Blame SOURCES/libvirt-Set-security-label-on-FD-for-virDomainOpenGraphics.patch
|
 |
43fe83 |
From 2b2f4867f47391a4b9e608d08db63b0fb4b70c14 Mon Sep 17 00:00:00 2001
|
|
|
43fe83 |
Message-Id: <2b2f4867f47391a4b9e608d08db63b0fb4b70c14.1377873641.git.jdenemar@redhat.com>
|
|
|
43fe83 |
From: "Daniel P. Berrange" <berrange@redhat.com>
|
|
|
43fe83 |
Date: Fri, 30 Aug 2013 11:14:46 +0100
|
|
|
43fe83 |
Subject: [PATCH] Set security label on FD for virDomainOpenGraphics
|
|
|
43fe83 |
|
|
|
43fe83 |
For
|
|
|
43fe83 |
|
|
|
43fe83 |
https://bugzilla.redhat.com/show_bug.cgi?id=999925
|
|
|
43fe83 |
|
|
|
43fe83 |
The virDomainOpenGraphics method accepts a UNIX socket FD from
|
|
|
43fe83 |
the client app. It must set the label on this FD otherwise QEMU
|
|
|
43fe83 |
will be prevented from receiving it with recvmsg.
|
|
|
43fe83 |
|
|
|
43fe83 |
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
|
|
|
43fe83 |
(cherry picked from commit b6b94374b3bf6b44633ee99a68868141b6cd9ed8)
|
|
|
43fe83 |
---
|
|
|
43fe83 |
src/qemu/qemu_driver.c | 4 ++++
|
|
|
43fe83 |
1 file changed, 4 insertions(+)
|
|
|
43fe83 |
|
|
|
43fe83 |
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
|
|
|
43fe83 |
index 5634abf..99cce90 100644
|
|
|
43fe83 |
--- a/src/qemu/qemu_driver.c
|
|
|
43fe83 |
+++ b/src/qemu/qemu_driver.c
|
|
|
43fe83 |
@@ -14841,6 +14841,10 @@ qemuDomainOpenGraphics(virDomainPtr dom,
|
|
|
43fe83 |
goto cleanup;
|
|
|
43fe83 |
}
|
|
|
43fe83 |
|
|
|
43fe83 |
+ if (virSecurityManagerSetImageFDLabel(driver->securityManager, vm->def,
|
|
|
43fe83 |
+ fd) < 0)
|
|
|
43fe83 |
+ goto cleanup;
|
|
|
43fe83 |
+
|
|
|
43fe83 |
if (qemuDomainObjBeginJob(driver, vm, QEMU_JOB_MODIFY) < 0)
|
|
|
43fe83 |
goto cleanup;
|
|
|
43fe83 |
qemuDomainObjEnterMonitor(driver, vm);
|
|
|
43fe83 |
--
|
|
|
43fe83 |
1.8.3.2
|
|
|
43fe83 |
|