From nobody Wed Jul 16 13:27:24 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1490196491751464.43831554190194; Wed, 22 Mar 2017 08:28:11 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 30E27C05AA6F; Wed, 22 Mar 2017 15:28:10 +0000 (UTC) Received: from colo-mx.corp.redhat.com (unknown [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 0AA7A7EFCF; Wed, 22 Mar 2017 15:28:10 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id B6E375EC64; Wed, 22 Mar 2017 15:28:09 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id v2MFS9CH002651 for ; Wed, 22 Mar 2017 11:28:09 -0400 Received: by smtp.corp.redhat.com (Postfix) id 502A519808; Wed, 22 Mar 2017 15:28:09 +0000 (UTC) Received: from beluga.usersys.redhat.com (dhcp129-94.brq.redhat.com [10.34.129.94]) by smtp.corp.redhat.com (Postfix) with ESMTP id 3F45E18EE1; Wed, 22 Mar 2017 15:28:03 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 30E27C05AA6F Authentication-Results: ext-mx08.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com Authentication-Results: ext-mx08.extmail.prod.ext.phx2.redhat.com; spf=pass smtp.mailfrom=libvir-list-bounces@redhat.com DKIM-Filter: OpenDKIM Filter v2.11.0 mx1.redhat.com 30E27C05AA6F From: Erik Skultety To: libvir-list@redhat.com Date: Wed, 22 Mar 2017 16:27:34 +0100 Message-Id: <2663c5b92c8e4a913ea8eea3c69d0ca1eaa0bfdf.1490196018.git.eskultet@redhat.com> In-Reply-To: References: In-Reply-To: References: X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-loop: libvir-list@redhat.com Cc: Erik Skultety Subject: [libvirt] [PATCH v4 06/14] security: Enable labeling of vfio mediated devices X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.32]); Wed, 22 Mar 2017 15:28:10 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Label the VFIO IOMMU devices under /dev/vfio/ referenced by the symlinks in the sysfs (e.g. /sys/class/mdev_bus//iommu_group) which what qemu actually gets formatted on the command line. This patch updates all of our security drivers. Signed-off-by: Erik Skultety --- src/security/security_apparmor.c | 21 +++++++++++++++++- src/security/security_dac.c | 45 ++++++++++++++++++++++++++++++++++++= -- src/security/security_selinux.c | 47 ++++++++++++++++++++++++++++++++++++= ++-- 3 files changed, 108 insertions(+), 5 deletions(-) diff --git a/src/security/security_apparmor.c b/src/security/security_appar= mor.c index f5b72e1c2d..fc55815261 100644 --- a/src/security/security_apparmor.c +++ b/src/security/security_apparmor.c @@ -51,6 +51,7 @@ #include "virlog.h" #include "virstring.h" #include "virscsi.h" +#include "virmdev.h" =20 #define VIR_FROM_THIS VIR_FROM_SECURITY =20 @@ -813,6 +814,7 @@ AppArmorSetSecurityHostdevLabel(virSecurityManagerPtr m= gr, virDomainHostdevSubsysPCIPtr pcisrc =3D &dev->source.subsys.u.pci; virDomainHostdevSubsysSCSIPtr scsisrc =3D &dev->source.subsys.u.scsi; virDomainHostdevSubsysSCSIVHostPtr hostsrc =3D &dev->source.subsys.u.s= csi_host; + virDomainHostdevSubsysMediatedDevPtr mdevsrc =3D &dev->source.subsys.u= .mdev; =20 if (!secdef || !secdef->relabel) return 0; @@ -901,8 +903,25 @@ AppArmorSetSecurityHostdevLabel(virSecurityManagerPtr = mgr, break; } =20 - case VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_MDEV: + case VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_MDEV: { + char *vfiodev =3D NULL; + virMediatedDevicePtr mdev =3D virMediatedDeviceNew(mdevsrc->uuidst= r, + mdevsrc->model); + + if (!mdev) + goto done; + + if (!