From nobody Tue May 13 13:31:24 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1536572238683475.1669746859794; Mon, 10 Sep 2018 02:37:18 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 1BE0F88312; Mon, 10 Sep 2018 09:37:17 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id D2B855DA62; Mon, 10 Sep 2018 09:37:16 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 85DA64A46C; Mon, 10 Sep 2018 09:37:16 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w8A9asj8030723 for ; Mon, 10 Sep 2018 05:36:54 -0400 Received: by smtp.corp.redhat.com (Postfix) id ADD9C10EE839; Mon, 10 Sep 2018 09:36:54 +0000 (UTC) Received: from moe.brq.redhat.com (unknown [10.43.2.192]) by smtp.corp.redhat.com (Postfix) with ESMTP id 4D85C10EE836 for ; Mon, 10 Sep 2018 09:36:54 +0000 (UTC) From: Michal Privoznik To: libvir-list@redhat.com Date: Mon, 10 Sep 2018 11:36:05 +0200 Message-Id: <31ce469d402b06d28e0ceda66dce91c74a51ba71.1536571504.git.mprivozn@redhat.com> In-Reply-To: References: In-Reply-To: References: X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v4 04/23] virSecurityManagerTransactionCommit: Accept pid == -1 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.28]); Mon, 10 Sep 2018 09:37:17 +0000 (UTC) X-ZohoMail: RDMRC_0 RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" It will be desirable to run transactions more often than we currently do. Even if the domain we're relabeling the paths for does not run in a namespace. If that's the case, there is no need to fork() as we are already running in the right namespace. To differentiate whether transaction code should fork() or not the @pid argument now accepts -1 (which means do not fork). Signed-off-by: Michal Privoznik Reviewed-by: John Ferlan --- src/security/security_dac.c | 22 ++++++++++++++-------- src/security/security_manager.c | 14 +++++++++----- src/security/security_selinux.c | 23 +++++++++++++++-------- 3 files changed, 38 insertions(+), 21 deletions(-) diff --git a/src/security/security_dac.c b/src/security/security_dac.c index 2a5f8639fe..926c9a33c1 100644 --- a/src/security/security_dac.c +++ b/src/security/security_dac.c @@ -485,11 +485,14 @@ virSecurityDACTransactionStart(virSecurityManagerPtr = mgr) * @mgr: security manager * @pid: domain's PID * - * Enters the @pid namespace (usually @pid refers to a domain) and - * performs all the chown()-s on the list. Note that the transaction is - * also freed, therefore new one has to be started after successful - * return from this function. Also it is considered as error if there's - * no transaction set and this function is called. + * If @pid is not -1 then enter the @pid namespace (usually @pid refers + * to a domain) and perform all the chown()-s on the list. If @pid is -1 + * then the transaction is performed in the namespace of the caller. + * + * Note that the transaction is also freed, therefore new one has to be + * started after successful return from this function. Also it is + * considered as error if there's no transaction set and this function + * is called. * * Returns: 0 on success, * -1 otherwise. @@ -514,9 +517,12 @@ virSecurityDACTransactionCommit(virSecurityManagerPtr = mgr ATTRIBUTE_UNUSED, goto cleanup; } =20 - if (virProcessRunInMountNamespace(pid, - virSecurityDACTransactionRun, - list) < 0) + if ((pid =3D=3D -1 && + virSecurityDACTransactionRun(pid, list) < 0) || + (pid !=3D -1 && + virProcessRunInMountNamespace(pid, + virSecurityDACTransactionRun, + list) < 0)) goto cleanup; =20 ret =3D 0; diff --git a/src/security/security_manager.c b/src/security/security_manage= r.c index 21eb6f7452..9f770d8c53 100644 --- a/src/security/security_manager.c +++ b/src/security/security_manager.c @@ -267,11 +267,15 @@ virSecurityManagerTransactionStart(virSecurityManager= Ptr mgr) * @mgr: security manager * @pid: domain's PID * - * Enters the @pid namespace (usually @pid refers to a domain) and - * performs all the operations on the transaction list. Note that the - * transaction is also freed, therefore new one has to be started after - * successful return from this function. Also it is considered as error - * if there's no transaction set and this function is called. + * If @pid is not -1 then enter the @pid namespace (usually @pid refers + * to a domain) and perform all the operations on the transaction list. + * If @pid is -1 then the transaction is performed in the namespace of + * the caller. + * + * Note that the transaction is also freed, therefore new one has to be + * started after successful return from this function. Also it is + * considered as error if there's no transaction set and this function + * is called. * * Returns: 0 on success, * -1 otherwise. diff --git a/src/security/security_selinux.c b/src/security/security_selinu= x.c index 96944d0202..288f3628f7 100644 --- a/src/security/security_selinux.c +++ b/src/security/security_selinux.c @@ -1040,11 +1040,15 @@ virSecuritySELinuxTransactionStart(virSecurityManag= erPtr mgr) * @mgr: security manager * @pid: domain's PID * - * Enters the @pid namespace (usually @pid refers to a domain) and - * performs all the sefilecon()-s on the list. Note that the - * transaction is also freed, therefore new one has to be started after - * successful return from this function. Also it is considered as error - * if there's no transaction set and this function is called. + * If @pis is not -1 then enter the @pid namespace (usually @pid refers + * to a domain) and perform all the sefilecon()-s on the list. If @pid + * is -1 then the transaction is performed in the namespace of the + * caller. + * + * Note that the transaction is also freed, therefore new one has to be + * started after successful return from this function. Also it is + * considered as error if there's no transaction set and this function + * is called. * * Returns: 0 on success, * -1 otherwise. @@ -1066,9 +1070,12 @@ virSecuritySELinuxTransactionCommit(virSecurityManag= erPtr mgr ATTRIBUTE_UNUSED, goto cleanup; } =20 - if (virProcessRunInMountNamespace(pid, - virSecuritySELinuxTransactionRun, - list) < 0) + if ((pid =3D=3D -1 && + virSecuritySELinuxTransactionRun(pid, list) < 0) || + (pid !=3D -1 && + virProcessRunInMountNamespace(pid, + virSecuritySELinuxTransactionRun, + list) < 0)) goto cleanup; =20 ret =3D 0; --=20 2.16.4 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list