From nobody Sat Apr 20 00:20:37 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1565793213; cv=none; d=zoho.com; s=zohoarc; b=kXMM5leH7WBbKcgjjHl/8gEAjYt3rA1nGvGg0Iw7CFQpbbyZ8JteCgwglHwBPLQiYw8ikqkXbJiYjtptdi6UyUyfAiOe/GDCY7zK9xeb8yI5Kx6EaDTvG1dTqK3gvPTQrTo119bGYz4tm5XvH+bTLRgS2r24uPrXZBGNIFvUJpw= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1565793213; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=ybDqC2mpI4/7A45K2+hw2H5rQGypdTj26Z3rS4o5r+0=; b=aDzSvGqdTCA1r7yz3rE2dHHq7l8cMLCJWQcddt2RJlhRATfuLFl2txEOb1G2qaoxeKb1LqS6FRCHySjOdIrBYdI+wq7dxK5bATKahHr9QrLhBb/GqWP1venvCC22SvgUUcO1zx/teeEWuIq/W8FUvvTb6KTYnOv0LsfjGLn67MU= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 156579321394474.35813527355731; Wed, 14 Aug 2019 07:33:33 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 6CD93309843B; Wed, 14 Aug 2019 14:33:32 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 33A7585A53; Wed, 14 Aug 2019 14:33:32 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 1029324F30; Wed, 14 Aug 2019 14:33:31 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x7EEXUr1022516 for ; Wed, 14 Aug 2019 10:33:30 -0400 Received: by smtp.corp.redhat.com (Postfix) id 8F55C546E0; Wed, 14 Aug 2019 14:33:30 +0000 (UTC) Received: from moe.brq.redhat.com (unknown [10.43.2.30]) by smtp.corp.redhat.com (Postfix) with ESMTP id 1A2083ACA for ; Wed, 14 Aug 2019 14:33:29 +0000 (UTC) From: Michal Privoznik To: libvir-list@redhat.com Date: Wed, 14 Aug 2019 16:33:19 +0200 Message-Id: <065384455b53c6b122ce610704a82d8231a7578f.1565790969.git.mprivozn@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH 1/5] virUUIDFormat: s/VIR_UUID_RAW_LEN/VIR_UUID_BUFLEN/ in comment X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.42]); Wed, 14 Aug 2019 14:33:33 +0000 (UTC) Content-Type: text/plain; charset="utf-8" The function takes raw UUID and formats it into string representation. However, the comment mistakenly states that the expected size of raw UUID buffer is VIR_UUID_RAW_LEN bytes. We don't have such constant since v0.3.2~24. It should have been VIR_UUID_BUFLEN. Signed-off-by: Michal Privoznik Reviewed-by: Jiri Denemark --- src/util/viruuid.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/util/viruuid.c b/src/util/viruuid.c index 0c12ddcc3e..8930a0e199 100644 --- a/src/util/viruuid.c +++ b/src/util/viruuid.c @@ -141,7 +141,7 @@ virUUIDParse(const char *uuidstr, unsigned char *uuid) =20 /** * virUUIDFormat: - * @uuid: array of VIR_UUID_RAW_LEN bytes to store the raw UUID + * @uuid: array of VIR_UUID_BUFLEN bytes to store the raw UUID * @uuidstr: array of VIR_UUID_STRING_BUFLEN bytes to store the * string representation of the UUID in. The resulting string * will be NULL terminated. --=20 2.21.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Sat Apr 20 00:20:37 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1565793222; cv=none; d=zoho.com; s=zohoarc; b=EwBkSqQs9uYd/N8T8fRVB3QEjWIzfuRD0kN9hhA5jD05UoK1jwDVTAmFX822BwLVuiMJKcGvXDoMnNtMetbyn5V0oI7wuXsV3pUrPU1skRc9BuKEL0AHndKwHTjj5vVX8LhAdTZl2e2jWxycAsxqMnXm0zyCVgdEYP56/3vH03c= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1565793222; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=Mg0s+qz7tnPbiU6t3kLxNBKb/Pm2hkcichHpJoTMEKE=; b=KZCEKp4903pZlIBR2S9UJ1w5Gp1KM+ibpMgC7lQKrtNc8HumSWRx8THa0uMXLYFy0Nen7VDkaYKy3/0IQ43G0OqQIE8ggpU30c0xIrWwUQJSJRIPDicMV+Z14DspA0qWojcpHDsmxt7CQ3FcUUYNLCFbnI13Jl0RLB9OoIybDVo= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1565793222731197.52544895326082; Wed, 