From nobody Sun Sep 28 15:25:47 2025
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1758895420; cv=none;
	d=zohomail.com; s=zohoarc;
	b=FQeYMPE4aCt9WpZ+GseYzd5UDNqB98bwc866tCXjtxlWstxa8Kz4/iAea/OBkPFq8+c1uiJyfyk8FShn8wck7nYzLTi+shPKOPfqZFzKTxnshDJhufrzq4Op1cBj5sSzBtx7nD1kPwl17hZJRo152FgZZ+4nYSu8439A4AM7CU0=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1758895420;
 h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=bkjZlEac+MVkgqtYFNeV6qzfD3BV83YEmSYkc/NyeGo=;
	b=Zt048AGfywJ5ketAJss/bM2G+iAc7OpyNJqpql8kVUVJyH0/e1YU6Qj1BYhswAcyEfeWe5M/kwpLQYAwfaiYSveEQ3N/+fPLaNwJVrwH47GeUFcbIm5Za7qbhUVwiKG9/iO8/lz6KckH0VIh+BPxB1/oaFtMJ+GShs6kcsgCFqs=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<berrange@redhat.com> (p=quarantine dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1758895420383575.7172041085669;
 Fri, 26 Sep 2025 07:03:40 -0700 (PDT)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1v291v-00063h-Mu; Fri, 26 Sep 2025 10:02:35 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <berrange@redhat.com>)
 id 1v291s-00062s-It
 for qemu-devel@nongnu.org; Fri, 26 Sep 2025 10:02:33 -0400
Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <berrange@redhat.com>)
 id 1v291g-0004bS-Ap
 for qemu-devel@nongnu.org; Fri, 26 Sep 2025 10:02:32 -0400
Received: from mx-prod-mc-06.mail-002.prod.us-west-2.aws.redhat.com
 (ec2-35-165-154-97.us-west-2.compute.amazonaws.com [35.165.154.97]) by
 relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3,
 cipher=TLS_AES_256_GCM_SHA384) id us-mta-606-diTzCOEYMfW_HrjpD7H9dA-1; Fri,
 26 Sep 2025 10:02:08 -0400
Received: from mx-prod-int-05.mail-002.prod.us-west-2.aws.redhat.com
 (mx-prod-int-05.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.17])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest
 SHA256)
 (No client certificate requested)
 by mx-prod-mc-06.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS
 id 766861800451; Fri, 26 Sep 2025 14:02:07 +0000 (UTC)
Received: from toolbx.redhat.com (unknown [10.42.28.175])
 by mx-prod-int-05.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP
 id 7D8811956095; Fri, 26 Sep 2025 14:02:02 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1758895334;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=bkjZlEac+MVkgqtYFNeV6qzfD3BV83YEmSYkc/NyeGo=;
 b=PiVvzF2fuFN6pOWQTjrY9uhy28F9SOBDk9i5hcZsnB+SgvjcNGQyPbh+iHAYMmfkElIKNs
 kBCru7SXyeRAxYO2XfAUphAkBAPNXV2rGK4KI0RYVv1BIooyi5mD9+lBip14bohu5i+Ijo
 O50PQ68jFj7mrcg1Vc85tlH9ZBwfG6c=
X-MC-Unique: diTzCOEYMfW_HrjpD7H9dA-1
X-Mimecast-MFC-AGG-ID: diTzCOEYMfW_HrjpD7H9dA_1758895327
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
To: qemu-devel@nongnu.org
Cc: Thomas Huth <thuth@redhat.com>, Stefan Hajnoczi <stefanha@redhat.com>,
 =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@linaro.org>,
 Peter Maydell <peter.maydell@linaro.org>,
 Markus Armbruster <armbru@redhat.com>, Paolo Bonzini <pbonzini@redhat.com>,
 "Michael S. Tsirkin" <mst@redhat.com>,
 =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
Subject: [PATCH v2 04/32] system: check security for accelerator types
Date: Fri, 26 Sep 2025 15:01:15 +0100
Message-ID: <20250926140144.1998694-5-berrange@redhat.com>
In-Reply-To: <20250926140144.1998694-1-berrange@redhat.com>
References: <20250926140144.1998694-1-berrange@redhat.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-Scanned-By: MIMEDefang 3.0 on 10.30.177.17
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=170.10.133.124;
 envelope-from=berrange@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -24
X-Spam_score: -2.5
X-Spam_bar: --
X-Spam_report: (-2.5 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.446,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,
 SPF_HELO_PASS=-0.001, T_SPF_TEMPERROR=0.01 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1758895421654116600

This wires up the accelerator creation code to apply the compat policy
security check. When multiple -accel options are given, normal fallback
logic applies. IOW, if one is rejected by the security check, it will
carry on to try the next accelerator until one passes the security
check.

Signed-off-by: Daniel P. Berrang=C3=A9 <berrange@redhat.com>
---
 system/vl.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/system/vl.c b/system/vl.c
index 00f3694725..6f7fdb8663 100644
--- a/system/vl.c
+++ b/system/vl.c
@@ -2383,12 +2383,21 @@ static int do_configure_accelerator(void *opaque, Q=
emuOpts *opts, Error **errp)
     AccelState *accel;
     int ret;
     bool qtest_with_kvm;
+    Error *local_err =3D NULL;
=20
     if (!acc) {
         error_setg(errp, QERR_MISSING_PARAMETER, "accel");
         goto bad;
     }
=20
+    if (!compat_policy_check_security(&compat_policy,
+                                      object_class_get_name(OBJECT_CLASS(a=
c)),
+                                      object_class_is_secure(OBJECT_CLASS(=
ac)),
+                                      &local_err)) {
+        error_report_err(local_err);
+        goto bad;
+    }
+
     qtest_with_kvm =3D g_str_equal(acc, "kvm") && qtest_chrdev !=3D NULL;
=20
     if (!ac) {
--=20
2.50.1