[libvirt] [PATCH 00/19] Fine grained access control for libvirt APIs

Daniel P. Berrange berrange at redhat.com
Wed Jun 19 17:00:41 UTC 2013


From: "Daniel P. Berrange" <berrange at redhat.com>

This is a repost of

  http://www.redhat.com/archives/libvir-list/2012-May/msg00090.html

Most of the early patches in that series are now merged. What is
left is the actual access control work. The first patches setup
the infrastructure and provide two drivers (policy kit and selinux).
The remaining patches add access control checks to all the public
APIs in each driver. The final patch adds a test case to validate
that every driver API impl has an access control check present.

Still todo

 - Optimize the polkit driver by making direct dbus calls
   instead of spawning the polkit helper program

 - Add filtering of returned objects from the various
   vir*List* APIs

 - Finish adding acl checks to the legacy Xen driver in
   about 6 apis.

 - Write a standalone access control driver as alternative
   to polkit

 - Audit permission names & groups to ensure we have an
   optimial set of permissions defined to cover all our
   APIs.

Daniel P. Berrange (19):
  Define basic internal API for access control
  Set conn->driver before running driver connectOpen method
  Setup default access control manager in libvirtd
  Add a policy kit access control driver
  Add an SELinux access control driver
  Add ACL annotations to all RPC messages
  Auto-generate helpers for checking access control rules
  Add ACL checks into the QEMU driver
  Add ACL checks into the LXC driver
  Add ACL checks into the UML driver
  Add ACL checks into the Xen driver
  Add ACL checks into the libxl driver
  Add ACL checks into the storage driver
  Add ACL checks into the network driver
  Add ACL checks into the interface driver
  Add ACL checks into the node device driver
  Add ACL checks into the nwfilter driver
  Add ACL checks into the secrets driver
  Add validation that all APIs contain ACL checks

 .gitignore                              |  10 +
 daemon/Makefile.am                      |   1 +
 daemon/libvirtd-config.c                |   4 +
 daemon/libvirtd-config.h                |   2 +
 daemon/libvirtd.aug                     |   1 +
 daemon/libvirtd.c                       |  28 +-
 daemon/libvirtd.conf                    |   9 +
 daemon/test_libvirtd.aug.in             |   4 +
 include/libvirt/virterror.h             |   4 +
 m4/virt-compile-warnings.m4             |   1 +
 m4/virt-selinux.m4                      |   2 +
 po/POTFILES.in                          |   3 +
 src/Makefile.am                         | 187 ++++++++-
 src/access/genpolkit.pl                 | 119 ++++++
 src/access/viraccessdriver.h            |  89 ++++
 src/access/viraccessdrivernop.c         | 118 ++++++
 src/access/viraccessdrivernop.h         |  28 ++
 src/access/viraccessdriverpolkit.c      | 399 ++++++++++++++++++
 src/access/viraccessdriverpolkit.h      |  28 ++
 src/access/viraccessdriverselinux.c     | 565 +++++++++++++++++++++++++
 src/access/viraccessdriverselinux.h     |  28 ++
 src/access/viraccessdriverstack.c       | 285 +++++++++++++
 src/access/viraccessdriverstack.h       |  32 ++
 src/access/viraccessmanager.c           | 351 ++++++++++++++++
 src/access/viraccessmanager.h           |  91 ++++
 src/access/viraccessperm.c              |  84 ++++
 src/access/viraccessperm.h              | 647 +++++++++++++++++++++++++++++
 src/check-aclrules.pl                   | 144 +++++++
 src/interface/interface_backend_netcf.c | 115 +++++
 src/interface/interface_backend_udev.c  |  85 +++-
 src/internal.h                          |   4 +
 src/libvirt.c                           |  11 +-
 src/libvirt_private.syms                |  37 ++
 src/libxl/libxl_driver.c                | 187 ++++++++-
 src/locking/lock_protocol.x             |   8 +
 src/lxc/lxc_driver.c                    | 219 +++++++++-
 src/network/bridge_driver.c             |  61 +++
 src/node_device/node_device_driver.c    |  36 ++
 src/nwfilter/nwfilter_driver.c          |  26 ++
 src/qemu/qemu_driver.c                  | 716 ++++++++++++++++++++++++++++----
 src/remote/lxc_protocol.x               |   1 +
 src/remote/qemu_protocol.x              |   4 +
 src/remote/remote_protocol.x            | 406 ++++++++++++++++++
 src/rpc/gendispatch.pl                  | 211 +++++++++-
 src/secret/secret_driver.c              |  31 ++
 src/storage/storage_driver.c            | 155 ++++++-
 src/uml/uml_driver.c                    | 174 +++++++-
 src/util/virerror.c                     |   8 +
 src/util/virlog.c                       |   3 +-
 src/util/virlog.h                       |   1 +
 src/xen/xen_driver.c                    | 217 +++++++++-
 51 files changed, 5827 insertions(+), 153 deletions(-)
 create mode 100755 src/access/genpolkit.pl
 create mode 100644 src/access/viraccessdriver.h
 create mode 100644 src/access/viraccessdrivernop.c
 create mode 100644 src/access/viraccessdrivernop.h
 create mode 100644 src/access/viraccessdriverpolkit.c
 create mode 100644 src/access/viraccessdriverpolkit.h
 create mode 100644 src/access/viraccessdriverselinux.c
 create mode 100644 src/access/viraccessdriverselinux.h
 create mode 100644 src/access/viraccessdriverstack.c
 create mode 100644 src/access/viraccessdriverstack.h
 create mode 100644 src/access/viraccessmanager.c
 create mode 100644 src/access/viraccessmanager.h
 create mode 100644 src/access/viraccessperm.c
 create mode 100644 src/access/viraccessperm.h
 create mode 100644 src/check-aclrules.pl

-- 
1.8.1.4




More information about the libvir-list mailing list