14 Aug 2019 07:33:42 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 971FA19CF89; Wed, 14 Aug 2019 14:33:41 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 735A960D26; Wed, 14 Aug 2019 14:33:41 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 2928C1806B01; Wed, 14 Aug 2019 14:33:41 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x7EEXVwF022524 for ; Wed, 14 Aug 2019 10:33:31 -0400 Received: by smtp.corp.redhat.com (Postfix) id 5B45A8309C; Wed, 14 Aug 2019 14:33:31 +0000 (UTC) Received: from moe.brq.redhat.com (unknown [10.43.2.30]) by smtp.corp.redhat.com (Postfix) with ESMTP id DA5533ACA for ; Wed, 14 Aug 2019 14:33:30 +0000 (UTC) From: Michal Privoznik To: libvir-list@redhat.com Date: Wed, 14 Aug 2019 16:33:20 +0200 Message-Id: <946248ae4d4d7d87f099007141a935242c7a05a7.1565790969.git.mprivozn@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH 2/5] security_util: Use more VIR_AUTOFREE() X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.29]); Wed, 14 Aug 2019 14:33:42 +0000 (UTC) Content-Type: text/plain; charset="utf-8" Signed-off-by: Michal Privoznik Reviewed-by: Jiri Denemark --- src/security/security_util.c | 78 +++++++++++++++--------------------- 1 file changed, 32 insertions(+), 46 deletions(-) diff --git a/src/security/security_util.c b/src/security/security_util.c index 9d3f483f6b..04347f51e5 100644 --- a/src/security/security_util.c +++ b/src/security/security_util.c @@ -113,34 +113,32 @@ virSecurityGetRememberedLabel(const char *name, const char *path, char **label) { - char *ref_name =3D NULL; - char *attr_name =3D NULL; - char *value =3D NULL; + VIR_AUTOFREE(char *) ref_name =3D NULL; + VIR_AUTOFREE(char *) attr_name =3D NULL; + VIR_AUTOFREE(char *) value =3D NULL; unsigned int refcount =3D 0; - int ret =3D -1; =20 *label =3D NULL; =20 if (!(ref_name =3D virSecurityGetRefCountAttrName(name))) - goto cleanup; + return -1; =20 if (virFileGetXAttrQuiet(path, ref_name, &value) < 0) { - if (errno =3D=3D ENOSYS || errno =3D=3D ENODATA || errno =3D=3D EN= OTSUP) { - ret =3D -2; - } else { - virReportSystemError(errno, - _("Unable to get XATTR %s on %s"), - ref_name, - path); - } - goto cleanup; + if (errno =3D=3D ENOSYS || errno =3D=3D ENODATA || errno =3D=3D EN= OTSUP) + return -2; + + virReportSystemError(errno, + _("Unable to get XATTR %s on %s"), + ref_name, + path); + return -1; } =20 if (virStrToLong_ui(value, NULL, 10, &refcount) < 0) { virReportError(VIR_ERR_INTERNAL_ERROR, _("malformed refcount %s on %s"), value, path); - goto cleanup; + return -1; } =20 VIR_FREE(value); @@ -149,30 +147,25 @@ virSecurityGetRememberedLabel(const char *name, =20 if (refcount > 0) { if (virAsprintf(&value, "%u", refcount) < 0) - goto cleanup; + return -1; =20 if (virFileSetXAttr(path, ref_name, value) < 0) - goto cleanup; + return -1; } else { if (virFileRemoveXAttr(path, ref_name) < 0) - goto cleanup; + return -1; =20 if (!