From patchwork Sun Aug 27 16:20:41 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Cole Robinson X-Patchwork-Id: 111089 Delivered-To: patch@linaro.org Received: by 10.140.95.78 with SMTP id h72csp3737975qge; Sun, 27 Aug 2017 09:20:56 -0700 (PDT) X-Received: by 10.55.112.71 with SMTP id l68mr2921458qkc.10.1503850856545; Sun, 27 Aug 2017 09:20:56 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1503850856; cv=none; d=google.com; s=arc-20160816; b=yiHFAmcoa9TJu4kEiqQXE/WDZHTPh5HwcO8wRZCPbdWQnfsryNG2LdS+KHSfRopDOC xsFZPJue20vqSqsIK7VjuXv/3bTmMjZv7rpeF4DMA/ZqnyGJbWiHWOINkbfzrLWnnH1W MQdJAtuhqIIpqG8AwXSZol6mMyys+gPhgcW4mo0BN0DgTTjFscrSQzsCsrXJJOzyfNb2 V3dQdRXZopuWlHJGNtn1m1uWBw8Eslk9g5lDOUQftligTDRPcKqNypKQSBYWOKPX1l25 AfuB6AVqkkTRg3aldhKUIxT1YlaqIdthil/gvuQ5AjKhlfbbcwy/ld22GzoRuBIko3lC BmCw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:sender:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:references:in-reply-to:references :in-reply-to:message-id:date:to:from:delivered-to:dmarc-filter :arc-authentication-results; bh=W9Z2q+88TRUipI04+NgJOQn0hcg6eyBASwmE9JKobO0=; b=koPGaCeODD438EjkUnHfnUU2ypVgY4wOVUYOkVDxFiBBeF7e3Jh/c3rbEHJi70hBXQ r7JycgvHnG5H/Ee8EGcMzUDv/fw/WUZ5GD8vcbDV/aGZ7jCrljBO4yj7qwW/mel0lzPM YxciOoC8rd/qmendpSgL79vco3P9JOS3g+qIRZ1uL4Y5S3FjKucJ7cS3v+zJ34qF9HCs WnsYYxrBNpYLGlGA+qkwFyxWmybtF/0xYQHAfC7V1JG7dxHCsfx2ebgwysmGPu71C7JW xPGOIQkvnF7T2YIw63seJR2RUVUqm8vMGrDOZedQWjdNa0MZbb40uz41DVN1cwTRDEjW IWvg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of libvir-list-bounces@redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com. [209.132.183.28]) by mx.google.com with ESMTPS id j61si10188745qtd.429.2017.08.27.09.20.56 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sun, 27 Aug 2017 09:20:56 -0700 (PDT) Received-SPF: pass (google.com: domain of libvir-list-bounces@redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; Authentication-Results: mx.google.com; spf=pass (google.com: domain of libvir-list-bounces@redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 22EAE883B9; Sun, 27 Aug 2017 16:20:55 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 22EAE883B9 Authentication-Results: ext-mx02.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com Authentication-Results: ext-mx02.extmail.prod.ext.phx2.redhat.com; spf=fail smtp.mailfrom=libvir-list-bounces@redhat.com Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id CBAFB6292D; Sun, 27 Aug 2017 16:20:54 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 16E821806100; Sun, 27 Aug 2017 16:20:53 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id v7RGKpN6027605 for ; Sun, 27 Aug 2017 12:20:51 -0400 Received: by smtp.corp.redhat.com (Postfix) id 94D6C5C670; Sun, 27 Aug 2017 16:20:51 +0000 (UTC) Delivered-To: libvirt-list@redhat.com Received: from colepc.redhat.com (ovpn-116-34.phx2.redhat.com [10.3.116.34]) by smtp.corp.redhat.com (Postfix) with ESMTP id 2E5C45C880; Sun, 27 Aug 2017 16:20:51 +0000 (UTC) From: Cole Robinson To: libvirt-list@redhat.com Date: Sun, 27 Aug 2017 12:20:41 -0400 Message-Id: In-Reply-To: References: In-Reply-To: References: X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v2 1/2] security: add MANAGER_MOUNT_NAMESPACE flag X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.26]); Sun, 27 Aug 2017 16:20:55 +0000 (UTC) The VIR_SECURITY_MANAGER_MOUNT_NAMESPACE flag informs the DAC driver if mount namespaces are in use for the VM. Will be used for future