From nobody Sat Feb  7 18:15:56 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1568625142; cv=none;
	d=zoho.com; s=zohoarc;
	b=nvNWrs8+6/l30kA7CyTA3r6WhoVsH/NthH2SyhIeGGvvBtuU9JLigdwKvQy1kbKk7ugrGQbZ0fC/sc3hd3723xHJncoL6q1S02jSdfNQggMXpOYM9ZQmEx9C1csJw1yhyelal7AQv8Th+viJKQM+xT7LzOySLzYyG22N4yWJB2s=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com;
 s=zohoarc;
	t=1568625142;
 h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results;
	bh=LtagmiUzQQr4X6mlfImkMeQOF9spYuxv4xppI7rcqJ8=;
	b=TnUKZNrJpqb5vbOtWAcRsMskdLznAHkaf657RBvzjGBMgN+I8Ywnut0UhQm/kZeBf1+u0w+YdIk0TXeqhNNNroqiR33Qmg55JARlTPM17SXq6EqKMtn5jh+Jbs+5rpkwyM5lz4wBwlUIKDeHKAYKxS+p1QPQs36PIc6cgyfeILg=
ARC-Authentication-Results: i=1; mx.zoho.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from=<mprivozn@redhat.com> (p=none dis=none)
 header.from=<mprivozn@redhat.com>
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 156862514215651.23265629158607;
 Mon, 16 Sep 2019 02:12:22 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com
 [10.5.11.12])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id 17B52308FBB1;
	Mon, 16 Sep 2019 09:12:20 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id DDEBB60BF3;
	Mon, 16 Sep 2019 09:12:19 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 89B2E4E58C;
	Mon, 16 Sep 2019 09:12:19 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com
	[10.5.11.15])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id x8G9CDVj015485 for <libvir-list@listman.util.phx.redhat.com>;
	Mon, 16 Sep 2019 05:12:13 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id 92B9D5B69A; Mon, 16 Sep 2019 09:12:13 +0000 (UTC)
Received: from moe.brq.redhat.com (unknown [10.43.2.30])
	by smtp.corp.redhat.com (Postfix) with ESMTP id EA3D861559
	for <libvir-list@redhat.com>; Mon, 16 Sep 2019 09:12:12 +0000 (UTC)
From: Michal Privoznik <mprivozn@redhat.com>
To: libvir-list@redhat.com
Date: Mon, 16 Sep 2019 11:12:04 +0200
Message-Id: 
 <8767a56040bc80b223161e1a77bf08f63db59284.1568625088.git.mprivozn@redhat.com>
In-Reply-To: <cover.1568625088.git.mprivozn@redhat.com>
References: <cover.1568625088.git.mprivozn@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
X-loop: libvir-list@redhat.com
Subject: [libvirt] [PATCH 1/5] security: Pass @migrated to
	virSecurityManagerSetAllLabel
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.43]);
 Mon, 16 Sep 2019 09:12:20 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"

In upcoming commits, virSecurityManagerSetAllLabel() will perform
rollback in case of failure by calling
virSecurityManagerRestoreAllLabel(). But in order to do that, the
former needs to have @migrated argument so that it can be passed
to the latter.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Cole Robinson <crobinso@redhat.com>
---
 src/lxc/lxc_process.c            | 2 +-
 src/qemu/qemu_process.c          | 3 ++-
 src/qemu/qemu_security.c         | 6 ++++--
 src/qemu/qemu_security.h         | 3 ++-
 src/security/security_apparmor.c | 3 ++-
 src/security/security_dac.c      | 3 ++-
 src/security/security_driver.h   | 3 ++-
 src/security/security_manager.c  | 6 ++++--
 src/security/security_manager.h  | 3 ++-
 src/security/security_nop.c      | 3 ++-
 src/security/security_selinux.c  | 3 ++-
 src/security/security_stack.c    | 6 ++++--
 tests/qemusecuritytest.c         | 2 +-
 tests/securityselinuxlabeltest.c | 2 +-
 14 files changed, 31 insertions(+), 17 deletions(-)

