From nobody Wed May 14 01:48:04 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1527167175356815.2168186120247; Thu, 24 May 2018 06:06:15 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id DFD663002088; Thu, 24 May 2018 13:06:12 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id A4AA128D3B; Thu, 24 May 2018 13:06:12 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 398AA18033EE; Thu, 24 May 2018 13:06:12 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w4OD3AXU002705 for ; Thu, 24 May 2018 09:03:10 -0400 Received: by smtp.corp.redhat.com (Postfix) id 478D25C8AC; Thu, 24 May 2018 13:03:10 +0000 (UTC) Received: from mx1.redhat.com (ext-mx20.extmail.prod.ext.phx2.redhat.com [10.5.110.49]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 3D09E5C3FD for ; Thu, 24 May 2018 13:03:06 +0000 (UTC) Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id A09733169F6B for ; Thu, 24 May 2018 13:03:04 +0000 (UTC) Received: from pps.filterd (m0098409.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.22/8.16.0.22) with SMTP id w4OCxM9j138354 for ; Thu, 24 May 2018 09:03:04 -0400 Received: from e18.ny.us.ibm.com (e18.ny.us.ibm.com [129.33.205.208]) by mx0a-001b2d01.pphosted.com with ESMTP id 2j5v6knejq-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Thu, 24 May 2018 09:03:03 -0400 Received: from localhost by e18.ny.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Thu, 24 May 2018 09:03:01 -0400 Received: from b01cxnp22033.gho.pok.ibm.com (9.57.198.23) by e18.ny.us.ibm.com (146.89.104.205) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; (version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256/256) Thu, 24 May 2018 09:02:59 -0400 Received: from b01ledav006.gho.pok.ibm.com (b01ledav006.gho.pok.ibm.com [9.57.199.111]) by b01cxnp22033.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id w4OD2wCf9306618 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL); Thu, 24 May 2018 13:02:58 GMT Received: from b01ledav006.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 73037AC041; Thu, 24 May 2018 09:04:27 -0400 (EDT) Received: from sbct-3.pok.ibm.com (unknown [9.47.158.153]) by b01ledav006.gho.pok.ibm.com (Postfix) with ESMTP id 51E46AC040; Thu, 24 May 2018 09:04:27 -0400 (EDT) From: Stefan Berger To: libvir-list@redhat.com Date: Thu, 24 May 2018 09:02:42 -0400 In-Reply-To: <20180524130245.1569144-1-stefanb@linux.vnet.ibm.com> References: <20180524130245.1569144-1-stefanb@linux.vnet.ibm.com> X-TM-AS-GCONF: 00 x-cbid: 18052413-0044-0000-0000-0000041A116F X-IBM-SpamModules-Scores: X-IBM-SpamModules-Versions: BY=3.00009065; HX=3.00000241; KW=3.00000007; PH=3.00000004; SC=3.00000261; SDB=6.01036001; UDB=6.00529949; IPR=6.00815130; MB=3.00021234; MTD=3.00000008; XFM=3.00000015; UTC=2018-05-24 13:03:00 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 18052413-0045-0000-0000-0000084C2DF5 Message-Id: <20180524130245.1569144-10-stefanb@linux.vnet.