File CVE-2010-223x-0007.patch of Package libvirt
>From 38d7c5a26e4c12a784619f1ed4fc993d9af82032 Mon Sep 17 00:00:00 2001
From: Daniel P. Berrange <berrange@redhat.com>
Date: Tue, 15 Jun 2010 17:44:19 +0100
Subject: [PATCH 07/10] Security driver params
---
src/qemu/qemu_driver.c | 85 +++++++++++++++++++-----------
src/qemu/qemu_security_dac.c | 44 +++++++++++-----
src/qemu/qemu_security_stacked.c | 107 +++++++++++++++++++++++++-------------
src/security/security_apparmor.c | 57 +++++++++++++-------
src/security/security_driver.h | 40 ++++++++++----
src/security/security_selinux.c | 56 +++++++++++++------
6 files changed, 258 insertions(+), 131 deletions(-)
Index: libvirt-0.7.2/src/qemu/qemu_driver.c
===================================================================
--- libvirt-0.7.2.orig/src/qemu/qemu_driver.c
+++ libvirt-0.7.2/src/qemu/qemu_driver.c
@@ -312,7 +312,9 @@ qemuReconnectDomain(struct qemud_driver
if (obj->def->seclabel.type == VIR_DOMAIN_SECLABEL_DYNAMIC &&
driver->securityDriver &&
driver->securityDriver->domainReserveSecurityLabel &&
- driver->securityDriver->domainReserveSecurityLabel(NULL, obj) < 0)
+ driver->securityDriver->domainReserveSecurityLabel(NULL,
+ driver->securityDriver,
+ obj) < 0)
return -1;
if (obj->def->id >= driver->nextvmid)
@@ -1662,7 +1664,8 @@ static int qemudDomainSetSecurityLabel(v
{
if (vm->def->seclabel.label != NULL)
if (driver->securityDriver && driver->securityDriver->domainSetSecurityLabel)
- return driver->securityDriver->domainSetSecurityLabel(conn, driver->securityDriver,
+ return driver->securityDriver->domainSetSecurityLabel(conn,
+ driver->securityDriver,
vm);
return 0;
}
@@ -1975,7 +1978,9 @@ static int qemudStartVMDaemon(virConnect
if (vm->def->seclabel.type == VIR_DOMAIN_SECLABEL_DYNAMIC &&
driver->securityDriver &&
driver->securityDriver->domainGenSecurityLabel &&
- driver->securityDriver->domainGenSecurityLabel(conn, vm) < 0)
+ driver->securityDriver->domainGenSecurityLabel(conn,
+ driver->securityDriver,
+ vm) < 0)
return -1;
/* Ensure no historical cgroup for this VM is lieing around bogus settings */
@@ -2203,7 +2208,9 @@ static void qemudShutdownVMDaemon(virCon
/* Reset Security Labels */
if (driver->securityDriver)
- driver->securityDriver->domainRestoreSecurityLabel(conn, vm);
+ driver->securityDriver->domainRestoreSecurityLabel(conn,
+ driver->securityDriver,
+ vm);
/* Clear out dynamically assigned labels */
if (vm->def->seclabel.type == VIR_DOMAIN_SECLABEL_DYNAMIC) {
@@ -4756,7 +4763,10 @@ static int qemudDomainAttachHostDevice(v
if (qemuDomainSetDeviceOwnership(conn, driver, dev, 0) < 0)
return -1;
if (driver->securityDriver &&
- driver->securityDriver->domainSetSecurityHostdevLabel(conn, vm, dev->data.hostdev) < 0)
+ driver->securityDriver->domainSetSecurityHostdevLabel(conn,
+ driver->securityDriver,
+ vm,
+ dev->data.hostdev) < 0)
return -1;
switch (hostdev->source.subsys.type) {
@@ -4830,7 +4840,10 @@ static int qemudDomainAttachDevice(virDo
case VIR_DOMAIN_DISK_DEVICE_CDROM:
case VIR_DOMAIN_DISK_DEVICE_FLOPPY:
if (driver->securityDriver)
