1. 23 2月, 2011 1 次提交
    • E
      security: avoid memory leak · 009fce98
      Eric Blake 提交于
      Leak introduced in commit d6623003.
      
      * src/qemu/qemu_driver.c (qemuSecurityInit): Avoid leak on failure.
      * src/security/security_stack.c (virSecurityStackClose): Avoid
      leaking component drivers.
      009fce98
  2. 26 1月, 2011 1 次提交
    • L
      Add a function to the security driver API that sets the label of an open fd. · d89608f9
      Laine Stump 提交于
      A need was found to set the SELinux context label on an open fd (a
      pipe, as a matter of fact). This patch adds a function to the security
      driver API that will set the label on an open fd to secdef.label. For
      all drivers other than the SELinux driver, it's a NOP. For the SElinux
      driver, it calls fsetfilecon().
      
      If the return is a failure, it only returns error up to the caller if
      1) the desired label is different from the existing label, 2) the
      destination fd is of a type that supports setting the selinux context,
      and 3) selinux is in enforcing mode. Otherwise it will return
      success. This follows the pattern of the existing function
      SELinuxSetFilecon().
      d89608f9
  3. 11 1月, 2011 1 次提交
    • D
      Refactor the security drivers to simplify usage · d6623003
      Daniel P. Berrange 提交于
      The current security driver usage requires horrible code like
      
          if (driver->securityDriver &&
              driver->securityDriver->domainSetSecurityHostdevLabel &&
              driver->securityDriver->domainSetSecurityHostdevLabel(driver->securityDriver,
                                                                    vm, hostdev) < 0)
      
      This pair of checks for NULL clutters up the code, making the driver
      calls 2 lines longer than they really need to be. The goal of the
      patchset is to change the calling convention to simply
      
        if (virSecurityManagerSetHostdevLabel(driver->securityDriver,
                                              vm, hostdev) < 0)
      
      The first check for 'driver->securityDriver' being NULL is removed
      by introducing a 'no op' security driver that will always be present
      if no real driver is enabled. This guarentees driver->securityDriver
      != NULL.
      
      The second check for 'driver->securityDriver->domainSetSecurityHostdevLabel'
      being non-NULL is hidden in a new abstraction called virSecurityManager.
      This separates the driver callbacks, from main internal API. The addition
      of a virSecurityManager object, that is separate from the virSecurityDriver
      struct also allows for security drivers to carry state / configuration
      information directly. Thus the DAC/Stack drivers from src/qemu which
      used to pull config from 'struct qemud_driver' can now be moved into
      the 'src/security' directory and store their config directly.
      
      * src/qemu/qemu_conf.h, src/qemu/qemu_driver.c: Update to
        use new virSecurityManager APIs
      * src/qemu/qemu_security_dac.c,  src/qemu/qemu_security_dac.h
        src/qemu/qemu_security_stacked.c, src/qemu/qemu_security_stacked.h:
        Move into src/security directory
      * src/security/security_stack.c, src/security/security_stack.h,
        src/security/security_dac.c, src/security/security_dac.h: Generic
        versions of previous QEMU specific drivers
      * src/security/security_apparmor.c, src/security/security_apparmor.h,
        src/security/security_driver.c, src/security/security_driver.h,
        src/security/security_selinux.c, src/security/security_selinux.h:
        Update to take virSecurityManagerPtr object as the first param
        in all callbacks
      * src/security/security_nop.c, src/security/security_nop.h: Stub
        implementation of all security driver APIs.
      * src/security/security_manager.h, src/security/security_manager.c:
        New internal API for invoking security drivers
      * src/libvirt.c: Add missing debug for security APIs
      d6623003