|
 |
7a3408 |
From 7fde617d76934ca94e97257b13ebb96f1ea7bd0a Mon Sep 17 00:00:00 2001
|
|
|
7a3408 |
Message-Id: <7fde617d76934ca94e97257b13ebb96f1ea7bd0a@dist-git>
|
|
|
7a3408 |
From: Michal Privoznik <mprivozn@redhat.com>
|
|
|
7a3408 |
Date: Tue, 15 Sep 2015 11:51:23 +0200
|
|
|
7a3408 |
Subject: [PATCH] virSecurityManager: Track if running as privileged
|
|
|
7a3408 |
|
|
|
7a3408 |
https://bugzilla.redhat.com/show_bug.cgi?id=1124841
|
|
|
7a3408 |
|
|
|
7a3408 |
We may want to do some decisions in drivers based on fact if we
|
|
|
7a3408 |
are running as privileged user or not. Propagate this info there.
|
|
|
7a3408 |
|
|
|
7a3408 |
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
|
|
7a3408 |
(cherry picked from commit 307fb9044c1c9a5394b66e6909c6fd943d7f84c8)
|
|
|
7a3408 |
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
|
|
7a3408 |
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
|
|
|
7a3408 |
---
|
|
|
7a3408 |
src/lxc/lxc_controller.c | 2 +-
|
|
|
7a3408 |
src/lxc/lxc_driver.c | 3 ++-
|
|
|
7a3408 |
src/qemu/qemu_driver.c | 7 +++++--
|
|
|
7a3408 |
src/security/security_manager.c | 29 ++++++++++++++++++++++-------
|
|
|
7a3408 |
src/security/security_manager.h | 5 ++++-
|
|
|
7a3408 |
tests/qemuhotplugtest.c | 2 +-
|
|
|
7a3408 |
tests/seclabeltest.c | 2 +-
|
|
|
7a3408 |
tests/securityselinuxlabeltest.c | 2 +-
|
|
|
7a3408 |
tests/securityselinuxtest.c | 2 +-
|
|
|
7a3408 |
9 files changed, 38 insertions(+), 16 deletions(-)
|
|
|
7a3408 |
|
|
|
7a3408 |
diff --git a/src/lxc/lxc_controller.c b/src/lxc/lxc_controller.c
|
|
|
7a3408 |
index 06ffee4..7f76d6f 100644
|
|
|
7a3408 |
--- a/src/lxc/lxc_controller.c
|
|
|
7a3408 |
+++ b/src/lxc/lxc_controller.c
|
|
|
7a3408 |
@@ -2587,7 +2587,7 @@ int main(int argc, char *argv[])
|
|
|
7a3408 |
|
|
|
7a3408 |
if (!(ctrl->securityManager = virSecurityManagerNew(securityDriver,
|
|
|
7a3408 |
LXC_DRIVER_NAME,
|
|
|
7a3408 |
- false, false, false)))
|
|
|
7a3408 |
+ false, false, false, false)))
|
|
|
7a3408 |
goto cleanup;
|
|
|
7a3408 |
|
|
|
7a3408 |
if (ctrl->def->seclabels) {
|
|
|
7a3408 |
diff --git a/src/lxc/lxc_driver.c b/src/lxc/lxc_driver.c
|
|
|
7a3408 |
index 1a7cc78..79f92c3 100644
|
|
|
7a3408 |
--- a/src/lxc/lxc_driver.c
|
|
|
7a3408 |
+++ b/src/lxc/lxc_driver.c
|
|
|
7a3408 |
@@ -1558,7 +1558,8 @@ lxcSecurityInit(virLXCDriverConfigPtr cfg)
|
|
|
7a3408 |
LXC_DRIVER_NAME,
|
|
|
7a3408 |
false,
|
|
|
7a3408 |
cfg->securityDefaultConfined,
|
|
|
7a3408 |
- cfg->securityRequireConfined);
|
|
|
7a3408 |
+ cfg->securityRequireConfined,
|
|
|
7a3408 |
+ true);
|
|
|
7a3408 |
if (!mgr)
|
|
|
7a3408 |
goto error;
|
|
|
7a3408 |
|
|
|
