]> xenbits.xensource.com Git - libvirt.git/commitdiff
projects / libvirt.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: ea04d1a)
security: label the slic_table
authorJán Tomko <jtomko@redhat.com>
Fri, 13 May 2016 14:16:55 +0000 (16:16 +0200)
committerJán Tomko <jtomko@redhat.com>
Wed, 25 May 2016 15:15:21 +0000 (17:15 +0200)
Add support for the slic_table to the security drivers.

src/security/security_dac.c patch | blob | blame | history
src/security/security_selinux.c patch | blob | blame | history
src/security/virt-aa-helper.c patch | blob | blame | history

diff --git a/src/security/security_dac.c b/src/security/security_dac.c
index df3ed4793be8c30e7610733bc37e5a228d5b3ec4..442ce70d17bd783b0dcb3dcd6b779de55a47258e 100644 (file)
--- a/src/security/security_dac.c
+++ b/src/security/security_dac.c
@@ -1218,6 +1218,11 @@ virSecurityDACSetAllLabel(virSecurityManagerPtr mgr,
                                    def->os.dtb, user, group) < 0)
         return -1;
 
+    if (def->os.slic_table &&
+        virSecurityDACSetOwnership(priv, NULL,
+                                   def->os.slic_table, user, group) < 0)
+        return -1;
+
     return 0;
 }
 
diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
index b33d54a81d58c7b1f9c74d0a66c6b0025f8633a2..aa61767e96c1f7ef8dbc930d6e4c1e551ef2ed44 100644 (file)
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -2444,6 +2444,11 @@ virSecuritySELinuxSetAllLabel(virSecurityManagerPtr mgr,
                                      data->content_context) < 0)
         return -1;
 
+    if (def->os.slic_table &&
+        virSecuritySELinuxSetFilecon(mgr, def->os.slic_table,
+                                     data->content_context) < 0)
+        return -1;
+
     if (stdin_path &&
         virSecuritySELinuxSetFilecon(mgr, stdin_path,
                                      data->content_context) < 0)
diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c
index 537e89d8c0c48c426fbdb538d92055d0f29c47f9..691bbdf63afee75018a4d6991d8dd7307318766e 100644 (file)
--- a/src/security/virt-aa-helper.c
+++ b/src/security/virt-aa-helper.c
@@ -993,6 +993,10 @@ get_files(vahControl * ctl)
         if (vah_add_file(&buf, ctl->def->os.dtb, "r") != 0)
             goto cleanup;
 
+    if (ctl->def->os.slic_table)
+        if (vah_add_file(&buf, ctl->def->os.slic_table, "r") != 0)
+            goto cleanup;
+
     if (ctl->def->os.loader && ctl->def->os.loader->path)
         if (vah_add_file(&buf, ctl->def->os.loader->path, "r") != 0)
             goto cleanup;
Unnamed repository; edit this file 'description' to name the repository.