1. Patchew
  2. Libvirt
  3. [libvirt] [PATCH 0/2] Resolve linking issue of storage driver to apparmor helper
  4. View patch

[libvirt] [PATCH 2/2] security: apparmor: load the storage driver dynamically

Peter Krempa posted 2 patches 7 years, 9 months ago
[libvirt] [PATCH 2/2] security: apparmor: load the storage driver dynamically
Posted by Peter Krempa 7 years, 9 months ago 
In commit 5e515b542d I've attempted to fix the inability to access
storage from the apparmor helper program by linking with the storage
driver. By linking with the .so the linker complains that it's not
portable. Fix this by loading the module dynamically as we are supposed
to do.
---

Notes:
    This patch is possible even with the previous patch, but it would be slightly
    more complex, since it would need the logic to determine whether to load the
    module or just initialize it.

 src/Makefile.am               |  2 +-
 src/security/virt-aa-helper.c | 10 +++++-----
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/src/Makefile.am b/src/Makefile.am
index 471be40d1..b8e875482 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -3124,7 +3124,7 @@ virt_aa_helper_LDADD =						\
 		libvirt.la					\
 		libvirt_conf.la					\
 		libvirt_util.la					\
-		libvirt_driver_storage.la			\
+		libvirt_driver_storage_impl.la			\
 		../gnulib/lib/libgnu.la
 if WITH_DTRACE_PROBES
 virt_aa_helper_LDADD += libvirt_probes.lo
diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c
index a751d6deb..35dcb35bc 100644
--- a/src/security/virt-aa-helper.c
+++ b/src/security/virt-aa-helper.c
@@ -41,6 +41,7 @@
 #include "viralloc.h"
 #include "vircommand.h"
 #include "virlog.h"
+#include "driver.h"

 #include "security_driver.h"
 #include "security_apparmor.h"
@@ -56,7 +57,6 @@
 #include "virgettext.h"

 #include "storage/storage_source.h"
-#include "storage/storage_backend.h"

 #define VIR_FROM_THIS VIR_FROM_SECURITY

@@ -927,10 +927,10 @@ get_files(vahControl * ctl)
         goto cleanup;
     }

-    if (virStorageBackendDriversRegister(false) < 0) {
-        vah_error(ctl, 0, _("failed to register storage driver backend"));
-        goto cleanup;
-    }
+    /* load the storage driver so that backing store can be accessed */
+#ifdef WITH_STORAGE
+    virDriverLoadModule("storage", "storageRegister");
+#endif

     for (i = 0; i < ctl->def->ndisks; i++) {
         virDomainDiskDefPtr disk = ctl->def->disks[i];
-- 
2.13.2

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 2/2] security: apparmor: load the storage driver dynamically
Posted by Daniel P. Berrange 7 years, 9 months ago 
On Wed, Jul 26, 2017 at 10:12:14PM +0200, Peter Krempa wrote:
> In commit 5e515b542d I've attempted to fix the inability to access
> storage from the apparmor helper program by linking with the storage
> driver. By linking with the .so the linker complains that it's not
> portable. Fix this by loading the module dynamically as we are supposed
> to do.
> ---
> 
> Notes:
>     This patch is possible even with the previous patch, but it would be slightly
>     more complex, since it would need the logic to determine whether to load the
>     module or just initialize it.
> 
>  src/Makefile.am               |  2 +-
>  src/security/virt-aa-helper.c | 10 +++++-----
>  2 files changed, 6 insertions(+), 6 deletions(-)

Reviewed-by: Daniel P. Berrange <berrange@redhat.com>



Regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Patchew 2.1-devel-8c64711

© 2016 - 2025 Red Hat, Inc.