7a3408 |
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
|
|
|
7a3408 |
index e85506e..0f3e987 100644
|
|
|
7a3408 |
--- a/src/qemu/qemu_driver.c
|
|
|
7a3408 |
+++ b/src/qemu/qemu_driver.c
|
|
|
7a3408 |
@@ -398,7 +398,8 @@ qemuSecurityInit(virQEMUDriverPtr driver)
|
|
|
7a3408 |
QEMU_DRIVER_NAME,
|
|
|
7a3408 |
cfg->allowDiskFormatProbing,
|
|
|
7a3408 |
cfg->securityDefaultConfined,
|
|
|
7a3408 |
- cfg->securityRequireConfined)))
|
|
|
7a3408 |
+ cfg->securityRequireConfined,
|
|
|
7a3408 |
+ virQEMUDriverIsPrivileged(driver))))
|
|
|
7a3408 |
goto error;
|
|
|
7a3408 |
if (!stack) {
|
|
|
7a3408 |
if (!(stack = virSecurityManagerNewStack(mgr)))
|
|
|
7a3408 |
@@ -415,7 +416,8 @@ qemuSecurityInit(virQEMUDriverPtr driver)
|
|
|
7a3408 |
QEMU_DRIVER_NAME,
|
|
|
7a3408 |
cfg->allowDiskFormatProbing,
|
|
|
7a3408 |
cfg->securityDefaultConfined,
|
|
|
7a3408 |
- cfg->securityRequireConfined)))
|
|
|
7a3408 |
+ cfg->securityRequireConfined,
|
|
|
7a3408 |
+ virQEMUDriverIsPrivileged(driver))))
|
|
|
7a3408 |
goto error;
|
|
|
7a3408 |
if (!(stack = virSecurityManagerNewStack(mgr)))
|
|
|
7a3408 |
goto error;
|
|
|
7a3408 |
@@ -429,6 +431,7 @@ qemuSecurityInit(virQEMUDriverPtr driver)
|
|
|
7a3408 |
cfg->allowDiskFormatProbing,
|
|
|
7a3408 |
cfg->securityDefaultConfined,
|
|
|
7a3408 |
cfg->securityRequireConfined,
|
|
|
7a3408 |
+ virQEMUDriverIsPrivileged(driver),
|
|
|
7a3408 |
cfg->dynamicOwnership,
|
|
|
7a3408 |
qemuSecurityChownCallback)))
|
|
|
7a3408 |
goto error;
|
|
|
7a3408 |
diff --git a/src/security/security_manager.c b/src/security/security_manager.c
|
|
|
7a3408 |
index 1098558..28d7dfd 100644
|
|
|
7a3408 |
--- a/src/security/security_manager.c
|
|
|
7a3408 |
+++ b/src/security/security_manager.c
|
|
|
7a3408 |
@@ -40,6 +40,7 @@ struct _virSecurityManager {
|
|
|
7a3408 |
bool allowDiskFormatProbing;
|
|
|
7a3408 |
bool defaultConfined;
|
|
|
7a3408 |
bool requireConfined;
|
|
|
7a3408 |
+ bool privileged;
|
|
|
7a3408 |
const char *virtDriver;
|
|
|
7a3408 |
void *privateData;
|
|
|
7a3408 |
};
|
|
|
7a3408 |
@@ -78,7 +79,8 @@ virSecurityManagerNewDriver(virSecurityDriverPtr drv,
|
|
|
7a3408 |
const char *virtDriver,
|
|
|
7a3408 |
bool allowDiskFormatProbing,
|
|
|
7a3408 |
bool defaultConfined,
|
|
|
7a3408 |
- bool requireConfined)
|
|
|
7a3408 |
+ bool requireConfined,
|
|
|
7a3408 |
+ bool privileged)
|
|
|
7a3408 |
{
|
|
|
7a3408 |
virSecurityManagerPtr mgr;
|
|
|
7a3408 |
char *privateData;
|
|
|
7a3408 |
@@ -87,10 +89,10 @@ virSecurityManagerNewDriver(virSecurityDriverPtr drv,
|
|
|
7a3408 |
return NULL;
|
|
|
7a3408 |
|
|
|
7a3408 |
VIR_DEBUG("drv=%p (%s) virtDriver=%s allowDiskFormatProbing=%d "