- driver->securityDriver->domainSetSecurityImageLabel(dom->conn, vm, dev->data.disk);
+ driver->securityDriver->domainSetSecurityImageLabel(dom->conn,
+ driver->securityDriver,
+ vm,
+ dev->data.disk);
if (qemuDomainSetDeviceOwnership(dom->conn, driver, dev, 0) < 0)
goto cleanup;
@@ -4840,7 +4853,10 @@ static int qemudDomainAttachDevice(virDo
case VIR_DOMAIN_DISK_DEVICE_DISK:
if (driver->securityDriver)
- driver->securityDriver->domainSetSecurityImageLabel(dom->conn, vm, dev->data.disk);
+ driver->securityDriver->domainSetSecurityImageLabel(dom->conn,
+ driver->securityDriver,
+ vm,
+ dev->data.disk);
if (qemuDomainSetDeviceOwnership(dom->conn, driver, dev, 0) < 0)
goto cleanup;
@@ -5121,7 +5137,10 @@ static int qemudDomainDetachHostDevice(v
}
if (driver->securityDriver &&
- driver->securityDriver->domainSetSecurityHostdevLabel(conn, vm, dev->data.hostdev) < 0)
+ driver->securityDriver->domainSetSecurityHostdevLabel(conn,
+ driver->securityDriver,
+ vm,
+ dev->data.hostdev) < 0)
VIR_WARN0("Failed to restore device labelling");
if (qemuDomainSetDeviceOwnership(conn, driver, dev, 1) < 0)
@@ -5165,7 +5184,10 @@ static int qemudDomainDetachDevice(virDo
dev->data.disk->bus == VIR_DOMAIN_DISK_BUS_VIRTIO)) {
ret = qemudDomainDetachPciDiskDevice(dom->conn, vm, dev);
if (driver->securityDriver)
- driver->securityDriver->domainRestoreSecurityImageLabel(dom->conn, vm, dev->data.disk);
+ driver->securityDriver->domainRestoreSecurityImageLabel(dom->conn,
+ driver->securityDriver,
+ vm,
+ dev->data.disk);
if (qemuDomainSetDeviceOwnership(dom->conn, driver, dev, 1) < 0)
VIR_WARN0("Fail to restore disk device ownership");
} else if (dev->type == VIR_DOMAIN_DEVICE_NET) {
Index: libvirt-0.7.2/src/security/security_apparmor.c
===================================================================
--- libvirt-0.7.2.orig/src/security/security_apparmor.c
+++ libvirt-0.7.2/src/security/security_apparmor.c
@@ -148,7 +148,10 @@ profile_status_file(const char *str)
* load (add) a profile. Will create one if necessary
*/
static int
-load_profile(virConnectPtr conn, const char *profile, virDomainObjPtr vm,
+load_profile(virConnectPtr conn,
+ virSecurityDriverPtr drv,
+ const char *profile,
+ virDomainObjPtr vm,
virDomainDiskDefPtr disk)
{
int rc = -1, status, ret;
@@ -319,7 +322,9 @@ AppArmorSecurityDriverOpen(virConnectPtr
* called on shutdown.
*/
static int
-AppArmorGenSecurityLabel(virConnectPtr conn, virDomainObjPtr vm)
+AppArmorGenSecurityLabel(virConnectPtr conn,
+ virSecurityDriverPtr drv ATTRIBUTE_UNUSED,
+ virDomainObjPtr vm)
{
int rc = -1;
char *profile_name = NULL;
@@ -337,7 +342,7 @@ AppArmorGenSecurityLabel(virConnectPtr c
/* if the profile is not already loaded, then load one */
if (profile_loaded(profile_name) < 0) {
- if (load_profile(conn, profile_name, vm, NULL) < 0) {
+ if (load_profile(conn, drv, profile_name, vm, NULL) < 0) {
virSecurityReportError(conn, VIR_ERR_ERROR,
_("cannot generate AppArmor profile "
"\'%s\'"), profile_name);
@@ -476,6 +481,7 @@ AppArmorSetSecurityLabel(virConnectPtr c
/* Called when hotplugging */
static int