(attr_name =3D virSecurityGetAttrName(name))) - goto cleanup; + return -1; =20 if (virFileGetXAttr(path, attr_name, label) < 0) - goto cleanup; + return -1; =20 if (virFileRemoveXAttr(path, attr_name) < 0) - goto cleanup; + return -1; } =20 - ret =3D 0; - cleanup: - VIR_FREE(value); - VIR_FREE(attr_name); - VIR_FREE(ref_name); - return ret; + return 0; } =20 =20 @@ -201,25 +194,23 @@ virSecuritySetRememberedLabel(const char *name, const char *path, const char *label) { - char *ref_name =3D NULL; - char *attr_name =3D NULL; - char *value =3D NULL; + VIR_AUTOFREE(char *) ref_name =3D NULL; + VIR_AUTOFREE(char *) attr_name =3D NULL; + VIR_AUTOFREE(char *) value =3D NULL; unsigned int refcount =3D 0; - int ret =3D -1; =20 if (!(ref_name =3D virSecurityGetRefCountAttrName(name))) - goto cleanup; + return -1; =20 if (virFileGetXAttrQuiet(path, ref_name, &value) < 0) { if (errno =3D=3D ENOSYS || errno =3D=3D ENOTSUP) { - ret =3D -2; - goto cleanup; + return -2; } else if (errno !=3D ENODATA) { virReportSystemError(errno, _("Unable to get XATTR %s on %s"), ref_name, path); - goto cleanup; + return -1; } } =20 @@ -228,7 +219,7 @@ virSecuritySetRememberedLabel(const char *name, virReportError(VIR_ERR_INTERNAL_ERROR, _("malformed refcount %s on %s"), value, path); - goto cleanup; + return -1; } =20 VIR_FREE(value); @@ -237,24 +228,19 @@ virSecuritySetRememberedLabel(const char *name, =20 if (refcount =3D=3D 1) { if (!(attr_name =3D virSecurityGetAttrName(name))) - goto cleanup; + return -1; =20 if (virFileSetXAttr(path, attr_name, label) < 0) - goto cleanup; + return -1; } =20 if (virAsprintf(&value, "%u", refcount) < 0) - goto cleanup; + return -1; =20 if (virFileSetXAttr(path, ref_name, value) < 0) - goto cleanup; + return -1; =20 - ret =3D refcount; - cleanup: - VIR_FREE(value); - VIR_FREE(attr_name); - VIR_FREE(ref_name); - return ret; + return refcount; } =20 =20 --=20 2.21.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Sat Apr 20 00:20:37 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1565793215; cv=none; d=zoho.com; s=zohoarc; b=AJ/8Lne4pDZjUvOYOMoE0Z1frseHLYgbaQ0UuMYtcXwkFPOfeSX+Sa50zYURnAEUQOrfzk+R59Cd2L5hU1NHdT6o2QN5BokTSrsITL0zx0hMbHNZU71dC2bL8LnlMHRUNrm5jt8IsglgtfDn8gxX9DSY+tOmbZLMtG7umQturRo= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1565793215; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=UNIPrzpzw2jO+z42PlCBMjZdYSciRSRF7m+ar5p4oy4=; b=hFhT399IoLC1RvjGitX8mrrcv4zvyrIX57LcCTAcRwGp8LTbfShFu6Cbls6/atcVEhv8BDKNV2of6GCo7jg1flByNPbwtachk9zDboOGUXsdX51xKxXgJ6bOdh1jaOnUW3UV1cCOu4vNwmzl42t8+ODsin150kpGNRYXrtr78WY= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1565793215503906.0421659372266; Wed, 14 Aug 2019 07:33:35 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 515B6307C827; Wed, 14 Aug 2019 14:33:34 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 2E6B485A53; Wed, 14 Aug 2019 14:33:34 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id E398F24F34; Wed, 14 Aug 2019 14:33:33 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x7EEXWmD022536 for ; Wed, 14 Aug 2019 10:33:32 -0400 Received: by smtp.corp.redhat.com (Postfix) id 2860183285; Wed, 14 Aug 2019 14:33:32 +0000 (UTC) Received: from moe.brq.redhat.com (unknown [10.43.2.30]) by smtp.corp.redhat.com (Postfix) with ESMTP id A6E7E3ACA for ; Wed, 14 Aug 2019 14:33:31 +0000 (UTC) From: Michal Privoznik To: libvir-list@redhat.com Date: Wed, 14 Aug 2019 16:33:21 +0200 Message-Id: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH 3/5] security_util: Document virSecurityMoveRememberedLabel X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.40]); Wed, 14 Aug 2019 14:33:34 +0000 (UTC) Content-Type: text/plain; charset="utf-8" Signed-off-by: Michal Privoznik Reviewed-by: Jiri Denemark --- src/security/security_util.