|
|
|
7a3408 |
- "defaultConfined=%d requireConfined=%d",
|
|
|
7a3408 |
+ "defaultConfined=%d requireConfined=%d privileged=%d",
|
|
|
7a3408 |
drv, drv->name, virtDriver,
|
|
|
7a3408 |
allowDiskFormatProbing, defaultConfined,
|
|
|
7a3408 |
- requireConfined);
|
|
|
7a3408 |
+ requireConfined, privileged);
|
|
|
7a3408 |
|
|
|
7a3408 |
if (VIR_ALLOC_N(privateData, drv->privateDataLen) < 0)
|
|
|
7a3408 |
return NULL;
|
|
|
7a3408 |
@@ -104,6 +106,7 @@ virSecurityManagerNewDriver(virSecurityDriverPtr drv,
|
|
|
7a3408 |
mgr->allowDiskFormatProbing = allowDiskFormatProbing;
|
|
|
7a3408 |
mgr->defaultConfined = defaultConfined;
|
|
|
7a3408 |
mgr->requireConfined = requireConfined;
|
|
|
7a3408 |
+ mgr->privileged = privileged;
|
|
|
7a3408 |
mgr->virtDriver = virtDriver;
|
|
|
7a3408 |
mgr->privateData = privateData;
|
|
|
7a3408 |
|
|
|
7a3408 |
@@ -124,7 +127,8 @@ virSecurityManagerNewStack(virSecurityManagerPtr primary)
|
|
|
7a3408 |
virSecurityManagerGetDriver(primary),
|
|
|
7a3408 |
virSecurityManagerGetAllowDiskFormatProbing(primary),
|
|
|
7a3408 |
virSecurityManagerGetDefaultConfined(primary),
|
|
|
7a3408 |
- virSecurityManagerGetRequireConfined(primary));
|
|
|
7a3408 |
+ virSecurityManagerGetRequireConfined(primary),
|
|
|
7a3408 |
+ virSecurityManagerGetPrivileged(primary));
|
|
|
7a3408 |
|
|
|
7a3408 |
if (!mgr)
|
|
|
7a3408 |
return NULL;
|
|
|
7a3408 |
@@ -153,6 +157,7 @@ virSecurityManagerNewDAC(const char *virtDriver,
|
|
|
7a3408 |
bool defaultConfined,
|
|
|
7a3408 |
bool requireConfined,
|
|
|
7a3408 |
bool dynamicOwnership,
|
|
|
7a3408 |
+ bool privileged,
|
|
|
7a3408 |
virSecurityManagerDACChownCallback chownCallback)
|
|
|
7a3408 |
{
|
|
|
7a3408 |
virSecurityManagerPtr mgr =
|
|
|
7a3408 |
@@ -160,7 +165,8 @@ virSecurityManagerNewDAC(const char *virtDriver,
|
|
|
7a3408 |
virtDriver,
|
|
|
7a3408 |
allowDiskFormatProbing,
|
|
|
7a3408 |
defaultConfined,
|
|
|
7a3408 |
- requireConfined);
|
|
|
7a3408 |
+ requireConfined,
|
|
|
7a3408 |
+ privileged);
|
|
|
7a3408 |
|
|
|
7a3408 |
if (!mgr)
|
|
|
7a3408 |
return NULL;
|
|
|
7a3408 |
@@ -182,7 +188,8 @@ virSecurityManagerNew(const char *name,
|
|
|
7a3408 |
const char *virtDriver,
|
|
|
7a3408 |
bool allowDiskFormatProbing,
|
|
|
7a3408 |
bool defaultConfined,
|
|
|
7a3408 |
- bool requireConfined)
|
|
|
7a3408 |
+ bool requireConfined,
|
|
|
7a3408 |
+ bool privileged)
|
|
|
7a3408 |
{
|
|
|
7a3408 |
virSecurityDriverPtr drv = virSecurityDriverLookup(name, virtDriver);
|
|
|
7a3408 |
if (!drv)
|
|
|
7a3408 |
@@ -212,7 +219,8 @@ virSecurityManagerNew(const char *name,
|
|
|
7a3408 |
virtDriver,
|
|
|
7a3408 |