diff --git a/src/lxc/lxc_process.c b/src/lxc/lxc_process.c
index cbdc7b1268..65775424cb 100644
--- a/src/lxc/lxc_process.c
+++ b/src/lxc/lxc_process.c
@@ -1346,7 +1346,7 @@ int virLXCProcessStart(virConnectPtr conn,
=20
     VIR_DEBUG("Setting domain security labels");
     if (virSecurityManagerSetAllLabel(driver->securityManager,
-                                      vm->def, NULL, false) < 0)
+                                      vm->def, NULL, false, false) < 0)
         goto cleanup;
=20
     VIR_DEBUG("Setting up consoles");
diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
index 955ba4de4c..4348a6dd36 100644
--- a/src/qemu/qemu_process.c
+++ b/src/qemu/qemu_process.c
@@ -6937,7 +6937,8 @@ qemuProcessLaunch(virConnectPtr conn,
     VIR_DEBUG("Setting domain security labels");
     if (qemuSecuritySetAllLabel(driver,
                                 vm,
-                                incoming ? incoming->path : NULL) < 0)
+                                incoming ? incoming->path : NULL,
+                                incoming !=3D NULL) < 0)
         goto cleanup;
=20
     /* Security manager labeled all devices, therefore
diff --git a/src/qemu/qemu_security.c b/src/qemu/qemu_security.c
index 91dd34f0e7..f4e815e966 100644
--- a/src/qemu/qemu_security.c
+++ b/src/qemu/qemu_security.c
@@ -32,7 +32,8 @@ VIR_LOG_INIT("qemu.qemu_process");
 int
 qemuSecuritySetAllLabel(virQEMUDriverPtr driver,
                         virDomainObjPtr vm,
-                        const char *stdin_path)
+                        const char *stdin_path,
+                        bool migrated)
 {
     int ret =3D -1;
     qemuDomainObjPrivatePtr priv =3D vm->privateData;
@@ -47,7 +48,8 @@ qemuSecuritySetAllLabel(virQEMUDriverPtr driver,
     if (virSecurityManagerSetAllLabel(driver->securityManager,
                                       vm->def,
                                       stdin_path,
-                                      priv->chardevStdioLogd) < 0)
+                                      priv->chardevStdioLogd,
+                                      migrated) < 0)
         goto cleanup;
=20
     if (virSecurityManagerTransactionCommit(driver->securityManager,
diff --git a/src/qemu/qemu_security.h b/src/qemu/qemu_security.h
index 224a4d61c9..29908141ba 100644
--- a/src/qemu/qemu_security.h
+++ b/src/qemu/qemu_security.h
@@ -26,7 +26,8 @@
=20
 int qemuSecuritySetAllLabel(virQEMUDriverPtr driver,
                             virDomainObjPtr vm,
-                            const char *stdin_path);
+                            const char *stdin_path,
+                            bool migrated);
=20
 void qemuSecurityRestoreAllLabel(virQEMUDriverPtr driver,
                                  virDomainObjPtr vm,
diff --git a/src/security/security_apparmor.c b/src/security/security_appar=
mor.c
index 77eee9410c..699590ee00 100644
--- a/src/security/security_apparmor.c
+++ b/src/security/security_apparmor.c
@@ -488,7 +488,8 @@ static int
 AppArmorSetSecurityAllLabel(virSecurityManagerPtr mgr,
                             virDomainDefPtr def,
                             const char *stdin_path,
-                            bool chardevStdioLogd ATTRIBUTE_UNUSED)
+                            bool chardevStdioLogd ATTRIBUTE_UNUSED,
+                            bool migrated ATTRIBUTE_UNUSED)
 {
     virSecurityLabelDefPtr secdef =3D virDomainDefGetSecurityLabelDef(def,
                                                     SECURITY_APPARMOR_NAME=
);
diff --git a/src/security/security_dac.c b/src/security/security_dac.c
index 4b4afef18a..9e71513f14 100644
--- a/src/security/security_dac.c
+++ b/src/security/security_dac.c
@@ -1983,7 +1983,8 @@ static int
 virSecurityDACSetAllLabel(virSecurityManagerPtr mgr,
                           virDomainDefPtr def,
                           const char *stdin_path ATTRIBUTE_UNUSED,
-                          bool chardevStdioLogd)
+                          bool chardevStdioLogd,
+                          bool migrated ATTRIBUTE_UNUSED)
 {
     virSecurityDACDataPtr priv =3D virSecurityManagerGetPrivateData(mgr);
     virSecurityLabelDefPtr secdef;
diff --git a/src/security/security_driver.h b/src/security/security_driver.h
index b4ffed29ec..3353955813 100644
--- a/src/security/security_driver.h
+++ b/src/security/security_driver.h
@@ -83,7 +83,8 @@ typedef int (*virSecurityDomainReleaseLabel) (virSecurity=
ManagerPtr mgr,
 typedef int (*virSecurityDomainSetAllLabel) (virSecurityManagerPtr mgr,
                                              virDomainDefPtr sec,
                                              const char *stdin_path,
-                                             bool chardevStdioLogd);
+                                             bool chardevStdioLogd,
+                                             bool migrated);
 typedef int (*virSecurityDomainRestoreAllLabel) (virSecurityManagerPtr mgr,
                                                  virDomainDefPtr def,
                                                  bool migrated,
diff --git a/src/security/security_manager.c b/src/security/security_manage=
r.c
index 7c905f0785..a04d2d848d 100644
--- a/src/security/security_manager.c
+++ b/src/security/security_manager.c
@@ -852,13 +852,15 @@ int
 virSecurityManagerSetAllLabel(virSecurityManagerPtr mgr,
                               virDomainDefPtr vm,
                               const char *stdin_path,
-                              bool chardevStdioLogd)
+                              bool chardevStdioLogd,
+                              bool migrated)
 {
     if (mgr->drv->domainSetSecurityAllLabel) {
         int ret;
         virObjectLock(mgr);
         ret =3D mgr->drv->domainSetSecurityAllLabel(mgr, vm, stdin_path,
-                                                  chardevStdioLogd);
+                                                  chardevStdioLogd,
+                                                  migrated);
         virObjectUnlock(mgr);
         return ret;
     }
diff --git a/src/security/security_manager.h b/src/security/security_manage=
r.h
index 0d2375b263..1d4928fae3 100644
--- a/src/security/security_manager.h
+++ b/src/security/security_manager.h
@@ -121,7 +121,8 @@ int virSecurityManagerCheckAllLabel(virSecurityManagerP=
tr mgr,
 int virSecurityManagerSetAllLabel(virSecurityManagerPtr mgr,
                                   virDomainDefPtr sec,
                                   const char *stdin_path,
-                                  bool chardevStdioLogd);
+                                  bool chardevStdioLogd,
+                                  bool migrated);
 int virSecurityManagerRestoreAllLabel(virSecurityManagerPtr mgr,
                                       virDomainDefPtr def,
                                       bool migrated,
diff --git a/src/security/security_nop.c b/src/security/security_nop.c
index 966b9d41a1..96cdac03d8 100644
--- a/src/security/security_nop.c
+++ b/src/security/security_nop.c
@@ -136,7 +136,8 @@ static int
 virSecurityDomainSetAllLabelNop(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
                                 virDomainDefPtr sec ATTRIBUTE_UNUSED,
                                 const char *stdin_path ATTRIBUTE_UNUSED,
-                                bool chardevStdioLogd ATTRIBUTE_UNUSED)
+                                bool chardevStdioLogd ATTRIBUTE_UNUSED,
+                                bool migrated ATTRIBUTE_UNUSED)
 {
     return 0;
 }
diff --git a/src/security/security_selinux.c b/src/security/security_selinu=
x.c
index e879fa39ab..df0523abeb 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -3104,7 +3104,8 @@ static int
 virSecuritySELinuxSetAllLabel(virSecurityManagerPtr mgr,
                               virDomainDefPtr def,
                               const char *stdin_path,
-                              bool chardevStdioLogd)
+                              bool chardevStdioLogd,
+                              bool migrated ATTRIBUTE_UNUSED)
 {
     size_t i;
     virSecuritySELinuxDataPtr data =3D virSecurityManagerGetPrivateData(mg=
r);
diff --git a/src/security/security_stack.c b/src/security/security_stack.c
index d445c0773e..dd055075cb 100644
--- a/src/security/security_stack.c
+++ b/src/security/security_stack.c
@@ -316,7 +316,8 @@ static int
 virSecurityStackSetAllLabel(virSecurityManagerPtr mgr,
                             virDomainDefPtr vm,
                             const char *stdin_path,
-                            bool chardevStdioLogd)
+                            bool chardevStdioLogd,
+                            bool migrated)
 {
     virSecurityStackDataPtr priv =3D virSecurityManagerGetPrivateData(mgr);
     virSecurityStackItemPtr item =3D priv->itemsHead;
@@ -324,7 +325,8 @@ virSecurityStackSetAllLabel(virSecurityManagerPtr mgr,
=20
     for (; item; item =3D item->next) {
         if (virSecurityManagerSetAllLabel(item->securityManager, vm,
-                                          stdin_path, chardevStdioLogd) < =
0)
+                                          stdin_path, chardevStdioLogd,
+                                          migrated) < 0)
             rc =3D -1;
     }
=20
diff --git a/tests/qemusecuritytest.c b/tests/qemusecuritytest.c
index 2d88979168..9efc15c105 100644
--- a/tests/qemusecuritytest.c
+++ b/tests/qemusecuritytest.c
@@ -116,7 +116,7 @@ testDomain(const void *opaque)
     if (setenv(ENVVAR, "1", 0) < 0)
         return -1;
=20
-    if (qemuSecuritySetAllLabel(data->driver, vm, NULL) < 0)
+    if (qemuSecuritySetAllLabel(data->driver, vm, NULL, false) < 0)
         goto cleanup;
=20
     qemuSecurityRestoreAllLabel(data->driver, vm, false);
diff --git a/tests/securityselinuxlabeltest.c b/tests/securityselinuxlabelt=
est.c
index 8c3cb29c41..6f9b5c0e70 100644
--- a/tests/securityselinuxlabeltest.c
+++ b/tests/securityselinuxlabeltest.c
@@ -310,7 +310,7 @@ testSELinuxLabeling(const void *opaque)
     if (!(def =3D testSELinuxLoadDef(testname)))
         goto cleanup;
=20
-    if (virSecurityManagerSetAllLabel(mgr, def, NULL, false) < 0)
+    if (virSecurityManagerSetAllLabel(mgr, def, NULL, false, false) < 0)
         goto cleanup;
=20
     if (testSELinuxCheckLabels(files, nfiles) < 0)
--=20
2.21.0

