)=
 < 0)
+            VIR_WARN("Unable to remove disk metadata on vm %s", vm->def->n=
ame);
         return;
+    }
=20
     /* storage driver access won'd be needed */
     if (dd->initialized)
         virStorageFileDeinit(dd->src);
=20
+    if (qemuSecurityMoveImageMetadata(driver, vm, dd->disk->src, dd->src) =
< 0)
+        VIR_WARN("Unable to move disk metadata on vm %s", vm->def->name);
+
     /* the old disk image is now readonly */
     dd->disk->src->readonly =3D true;
=20
@@ -15299,7 +15310,7 @@ qemuDomainSnapshotCreateDiskActive(virQEMUDriverPtr=
 driver,
             virDomainAuditDisk(vm, dd->disk->src, dd->src, "snapshot", ret=
 >=3D 0);
=20
             if (ret =3D=3D 0)
-                qemuDomainSnapshotUpdateDiskSources(dd, &persist);
+                qemuDomainSnapshotUpdateDiskSources(driver, vm, dd, &persi=
st);
         }
=20
         if (ret < 0)
--=20
2.21.0

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
From nobody Sun May  5 02:54:27 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1556180451; cv=none;
	d=zoho.com; s=zohoarc;
	b=jT5sGSCfGh6DaMy/zkNRhFFgCJvHgl7K1fCVS/54PdAAJ3CCHZ1AIfcYUjwG5OaeMix07CkjeuyOqoKccAeY4okHNz/eqb/gHnSXnftEuZrLdMzLks7omEYeOZlNShJfCVTnQoq2/2vkz05MHCNoSVWRQ8bOJSJGZCou/zdeB5I=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com;
 s=zohoarc;
	t=1556180451;
 h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results;
	bh=aW2sAL4Nw2NEk0gnLCHL4a+qqAj9KJYETZOlz53GJFo=;
	b=iEX071M1Ccfv/W2+BGckZx5lnZorP6RbGrxX8iFH9YVxYG1TMTOCJFJTDE82hnNiu8RYKsUECJLj51TZrFb6ThE7m3cBTgTZXa0ja8SQq6c6JBNHqq2Tnr5Fg4P7C98qGeBiTBDCgXbnfHGMdVV66In4Ocor7MOgouvLez3LK0s=
ARC-Authentication-Results: i=1; mx.zoho.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from=<mprivozn@redhat.com> (p=none dis=none)
 header.from=<mprivozn@redhat.com>
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1556180451342638.089284224899;
 Thu, 25 Apr 2019 01:20:51 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com
 [10.5.11.14])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id 46506E9519;
	Thu, 25 Apr 2019 08:20:50 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id E2AE15DE82;
	Thu, 25 Apr 2019 08:20:49 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 6C1253FB10;
	Thu, 25 Apr 2019 08:20:49 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com
	[10.5.11.12])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id x3P8KTHn014029 for <libvir-list@listman.util.phx.redhat.com>;
	Thu, 25 Apr 2019 04:20:29 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id EB4B260C70; Thu, 25 Apr 2019 08:20:29 +0000 (UTC)
Received: from moe.brq.redhat.com (unknown [10.43.2.30])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 747AC60C8E
	for <libvir-list@redhat.com>; Thu, 25 Apr 2019 08:20:29 +0000 (UTC)
From: Michal Privoznik <mprivozn@redhat.com>
To: libvir-list@redhat.com
Date: Thu, 25 Apr 2019 10:20:01 +0200
Message-Id: 
 <6729c25e7631d1a58179ecdf06815ad4b472a440.1556179410.git.mprivozn@redhat.com>
In-Reply-To: <cover.1556179410.git.mprivozn@redhat.com>
References: <cover.1556179410.git.mprivozn@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12
X-loop: libvir-list@redhat.com
Subject: [libvirt] [PATCH v4 25/25] Revert "qemu: Temporary disable owner
	remembering"
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.39]);
 Thu, 25 Apr 2019 08:20:50 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"

This reverts commit fc3990c7e64be1da1631952d3ec384ebef50e125.