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/src/security/security_util.c b/src/security/security_util.c index 04347f51e5..365b2dd2d6 100644 --- a/src/security/security_util.c +++ b/src/security/security_util.c @@ -244,6 +244,19 @@ virSecuritySetRememberedLabel(const char *name, } =20 =20 +/** + * virSecurityMoveRememberedLabel: + * @name: security driver name + * @src: source file + * @dst: destination file + * + * For given security driver @name, move all XATTRs related to seclabel + * remembering from @src to @dst. However, if @dst is NULL, then XATTRs + * are just removed from @src. + * + * Returns: 0 on success, + * -1 otherwise. + */ int virSecurityMoveRememberedLabel(const char *name, const char *src, --=20 2.21.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Sat Apr 20 00:20:37 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1565793223; cv=none; d=zoho.com; s=zohoarc; b=F6mjYFup9TielpLvXIg8WXeCXiAr5l6QXU++lnHptQlrHNsVGIld/rgFddrGiuEK7FVQsT558J/0/ZwNEYRjFZWGwXMX3nUr1zdXC6GBlIs1TeDHUOSgRExpWrquyfZm8z7A54Z+KFiuQoFyoYIvYwUVOJCig/qdnBF/AXS0DSs= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1565793223; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=h0J+5FdCp62KKnTKoofuWWgEhEvLHLTdUcP5/NQiwtw=; b=TqEBjtMEpgnikF0Gn0wJNs4tNqa4rPo7rbI0e/kQbXDXJStVeED34FLigLp3VSr0K43ijendqmG204OmmYw4F71u1QTE9+zJvkTd8vZEbmkHOf8J6lhUu5yHO8L6Ttz3elvbrOUUihKH7bR6ml0v0nuvfHuqSE9eyS26qNj/YCI= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1565793223131612.6428798263437; Wed, 14 Aug 2019 07:33:43 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 9DBDB2A09D2; Wed, 14 Aug 2019 14:33:41 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 788F81001B12; Wed, 14 Aug 2019 14:33:41 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 2CEFD24F3A; Wed, 14 Aug 2019 14:33:41 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x7EEXWli022544 for ; Wed, 14 Aug 2019 10:33:32 -0400 Received: by smtp.corp.redhat.com (Postfix) id E8AEA8328D; Wed, 14 Aug 2019 14:33:32 +0000 (UTC) Received: from moe.brq.redhat.com (unknown [10.43.2.30]) by smtp.corp.redhat.com (Postfix) with ESMTP id 7469A8328B for ; Wed, 14 Aug 2019 14:33:32 +0000 (UTC) From: Michal Privoznik To: libvir-list@redhat.com Date: Wed, 14 Aug 2019 16:33:22 +0200 Message-Id: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH 4/5] util: Introduce virhostuptime X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.38]); Wed, 14 Aug 2019 14:33:42 +0000 (UTC) Content-Type: text/plain; charset="utf-8" This module contains function to get host boot time. Signed-off-by: Michal Privoznik --- src/libvirt_private.syms | 4 +++ src/util/Makefile.inc.am | 2 ++ src/util/virhostuptime.c | 61 ++++++++++++++++++++++++++++++++++++++++ src/util/virhostuptime.h | 27 ++++++++++++++++++ 4 files changed, 94 insertions(+) create mode 100644 src/util/virhostuptime.c create mode 100644 