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
From nobody Sat Feb  7 18:15:56 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1568625146; cv=none;
	d=zoho.com; s=zohoarc;
	b=kbaFp5dhkE2gN6wEyjKD1rJa5LT8SBZ19VDPasBPgd3WxGJ3Q78514bAclNe7wQ3XwnI1UAy+8ZA491uOE478l37U6SKNR+VT4H9WMh7K8cwILrrspPv9yOnNrOWn8ecK09iU4TZa14RmkxWCWTOZ4HLqkURW5AmYbuaVfUMtrQ=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com;
 s=zohoarc;
	t=1568625146;
 h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results;
	bh=6iC3cZZ7vsXrVGkdizQyVa7pN7+Ha0OEh+QbsZZIapc=;
	b=PC5Vg6Q4X/jdEk+paxoSo/1NMBi1v9/IRNCAyzYcLiMrKgSFqmqG5j8JBwnurVQv3ra8uyCY0JubcJUJKdCIFNXtpQoYD9s1jg48aDaEa0McCHIjjeHqQbQqOCUioJxa6BXGmtpeis8ONuaSppoYNNc+ScrD24khAkCt1YeKaGY=
ARC-Authentication-Results: i=1; mx.zoho.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from=<mprivozn@redhat.com> (p=none dis=none)
 header.from=<mprivozn@redhat.com>
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1568625146031489.3773801246273;
 Mon, 16 Sep 2019 02:12:26 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com
 [10.5.11.13])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id 39C4A18C4280;
	Mon, 16 Sep 2019 09:12:24 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 0D13060624;
	Mon, 16 Sep 2019 09:12:24 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id BE0494EA66;
	Mon, 16 Sep 2019 09:12:23 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com
	[10.5.11.15])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id x8G9CEAP015497 for <libvir-list@listman.util.phx.redhat.com>;
	Mon, 16 Sep 2019 05:12:14 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id 61C5A61559; Mon, 16 Sep 2019 09:12:14 +0000 (UTC)
Received: from moe.brq.redhat.com (unknown [10.43.2.30])
	by smtp.corp.redhat.com (Postfix) with ESMTP id DFB1E5B69A
	for <libvir-list@redhat.com>; Mon, 16 Sep 2019 09:12:13 +0000 (UTC)
From: Michal Privoznik <mprivozn@redhat.com>
To: libvir-list@redhat.com
Date: Mon, 16 Sep 2019 11:12:05 +0200
Message-Id: 
 <9f0a0ba77eb81b2f0397d96add0cfb9ea4a20387.1568625088.git.mprivozn@redhat.com>
In-Reply-To: <cover.1568625088.git.mprivozn@redhat.com>
References: <cover.1568625088.git.mprivozn@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
X-loop: libvir-list@redhat.com
Subject: [libvirt] [PATCH 2/5] security: Rename
	virSecurityManagerGetDriver() to virSecurityManagerGetVirtDriver()
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.6.2 (mx1.redhat.com [10.5.110.62]);
 Mon, 16 Sep 2019 09:12:24 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"