AppArmorRestoreSecurityImageLabel(virConnectPtr conn,
+ virSecurityDriverPtr drv,
virDomainObjPtr vm,
virDomainDiskDefPtr disk ATTRIBUTE_UNUSED)
{
@@ -489,7 +495,7 @@ AppArmorRestoreSecurityImageLabel(virCon
/* Update the profile only if it is loaded */
if (profile_loaded(secdef->imagelabel) >= 0) {
- if (load_profile(conn, secdef->imagelabel, vm, NULL) < 0) {
+ if (load_profile(conn, drv, secdef->imagelabel, vm, NULL) < 0) {
virSecurityReportError(conn, VIR_ERR_ERROR,
_("cannot update AppArmor profile "
"\'%s\'"),
@@ -508,7 +514,9 @@ AppArmorRestoreSecurityImageLabel(virCon
/* Called when hotplugging */
static int
AppArmorSetSecurityImageLabel(virConnectPtr conn,
- virDomainObjPtr vm, virDomainDiskDefPtr disk)
+ virSecurityDriverPtr drv,
+ virDomainObjPtr vm,
+ virDomainDiskDefPtr disk)
{
const virSecurityLabelDefPtr secdef = &vm->def->seclabel;
int rc = -1;
@@ -530,7 +538,7 @@ AppArmorSetSecurityImageLabel(virConnect
/* update the profile only if it is loaded */
if (profile_loaded(secdef->imagelabel) >= 0) {
- if (load_profile(conn, secdef->imagelabel, vm, disk) < 0) {
+ if (load_profile(conn, drv, secdef->imagelabel, vm, disk) < 0) {
virSecurityReportError(conn, VIR_ERR_ERROR,
_("cannot update AppArmor profile "
"\'%s\'"),
@@ -565,7 +573,8 @@ AppArmorSecurityVerify(virConnectPtr con
static int
AppArmorReserveSecurityLabel(virConnectPtr conn ATTRIBUTE_UNUSED,
- virDomainObjPtr vm ATTRIBUTE_UNUSED)
+ virSecurityDriverPtr drv ATTRIBUTE_UNUSED,
+ virDomainObjPtr vm ATTRIBUTE_UNUSED)
{
/* NOOP. Nothing to reserve with AppArmor */
return 0;
@@ -573,6 +582,7 @@ AppArmorReserveSecurityLabel(virConnectP
static int
AppArmorSetSecurityHostdevLabel(virConnectPtr conn ATTRIBUTE_UNUSED,
+ virSecurityDriverPtr drv ATTRIBUTE_UNUSED,
virDomainObjPtr vm ATTRIBUTE_UNUSED,
virDomainHostdevDefPtr dev ATTRIBUTE_UNUSED)
@@ -583,6 +593,7 @@ AppArmorSetSecurityHostdevLabel(virConne
static int
AppArmorRestoreSecurityHostdevLabel(virConnectPtr conn ATTRIBUTE_UNUSED,
+ virSecurityDriverPtr drv ATTRIBUTE_UNUSED,
virDomainHostdevDefPtr dev ATTRIBUTE_UNUSED)
{
Index: libvirt-0.7.2/src/security/security_driver.h
===================================================================
--- libvirt-0.7.2.orig/src/security/security_driver.h
+++ libvirt-0.7.2/src/security/security_driver.h
@@ -32,24 +32,31 @@ typedef virSecurityDriverStatus (*virSec
typedef int (*virSecurityDriverOpen) (virConnectPtr conn,
virSecurityDriverPtr drv);
typedef int (*virSecurityDomainRestoreImageLabel) (virConnectPtr conn,
+ virSecurityDriverPtr drv,
virDomainObjPtr vm,
virDomainDiskDefPtr disk);
typedef int (*virSecurityDomainSetImageLabel) (virConnectPtr conn,
+ virSecurityDriverPtr drv,
virDomainObjPtr vm,
virDomainDiskDefPtr disk);
typedef int (*virSecurityDomainRestoreHostdevLabel) (virConnectPtr conn,
+ virSecurityDriverPtr drv,
virDomainHostdevDefPtr dev);
typedef int (*virSecurityDomainSetHostdevLabel) (virConnectPtr conn,
+ virSecurityDriverPtr drv,
virDomainObjPtr vm,
virDomainHostdevDefPtr dev);
typedef int (*virSecurityDomainGenLabel) (virConnectPtr conn,