changes. Wire it up in the qemu driver Signed-off-by: Cole Robinson --- src/qemu/qemu_driver.c | 2 ++ src/security/security_dac.c | 10 ++++++++++ src/security/security_dac.h | 3 +++ src/security/security_manager.c | 4 +++- src/security/security_manager.h | 1 + 5 files changed, 19 insertions(+), 1 deletion(-) -- 2.13.5 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index 2ba6c80c4..ea1a85b41 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -419,6 +419,8 @@ qemuSecurityInit(virQEMUDriverPtr driver) if (virQEMUDriverIsPrivileged(driver)) { if (cfg->dynamicOwnership) flags |= VIR_SECURITY_MANAGER_DYNAMIC_OWNERSHIP; + if (virBitmapIsBitSet(cfg->namespaces, QEMU_DOMAIN_NS_MOUNT)) + flags |= VIR_SECURITY_MANAGER_MOUNT_NAMESPACE; if (!(mgr = qemuSecurityNewDAC(QEMU_DRIVER_NAME, cfg->user, cfg->group, diff --git a/src/security/security_dac.c b/src/security/security_dac.c index ca7a6af6d..507be44a2 100644 --- a/src/security/security_dac.c +++ b/src/security/security_dac.c @@ -57,6 +57,7 @@ struct _virSecurityDACData { gid_t *groups; int ngroups; bool dynamicOwnership; + bool mountNamespace; char *baselabel; virSecurityManagerDACChownCallback chownCallback; }; @@ -238,6 +239,15 @@ virSecurityDACSetDynamicOwnership(virSecurityManagerPtr mgr, } void +virSecurityDACSetMountNamespace(virSecurityManagerPtr mgr, + bool mountNamespace) +{ + virSecurityDACDataPtr priv = virSecurityManagerGetPrivateData(mgr); + priv->mountNamespace = mountNamespace; +} + + +void virSecurityDACSetChownCallback(virSecurityManagerPtr mgr, virSecurityManagerDACChownCallback chownCallback) { diff --git a/src/security/security_dac.h b/src/security/security_dac.h index 846cefbb5..97681c961 100644 --- a/src/security/security_dac.h +++ b/src/security/security_dac.h @@ -32,6 +32,9 @@ int virSecurityDACSetUserAndGroup(virSecurityManagerPtr mgr, void virSecurityDACSetDynamicOwnership(virSecurityManagerPtr mgr, bool dynamic); +void virSecurityDACSetMountNamespace(virSecurityManagerPtr mgr, + bool mountNamespace); + void virSecurityDACSetChownCallback(virSecurityManagerPtr mgr, virSecurityManagerDACChownCallback chownCallback); diff --git a/src/security/security_manager.c b/src/security/security_manager.c index 95b995230..e43c99d4f 100644 --- a/src/security/security_manager.c +++ b/src/security/security_manager.c @@ -146,7 +146,8 @@ virSecurityManagerNewDAC(const char *virtDriver, virSecurityManagerPtr mgr; virCheckFlags(VIR_SECURITY_MANAGER_NEW_MASK | - VIR_SECURITY_MANAGER_DYNAMIC_OWNERSHIP, NULL); + VIR_SECURITY_MANAGER_DYNAMIC_OWNERSHIP | + VIR_SECURITY_MANAGER_MOUNT_NAMESPACE, NULL); mgr = virSecurityManagerNewDriver(&virSecurityDriverDAC, virtDriver, @@ -161,6 +162,7 @@ virSecurityManagerNewDAC(const char *virtDriver, } virSecurityDACSetDynamicOwnership(mgr, flags & VIR_SECURITY_MANAGER_DYNAMIC_OWNERSHIP); + virSecurityDACSetMountNamespace(mgr, flags & VIR_SECURITY_MANAGER_MOUNT_NAMESPACE); virSecurityDACSetChownCallback(mgr, chownCallback); return mgr; diff --git a/src/security/security_manager.h b/src/security/security_manager.h index 01296d339..08fb89203 100644 --- a/src/security/security_manager.h +++ b/src/security/security_manager.h @@ -36,6 +36,7 @@ typedef enum { VIR_SECURITY_MANAGER_REQUIRE_CONFINED = 1 << 2, VIR_SECURITY_MANAGER_PRIVILEGED = 1 << 3, VIR_SECURITY_MANAGER_DYNAMIC_OWNERSHIP = 1 << 4, + VIR_SECURITY_MANAGER_MOUNT_NAMESPACE = 1 << 5, } virSecurityManagerNewFlags; # define VIR_SECURITY_MANAGER_NEW_MASK \