This function is in fact returning the name of the virtualization
driver that registered the security manager/driver.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Cole Robinson <crobinso@redhat.com>
---
 src/security/security_manager.c | 4 ++--
 src/security/security_manager.h | 2 +-
 src/security/security_selinux.c | 6 +++---
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/src/security/security_manager.c b/src/security/security_manage=
r.c
index a04d2d848d..c513740a13 100644
--- a/src/security/security_manager.c
+++ b/src/security/security_manager.c
@@ -114,7 +114,7 @@ virSecurityManagerNewStack(virSecurityManagerPtr primar=
y)
 {
     virSecurityManagerPtr mgr =3D
         virSecurityManagerNewDriver(&virSecurityDriverStack,
-                                    virSecurityManagerGetDriver(primary),
+                                    virSecurityManagerGetVirtDriver(primar=
y),
                                     primary->flags);
=20
     if (!mgr)
@@ -326,7 +326,7 @@ virSecurityManagerGetPrivateData(virSecurityManagerPtr =
mgr)
=20
=20
 const char *
-virSecurityManagerGetDriver(virSecurityManagerPtr mgr)
+virSecurityManagerGetVirtDriver(virSecurityManagerPtr mgr)
 {
     return mgr->virtDriver;
 }
diff --git a/src/security/security_manager.h b/src/security/security_manage=
r.h
index 1d4928fae3..306de92978 100644
--- a/src/security/security_manager.h
+++ b/src/security/security_manager.h
@@ -80,7 +80,7 @@ void virSecurityManagerTransactionAbort(virSecurityManage=
rPtr mgr);
=20
 void *virSecurityManagerGetPrivateData(virSecurityManagerPtr mgr);
=20
-const char *virSecurityManagerGetDriver(virSecurityManagerPtr mgr);
+const char *virSecurityManagerGetVirtDriver(virSecurityManagerPtr mgr);
 const char *virSecurityManagerGetDOI(virSecurityManagerPtr mgr);
 const char *virSecurityManagerGetModel(virSecurityManagerPtr mgr);
 const char *virSecurityManagerGetBaseLabel(virSecurityManagerPtr mgr, int =
virtType);
diff --git a/src/security/security_selinux.c b/src/security/security_selinu=
x.c
index df0523abeb..7263af50b8 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -791,7 +791,7 @@ virSecuritySELinuxQEMUInitialize(virSecurityManagerPtr =
mgr)
 static int
 virSecuritySELinuxInitialize(virSecurityManagerPtr mgr)
 {
-    VIR_DEBUG("SELinuxInitialize %s", virSecurityManagerGetDriver(mgr));
+    VIR_DEBUG("SELinuxInitialize %s", virSecurityManagerGetVirtDriver(mgr)=
);
=20
     if (virThreadLocalInit(&contextList,
                            virSecuritySELinuxContextListFree) < 0) {
@@ -800,7 +800,7 @@ virSecuritySELinuxInitialize(virSecurityManagerPtr mgr)
         return -1;
     }
=20
-    if (STREQ(virSecurityManagerGetDriver(mgr),  "LXC")) {
+    if (STREQ(virSecurityManagerGetVirtDriver(mgr), "LXC")) {
         return virSecuritySELinuxLXCInitialize(mgr);
     } else {
         return virSecuritySELinuxQEMUInitialize(mgr);
@@ -829,7 +829,7 @@ virSecuritySELinuxGenLabel(virSecurityManagerPtr mgr,
=20
     data =3D virSecurityManagerGetPrivateData(mgr);
=20
-    VIR_DEBUG("label=3D%s", virSecurityManagerGetDriver(mgr));
+    VIR_DEBUG("label=3D%s", virSecurityManagerGetVirtDriver(mgr));
     if (seclabel->type =3D=3D VIR_DOMAIN_SECLABEL_DYNAMIC &&
         seclabel->label) {
         virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
--=20
2.21.0

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
From nobody Sat Feb  7 18:15:56 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1568625149; cv=none;
	d=zoho.com; s=zohoarc;
	b=YOj5/9Y8O0kA8+BYudKJkaITKq8gZH0pEdR7yTqD97YnHgejzC4FX5A6FKgpRhBdB2k41UBPCm9etMUGFIaVRMEPX2XJ5u4u1OXzwMWOb5dEQbsQi2++wa56/pvLTM1xsW2DPF2kfdn4TvtClDAH7zcszov8yO7+AFmpsV/yPR4=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com;
 s=zohoarc;
	t=1568625149;
 h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results;
	bh=IqWJ0a512i5lga2ZUIQlTzs3ocaAD87DmB3RDoNljKw=;
	b=gvg8lRVqiBdLMuK/2YuWm723AQbA7eAD+qvVUBS2B9rFJTPUZDcAyVu6iV+U0zPyTq7cOmRxv/QeLpFTtnNUyM8g7xsuxmIOLzRwCRo9EJoV92OFaV1lDPK8SUYDeHl+kxm4sH4w8dKnb0jSytNWMywFuCo2LUT1Pb/b31aYNJE=
ARC-Authentication-Results: i=1; mx.zoho.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from=<mprivozn@redhat.com> (p=none dis=none)
 header.from=<mprivozn@redhat.com>
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1568625149581476.52893119224893;
 Mon, 16 Sep 2019 02:12:29 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com
 [10.5.11.15])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id B19473084037;
	Mon, 16 Sep 2019 09:12:27 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 8D55A61F22;
	Mon, 16 Sep 2019 09:12:27 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 53887180B536;
	Mon, 16 Sep 2019 09:12:27 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com
	[10.5.11.15])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id x8G9CFxa015505 for <libvir-list@listman.util.phx.redhat.com>;
	Mon, 16 Sep 2019 05:12:15 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id 320AA5B69A; Mon, 16 Sep 2019 09:12:15 +0000 (UTC)
Received: from moe.brq.redhat.com (unknown [10.43.2.30])
	by smtp.corp.redhat.com (Postfix) with ESMTP id AEAE061559
	for <libvir-list@redhat.com>; Mon, 16 Sep 2019 09:12:14 +0000 (UTC)
From: Michal Privoznik <mprivozn@redhat.com>
To: libvir-list@redhat.com
Date: Mon, 16 Sep 2019 11:12:06 +0200
Message-Id: 
 <ee7c072ad68cc8b42c2f4d4c5ddebf9a353cad0f.1568625088.git.mprivozn@redhat.com>
In-Reply-To: <cover.1568625088.git.mprivozn@redhat.com>
References: <cover.1568625088.git.mprivozn@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
X-loop: libvir-list@redhat.com
Subject: [libvirt] [PATCH 3/5] security: Introduce
	virSecurityManagerGetDriver()
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.40]);
 Mon, 16 Sep 2019 09:12:28 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"