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2018-05-24_03:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=3 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 impostorscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1709140000 definitions=main-1805240154 X-Greylist: Sender passed SPF test, Sender IP whitelisted by DNSRBL, ACL 207 matched, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.49]); Thu, 24 May 2018 13:03:04 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.49]); Thu, 24 May 2018 13:03:04 +0000 (UTC) for IP:'148.163.156.1' DOMAIN:'mx0a-001b2d01.pphosted.com' HELO:'mx0a-001b2d01.pphosted.com' FROM:'stefanb@linux.vnet.ibm.com' RCPT:'' X-RedHat-Spam-Score: -0.7 (RCVD_IN_DNSWL_LOW) 148.163.156.1 mx0a-001b2d01.pphosted.com 148.163.156.1 mx0a-001b2d01.pphosted.com X-Scanned-By: MIMEDefang 2.84 on 10.5.110.49 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-loop: libvir-list@redhat.com Cc: jtomko@redhat.com Subject: [libvirt] [PATCH v7 09/12] security: Label the external swtpm with SELinux labels X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.42]); Thu, 24 May 2018 13:06:13 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" In this patch we label the swtpm process with SELinux labels. We give it the same label as the QEMU process has. We label its state directory and files as well. We restore the old security labels once the swtpm has terminated. The file and process labels now look as follows: Directory: /var/lib/libvirt/swtpm [root@localhost swtpm]# ls -lZ total 4 rwx------. 2 tss tss system_u:object_r:svirt_image_t:s0:c254,c932 4096 Ap= r 5 16:46 testvm [root@localhost testvm]# ls -lZ total 8 -rw-r--r--. 1 tss tss system_u:object_r:svirt_image_t:s0:c254,c932 3648 Apr= 5 16:46 tpm-00.permall The log in /var/log/swtpm/libvirt/qemu is labeled as follows: -rw-r--r--. 1 tss tss system_u:object_r:svirt_image_t:s0:c254,c932 2237 Apr= 5 16:46 vtpm.log [root@localhost 485d0004-a48f-436a-8457-8a3b73e28567]# ps auxZ | grep swtpm= | grep ctrl | grep -v grep system_u:system_r:svirt_t:s0:c254,c932 tss 25664 0.0 0.0 28172 3892 ? = Ss 16:57 0:00 /usr/bin/swtpm socket --daemon --ctrl type=3Dunixio,p= ath=3D/var/run/libvirt/qemu/swtpm/testvm-swtpm.sock,mode=3D0660 --tpmstate = dir=3D/var/lib/libvirt/swtpm/testvm/tpm1.2 --log file=3D/var/log/swtpm/libv= irt/qemu/testvm-swtpm.log [root@localhost 485d0004-a48f-436a-8457-8a3b73e28567]# ps auxZ | grep qemu = | grep tpm | grep -v grep system_u:system_r:svirt_t:s0:c254,c932 qemu 25669 99.0 0.0 3096704 48500 ?= Sl 16:57 3:28 /bin/qemu-system-x86_64 [..] Signed-off-by: Stefan Berger Reviewed-by: John Ferlan --- src/libvirt_private.syms | 2 + src/qemu/qemu_security.c | 69 +++++++++++++++++ src/qemu/qemu_security.h | 11 +++ src/qemu/qemu_tpm.c | 12 ++- src/security/security_driver.h | 7 ++ src/security/security_manager.c | 36 +++++++++ src/security/security_manager.h | 6 ++ src/security/security_selinux.c | 164 ++++++++++++++++++++++++++++++++++++= ++++ src/security/security_stack.c | 40 ++++++++++ 9 files changed, 345 insertions(+), 2 deletions(-) diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index d785e919ec..531682975d 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -1322,6 +1322,7 @@ virSecurityManagerRestoreImageLabel; virSecurityManagerRestoreInputLabel; virSecurityManagerRestoreMemoryLabel; virSecurityManagerRestoreSavedStateLabel; +virSecurityManagerRestoreTPMLabels; virSecurityManagerSetAllLabel; virSecurityManagerSetChardevLabel; virSecurityManagerSetChildProcessLabel; @@ -1336,6 +1337,7 @@ virSecurityManagerSetProcessLabel; virSecurityManagerSetSavedStateLabel; virSecurityManagerSetSocketLabel; virSecurityManagerSetTapFDLabel; +virSecurityManagerSetTPMLabels; virSecurityManagerStackAddNested; virSecurityManagerTransactionAbort; virSecurityManagerTransactionCommit; diff --git a/src/qemu/qemu_security.c b/src/qemu/qemu_security.c index 2aced22d2d..af3be42854 100644 --- a/src/qemu/qemu_security.c +++ b/src/qemu/qemu_security.c @@ -424,3 +424,72 @@ qemuSecurityRestoreChardevLabel(virQEMUDriverPtr drive= r, virSecurityManagerTransactionAbort(driver->securityManager); return ret; } + + +/* + * qemuSecurityStartTPMEmulator: + * + * @driver: the QEMU driver + * @def: the domain definition + * @cmd: the command to run + * @uid: the uid to run the emulator + * @gid: the gid to run the emulator + * @existstatus: pointer to int returning exit status of process + * @cmdret: pointer to int returning result of virCommandRun + * + * Start the TPM emulator with approriate labels. Apply security + * labels to files first. + * This function returns -1 on security setup error, 0 if all the + * setup was done properly. In case the virCommand failed to run + * 0 is returned but cmdret is set appropriately with the process + * exitstatus also set. + */ +int +qemuSecurityStartTPMEmulator(virQEMUDriverPtr driver, + virDomainDefPtr def, + virCommandPtr cmd, + uid_t uid, + gid_t gid, + int *exitstatus, + int *cmdret) +{ + int ret =3D -1; + + if (virSecurityManagerSetTPMLabels(driver->securityManager, + def) < 0) + goto cleanup; + + if (virSecurityManagerSetChildProcessLabel(driver->securityManager, + def, cmd) < 0) + goto cleanup; + + if (virSecurityManagerPreFork(driver->securityManager) < 0) + goto cleanup; + + ret =3D 0; + /* make sure we run this with the appropriate user */ + virCommandSetUID(cmd, uid); + virCommandSetGID(cmd, gid); + + *cmdret =3D virCommandRun(cmd, exitstatus); + + virSecurityManagerPostFork(driver->securityManager); + + if (*cmdret < 0) + goto cleanup; + + return 0; + + cleanup: + virSecurityManagerRestoreTPMLabels(driver->securityManager, def); + + return ret; +} + + +void +qemuSecurityCleanupTPMEmulator(virQEMUDriverPtr driver, + virDomainDefPtr def) +{ + virSecurityManagerRestoreTPMLabels(driver->securityManager, def); +} diff --git a/src/qemu/qemu_security.h b/src/qemu/qemu_security.h index d54ce6fead..a189b63828 100644 --- a/src/qemu/qemu_security.h +++ b/src/qemu/qemu_security.h @@ -84,6 +84,17 @@ int qemuSecurityRestoreChardevLabel(virQEMUDriverPtr dri= ver, virDomainObjPtr vm, virDomainChrDefPtr chr); =20 +int qemuSecurityStartTPMEmulator(virQEMUDriverPtr driver, + virDomainDefPtr def, + virCommandPtr cmd, + uid_t uid, + gid_t gid, + int *exitstatus, + int *cmdret); + +void qemuSecurityCleanupTPMEmulator(virQEMUDriverPtr driver, + virDomainDefPtr def); + /* Please note that for these APIs there is no wrapper yet. Do NOT blindly= add * new APIs here. If an API can touch a /dev file add a proper wrapper ins= tead. */ diff --git a/src/qemu/qemu_tpm.c b/src/qemu/qemu_tpm.c index 69d7698198..6897bbf482 100644 --- a/src/qemu/qemu_tpm.c +++ b/src/qemu/qemu_tpm.c @@ -29,6 +29,7 @@ =20 #include "qemu_extdevice.h" #include "qemu_domain.h" +#include "qemu_security.h" =20 #include "conf/domain_conf.h" #include "vircommand.h" @@ -654,11 +655,12 @@ qemuExtTPMStartEmulator(virQEMUDriverPtr driver, { int ret =3D -1; virCommandPtr cmd =3D NULL; - int exitstatus; + int exitstatus =3D 0; char *errbuf =3D NULL; virQEMUDriverConfigPtr cfg; virDomainTPMDefPtr tpm =3D def->tpm; char *shortName =3D virDomainDefGetShortName(def); + int cmdret =3D 0; =20 if (!shortName) return -1; @@ -679,7 +681,12 @@ qemuExtTPMStartEmulator(virQEMUDriverPtr driver, =20 virCommandSetErrorBuffer(cmd, &errbuf); =20 - if (virCommandRun(cmd, &exitstatus) < 0 || exitstatus !=3D 0) { + if (qemuSecurityStartTPMEmulator(driver, def, cmd, + cfg->swtpm_user, cfg->swtpm_group, + &exitstatus, &cmdret) < 0) + goto cleanup; + + if (cmdret < 0 || exitstatus !=3D 0) { virReportError(VIR_ERR_INTERNAL_ERROR, _("Could not start 'swtpm'. exitstatus: %d, " "error: %s"), exitstatus, errbuf); @@ -734,6 +741,7 @@ qemuExtTPMStop(virQEMUDriverPtr driver, goto cleanup; =20 qemuTPMEmulatorStop(cfg->swtpmStateDir, shortName); + qemuSecurityCleanupTPMEmulator(driver, def); break; case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH: case VIR_DOMAIN_TPM_TYPE_LAST: diff --git a/src/security/security_driver.h b/src/security/security_driver.h index 95e7c4de07..cbf0ecff6e 100644 --- a/src/security/security_driver.h +++ b/src/security/security_driver.h @@ -149,6 +149,10 @@ typedef int (*virSecurityDomainRestoreChardevLabel) (v= irSecurityManagerPtr mgr, virDomainDefPtr def, virDomainChrSourceDef= Ptr dev_source, bool chardevStdioLogd= ); +typedef int (*virSecurityDomainSetTPMLabels) (virSecurityManagerPtr mgr, + virDomainDefPtr def); +typedef int (*virSecurityDomainRestoreTPMLabels) (virSecurityManagerPtr mg= r, + virDomainDefPtr def); =20 =20 struct _virSecurityDriver { @@ -213,6 +217,9 @@ struct _virSecurityDriver { =20 virSecurityDomainSetChardevLabel domainSetSecurityChardevLabel; virSecurityDomainRestoreChardevLabel domainRestoreSecurityChardevLabel; + + virSecurityDomainSetTPMLabels domainSetSecurityTPMLabels; + virSecurityDomainRestoreTPMLabels domainRestoreSecurityTPMLabels; }; =20 virSecurityDriverPtr virSecurityDriverLookup(const char *name, diff --git a/src/security/security_manager.c b/src/security/security_manage= r.c index 71f7f59b9c..8683ad7d36 100644 --- a/src/security/security_manager.c +++ b/src/security/security_manager.c @@ -1204,3 +1204,39 @@ virSecurityManagerRestoreChardevLabel(virSecurityMan= agerPtr mgr, virReportUnsupportedError(); return -1; } + + +int +virSecurityManagerSetTPMLabels(virSecurityManagerPtr mgr, + virDomainDefPtr vm) +{ + int ret; + + if (mgr->drv->domainSetSecurityTPMLabels) { + virObjectLock(mgr); + ret =3D mgr->drv->domainSetSecurityTPMLabels(mgr, vm); + virObjectUnlock(mgr); + + return ret; + } + + return 0; +} + + +int +virSecurityManagerRestoreTPMLabels(virSecurityManagerPtr mgr, + virDomainDefPtr vm) +{ + int ret; + + if (mgr->drv->domainRestoreSecurityTPMLabels) { + virObjectLock(mgr); + ret =3D mgr->drv->domainRestoreSecurityTPMLabels(mgr, vm); + virObjectUnlock(mgr); + + return ret; + } + + return 0; +} diff --git a/src/security/security_manager.h b/src/security/security_manage= r.h index c36a8b488f..e772b6165e 100644 --- a/src/security/security_manager.h +++ b/src/security/security_manager.h @@ -194,4 +194,10 @@ int virSecurityManagerRestoreChardevLabel(virSecurityM= anagerPtr mgr, virDomainChrSourceDefPtr dev_sou= rce, bool chardevStdioLogd); =20 +int virSecurityManagerSetTPMLabels(virSecurityManagerPtr mgr, + virDomainDefPtr vm); + +int virSecurityManagerRestoreTPMLabels(virSecurityManagerPtr mgr, + virDomainDefPtr vm); + #endif /* VIR_SECURITY_MANAGER_H__ */ diff --git a/src/security/security_selinux.c b/src/security/security_selinu= x.c index 92e84155d1..6377fb7947 100644 --- a/src/security/security_selinux.c +++ b/src/security/security_selinux.c @@ -3048,6 +3048,167 @@ virSecuritySELinuxDomainSetPathLabel(virSecurityMan= agerPtr mgr, return virSecuritySELinuxSetFilecon(mgr, path, seclabel->imagelabel); } =20 + +/* + * _virSecuritySELinuxSetFileLabels: + * + * @mgr: the virSecurityManager + * @path: path to a directory or a file + * @seclabel: the security label + * + * Set the file labels on the given path; if the path is a directory + * we label all files found there, including the directory itself, + * otherwise we just label the file. + */ +static int +_virSecuritySELinuxSetFileLabels(virSecurityManagerPtr mgr, + const char *path, + virSecurityLabelDefPtr seclabel) +{ + int ret =3D 0; + struct dirent *ent; + char *filename =3D NULL; + DIR *dir; + + if ((ret =3D virSecuritySELinuxSetFilecon(mgr, path, seclabel->imagela= bel))) + return ret; + + if (!virFileIsDir(path)) + return 0; + + if (virDirOpen(&dir, path) < 0) + return -1; + + while ((ret =3D virDirRead(dir, &ent, path)) > 0) { + if (ent->d_type !=3D DT_REG) + continue; + + if (virAsprintf(&filename, "%s/%s", path, ent->d_name) < 0) { + ret =3D -1; + break; + } + ret =3D virSecuritySELinuxSetFilecon(mgr, filename, + seclabel->imagelabel); + VIR_FREE(filename); + if (ret < 0) + break; + } + if (ret < 0) + virReportSystemError(errno, _("Unable to label files under %s"), + path); + + virDirClose(&dir); + + return ret; +} + + +/* + * _virSecuritySELinuxRestoreFileLabels: + * + * @mgr: the virSecurityManager + * @path: path to a directory or a file + * + * Restore the file labels on the given path; if the path is a directory + * we restore all file labels found there, including the label of the + * directory itself, otherwise we just restore the label on the file. + */ +static int +_virSecuritySELinuxRestoreFileLabels(virSecurityManagerPtr mgr, + const char *path) +{ + int ret =3D 0; + struct dirent *ent; + char *filename =3D NULL; + DIR *dir; + + if ((ret =3D virSecuritySELinuxRestoreFileLabel(mgr, path))) + return ret; + + if (!virFileIsDir(path)) + return 0; + + if (virDirOpen(&dir, path) < 0) + return -1; + + while ((ret =3D virDirRead(dir, &ent, path)) > 0) { + if (ent->d_type !=3D DT_REG) + continue; + + if (virAsprintf(&filename, "%s/%s", path, ent->d_name) < 0) { + ret =3D -1; + break; + } + ret =3D virSecuritySELinuxRestoreFileLabel(mgr, filename); + VIR_FREE(filename); + if (ret < 0) + break; + } + if (ret < 0) + virReportSystemError(errno, _("Unable to restore file labels under= %s"), + path); + + virDirClose(&dir); + + return ret; +} + + +static int +virSecuritySELinuxSetTPMLabels(virSecurityManagerPtr mgr, + virDomainDefPtr def) +{ + int ret =3D 0; + virSecurityLabelDefPtr seclabel; + + seclabel =3D