[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt] [PATCH 1/2] selinux: load and free selinux active file contexts configuration database



On 10/15/2012 06:40 PM, Martin Kletzander wrote:
On 10/15/2012 12:22 PM, Daniel P. Berrange wrote:
On Mon, Oct 15, 2012 at 03:12:45PM +0800, Guannan Ren wrote:
If we use matchpathcon() to look up selinux context for specific pathname,
it'd better actively load file contexts database by matchpathcon_init()
and free memory when finished using matchpathcon by matchpathcon_fini().
---
  src/security/security_selinux.c | 8 ++++++++
  1 file changed, 8 insertions(+)

diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
index 10135ed..b278e2c 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -667,6 +667,10 @@ virSecuritySELinuxSecurityDriverProbe(const char *virtDriver)
  static int
  virSecuritySELinuxSecurityDriverOpen(virSecurityManagerPtr mgr)
  {
+#ifndef HAVE_SELINUX_LABEL_H
+    if (matchpathcon_init(NULL) < 0)
+        VIR_WARN("cannot load selinux active file contexts configuration");
+#endif
      return virSecuritySELinuxInitialize(mgr);
  }
@@ -685,6 +689,10 @@ virSecuritySELinuxSecurityDriverClose(virSecurityManagerPtr mgr)
      VIR_FREE(data->file_context);
      VIR_FREE(data->content_context);
+#ifndef HAVE_SELINUX_LABEL_H
+    if (matchpathcon_fini() < 0)
+        VIR_WARN("cannot free allocated memory for selinux");
+#endif
      return 0;
  }
I'm not convinced this is safe, because the security drivers can be
opened multiple times, eg LXC and QEMU, and this is changing the global
static state of the SELinux library.

I didn't think the driver is opened for every other driver used.  In
this case the initialization of the matchpathcon should be dealt with in
some other way.  Or can't we open the security driver only once?

@Guannan: is there a problem this fixes?  How come it worked without the
init before?

Martin


No, there is no a bug/problem to fix, the patch just actively initializes
   the active context configuration database.
   If we don't do this, the matchpathcon will do it instead.
   I am going to add them in a better way later.
   This patch has nothing to do with the 2/2 patch.

   Guannan


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]