This function returns the name of the secdriver. Since the name
is invariant we don't really need to lock the manager - it won't
change.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Cole Robinson <crobinso@redhat.com>
---
 src/security/security_manager.c | 7 +++++++
 src/security/security_manager.h | 1 +
 2 files changed, 8 insertions(+)

diff --git a/src/security/security_manager.c b/src/security/security_manage=
r.c
index c513740a13..99281821d9 100644
--- a/src/security/security_manager.c
+++ b/src/security/security_manager.c
@@ -332,6 +332,13 @@ virSecurityManagerGetVirtDriver(virSecurityManagerPtr =
mgr)
 }
=20
=20
+const char *
+virSecurityManagerGetDriver(virSecurityManagerPtr mgr)
+{
+    return mgr->drv->name;
+}
+
+
 const char *
 virSecurityManagerGetDOI(virSecurityManagerPtr mgr)
 {
diff --git a/src/security/security_manager.h b/src/security/security_manage=
r.h
index 306de92978..f835356b7e 100644
--- a/src/security/security_manager.h
+++ b/src/security/security_manager.h
@@ -80,6 +80,7 @@ void virSecurityManagerTransactionAbort(virSecurityManage=
rPtr mgr);
=20
 void *virSecurityManagerGetPrivateData(virSecurityManagerPtr mgr);
=20
+const char *virSecurityManagerGetDriver(virSecurityManagerPtr mgr);
 const char *virSecurityManagerGetVirtDriver(virSecurityManagerPtr mgr);
 const char *virSecurityManagerGetDOI(virSecurityManagerPtr mgr);
 const char *virSecurityManagerGetModel(virSecurityManagerPtr mgr);
--=20
2.21.0

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
From nobody Sat Feb  7 18:15:56 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1568625152; cv=none;
	d=zoho.com; s=zohoarc;
	b=Psncl7TNwi+i6GM/SebeqDa7C5Oq6/wtwMZrokRvf2O4ldmmsl7SaYZ4XZPCswdsYapezd1rJlKjVAs45WVlumcp7Du7HfBKz2e378mG3o8PjOtYxwEW+29gurEiCvZty/AmCYhxHt5jld5bm7L7SQHKPwPFPlo182LbCztopdQ=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com;
 s=zohoarc;
	t=1568625152;
 h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results;
	bh=abJiyzZRDrnRbYQhl4ulMwinyEadudaAnPqBVGXrXM0=;
	b=SzEK3bRxwuKlI2E46mjJvnocbgKWhcwfvhj9K4Wq+EJ/4wuymhJBuQrWujInfG9NO7vePjsVwKiUID7V+GgRSwLAtA4RSQveagoEwu/+T9dwDW5Q0m1uhzg0HObj9E9QKAFeRoRc7Luy/FOZMd6VzAaCvF6rtZJL6bxBga6iErY=
ARC-Authentication-Results: i=1; mx.zoho.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from=<mprivozn@redhat.com> (p=none dis=none)
 header.from=<mprivozn@redhat.com>
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1568625152997418.9513202385946;
 Mon, 16 Sep 2019 02:12:32 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com
 [10.5.11.14])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id 7146610DCC93;
	Mon, 16 Sep 2019 09:12:31 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 505C95DA8D;
	Mon, 16 Sep 2019 09:12:31 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 0E9061803B37;
	Mon, 16 Sep 2019 09:12:31 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com
	[10.5.11.15])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id x8G9CGEc015519 for <libvir-list@listman.util.phx.redhat.com>;
	Mon, 16 Sep 2019 05:12:16 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id 0D5785D6B2; Mon, 16 Sep 2019 09:12:16 +0000 (UTC)
Received: from moe.brq.redhat.com (unknown [10.43.2.30])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 89B7566A00
	for <libvir-list@redhat.com>; Mon, 16 Sep 2019 09:12:15 +0000 (UTC)
From: Michal Privoznik <mprivozn@redhat.com>
To: libvir-list@redhat.com
Date: Mon, 16 Sep 2019 11:12:07 +0200
Message-Id: 
 <f4b26d0c2bd27fc69026ccf62ecb8c6659b1536f.1568625088.git.mprivozn@redhat.com>
In-Reply-To: <cover.1568625088.git.mprivozn@redhat.com>
References: <cover.1568625088.git.mprivozn@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
X-loop: libvir-list@redhat.com
Subject: [libvirt] [PATCH 4/5] security_stack: Turn list of nested drivers
	into a doubly linked list
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.6.2 (mx1.redhat.com [10.5.110.64]);
 Mon, 16 Sep 2019 09:12:31 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"

In near future we will need to walk through the list of internal
drivers in reversed order. The simplest solution is to turn
singly linked list into a doubly linked list.
We will not need to start from the end really, so there's no tail
pointer kept.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Cole Robinson <crobinso@redhat.com>
---
 src/security/security_stack.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/security/security_stack.c b/src/security/security_stack.c
index dd055075cb..51a8b76748 100644
--- a/src/security/security_stack.c
+++ b/src/security/security_stack.c
@@ -35,6 +35,7 @@ typedef virSecurityStackItem *virSecurityStackItemPtr;
 struct _virSecurityStackItem {
     virSecurityManagerPtr securityManager;
     virSecurityStackItemPtr next;
+    virSecurityStackItemPtr prev;
 };
=20
 struct _virSecurityStackData {
@@ -56,6 +57,7 @@ virSecurityStackAddNested(virSecurityManagerPtr mgr,
     if (VIR_ALLOC(item) < 0)
         return -1;
     item->securityManager =3D nested;
+    item->prev =3D tmp;
     if (tmp)
         tmp->next =3D item;
     else
--=20
2.21.0