src/util/virhostuptime.h diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index 7a3feb8efa..bed00c3cb8 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -2135,6 +2135,10 @@ virHostMemGetStats; virHostMemSetParameters; =20 =20 +# util/virhostuptime.h +virHostGetBootTime; + + # util/viridentity.h virIdentityGetAttr; virIdentityGetCurrent; diff --git a/src/util/Makefile.inc.am b/src/util/Makefile.inc.am index a47f333a98..46866cf213 100644 --- a/src/util/Makefile.inc.am +++ b/src/util/Makefile.inc.am @@ -91,6 +91,8 @@ UTIL_SOURCES =3D \ util/virhostdev.h \ util/virhostmem.c \ util/virhostmem.h \ + util/virhostuptime.c \ + util/virhostuptime.h \ util/viridentity.c \ util/viridentity.h \ util/virinitctl.c \ diff --git a/src/util/virhostuptime.c b/src/util/virhostuptime.c new file mode 100644 index 0000000000..f48de672e6 --- /dev/null +++ b/src/util/virhostuptime.c @@ -0,0 +1,61 @@ +/* + * virhostuptime.c: helper APIs for host uptime + * + * Copyright (C) 2019 Red Hat, Inc. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library. If not, see + * . + */ + +#include + +#if defined(__linux__) || defined(__FreeBSD__) +# include +#endif + +#include "virhostuptime.h" + + +/** + * virHostGetBootTime: + * @when: UNIX timestamp of boot time + * + * Get a UNIX timestamp of host boot time and store it at @when. + * Note that this function is not reentrant. + * + * Return: 0 on success, + * -1 otherwise. + */ +int +virHostGetBootTime(unsigned long long *when ATTRIBUTE_UNUSED) +{ +#if defined(__linux__) || defined(__FreeBSD__) + struct utmpx id =3D {.ut_type =3D BOOT_TIME}; + struct utmpx *res =3D NULL; + + if (!(res =3D getutxid(&id))) { + int theerrno =3D errno; + endutxent(); + return -theerrno; + } + + *when =3D res->ut_tv.tv_sec; + endutxent(); + return 0; +#else + /* Unfortunately, mingw lacks utmp */ + errno =3D ENOSYS; + return -errno; +#endif +} diff --git a/src/util/virhostuptime.h b/src/util/virhostuptime.h new file mode 100644 index 0000000000..03c1517a64 --- /dev/null +++ b/src/util/virhostuptime.h @@ -0,0 +1,27 @@ +/* + * virhostuptime.h: helper APIs for host uptime + * + * Copyright (C) 2019 Red Hat, Inc. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library. If not, see + * . + */ + +#pragma once + +#include "internal.h" + +int +virHostGetBootTime(unsigned long long *when) + ATTRIBUTE_NOINLINE; --=20 2.21.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Sat Apr 20 00:20:37 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1565793223; cv=none; d=zoho.com; s=zohoarc; b=iJXYruezL9CQpGfAInOLeJUN0ik2HJCkzv3zw+qQmSm6amVaswf0seUz3/9rigkuJuyMHuvi8zZbOq0KTXmFpkyvAHcC6naZNb9wyE+m+5dW99ZJfZB5hcH3FzDQ9+j5Gfd35TVTRAoctdYQaRC7dzQEv+1j8FWnRhcBA5vmbsc= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1565793223; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=C2FyaWbOXkDYCdWItBOQ/YKXVV2klYhuEydZ0wsezLU=; b=J2jghrAe5N2iemHIVvCjwqUZQjXqfyQHNanwEe8zfMLYZw32IXpxMtM+AV896HdTUsGaaGIiXjCp1Kn3+Fb1FMkrT/YE1wfU7DDGvbk4aFYVMxL3vvgpbZeiTgTXMwYmC9jF0EXCupjBvH7TLs4jZem3PfjEpJGphCUQZ+eYHQY= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1565793223021773.5788702004236; Wed, 14 Aug 2019 07:33:43 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 9B0AD8E37A; Wed, 14 Aug 2019 14:33:41 