allowDiskFormatProbing,
|
|
|
7a3408 |
defaultConfined,
|
|
|
7a3408 |
- requireConfined);
|
|
|
7a3408 |
+ requireConfined,
|
|
|
7a3408 |
+ privileged);
|
|
|
7a3408 |
}
|
|
|
7a3408 |
|
|
|
7a3408 |
|
|
|
7a3408 |
@@ -333,6 +341,13 @@ virSecurityManagerGetRequireConfined(virSecurityManagerPtr mgr)
|
|
|
7a3408 |
}
|
|
|
7a3408 |
|
|
|
7a3408 |
|
|
|
7a3408 |
+bool
|
|
|
7a3408 |
+virSecurityManagerGetPrivileged(virSecurityManagerPtr mgr)
|
|
|
7a3408 |
+{
|
|
|
7a3408 |
+ return mgr->privileged;
|
|
|
7a3408 |
+}
|
|
|
7a3408 |
+
|
|
|
7a3408 |
+
|
|
|
7a3408 |
/**
|
|
|
7a3408 |
* virSecurityManagerRestoreDiskLabel:
|
|
|
7a3408 |
* @mgr: security manager object
|
|
|
7a3408 |
diff --git a/src/security/security_manager.h b/src/security/security_manager.h
|
|
|
7a3408 |
index 78f34a0..53e56f6 100644
|
|
|
7a3408 |
--- a/src/security/security_manager.h
|
|
|
7a3408 |
+++ b/src/security/security_manager.h
|
|
|
7a3408 |
@@ -34,7 +34,8 @@ virSecurityManagerPtr virSecurityManagerNew(const char *name,
|
|
|
7a3408 |
const char *virtDriver,
|
|
|
7a3408 |
bool allowDiskFormatProbing,
|
|
|
7a3408 |
bool defaultConfined,
|
|
|
7a3408 |
- bool requireConfined);
|
|
|
7a3408 |
+ bool requireConfined,
|
|
|
7a3408 |
+ bool privileged);
|
|
|
7a3408 |
|
|
|
7a3408 |
virSecurityManagerPtr virSecurityManagerNewStack(virSecurityManagerPtr primary);
|
|
|
7a3408 |
int virSecurityManagerStackAddNested(virSecurityManagerPtr stack,
|
|
|
7a3408 |
@@ -62,6 +63,7 @@ virSecurityManagerPtr virSecurityManagerNewDAC(const char *virtDriver,
|
|
|
7a3408 |
bool defaultConfined,
|
|
|
7a3408 |
bool requireConfined,
|
|
|
7a3408 |
bool dynamicOwnership,
|
|
|
7a3408 |
+ bool privileged,
|
|
|
7a3408 |
virSecurityManagerDACChownCallback chownCallback);
|
|
|
7a3408 |
|
|
|
7a3408 |
int virSecurityManagerPreFork(virSecurityManagerPtr mgr);
|
|
|
7a3408 |
@@ -77,6 +79,7 @@ const char *virSecurityManagerGetBaseLabel(virSecurityManagerPtr mgr, int virtTy
|
|
|
7a3408 |
bool virSecurityManagerGetAllowDiskFormatProbing(virSecurityManagerPtr mgr);
|
|
|
7a3408 |
bool virSecurityManagerGetDefaultConfined(virSecurityManagerPtr mgr);
|
|
|
7a3408 |
bool virSecurityManagerGetRequireConfined(virSecurityManagerPtr mgr);
|
|
|
7a3408 |
+bool virSecurityManagerGetPrivileged(virSecurityManagerPtr mgr);
|
|
|
7a3408 |
|
|
|
7a3408 |
int virSecurityManagerRestoreDiskLabel(virSecurityManagerPtr mgr,
|
|
|
7a3408 |
virDomainDefPtr def,
|
|
|
7a3408 |
diff --git a/tests/qemuhotplugtest.c b/tests/qemuhotplugtest.c
|
|
|
7a3408 |
index 3b547f2..b17a41d 100644
|
|
|
7a3408 |
--- a/tests/qemuhotplugtest.c
|
|
|
7a3408 |
+++ b/tests/qemuhotplugtest.c
|
|
|
7a3408 |
