[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt] PATCH: Mark <seclabel> as dynamic generated, or statically pre-defined



On Tue, Mar 03, 2009 at 03:42:58PM +0000, Daniel P. Berrange wrote:
> This patch implements the behaviour I was refering to earlier, whereby
> the domain XML explicitly says whether the security label is a statically
> pre-defined one, or dynamically generated on VM boot by libvirtd
> 
> So when creating a new guest, apps like virt-install have 2 options:
> 
>  - Leave out the <seclabel> tag completely
>     -> If no security driver is active, just works as normal unconfined VM
>     -> If a security driver is active, a dynamic seclabel is generated
> 
>       <seclabel type='dynamic' model='selinux'>
>         <label>system_u:system_r:qemu_t:s0:c424,c719</label>
>         <imagelabel>system_u:object_r:virt_image_t:s0:c424,c719</imagelabel>
>       </seclabel>
> 
>  - Add an explicit <seclabel> tag with type='static' attribute
>     -> Security driver uses the defined label & imagelabel
> 
>       <seclabel type='static' model='selinux'>
>         <label>system_u:system_r:qemu_t:s0:c25,c100</label>
>         <imagelabel>system_u:system_r:virt_image_t:s0:c25,c100</imagelabel>
>       </seclabel>
> 
> 
> A static seclabel is visible in the XML, at all times, whether the VM is
> active or inactive. 
> 
> A dynamic seclabel is only visible when the VM is running, since it is
> auto-generated at VM boot. If you migrate the VM, or save/restore it,
> the dynamic seclabel will change on each boot. The seclabel isn't visible
> when not running, or if asking for the inactive XML dump
> 
> This patch implements parsing of the 'type' attribute, and makes the
> seclabel generation key off this attribute.
> 
> It also adds the 'imagelabel' XML element, since that was being used
> internally, but was not including in the XML output, or parsing
> routines, making it impossible to specify a pre-defined image label
> or see the dyanmic one

  The patch looks sane to me, I didn't spot anything suspect, but I'm
  not really able to validate the principle itself.

Daniel

-- 
Daniel Veillard      | libxml Gnome XML XSLT toolkit  http://xmlsoft.org/
daniel veillard com  | Rpmfind RPM search engine http://rpmfind.net/
http://veillard.com/ | virtualization library  http://libvirt.org/


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]