(vfiodev =3D virMediatedDeviceGetIOMMUGroupDev(mdev))) { + virMediatedDeviceFree(mdev); + goto done; + } + + ret =3D AppArmorSetSecurityHostdevLabelHelper(vfiodev, ptr); + + VIR_FREE(vfiodev); + virMediatedDeviceFree(mdev); break; + } =20 case VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_LAST: ret =3D 0; diff --git a/src/security/security_dac.c b/src/security/security_dac.c index 4e968f29c0..922e484942 100644 --- a/src/security/security_dac.c +++ b/src/security/security_dac.c @@ -33,6 +33,7 @@ #include "virfile.h" #include "viralloc.h" #include "virlog.h" +#include "virmdev.h" #include "virpci.h" #include "virusb.h" #include "virscsi.h" @@ -867,6 +868,7 @@ virSecurityDACSetHostdevLabel(virSecurityManagerPtr mgr, virDomainHostdevSubsysPCIPtr pcisrc =3D &dev->source.subsys.u.pci; virDomainHostdevSubsysSCSIPtr scsisrc =3D &dev->source.subsys.u.scsi; virDomainHostdevSubsysSCSIVHostPtr hostsrc =3D &dev->source.subsys.u.s= csi_host; + virDomainHostdevSubsysMediatedDevPtr mdevsrc =3D &dev->source.subsys.u= .mdev; int ret =3D -1; =20 if (!priv->dynamicOwnership) @@ -964,7 +966,26 @@ virSecurityDACSetHostdevLabel(virSecurityManagerPtr mg= r, break; } =20 - case VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_MDEV: + case VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_MDEV: { + char *vfiodev =3D NULL; + virMediatedDevicePtr mdev =3D virMediatedDeviceNew(mdevsrc->uuidst= r, + mdevsrc->model); + + if (!mdev) + goto done; + + if (!(vfiodev =3D virMediatedDeviceGetIOMMUGroupDev(mdev))) { + virMediatedDeviceFree(mdev); + goto done; + } + + ret =3D virSecurityDACSetHostdevLabelHelper(vfiodev, &cbdata); + + VIR_FREE(vfiodev); + virMediatedDeviceFree(mdev); + break; + } + case VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_LAST: ret =3D 0; break; @@ -1032,6 +1053,7 @@ virSecurityDACRestoreHostdevLabel(virSecurityManagerP= tr mgr, virDomainHostdevSubsysPCIPtr pcisrc =3D &dev->source.subsys.u.pci; virDomainHostdevSubsysSCSIPtr scsisrc =3D &dev->source.subsys.u.scsi; virDomainHostdevSubsysSCSIVHostPtr hostsrc =3D &dev->source.subsys.u.s= csi_host; + virDomainHostdevSubsysMediatedDevPtr mdevsrc =3D &dev->source.subsys.u= .mdev; int ret =3D -1; =20 secdef =3D virDomainDefGetSecurityLabelDef(def, SECURITY_DAC_NAME); @@ -1120,7 +1142,26 @@ virSecurityDACRestoreHostdevLabel(virSecurityManager= Ptr mgr, break; } =20 - case VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_MDEV: + case VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_MDEV: { + char *vfiodev =3D NULL; + virMediatedDevicePtr mdev =3D virMediatedDeviceNew(mdevsrc->uuidst= r, + mdevsrc->model); + + if (!mdev) + goto done; + + if (!