+ virSecurityDriverPtr drv,
virDomainObjPtr sec);
typedef int (*virSecurityDomainReserveLabel) (virConnectPtr conn,
+ virSecurityDriverPtr drv,
virDomainObjPtr sec);
typedef int (*virSecurityDomainGetLabel) (virConnectPtr conn,
virDomainObjPtr vm,
virSecurityLabelPtr sec);
typedef int (*virSecurityDomainRestoreLabel) (virConnectPtr conn,
+ virSecurityDriverPtr drv,
virDomainObjPtr vm);
typedef int (*virSecurityDomainSetLabel) (virConnectPtr conn,
virSecurityDriverPtr drv,
Index: libvirt-0.7.2/src/security/security_selinux.c
===================================================================
--- libvirt-0.7.2.orig/src/security/security_selinux.c
+++ libvirt-0.7.2/src/security/security_selinux.c
@@ -159,6 +159,7 @@ SELinuxInitialize(virConnectPtr conn)
static int
SELinuxGenSecurityLabel(virConnectPtr conn,
+ virSecurityDriverPtr drv ATTRIBUTE_UNUSED,
virDomainObjPtr vm)
{
int rc = -1;
@@ -221,6 +222,7 @@ done:
static int
SELinuxReserveSecurityLabel(virConnectPtr conn,
+ virSecurityDriverPtr drv ATTRIBUTE_UNUSED,
virDomainObjPtr vm)
{
security_context_t pctx;
@@ -378,6 +380,7 @@ err:
static int
SELinuxRestoreSecurityImageLabel(virConnectPtr conn,
+ virSecurityDriverPtr drv ATTRIBUTE_UNUSED,
virDomainObjPtr vm ATTRIBUTE_UNUSED,
virDomainDiskDefPtr disk)
{
@@ -423,6 +426,7 @@ SELinuxSetSecurityFileLabel(virDomainDis
static int
SELinuxSetSecurityImageLabel(virConnectPtr conn,
+ virSecurityDriverPtr drv ATTRIBUTE_UNUSED,
virDomainObjPtr vm,
virDomainDiskDefPtr disk)
@@ -462,6 +466,7 @@ SELinuxSetSecurityUSBLabel(virConnectPtr
static int
SELinuxSetSecurityHostdevLabel(virConnectPtr conn,
+ virSecurityDriverPtr drv ATTRIBUTE_UNUSED,
virDomainObjPtr vm,
virDomainHostdevDefPtr dev)
@@ -535,6 +540,7 @@ SELinuxRestoreSecurityUSBLabel(virConnec
static int
SELinuxRestoreSecurityHostdevLabel(virConnectPtr conn,
+ virSecurityDriverPtr drv ATTRIBUTE_UNUSED,
virDomainHostdevDefPtr dev)
{
@@ -585,6 +591,7 @@ done:
static int
SELinuxRestoreSecurityLabel(virConnectPtr conn,
+ virSecurityDriverPtr drv,
virDomainObjPtr vm)
{
const virSecurityLabelDefPtr secdef = &vm->def->seclabel;
@@ -595,11 +602,11 @@ SELinuxRestoreSecurityLabel(virConnectPt
if (secdef->imagelabel) {
for (i = 0 ; i < vm->def->nhostdevs ; i++) {
- if (SELinuxRestoreSecurityHostdevLabel(conn, vm->def->hostdevs[i]) < 0)
+ if (SELinuxRestoreSecurityHostdevLabel(conn, drv, vm->def->hostdevs[i]) < 0)
rc = -1;
}
for (i = 0 ; i < vm->def->ndisks ; i++) {
- if (SELinuxRestoreSecurityImageLabel(conn, vm,
+ if (SELinuxRestoreSecurityImageLabel(conn, drv, vm,
vm->def->disks[i]) < 0)
rc = -1;
}
@@ -658,11 +665,11 @@ SELinuxSetSecurityLabel(virConnectPtr co
if (secdef->imagelabel) {
for (i = 0 ; i < vm->def->ndisks ; i++) {
- if (SELinuxSetSecurityImageLabel(conn, vm, vm->def->disks[i]) < 0)
+ if (SELinuxSetSecurityImageLabel(conn, drv, vm, vm->def->disks[i]) < 0)
return -1;
}
for (i = 0 ; i < vm->def->nhostdevs ; i++) {
- if (SELinuxSetSecurityHostdevLabel(conn, vm, vm->def->hostdevs[i]) < 0)
+ if (SELinuxSetSecurityHostdevLabel(conn, drv, vm, vm->def->hostdevs[i]) < 0)
return -1;
}
}