Now that all the reported bugs are fixed let's turn the feature
back on.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Cole Robinson <crobinso@redhat.com>
Reviewed-by: Daniel P. Berrang=C3=A9 <berrange@redhat.com>
---
 docs/news.xml                      | 13 +++++++++++++
 src/qemu/libvirtd_qemu.aug         |  1 +
 src/qemu/qemu.conf                 |  5 +++++
 src/qemu/qemu_conf.c               |  4 ++++
 src/qemu/test_libvirtd_qemu.aug.in |  1 +
 5 files changed, 24 insertions(+)

diff --git a/docs/news.xml b/docs/news.xml
index e0cab23c49..95b78942ce 100644
--- a/docs/news.xml
+++ b/docs/news.xml
@@ -25,6 +25,19 @@
     <section title=3D"New features">
     </section>
     <section title=3D"Improvements">
+      <change>
+        <summary>
+          Remember original owners and SELinux labels of files
+        </summary>
+        <description>
+          When a domain is starting up libvirt changes DAC and
+          SELinux labels so that domain can access it. However,
+          it never remembered the original labels and therefore
+          the file was returned back to <code>root:root</code>.
+          With this release, the original labels are remembered
+          and restored properly.
+        </description>
+      </change>
     </section>
     <section title=3D"Bug fixes">
     </section>
diff --git a/src/qemu/libvirtd_qemu.aug b/src/qemu/libvirtd_qemu.aug
index b311f02da6..868f7b313c 100644
--- a/src/qemu/libvirtd_qemu.aug
+++ b/src/qemu/libvirtd_qemu.aug
@@ -72,6 +72,7 @@ module Libvirtd_qemu =3D
                  | str_entry "user"
                  | str_entry "group"
                  | bool_entry "dynamic_ownership"
+                 | bool_entry "remember_owner"
                  | str_array_entry "cgroup_controllers"
                  | str_array_entry "cgroup_device_acl"
                  | int_entry "seccomp_sandbox"
diff --git a/src/qemu/qemu.conf b/src/qemu/qemu.conf
index 334b4cd4ee..12357461c4 100644
--- a/src/qemu/qemu.conf
+++ b/src/qemu/qemu.conf
@@ -456,6 +456,11 @@
 # Set to 0 to disable file ownership changes.
 #dynamic_ownership =3D 1
=20
+# Whether libvirt should remember and restore the original
+# ownership over files it is relabeling. Defaults to 1, set
+# to 0 to disable the feature.
+#remember_owner =3D 1
+
 # What cgroup controllers to make use of with QEMU guests
 #
 #  - 'cpu' - use for scheduler tunables
diff --git a/src/qemu/qemu_conf.c b/src/qemu/qemu_conf.c
index daea11dacb..b418d33c61 100644
--- a/src/qemu/qemu_conf.c
+++ b/src/qemu/qemu_conf.c
@@ -145,6 +145,7 @@ virQEMUDriverConfigPtr virQEMUDriverConfigNew(bool priv=
ileged)
         cfg->group =3D (gid_t)-1;
     }
     cfg->dynamicOwnership =3D privileged;
+    cfg->rememberOwner =3D privileged;
=20
     cfg->cgroupControllers =3D -1; /* -1 =3D=3D auto-detect */
=20
@@ -908,6 +909,9 @@ virQEMUDriverConfigLoadSecurityEntry(virQEMUDriverConfi=
gPtr cfg,
     if (virConfGetValueBool(conf, "dynamic_ownership", &cfg->dynamicOwners=
hip) < 0)
         return -1;
=20
+    if (virConfGetValueBool(conf, "remember_owner", &cfg->rememberOwner) <=
 0)
+        return -1;
+
     if (virConfGetValueStringList(conf, "cgroup_controllers", false,
                                   &controllers) < 0)
         return -1;
diff --git a/src/qemu/test_libvirtd_qemu.aug.in b/src/qemu/test_libvirtd_qe=
mu.aug.in
index fea1d308b7..f95496ce4d 100644
--- a/src/qemu/test_libvirtd_qemu.aug.in
+++ b/src/qemu/test_libvirtd_qemu.aug.in
@@ -44,6 +44,7 @@ module Test_libvirtd_qemu =3D
 { "user" =3D "root" }
 { "group" =3D "root" }
 { "dynamic_ownership" =3D "1" }
+{ "remember_owner" =3D "1" }
 { "cgroup_controllers"
     { "1" =3D "cpu" }
     { "2" =3D "devices" }
--=20
2.21.0

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list