(vfiodev =3D virMediatedDeviceGetIOMMUGroupDev(mdev))) { + virMediatedDeviceFree(mdev); + goto done; + } + + ret =3D virSecurityDACRestoreFileLabel(virSecurityManagerGetPrivat= eData(mgr), + vfiodev); + VIR_FREE(vfiodev); + virMediatedDeviceFree(mdev); + break; + } + case VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_LAST: ret =3D 0; break; diff --git a/src/security/security_selinux.c b/src/security/security_selinu= x.c index 7b3276dc34..df7c96833e 100644 --- a/src/security/security_selinux.c +++ b/src/security/security_selinux.c @@ -36,6 +36,7 @@ #include "virerror.h" #include "viralloc.h" #include "virlog.h" +#include "virmdev.h" #include "virpci.h" #include "virusb.h" #include "virscsi.h" @@ -1741,6 +1742,7 @@ virSecuritySELinuxSetHostLabel(virSCSIVHostDevicePtr = dev ATTRIBUTE_UNUSED, return virSecuritySELinuxSetHostdevLabelHelper(file, opaque); } =20 + static int virSecuritySELinuxSetHostdevSubsysLabel(virSecurityManagerPtr mgr, virDomainDefPtr def, @@ -1752,6 +1754,7 @@ virSecuritySELinuxSetHostdevSubsysLabel(virSecurityMa= nagerPtr mgr, virDomainHostdevSubsysPCIPtr pcisrc =3D &dev->source.subsys.u.pci; virDomainHostdevSubsysSCSIPtr scsisrc =3D &dev->source.subsys.u.scsi; virDomainHostdevSubsysSCSIVHostPtr hostsrc =3D &dev->source.subsys.u.s= csi_host; + virDomainHostdevSubsysMediatedDevPtr mdevsrc =3D &dev->source.subsys.u= .mdev; virSecuritySELinuxCallbackData data =3D {.mgr =3D mgr, .def =3D def}; =20 int ret =3D -1; @@ -1838,7 +1841,26 @@ virSecuritySELinuxSetHostdevSubsysLabel(virSecurityM= anagerPtr mgr, break; } =20 - case VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_MDEV: + case VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_MDEV: { + char *vfiodev =3D NULL; + virMediatedDevicePtr mdev =3D virMediatedDeviceNew(mdevsrc->uuidst= r, + mdevsrc->model); + + if (!mdev) + goto done; + + if (!(vfiodev =3D virMediatedDeviceGetIOMMUGroupDev(mdev))) { + virMediatedDeviceFree(mdev); + goto done; + } + + ret =3D virSecuritySELinuxSetHostdevLabelHelper(vfiodev, &data); + + VIR_FREE(vfiodev); + virMediatedDeviceFree(mdev); + break; + } + case VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_LAST: ret =3D 0; break; @@ -1973,6 +1995,7 @@ virSecuritySELinuxRestoreHostLabel(virSCSIVHostDevice= Ptr dev ATTRIBUTE_UNUSED, return virSecuritySELinuxRestoreFileLabel(mgr, file); } =20 + static int virSecuritySELinuxRestoreHostdevSubsysLabel(virSecurityManagerPtr mgr, virDomainHostdevDefPtr dev, @@ -1983,6 +2006,7 @@ virSecuritySELinuxRestoreHostdevSubsysLabel(virSecuri= tyManagerPtr mgr, virDomainHostdevSubsysPCIPtr pcisrc =3D &dev->source.subsys.u.pci; virDomainHostdevSubsysSCSIPtr scsisrc =3D &dev->source.subsys.u.scsi; virDomainHostdevSubsysSCSIVHostPtr hostsrc =3D &dev->source.subsys.u.s= csi_host; + virDomainHostdevSubsysMediatedDevPtr mdevsrc =3D &dev->source.subsys.u= .mdev; int ret =3D -1; =20 /* Like virSecuritySELinuxRestoreImageLabelInt() for a networked @@ -2066,7 +2090,26 @@ virSecuritySELinuxRestoreHostdevSubsysLabel(virSecur= ityManagerPtr mgr, break; } =20 - case VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_MDEV: + case VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_MDEV: { + char *vfiodev =3D NULL; + virMediatedDevicePtr mdev =3D virMediatedDeviceNew(mdevsrc->uuidst= r, + mdevsrc->model); + + if (!mdev) + goto done; + + if (!(vfiodev =3D virMediatedDeviceGetIOMMUGroupDev(mdev))) { + virMediatedDeviceFree(mdev); + goto done; + } + + ret =3D virSecuritySELinuxRestoreFileLabel(mgr, vfiodev); + + VIR_FREE(vfiodev); + virMediatedDeviceFree(mdev); + break; + } + case VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_LAST: ret =3D 0; break; --=20 2.12.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list