@@ -361,7 +361,7 @@ mymain(void)
|
|
|
7a3408 |
if (!driver.lockManager)
|
|
|
7a3408 |
return EXIT_FAILURE;
|
|
|
7a3408 |
|
|
|
7a3408 |
- if (!(mgr = virSecurityManagerNew("none", "qemu", false, false, false)))
|
|
|
7a3408 |
+ if (!(mgr = virSecurityManagerNew("none", "qemu", false, false, false, true)))
|
|
|
7a3408 |
return EXIT_FAILURE;
|
|
|
7a3408 |
if (!(driver.securityManager = virSecurityManagerNewStack(mgr)))
|
|
|
7a3408 |
return EXIT_FAILURE;
|
|
|
7a3408 |
diff --git a/tests/seclabeltest.c b/tests/seclabeltest.c
|
|
|
7a3408 |
index 51765c9..93ddcbb 100644
|
|
|
7a3408 |
--- a/tests/seclabeltest.c
|
|
|
7a3408 |
+++ b/tests/seclabeltest.c
|
|
|
7a3408 |
@@ -17,7 +17,7 @@ main(int argc ATTRIBUTE_UNUSED, char **argv ATTRIBUTE_UNUSED)
|
|
|
7a3408 |
if (virThreadInitialize() < 0)
|
|
|
7a3408 |
return EXIT_FAILURE;
|
|
|
7a3408 |
|
|
|
7a3408 |
- mgr = virSecurityManagerNew(NULL, "QEMU", false, true, false);
|
|
|
7a3408 |
+ mgr = virSecurityManagerNew(NULL, "QEMU", false, true, false, false);
|
|
|
7a3408 |
if (mgr == NULL) {
|
|
|
7a3408 |
fprintf(stderr, "Failed to start security driver");
|
|
|
7a3408 |
return EXIT_FAILURE;
|
|
|
7a3408 |
diff --git a/tests/securityselinuxlabeltest.c b/tests/securityselinuxlabeltest.c
|
|
|
7a3408 |
index 85fad37..4808eea 100644
|
|
|
7a3408 |
--- a/tests/securityselinuxlabeltest.c
|
|
|
7a3408 |
+++ b/tests/securityselinuxlabeltest.c
|
|
|
7a3408 |
@@ -351,7 +351,7 @@ mymain(void)
|
|
|
7a3408 |
if (!rc)
|
|
|
7a3408 |
return EXIT_AM_SKIP;
|
|
|
7a3408 |
|
|
|
7a3408 |
- if (!(mgr = virSecurityManagerNew("selinux", "QEMU", false, true, false))) {
|
|
|
7a3408 |
+ if (!(mgr = virSecurityManagerNew("selinux", "QEMU", false, true, false, true))) {
|
|
|
7a3408 |
virErrorPtr err = virGetLastError();
|
|
|
7a3408 |
VIR_TEST_VERBOSE("Unable to initialize security driver: %s\n",
|
|
|
7a3408 |
err->message);
|
|
|
7a3408 |
diff --git a/tests/securityselinuxtest.c b/tests/securityselinuxtest.c
|
|
|
7a3408 |
index 38ab70e..3a7862f 100644
|
|
|
7a3408 |
--- a/tests/securityselinuxtest.c
|
|
|
7a3408 |
+++ b/tests/securityselinuxtest.c
|
|
|
7a3408 |
@@ -272,7 +272,7 @@ mymain(void)
|
|
|
7a3408 |
int ret = 0;
|
|
|
7a3408 |
virSecurityManagerPtr mgr;
|
|
|
7a3408 |
|
|
|
7a3408 |
- if (!(mgr = virSecurityManagerNew("selinux", "QEMU", false, true, false))) {
|
|
|
7a3408 |
+ if (!(mgr = virSecurityManagerNew("selinux", "QEMU", false, true, false, true))) {
|
|
|
7a3408 |
virErrorPtr err = virGetLastError();
|
|
|
7a3408 |
fprintf(stderr, "Unable to initialize security driver: %s\n",
|
|
|
7a3408 |
err->message);
|
|
|
7a3408 |
--
|
|
|
7a3408 |
2.5.3
|
|
|
7a3408 |
|