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 78A7A7A2E1; Wed, 14 Aug 2019 14:33:41 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 314B91806B09; Wed, 14 Aug 2019 14:33:41 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x7EEXXPL022551 for ; Wed, 14 Aug 2019 10:33:33 -0400 Received: by smtp.corp.redhat.com (Postfix) id B56B48328E; Wed, 14 Aug 2019 14:33:33 +0000 (UTC) Received: from moe.brq.redhat.com (unknown [10.43.2.30]) by smtp.corp.redhat.com (Postfix) with ESMTP id 415668328B for ; Wed, 14 Aug 2019 14:33:33 +0000 (UTC) From: Michal Privoznik To: libvir-list@redhat.com Date: Wed, 14 Aug 2019 16:33:23 +0200 Message-Id: <3f9026eed7bf62cc8ad910156406e34a4b9eaa04.1565790969.git.mprivozn@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH 5/5] security_util: Remove stale XATTRs X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.26]); Wed, 14 Aug 2019 14:33:42 +0000 (UTC) Content-Type: text/plain; charset="utf-8" It may happen that we leave some XATTRs behind. For instance, on a sudden power loss, the host just shuts down without calling restore on domain paths. This creates a problem, because when the host starts up again, the XATTRs are there but they don't reflect the true state and this may result in libvirt denying start of a domain. To solve this, save a unique timestamp among with our XATTRs. The timestamp consists of host UUID + boot timestamp. Signed-off-by: Michal Privoznik --- src/security/security_util.c | 202 ++++++++++++++++++++++++++++++++++- tests/qemusecuritymock.c | 12 +++ 2 files changed, 213 insertions(+), 1 deletion(-) diff --git a/src/security/security_util.c b/src/security/security_util.c index 365b2dd2d6..d063f526be 100644 --- a/src/security/security_util.c +++ b/src/security/security_util.c @@ -22,11 +22,16 @@ #include "virfile.h" #include "virstring.h" #include "virerror.h" +#include "virlog.h" +#include "viruuid.h" +#include "virhostuptime.h" =20 #include "security_util.h" =20 #define VIR_FROM_THIS VIR_FROM_SECURITY =20 +VIR_LOG_INIT("security.security_util"); + /* There are four namespaces available on Linux (xattr(7)): * * user - can be modified by anybody, @@ -83,6 +88,157 @@ virSecurityGetRefCountAttrName(const char *name ATTRIBU= TE_UNUSED) } =20 =20 +static char * +virSecurityGetTimestampAttrName(const char *name ATTRIBUTE_UNUSED) +{ + char *ret =3D NULL; +#ifdef XATTR_NAMESPACE + ignore_value(virAsprintf(&ret, XATTR_NAMESPACE".libvirt.security.times= tamp_%s", name)); +#else + errno =3D ENOSYS; + virReportSystemError(errno, "%s", + _("Extended attributes are not supported on this = system")); +#endif + return ret; +} + + +/* This global timestamp holds combination of host UUID + boot time so tha= t we + * can detect stale XATTRs. For instance, on a sudden power loss, XATTRs a= re + * not going to change (nobody will call restoreLabel()) and thus they ref= lect + * state from just before the power loss and if there was a machine runnin= g, + * then XATTRs there are stale and no one will ever remove them. They don't + * reflect the true state (most notably the ref counter). + */ +static char *timestamp; + + +static int +virSecurityEnsureTimestamp(void) +{ + unsigned char uuid[VIR_UUID_BUFLEN] =3D {0}; + char uuidstr[VIR_UUID_STRING_BUFLEN] =3D {0}; + unsigned long long