From nobody Wed Oct 30 22:12:50 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1722353835259562.0457113514202; Tue, 30 Jul 2024 08:37:15 -0700 (PDT) Received: by lists.libvirt.org (Postfix, from userid 996) id 074411258; Tue, 30 Jul 2024 11:37:12 -0400 (EDT) Received: from lists.libvirt.org (localhost [IPv6:::1]) by lists.libvirt.org (Postfix) with ESMTP id EBC2B1216; Tue, 30 Jul 2024 11:36:54 -0400 (EDT) Received: by lists.libvirt.org (Postfix, from userid 996) id DD79411FF; Tue, 30 Jul 2024 11:36:51 -0400 (EDT) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id 6DABB11D4 for ; Tue, 30 Jul 2024 11:36:51 -0400 (EDT) Received: from mx-prod-mc-05.mail-002.prod.us-west-2.aws.redhat.com (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-169-c_Cdns79MnWeWRDCYQUgAw-1; Tue, 30 Jul 2024 11:36:49 -0400 Received: from mx-prod-int-02.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-02.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.15]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-05.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id C7DF81955D58 for ; Tue, 30 Jul 2024 15:36:48 +0000 (UTC) Received: from localhost.localdomain (unknown [10.45.242.11]) by mx-prod-int-02.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id 523061955D47; Tue, 30 Jul 2024 15:36:47 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-0.8 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE autolearn=unavailable autolearn_force=no version=3.4.4 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1722353811; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=fJArWL1MNrW1niQhq9E8VJrjBxUglI9waYYK2vKwgNc=; b=hZBY9B47y2yE1QissHMk97sFHZCV9awd5Cul7FTrULxjxNvy79H3f7TVKAsttm5CFGm9xB 0jBqh6NQnBYkDQ03EUFiIHJLC37VZQxYRmTkuIh8cEz566fkjfI4L6VbGIZ5Hb+9mz4rt1 ywfSYW1mZX1fWTNeYYhuL2SOQ9AH+XE= X-MC-Unique: c_Cdns79MnWeWRDCYQUgAw-1 From: Michal Privoznik To: devel@lists.libvirt.org Subject: [PATCH v2 1/2] qemu: Pre-create pstore device file Date: Tue, 30 Jul 2024 17:36:39 +0200 Message-ID: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.0 on 10.30.177.15 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Message-ID-Hash: APRNQO2DNHPVFUQ4SJWPFBCYVEQ6STGP X-Message-ID-Hash: APRNQO2DNHPVFUQ4SJWPFBCYVEQ6STGP X-MailFrom: mprivozn@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-config-1; header-match-config-2; header-match-config-3; header-match-devel.lists.libvirt.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; suspicious-header CC: abologna@redhat.com X-Mailman-Version: 3.2.2 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1722353835772116600 Content-Type: text/plain; charset="utf-8"; x-default="true" So far we are relying on QEMU or sysadmin to create the file for pstore. This is suboptimal as in the case of the former we can not set proper seclabels (there's nothing to set seclabels on until QEMU is started). Therefore, make sure the file is created before launching QEMU and that it has the correct size. Signed-off-by: Michal Privoznik --- src/qemu/qemu_process.c | 45 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c index 6255ba92e7..cec739c984 100644 --- a/src/qemu/qemu_process.c +++ b/src/qemu/qemu_process.c @@ -6835,6 +6835,48 @@ qemuProcessPrepareLaunchSecurityGuestInput(virDomain= Obj *vm) } =20 =20 +static int +qemuProcessPreparePstore(virDomainObj *vm) +{ + virDomainPstoreDef *pstore =3D vm->def->pstore; + VIR_AUTOCLOSE fd =3D -1; + + if (!pstore) + return 0; + + switch (pstore->backend) { + case VIR_DOMAIN_PSTORE_BACKEND_ACPI_ERST: + if ((fd =3D open(pstore->path, O_WRONLY | O_CREAT, 0600)) < 0) { + virReportSystemError(errno, + _("cannot create file '%1$s'"), + pstore->path); + return -1; + } + + if (ftruncate(fd, pstore->size * 1024) < 0) { + virReportSystemError(errno, + _("Failed to truncate file '%1$s'"), + pstore->path); + return -1; + } + + if (VIR_CLOSE(fd) < 0) { + virReportSystemError(errno, + _("Unable to save '%1$s'"), + pstore->path); + return -1; + } + + break; + + case VIR_DOMAIN_PSTORE_BACKEND_LAST: + break; + } + + return 0; +} + + static int qemuProcessPrepareHostStorageSourceVDPA(virStorageSource *src, qemuDomainObjPrivate *priv) @@ -7333,6 +7375,9 @@ qemuProcessPrepareHost(virQEMUDriver *driver, if (qemuProcessPrepareLaunchSecurityGuestInput(vm) < 0) return -1; =20 + if (qemuProcessPreparePstore(vm) < 0) + return -1; + return 0; } =20 --=20 2.44.2 From nobody Wed Oct 30 22:12:50 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1722353851902910.6809943132661; Tue, 30 Jul 2024 08:37:31 -0700 (PDT) Received: by lists.libvirt.org (Postfix, from userid 996) id A9E681231; Tue, 30 Jul 2024 11:37:30 -0400 (EDT) Received: from lists.libvirt.org (localhost [IPv6:::1]) by lists.libvirt.org (Postfix) with ESMTP id 92C861386; Tue, 30 Jul 2024 11:36:56 -0400 (EDT) Received: by lists.libvirt.org (Postfix, from userid 996) id 945E81210; Tue, 30 Jul 2024 11:36:53 -0400 (EDT) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id 272F411FF for ; Tue, 30 Jul 2024 11:36:53 -0400 (EDT) Received: from mx-prod-mc-03.mail-002.prod.us-west-2.aws.redhat.com (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-441-ZGunxdk8NIaUkZ81SO6FMQ-1; Tue, 30 Jul 2024 11:36:51 -0400 Received: from mx-prod-int-02.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-02.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.15]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-03.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id A30BC1954126 for ; Tue, 30 Jul 2024 15:36:50 +0000 (UTC) Received: from localhost.localdomain (unknown [10.45.242.11]) by mx-prod-int-02.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id 391F11955D4C; Tue, 30 Jul 2024 15:36:48 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-0.8 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE autolearn=unavailable autolearn_force=no version=3.4.4 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1722353812; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=9pVuyHWIO7wzI6F5M6+nRCygjWNAcLNg+NCNogcbiJY=; b=ZONqgVyp9sj9Fx0m8ie03PwESoNm7xVs7yEUeKOQhfZnNLHPY16QtHufuJdHHe0lnMbt6R FYsB9feuJNRjYpOpVoJT/QXw7KzWUSwoHGILIjNZQ1lzFLiey4UyGrqCyDQ3BTTfLHbhpD 9sisccH0tX7WvkgBbTursN4eGedkfYg= X-MC-Unique: ZGunxdk8NIaUkZ81SO6FMQ-1 From: Michal Privoznik To: devel@lists.libvirt.org Subject: [PATCH v2 2/2] security: Allow RW access to pstore device Date: Tue, 30 Jul 2024 17:36:40 +0200 Message-ID: <6eaf464e43ab8602ca1f5067bfb0675b2f6d2f59.1722353364.git.mprivozn@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.0 on 10.30.177.15 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Message-ID-Hash: AAMH44BUK6KG3XOUZXJYY6SIN4Q76RMJ X-Message-ID-Hash: AAMH44BUK6KG3XOUZXJYY6SIN4Q76RMJ X-MailFrom: mprivozn@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-config-1; header-match-config-2; header-match-config-3; header-match-devel.lists.libvirt.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; suspicious-header CC: abologna@redhat.com X-Mailman-Version: 3.2.2 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1722353853719116600 Content-Type: text/plain; charset="utf-8"; x-default="true" The whole point of pstore device is that the guest writes crash dumps into it. But the way SELinux label is set on the corresponding file warrants RO access only. This is due to a copy-paste from code around: kernel/initrd/DTB/SLIC - these are RO indeed, but pstore MUST be writable too. In a sense it's closer to NVRAM/disks - hence set imagelagel on it. Signed-off-by: Michal Privoznik --- src/security/security_selinux.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/security/security_selinux.c b/src/security/security_selinu= x.c index ba0ce8fb9d..31df4d22db 100644 --- a/src/security/security_selinux.c +++ b/src/security/security_selinux.c @@ -3341,7 +3341,7 @@ virSecuritySELinuxSetAllLabel(virSecurityManager *mgr, =20 if (def->pstore && virSecuritySELinuxSetFilecon(mgr, def->pstore->path, - data->content_context, true) < 0) + secdef->imagelabel, true) < 0) return -1; =20 return 0; --=20 2.44.2