- 10 1月, 2018 1 次提交
-
-
由 Christian Ehrhardt 提交于
virSecurityManagerDomainSetPathLabel is used to make a path known to the security modules, but today is used interchangably for - paths to files/dirs to be accessed directly - paths to a dir, but the access will actually be to files therein Depending on the security module it is important to know which of these types it will be. The argument allowSubtree augments the call to the implementations of DomainSetPathLabel that can - per security module - decide if extra actions shall be taken. For now dac/selinux handle this as before, but apparmor will make use of it to add a wildcard to the path that was passed. Signed-off-by: NChristian Ehrhardt <christian.ehrhardt@canonical.com> Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
- 05 12月, 2017 1 次提交
-
-
由 Pavel Hrdina 提交于
SELinux and DAC drivers already have both functions but they were not exported as public API of security manager. Signed-off-by: NPavel Hrdina <phrdina@redhat.com>
-
- 25 11月, 2017 1 次提交
-
-
由 Ján Tomko 提交于
Export the existing DAC and SELinux for separate use and introduce functions for stack, nop and the security manager.
-
- 03 11月, 2017 1 次提交
-
-
由 Peter Krempa 提交于
Until now we ignored user-provided backing chains and while detecting the code inherited labels of the parent device. With user provided chains we should keep this functionality, so label of the parent image in the backing chain will be applied if an image-specific label is not present.
-
- 17 10月, 2017 1 次提交
-
-
由 Peter Krempa 提交于
Add helpers that will simplify checking if a backing file is valid or whether it has backing store. The helper virStorageSourceIsBacking returns true if the given virStorageSource is a valid backing store member. virStorageSourceHasBacking returns true if the virStorageSource has a backing store child. Adding these functions creates a central points for further refactors.
-
- 13 9月, 2017 2 次提交
-
-
由 Cole Robinson 提交于
For a logged in user this a path like /dev/dri/renderD128 will have default ownership root:video which won't work for the qemu:qemu user, so we need to chown it. We only do this when mount namespaces are enabled in the qemu driver, so the chown'ing doesn't interfere with other users of the shared render node path https://bugzilla.redhat.com/show_bug.cgi?id=1460804
-
由 Cole Robinson 提交于
The VIR_SECURITY_MANAGER_MOUNT_NAMESPACE flag informs the DAC driver if mount namespaces are in use for the VM. Will be used for future changes. Wire it up in the qemu driver
-
- 22 6月, 2017 1 次提交
-
-
由 Michal Privoznik 提交于
Our commit e13e8808 was way too generic. Currently, virtlogd is used only for chardevs type of file and nothing else. True, we must not relabel the path in this case, but we have to in all other cases. For instance, if you want to have a physical console attached to your guest: <console type='dev'> <source path='/dev/ttyS0'/> <target type='virtio' port='1'/> </console> Starting such domain fails because qemu doesn't have access to /dev/ttyS0 because we haven't relabelled the path. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com> Reviewed-by: NJohn Ferlan <jferlan@redhat.com>
-
- 16 6月, 2017 2 次提交
-
-
由 Pavel Hrdina 提交于
In the case that virtlogd is used as stdio handler we pass to QEMU only FD to a PIPE connected to virtlogd instead of the file itself. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1430988Signed-off-by: NPavel Hrdina <phrdina@redhat.com> Reviewed-by: NMartin Kletzander <mkletzan@redhat.com>
-
由 Pavel Hrdina 提交于
Signed-off-by: NPavel Hrdina <phrdina@redhat.com> Reviewed-by: NJohn Ferlan <jferlan@redhat.com>
-
- 18 5月, 2017 1 次提交
-
-
由 Erik Skultety 提交于
Namely, this patch is about virMediatedDeviceGetIOMMUGroup{Dev,Num} functions. There's no compelling reason why these functions should take an object, on the contrary, having to create an object every time one needs to query the IOMMU group number, discarding the object afterwards, seems odd. Signed-off-by: NErik Skultety <eskultet@redhat.com>
-
- 27 3月, 2017 2 次提交
-
-
由 Erik Skultety 提交于
This patch updates all of our security driver to start labeling the VFIO IOMMU devices under /dev/vfio/ as well. Signed-off-by: NErik Skultety <eskultet@redhat.com>
-
由 Erik Skultety 提交于
A mediated device will be identified by a UUID (with 'model' now being a mandatory <hostdev> attribute to represent the mediated device API) of the user pre-created mediated device. We also need to make sure that if user explicitly provides a guest address for a mdev device, the address type will be matching the device API supported on that specific mediated device and error out with an incorrect XML message. The resulting device XML: <devices> <hostdev mode='subsystem' type='mdev' model='vfio-pci'> <source> <address uuid='c2177883-f1bb-47f0-914d-32a22e3a8804'> </source> </hostdev> </devices> Signed-off-by: NErik Skultety <eskultet@redhat.com>
-
- 15 3月, 2017 2 次提交
-
-
由 Michal Privoznik 提交于
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Michal Privoznik 提交于
When domain is being started up, we ought to relabel the host side of NVDIMM so qemu has access to it. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
- 17 1月, 2017 1 次提交
-
-
由 Erik Skultety 提交于
The problem is in the way how the list item is created prior to appending it to the transaction list - the @path attribute is just a shallow copy instead of deep copy of the hostdev device's path. Unfortunately, the hostdev devices from which the @path is extracted, in order to add them into the transaction list, are only temporary and freed before the buildup of the qemu namespace, thus making the @path attribute in the transaction list NULL, causing 'permission denied' or 'double free' or 'unknown cause' errors. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1413773Signed-off-by: NErik Skultety <eskultet@redhat.com>
-
- 10 1月, 2017 2 次提交
-
-
由 Michal Privoznik 提交于
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Michal Privoznik 提交于
The code at the very bottom of the DAC secdriver that calls chown() should be fine with read-only data. If something needs to be prepared it should have been done beforehand. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
- 25 11月, 2016 2 次提交
-
-
由 Eric Farman 提交于
Ensure that the vhost-scsi wwpn information is passed to the different security policies. Signed-off-by: NEric Farman <farman@linux.vnet.ibm.com>
-
由 Eric Farman 提交于
We already have a "scsi" hostdev subsys type, which refers to a single LUN that is passed through to a guest. But what of things where multiple LUNs are passed through via a single SCSI HBA, such as with the vhost-scsi target? Create a new hostdev subsys type that will carry this. Signed-off-by: NEric Farman <farman@linux.vnet.ibm.com>
-
- 22 10月, 2016 1 次提交
-
-
由 John Ferlan 提交于
Change the virDomainChrDef to use a pointer to 'source' and allocate that pointer during virDomainChrDefNew. This has tremendous "fallout" in the rest of the code which mainly has to change source.$field to source->$field. Signed-off-by: NJohn Ferlan <jferlan@redhat.com>
-
- 25 5月, 2016 1 次提交
-
-
由 Ján Tomko 提交于
Add support for the slic_table to the security drivers.