boottime =3D 0; + + if (timestamp) + return 0; + + if (virGetHostUUID(uuid) < 0) { + virReportError(VIR_ERR_INTERNAL_ERROR, + "%s", _("cannot get the host uuid")); + return -1; + } + + virUUIDFormat(uuid, uuidstr); + + if (virHostGetBootTime(&boottime) < 0) { + virReportSystemError(errno, "%s", + _("Unable to get host boot time")); + return -1; + } + + if (virAsprintf(×tamp, "%s-%llu", uuidstr, boottime) < 0) + return -1; + + return 0; +} + + +/** + * virSecurityValidateTimestamp: + * @name: security driver name + * @path: file name + * + * Check if remembered label on @path for security driver @name + * is valid, i.e. the label has been set since the last boot. If + * the label was set in previous runs, all XATTRs related to + * @name are removed so that clean slate is restored. + * + * Returns: 0 if remembered label is valid, + * 1 if remembered label was not valid, + * -1 otherwise. + */ +static int +virSecurityValidateTimestamp(const char *name, + const char *path) +{ + VIR_AUTOFREE(char *) timestamp_name =3D NULL; + VIR_AUTOFREE(char *) value =3D NULL; + + if (virSecurityEnsureTimestamp() < 0) + return -1; + + if (!(timestamp_name =3D virSecurityGetTimestampAttrName(name))) + return -1; + + errno =3D 0; + if (virFileGetXAttrQuiet(path, timestamp_name, &value) < 0) { + if (errno =3D=3D ENOSYS || errno =3D=3D ENOTSUP) { + /* XATTRs are not supported. */ + return -1; + } else if (errno !=3D ENODATA) { + virReportSystemError(errno, + _("Unable to get XATTR %s on %s"), + timestamp_name, + path); + return -1; + } + + /* Timestamp is missing. We can continue and claim a valid timesta= mp. + * But then we would never remove stale XATTRs. Therefore, claim it + * invalid and have the code below remove all XATTRs. This of cour= se + * means that we will not restore the original owner, but the plus= side + * is that we reset refcounter which will represent the true state. + */ + } + + if (STREQ_NULLABLE(value, timestamp)) { + /* Hooray, XATTRs are valid. */ + VIR_DEBUG("XATTRs on %s secdriver=3D%s are valid", path, name); + return 0; + } + + VIR_WARN("Invalid XATTR timestamp detected on %s secdriver=3D%s", path= , name); + + if (virSecurityMoveRememberedLabel(name, path, NULL) < 0) + return -1; + + return 1; +} + + +static int +virSecurityAddTimestamp(const char *name, + const char *path) +{ + VIR_AUTOFREE(char *) timestamp_name =3D NULL; + + if (virSecurityEnsureTimestamp() < 0) + return -1; + + if (!(timestamp_name =3D virSecurityGetTimestampAttrName(name))) + return -1; + + return virFileSetXAttr(path, timestamp_name, timestamp); +} + + +static int +virSecurityRemoveTimestamp(const char *name, + const char *path) +{ + VIR_AUTOFREE(char *) timestamp_name =3D NULL; + + if (!(timestamp_name =3D virSecurityGetTimestampAttrName(name))) + return -1; + + if (virFileRemoveXAttr(path, timestamp_name) < 0 && errno !=3D ENOENT) + return -1; + + return 0; +} + + /** * virSecurityGetRememberedLabel: * @name: security driver name @@ -120,6 +276,12 @@ virSecurityGetRememberedLabel(const char *name, =20 *label =3D NULL; =20 + if (virSecurityValidateTimestamp(name, path) < 0) { + if (errno =3D=3D ENOSYS || errno =3D=3D ENOTSUP) + return -2; + return -1; + } + if (!