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
From nobody Sat Feb  7 18:15:56 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1568625142; cv=none;
	d=zoho.com; s=zohoarc;
	b=I9kJa5L9n8JSriQTI91GmXDmRYTkmQvD1bYYulG16Mn/Viqbz62SO6X9RA1dMRDmR+qQ2DS5/jBfZR+vMt808BAkgqehQyz/egKpYig8df+mClB/bns5P+pbXBgvkb05JUhisIK84/yCO0N+WdEIlUhnlA8iQVAE76lI9yszBBE=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com;
 s=zohoarc;
	t=1568625142;
 h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results;
	bh=g3T1i1rU+TpmdSNypABaGOlxbCDYkhIiuxGPWQM7XNY=;
	b=Tb8Af8iAQUS58pYVXRYQ2C1Pw2s/AI1pi4j4SkNFHtp7eTnLVQcXzNLiCFyINoZb9yYYhhNzZi+W3NE69Lw3Bx8nNATTb2/J6YjvnRsqNILyyjh/MKnWHZ5/db+btx7Us6BC2rIX3KIxROH+/6f6bqtuNRhO0J73syC5xIB2uBw=
ARC-Authentication-Results: i=1; mx.zoho.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from=<mprivozn@redhat.com> (p=none dis=none)
 header.from=<mprivozn@redhat.com>
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1568625142142981.3205400746876;
 Mon, 16 Sep 2019 02:12:22 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com
 [10.5.11.12])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id 3214BA26673;
	Mon, 16 Sep 2019 09:12:20 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 045DC60CD0;
	Mon, 16 Sep 2019 09:12:20 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id AB2C7180B536;
	Mon, 16 Sep 2019 09:12:19 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com
	[10.5.11.15])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id x8G9CHvb015524 for <libvir-list@listman.util.phx.redhat.com>;
	Mon, 16 Sep 2019 05:12:17 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id 00F735D772; Mon, 16 Sep 2019 09:12:17 +0000 (UTC)
Received: from moe.brq.redhat.com (unknown [10.43.2.30])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 585E25D6B2
	for <libvir-list@redhat.com>; Mon, 16 Sep 2019 09:12:16 +0000 (UTC)
From: Michal Privoznik <mprivozn@redhat.com>
To: libvir-list@redhat.com
Date: Mon, 16 Sep 2019 11:12:08 +0200
Message-Id: 
 <4bba0e69e26d596606f75acb05c9f0dec388c97e.1568625088.git.mprivozn@redhat.com>
In-Reply-To: <cover.1568625088.git.mprivozn@redhat.com>
References: <cover.1568625088.git.mprivozn@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
X-loop: libvir-list@redhat.com
Subject: [libvirt] [PATCH 5/5] security_stack: Perform rollback if one of
	stacked drivers fails
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.6.2 (mx1.redhat.com [10.5.110.68]);
 Mon, 16 Sep 2019 09:12:20 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"

In order to have multiple security drivers hidden under one
virSecurity* call, we have virSecurityStack driver which holds a
list of registered security drivers and for every virSecurity*
call it iterates over the list and calls corresponding callback
in real security drivers. For instance, for
virSecurityManagerSetAllLabel() it calls
domainSetSecurityAllLabel callback sequentially in NOP, DAC and
(possibly) SELinux or AppArmor drivers. This works just fine if
the callback from every driver returns success. Problem arises
when one of the drivers fails. For instance, aforementioned
SetAllLabel() succeeds for DAC but fails in SELinux in which
case all files that DAC relabelled are now owned by qemu:qemu (or
whomever runs qemu) and thus permissions are leaked. This is even
more visible with XATTRs which remain set for DAC.

The solution is to perform a rollback on failure, i.e. call
opposite action on drivers that succeeded.

I'm providing rollback only for set calls and intentionally
omitting restore calls for two reasons:

1) restore calls are less likely to fail (they merely remove
XATTRs and chown()/setfilecon() file - all of these operations
succeeded in set call),

2) we are not really interested in restore failures - in a very
few places we check for retval of a restore function we do so
only to print a warning.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Cole Robinson <crobinso@redhat.com>
---
 src/security/security_stack.c | 212 ++++++++++++++++++++++++++++------
 1 file changed, 176 insertions(+), 36 deletions(-)