virDomainDefGetSecurityLabelDef(def, SECURITY_SELINUX_NAM= E); + if (seclabel =3D=3D NULL) + return 0; + + switch (def->tpm->type) { + case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH: + break; + case VIR_DOMAIN_TPM_TYPE_EMULATOR: + ret =3D _virSecuritySELinuxSetFileLabels( + mgr, def->tpm->data.emulator.storagepath, + seclabel); + if (ret =3D=3D 0 && def->tpm->data.emulator.logfile) + ret =3D _virSecuritySELinuxSetFileLabels( + mgr, def->tpm->data.emulator.logfile, + seclabel); + break; + case VIR_DOMAIN_TPM_TYPE_LAST: + break; + } + + return ret; +} + + +static int +virSecuritySELinuxRestoreTPMLabels(virSecurityManagerPtr mgr, + virDomainDefPtr def) +{ + int ret =3D 0; + + switch (def->tpm->type) { + case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH: + break; + case VIR_DOMAIN_TPM_TYPE_EMULATOR: + ret =3D _virSecuritySELinuxRestoreFileLabels( + mgr, def->tpm->data.emulator.storagepath); + if (ret =3D=3D 0 && def->tpm->data.emulator.logfile) + ret =3D _virSecuritySELinuxRestoreFileLabels( + mgr, def->tpm->data.emulator.logfile); + break; + case VIR_DOMAIN_TPM_TYPE_LAST: + break; + } + + return ret; +} + + virSecurityDriver virSecurityDriverSELinux =3D { .privateDataLen =3D sizeof(virSecuritySELinuxData), .name =3D SECURITY_SELINUX_NAME, @@ -3107,4 +3268,7 @@ virSecurityDriver virSecurityDriverSELinux =3D { =20 .domainSetSecurityChardevLabel =3D virSecuritySELinuxSetChardevLa= bel, .domainRestoreSecurityChardevLabel =3D virSecuritySELinuxRestoreChard= evLabel, + + .domainSetSecurityTPMLabels =3D virSecuritySELinuxSetTPMLabels, + .domainRestoreSecurityTPMLabels =3D virSecuritySELinuxRestoreTPMLa= bels, }; diff --git a/src/security/security_stack.c b/src/security/security_stack.c index 9615f9f972..e37a681293 100644 --- a/src/security/security_stack.c +++ b/src/security/security_stack.c @@ -760,6 +760,43 @@ virSecurityStackDomainRestoreChardevLabel(virSecurityM= anagerPtr mgr, return rc; } =20 + +static int +virSecurityStackSetTPMLabels(virSecurityManagerPtr mgr, + virDomainDefPtr vm) +{ + virSecurityStackDataPtr priv =3D virSecurityManagerGetPrivateData(mgr); + virSecurityStackItemPtr item =3D priv->itemsHead; + int rc =3D 0; + + for (; item; item =3D item->next) { + if (virSecurityManagerSetTPMLabels(item->securityManager, + vm) < 0) + rc =3D -1; + } + + return rc; +} + + +static int +virSecurityStackRestoreTPMLabels(virSecurityManagerPtr mgr, + virDomainDefPtr vm) +{ + virSecurityStackDataPtr priv =3D virSecurityManagerGetPrivateData(mgr); + virSecurityStackItemPtr item =3D priv->itemsHead; + int rc =3D 0; + + for (; item; item =3D item->next) { + if (virSecurityManagerRestoreTPMLabels(item->securityManager, + vm) < 0) + rc =3D -1; + } + + return rc; +} + + virSecurityDriver virSecurityDriverStack =3D { .privateDataLen =3D sizeof(virSecurityStackData), .name =3D "stack", @@ -822,4 +859,7 @@ virSecurityDriver virSecurityDriverStack =3D { =20 .domainSetSecurityChardevLabel =3D virSecurityStackDomainSetChard= evLabel, .domainRestoreSecurityChardevLabel =3D virSecurityStackDomainRestoreC= hardevLabel, + + .domainSetSecurityTPMLabels =3D virSecurityStackSetTPMLabels, + .domainRestoreSecurityTPMLabels =3D virSecurityStackRestoreTPMLabe= ls, }; --=20 2.14.3 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list