(ref_name =3D virSecurityGetRefCountAttrName(name))) return -1; =20 @@ -163,6 +325,9 @@ virSecurityGetRememberedLabel(const char *name, =20 if (virFileRemoveXAttr(path, attr_name) < 0) return -1; + + if (virSecurityRemoveTimestamp(name, path) < 0) + return -1; } =20 return 0; @@ -199,6 +364,12 @@ virSecuritySetRememberedLabel(const char *name, VIR_AUTOFREE(char *) value =3D NULL; unsigned int refcount =3D 0; =20 + if (virSecurityValidateTimestamp(name, path) < 0) { + if (errno =3D=3D ENOSYS || errno =3D=3D ENOTSUP) + return -2; + return -1; + } + if (!(ref_name =3D virSecurityGetRefCountAttrName(name))) return -1; =20 @@ -232,6 +403,9 @@ virSecuritySetRememberedLabel(const char *name, =20 if (virFileSetXAttr(path, attr_name, label) < 0) return -1; + + if (virSecurityAddTimestamp(name, path) < 0) + return -1; } =20 if (virAsprintf(&value, "%u", refcount) < 0) @@ -266,9 +440,12 @@ virSecurityMoveRememberedLabel(const char *name, VIR_AUTOFREE(char *) ref_value =3D NULL; VIR_AUTOFREE(char *) attr_name =3D NULL; VIR_AUTOFREE(char *) attr_value =3D NULL; + VIR_AUTOFREE(char *) timestamp_name =3D NULL; + VIR_AUTOFREE(char *) timestamp_value =3D NULL; =20 if (!(ref_name =3D virSecurityGetRefCountAttrName(name)) || - !(attr_name =3D virSecurityGetAttrName(name))) + !(attr_name =3D virSecurityGetAttrName(name)) || + !(timestamp_name =3D virSecurityGetTimestampAttrName(name))) return -1; =20 if (virFileGetXAttrQuiet(src, ref_name, &ref_value) < 0) { @@ -293,6 +470,17 @@ virSecurityMoveRememberedLabel(const char *name, } } =20 + if (virFileGetXAttrQuiet(src, timestamp_name, ×tamp_value) < 0) { + if (errno =3D=3D ENOSYS || errno =3D=3D ENOTSUP) { + return -2; + } else if (errno !=3D ENODATA) { + virReportSystemError(errno, + _("Unable to get XATTR %s on %s"), + attr_name, src); + return -1; + } + } + if (ref_value && virFileRemoveXAttr(src, ref_name) < 0) { return -1; @@ -303,6 +491,11 @@ virSecurityMoveRememberedLabel(const char *name, return -1; } =20 + if (timestamp_value && + virFileRemoveXAttr(src, timestamp_name) < 0) { + return -1; + } + if (dst) { if (ref_value && virFileSetXAttr(dst, ref_name, ref_value) < 0) { @@ -314,6 +507,13 @@ virSecurityMoveRememberedLabel(const char *name, ignore_value(virFileRemoveXAttr(dst, ref_name)); return -1; } + + if (timestamp_value && + virFileSetXAttr(dst, timestamp_name, timestamp_value) < 0) { + ignore_value(virFileRemoveXAttr(dst, ref_name)); + ignore_value(virFileRemoveXAttr(dst, attr_name)); + return -1; + } } =20 return 0; diff --git a/tests/qemusecuritymock.c b/tests/qemusecuritymock.c index a15eef29c9..373d64305a 100644 --- a/tests/qemusecuritymock.c +++ b/tests/qemusecuritymock.c @@ -32,6 +32,7 @@ #include "viralloc.h" #include "qemusecuritytest.h" #include "security/security_manager.h" +#include "virhostuptime.h" =20 #define VIR_FROM_THIS VIR_FROM_NONE =20 @@ -488,3 +489,14 @@ virProcessRunInFork(virProcessForkCallback cb, { return cb(-1, opaque); } + + +/* We don't really need to mock this function. The qemusecuritytest doesn't + * care about the actual value. However, travis runs build and tests in a + * container where utmp is missing and thus this function fails. */ +int +virHostGetBootTime(unsigned long long *when) +{ + *when =3D 1234567890; + return 0; +} --=20 2.21.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list