diff --git a/src/security/security_stack.c b/src/security/security_stack.c
index 51a8b76748..f27b09265c 100644
--- a/src/security/security_stack.c
+++ b/src/security/security_stack.c
@@ -24,8 +24,10 @@
=20
 #include "virerror.h"
 #include "viralloc.h"
+#include "virlog.h"
=20
 #define VIR_FROM_THIS VIR_FROM_SECURITY
+VIR_LOG_INIT("security.security_stack");
=20
 typedef struct _virSecurityStackData virSecurityStackData;
 typedef virSecurityStackData *virSecurityStackDataPtr;
@@ -145,14 +147,18 @@ virSecurityStackTransactionStart(virSecurityManagerPt=
r mgr)
 {
     virSecurityStackDataPtr priv =3D virSecurityManagerGetPrivateData(mgr);
     virSecurityStackItemPtr item =3D priv->itemsHead;
-    int rc =3D 0;
=20
     for (; item; item =3D item->next) {
         if (virSecurityManagerTransactionStart(item->securityManager) < 0)
-            rc =3D -1;
+            goto rollback;
     }
=20
-    return rc;
+    return 0;
+
+ rollback:
+    for (item =3D item->prev; item; item =3D item->prev)
+        virSecurityManagerTransactionAbort(item->securityManager);
+    return -1;
 }
=20
=20
@@ -163,14 +169,18 @@ virSecurityStackTransactionCommit(virSecurityManagerP=
tr mgr,
 {
     virSecurityStackDataPtr priv =3D virSecurityManagerGetPrivateData(mgr);
     virSecurityStackItemPtr item =3D priv->itemsHead;
-    int rc =3D 0;
=20
     for (; item; item =3D item->next) {
         if (virSecurityManagerTransactionCommit(item->securityManager, pid=
, lock) < 0)
-            rc =3D -1;
+            goto rollback;
     }
=20
-    return rc;
+    return 0;
+
+ rollback:
+    for (item =3D item->prev; item; item =3D item->prev)
+        virSecurityManagerTransactionAbort(item->securityManager);
+    return -1;
 }
=20
=20
@@ -278,17 +288,31 @@ virSecurityStackSetHostdevLabel(virSecurityManagerPtr=
 mgr,
 {
     virSecurityStackDataPtr priv =3D virSecurityManagerGetPrivateData(mgr);
     virSecurityStackItemPtr item =3D priv->itemsHead;
-    int rc =3D 0;
=20
     for (; item; item =3D item->next) {
         if (virSecurityManagerSetHostdevLabel(item->securityManager,
                                               vm,
                                               dev,
                                               vroot) < 0)
-            rc =3D -1;
+            goto rollback;
     }
=20
-    return rc;
+    return 0;
+
+ rollback:
+    for (item =3D item->prev; item; item =3D item->prev) {
+        if (virSecurityManagerRestoreHostdevLabel(item->securityManager,
+                                                  vm,
+                                                  dev,
+                                                  vroot) < 0) {
+            VIR_WARN("Unable to restore hostdev label after failed set lab=
el "
+                     "call virDriver=3D%s driver=3D%s domain=3D%s hostdev=
=3D%p",
+                     virSecurityManagerGetVirtDriver(mgr),
+                     virSecurityManagerGetDriver(item->securityManager),
+                     vm->name, dev);
+        }
+    }
+    return -1;
 }
=20
=20
@@ -323,16 +347,30 @@ virSecurityStackSetAllLabel(virSecurityManagerPtr mgr,
 {
     virSecurityStackDataPtr priv =3D virSecurityManagerGetPrivateData(mgr);
     virSecurityStackItemPtr item =3D priv->itemsHead;
-    int rc =3D 0;
=20
     for (; item; item =3D item->next) {
         if (virSecurityManagerSetAllLabel(item->securityManager, vm,
                                           stdin_path, chardevStdioLogd,
                                           migrated) < 0)
-            rc =3D -1;
+            goto rollback;
     }
=20
-    return rc;
+    return 0;
+
+ rollback:
+    for (item =3D item->prev; item; item =3D item->prev) {
+        if (virSecurityManagerRestoreAllLabel(item->securityManager,
+                                              vm,
+                                              migrated,
+                                              chardevStdioLogd) < 0) {
+            VIR_WARN("Unable to restore all labels after failed set label =
call "
+                     "virDriver=3D%s driver=3D%s domain=3D%s migrated=3D%d=
",
+                     virSecurityManagerGetVirtDriver(mgr),
+                     virSecurityManagerGetDriver(item->securityManager),
+                     vm->name, migrated);
+        }
+    }
+    return -1;
 }
=20
=20
@@ -363,14 +401,27 @@ virSecurityStackSetSavedStateLabel(virSecurityManager=
Ptr mgr,
 {
     virSecurityStackDataPtr priv =3D virSecurityManagerGetPrivateData(mgr);
     virSecurityStackItemPtr item =3D priv->itemsHead;
-    int rc =3D 0;
=20
     for (; item; item =3D item->next) {
         if (virSecurityManagerSetSavedStateLabel(item->securityManager, vm=
, savefile) < 0)
-            rc =3D -1;
+            goto rollback;
     }
=20
-    return rc;
+    return 0;
+
+ rollback:
+    for (item =3D item->prev; item; item =3D item->prev) {
+        if (virSecurityManagerRestoreSavedStateLabel(item->securityManager,
+                                                     vm,
+                                                     savefile) < 0) {
+            VIR_WARN("Unable to restore saved state label after failed set=
 "
+                     "label call virDriver=3D%s driver=3D%s savefile=3D%s",
+                     virSecurityManagerGetVirtDriver(mgr),
+                     virSecurityManagerGetDriver(item->securityManager),
+                     savefile);
+        }
+    }
+    return -1;
 }
=20
=20
@@ -451,14 +502,25 @@ virSecurityStackSetDaemonSocketLabel(virSecurityManag=
erPtr mgr,
 {
     virSecurityStackDataPtr priv =3D virSecurityManagerGetPrivateData(mgr);
     virSecurityStackItemPtr item =3D priv->itemsHead;
-    int rc =3D 0;
=20
     for (; item; item =3D item->next) {
         if (virSecurityManagerSetDaemonSocketLabel(item->securityManager, =
vm) < 0)
-            rc =3D -1;
+            goto rollback;
     }
=20
-    return rc;
+    return 0;
+ rollback:
+    for (item =3D item->prev; item; item =3D item->prev) {
+        if (virSecurityManagerClearSocketLabel(item->securityManager,
+                                               vm) < 0) {
+            VIR_WARN("Unable to clear new daemon socket label after failed=
 "
+                     "set label call virDriver=3D%s driver=3D%s domain=3D%=
s",
+                     virSecurityManagerGetVirtDriver(mgr),
+                     virSecurityManagerGetDriver(item->securityManager),
+                     vm->name);
+        }
+    }
+    return -1;
 }
=20
=20
@@ -468,14 +530,25 @@ virSecurityStackSetSocketLabel(virSecurityManagerPtr =
mgr,
 {
     virSecurityStackDataPtr priv =3D virSecurityManagerGetPrivateData(mgr);
     virSecurityStackItemPtr item =3D priv->itemsHead;
-    int rc =3D 0;
=20
