[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt] [PATCH v4 07/11] Add SELinux and DAC labeling support for TPM passthrough



On Fri, Apr 05, 2013 at 10:05:58AM -0400, Stefan Berger wrote:
> Signed-off-by: Stefan Berger <stefanb linux vnet ibm com>
> Reviewed-by: Corey Bryant <coreyb linux vnet ibm com>
> Tested-by: Corey Bryant <coreyb linux vnet ibm com>
> 
> ---
>  src/security/security_dac.c     |   53 ++++++++++++++++++++++
>  src/security/security_selinux.c |   96 ++++++++++++++++++++++++++++++++++++++++
>  2 files changed, 149 insertions(+)
> 
> Index: libvirt/src/security/security_selinux.c
> ===================================================================
> --- libvirt.orig/src/security/security_selinux.c
> +++ libvirt/src/security/security_selinux.c
> @@ -45,6 +45,7 @@
>  #include "virrandom.h"
>  #include "virutil.h"
>  #include "virconf.h"
> +#include "virtpm.h"
>  
>  #define VIR_FROM_THIS VIR_FROM_SECURITY
>  
> @@ -76,6 +77,12 @@ struct _virSecuritySELinuxCallbackData {
>  #define SECURITY_SELINUX_VOID_DOI       "0"
>  #define SECURITY_SELINUX_NAME "selinux"
>  
> +static int
> +virSecuritySELinuxRestoreSecurityTPMFileLabelInt(virSecurityManagerPtr mgr,
> +                                                 virDomainDefPtr def,
> +                                                 virDomainTPMDefPtr tpm);
> +
> +
>  /*
>   * Returns 0 on success, 1 if already reserved, or -1 on fatal error
>   */
> @@ -1062,6 +1069,84 @@ err:
>      return rc;
>  }
>  
> +
> +static int
> +virSecuritySELinuxSetSecurityTPMFileLabel(virSecurityManagerPtr mgr,
> +                                          virDomainDefPtr def,
> +                                          virDomainTPMDefPtr tpm)
> +{
> +    int rc;
> +    virSecurityLabelDefPtr seclabel;
> +    char *cancel_path;
> +
> +    seclabel = virDomainDefGetSecurityLabelDef(def, SECURITY_SELINUX_NAME);
> +    if (seclabel == NULL)
> +        return -1;
> +
> +    switch (tpm->type) {
> +    case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH:
> +        rc = virSecuritySELinuxSetFilecon(
> +                               tpm->data.passthrough.source.data.file.path,
> +                               seclabel->imagelabel);
> +        if (rc < 0)
> +            return -1;
> +
> +        if ((cancel_path = virTPMFindCancelPath()) != NULL) {
> +            rc = virSecuritySELinuxSetFilecon(cancel_path,
> +                                              seclabel->imagelabel);
> +            VIR_FREE(cancel_path);
> +            if (rc < 0) {
> +                virSecuritySELinuxRestoreSecurityTPMFileLabelInt(mgr, def,
> +                                                                 tpm);
> +                return -1;
> +            }
> +        } else {
> +            virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
> +                           _("Cannot determine TPM command cancel path"));

The virTPMFindCancelPath method has already reported an error, so
you shouldn't overwrite it here with a less specific message.


> +static int
> +virSecuritySELinuxRestoreSecurityTPMFileLabelInt(virSecurityManagerPtr mgr,
> +                                                 virDomainDefPtr def,
> +                                                 virDomainTPMDefPtr tpm)
> +{
> +    int rc = 0;
> +    virSecurityLabelDefPtr seclabel;
> +    char *cancel_path;
> +
> +    seclabel = virDomainDefGetSecurityLabelDef(def, SECURITY_SELINUX_NAME);
> +    if (seclabel == NULL)
> +        return -1;
> +
> +    switch (tpm->type) {
> +    case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH:
> +        rc = virSecuritySELinuxRestoreSecurityFileLabel(
> +                 mgr, tpm->data.passthrough.source.data.file.path);
> +
> +        if ((cancel_path = virTPMFindCancelPath()) != NULL) {
> +            if (virSecuritySELinuxRestoreSecurityFileLabel(mgr,
> +                                  cancel_path) < 0)
> +                rc = -1;
> +            VIR_FREE(cancel_path);
> +        }

Since we want to ignore errors, we should call virResetLastError()
if virTPMFindCancelPath fails.


Daniel
-- 
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]