-
- 19 4月, 2016 1 次提交
-
-
由 Martin Kletzander 提交于
It already labels abritrary paths, so it's just the naming that was wrong. Signed-off-by: NMartin Kletzander <mkletzan@redhat.com>
-
- 15 1月, 2016 2 次提交
-
-
由 Jiri Denemark 提交于
A device tree binary file specified by /domain/os/dtb element is a read-only resource similar to kernel and initrd files. We shouldn't restore its label when destroying a domain to avoid breaking other domains configure with the same device tree. Signed-off-by: NJiri Denemark <jdenemar@redhat.com>
-
由 Jiri Denemark 提交于
Kernel/initrd files are essentially read-only shareable images and thus should be handled in the same way. We already use the appropriate label for kernel/initrd files when starting a domain, but when a domain gets destroyed we would remove the labels which would make other running domains using the same files very unhappy. https://bugzilla.redhat.com/show_bug.cgi?id=921135Signed-off-by: NJiri Denemark <jdenemar@redhat.com>
-
- 15 12月, 2015 1 次提交
-
-
由 Ján Tomko 提交于
Many of the functions follow the pattern: virSecurity.*Security.*Label Remove the second 'Security' from the names, it should be obvious that the virSecurity* functions deal with security labels even without it.
-
- 09 12月, 2015 1 次提交
-
-
由 Ján Tomko 提交于
Use the customary check '< 0' instead of checking for non-zero. No functional change.
-
- 30 11月, 2015 1 次提交
-
-
由 Ján Tomko 提交于
Add functions for setting and restoring the label of input devices to DAC and SELinux drivers. https://bugzilla.redhat.com/show_bug.cgi?id=1231114
-
- 12 11月, 2015 1 次提交
-
-
由 Jiri Denemark 提交于
Fixes several style issues and removes "DEF" (what is it supposed to mean anyway?) from debug messages. Signed-off-by: NJiri Denemark <jdenemar@redhat.com>
-
- 16 10月, 2015 6 次提交
-
-
由 Michal Privoznik 提交于
Even though the APIs are not implemented yet, they create a skeleton that can be filled in later. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Michal Privoznik 提交于
This function should really be called only when we want to change ownership of a file (or disk source). Lets switch to calling a wrapper function which will eventually record the current owner of the file and call virSecurityDACSetOwnershipInternal subsequently. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Michal Privoznik 提交于
This is pure code adjustment. The structure is going to be needed later as it will hold a reference that will be used to talk to virtlockd. However, so far this is no functional change just code preparation. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Michal Privoznik 提交于
This is pure code adjustment. The structure is going to be needed later as it will hold a reference that will be used to talk to virtlockd. However, so far this is no functional change just code preparation. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Michal Privoznik 提交于
It's better if we stat() file that we are about to chown() at first and check if there's something we need to change. Not that it would make much difference, but for the upcoming patches we need to be doing stat() anyway. Moreover, if we do things this way, we can drop @chown_errno variable which will become redundant. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Michal Privoznik 提交于
Correctly mark the places where we need to remember and recall file ownership. We don't want to mislead any potential developer. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
- 24 8月, 2015 2 次提交
-
-
由 Martin Kletzander 提交于
Signed-off-by: NMartin Kletzander <mkletzan@redhat.com>
-
由 Martin Kletzander 提交于
SELinux security driver already does that, but DAC driver somehow missed the memo. Let's fix it so it works the same way. Signed-off-by: NMartin Kletzander <mkletzan@redhat.com>
-
- 11 12月, 2014 2 次提交
-
-
由 Ján Tomko 提交于
Add missing ATTRIBUTE_UNUSED markers.
-
由 Luyao Huang 提交于
When using qemuProcessAttach to attach a qemu process, the DAC label is not filled correctly. Introduce a new function to get the uid:gid from the system and fill the label. This fixes the daemon crash when 'virsh screenshot' is called: https://bugzilla.redhat.com/show_bug.cgi?id=1161831 It also fixes qemu-attach after the prerequisite of this patch (commit f8c1fb3d) was pushed out of order. Signed-off-by: NLuyao Huang <lhuang@redhat.com> Signed-off-by: NJán Tomko <jtomko@redhat.com>
-
- 25 9月, 2014 1 次提交
-
-
由 Cole Robinson 提交于
The check for ISCSI devices was missing a check of subsys type, which meant we could skip labelling of other host devices as well. This fixes USB hotplug on F21 https://bugzilla.redhat.com/show_bug.cgi?id=1145968
-