     for (; item; item =3D item->next) {
         if (virSecurityManagerSetSocketLabel(item->securityManager, vm) < =
0)
-            rc =3D -1;
+            goto rollback;
     }
=20
-    return rc;
+    return 0;
+ rollback:
+    for (item =3D item->prev; item; item =3D item->prev) {
+        if (virSecurityManagerClearSocketLabel(item->securityManager,
+                                               vm) < 0) {
+            VIR_WARN("Unable to clear new socket label after failed "
+                     "set label call virDriver=3D%s driver=3D%s domain=3D%=
s",
+                     virSecurityManagerGetVirtDriver(mgr),
+                     virSecurityManagerGetDriver(item->securityManager),
+                     vm->name);
+        }
+    }
+    return -1;
 }
=20
=20
@@ -573,15 +646,30 @@ virSecurityStackSetImageLabel(virSecurityManagerPtr m=
gr,
 {
     virSecurityStackDataPtr priv =3D virSecurityManagerGetPrivateData(mgr);
     virSecurityStackItemPtr item =3D priv->itemsHead;
-    int rc =3D 0;
=20
     for (; item; item =3D item->next) {
         if (virSecurityManagerSetImageLabel(item->securityManager, vm, src,
                                             flags) < 0)
-            rc =3D -1;
+            goto rollback;
     }
=20
-    return rc;
+    return 0;
+
+ rollback:
+    for (item =3D item->prev; item; item =3D item->prev) {
+        if (virSecurityManagerRestoreImageLabel(item->securityManager,
+                                                vm,
+                                                src,
+                                                flags) < 0) {
+            VIR_WARN("Unable to restore image label after failed set label=
 "
+                     "call virDriver=3D%s driver=3D%s domain=3D%s src=3D%p=
 (path=3D%s) "
+                     "flags=3D0x%x",
+                     virSecurityManagerGetVirtDriver(mgr),
+                     virSecurityManagerGetDriver(item->securityManager),
+                     vm->name, src, NULLSTR(src->path), flags);
+        }
+    }
+    return -1;
 }
=20
 static int
@@ -629,14 +717,27 @@ virSecurityStackSetMemoryLabel(virSecurityManagerPtr =
mgr,
 {
     virSecurityStackDataPtr priv =3D virSecurityManagerGetPrivateData(mgr);
     virSecurityStackItemPtr item =3D priv->itemsHead;
-    int rc =3D 0;
=20
     for (; item; item =3D item->next) {
         if (virSecurityManagerSetMemoryLabel(item->securityManager, vm, me=
m) < 0)
-            rc =3D -1;
+            goto rollback;
     }
=20
-    return rc;
+    return 0;
+
+ rollback:
+    for (item =3D item->prev; item; item =3D item->prev) {
+        if (virSecurityManagerRestoreMemoryLabel(item->securityManager,
+                                                 vm,
+                                                 mem) < 0) {
+            VIR_WARN("Unable to restore memory label after failed set labe=
l "
+                     "call virDriver=3D%s driver=3D%s domain=3D%s mem=3D%p=
",
+                     virSecurityManagerGetVirtDriver(mgr),
+                     virSecurityManagerGetDriver(item->securityManager),
+                     vm->name, mem);
+        }
+    }
+    return -1;
 }
=20
 static int
@@ -664,14 +765,27 @@ virSecurityStackSetInputLabel(virSecurityManagerPtr m=
gr,
 {
     virSecurityStackDataPtr priv =3D virSecurityManagerGetPrivateData(mgr);
     virSecurityStackItemPtr item =3D priv->itemsHead;
-    int rc =3D 0;
=20
     for (; item; item =3D item->next) {
         if (virSecurityManagerSetInputLabel(item->securityManager, vm, inp=
ut) < 0)
-            rc =3D -1;
+            goto rollback;
     }
=20
-    return rc;
+    return 0;
+
+ rollback:
+    for (item =3D item->prev; item; item =3D item->prev) {
+        if (virSecurityManagerRestoreInputLabel(item->securityManager,
+                                                vm,
+                                                input) < 0) {
+            VIR_WARN("Unable to restore input label after failed set label=
 "
+                     "call virDriver=3D%s driver=3D%s domain=3D%s input=3D=
%p",
+                     virSecurityManagerGetVirtDriver(mgr),
+                     virSecurityManagerGetDriver(item->securityManager),
+                     vm->name, input);
+        }
+    }
+    return -1;
 }
=20
 static int
@@ -719,16 +833,30 @@ virSecurityStackDomainSetChardevLabel(virSecurityMana=
gerPtr mgr,
 {
     virSecurityStackDataPtr priv =3D virSecurityManagerGetPrivateData(mgr);
     virSecurityStackItemPtr item =3D priv->itemsHead;
-    int rc =3D 0;
=20
     for (; item; item =3D item->next) {
         if (virSecurityManagerSetChardevLabel(item->securityManager,
                                               def, dev_source,
                                               chardevStdioLogd) < 0)
-            rc =3D -1;
+            goto rollback;
     }
=20
-    return rc;
+    return 0;
+
+ rollback:
+    for (item =3D item->prev; item; item =3D item->prev) {
+        if (virSecurityManagerRestoreChardevLabel(item->securityManager,
+                                                  def,
+                                                  dev_source,
+                                                  chardevStdioLogd) < 0) {
+            VIR_WARN("Unable to restore chardev label after failed set lab=
el "
+                     "call virDriver=3D%s driver=3D%s domain=3D%s dev_sour=
ce=3D%p",
+                     virSecurityManagerGetVirtDriver(mgr),
+                     virSecurityManagerGetDriver(item->securityManager),
+                     def->name, dev_source);
+        }
+    }
+    return -1;
 }
=20
 static int
@@ -758,15 +886,27 @@ virSecurityStackSetTPMLabels(virSecurityManagerPtr mg=
r,
 {
     virSecurityStackDataPtr priv =3D virSecurityManagerGetPrivateData(mgr);
     virSecurityStackItemPtr item =3D priv->itemsHead;
-    int rc =3D 0;
=20
     for (; item; item =3D item->next) {
         if (virSecurityManagerSetTPMLabels(item->securityManager,
                                            vm) < 0)
-            rc =3D -1;
+            goto rollback;
     }
=20
-    return rc;
+    return 0;
+
+ rollback:
+    for (item =3D item->prev; item; item =3D item->prev) {
+        if (virSecurityManagerRestoreTPMLabels(item->securityManager,
+                                               vm) < 0) {
+            VIR_WARN("Unable to restore TPM label after failed set label "
+                     "call virDriver=3D%s driver=3D%s domain=3D%s",
+                     virSecurityManagerGetVirtDriver(mgr),
+                     virSecurityManagerGetDriver(item->securityManager),
+                     vm->name);
+        }
+    }
+    return -1;
 }
=20
=20
--=20
2.21.0

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list