From daa6aa687aa91121bce4e10649b62e3039810400 Mon Sep 17 00:00:00 2001
From: Eric Blake <eblake@redhat.com>
Date: Mon, 28 Mar 2011 15:50:22 -0600
Subject: [PATCH] qemu: fix regression with fd labeling on migration

My earlier testing for commit 34fa0de0 was done while starting
just-built libvirt from an unconfined_t shell, where the fds happened
to work when transferring to qemu.  But when installed and run under
virtd_t, failure to label the raw file (with no compression) or the
pipe (with compression) triggers SELinux failures when passing fds
over SCM_RIGHTS to svirt_t qemu.

* src/qemu/qemu_migration.c (qemuMigrationToFile): When passing
FDs, make sure they are labeled.
---
 src/qemu/qemu_migration.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/src/qemu/qemu_migration.c b/src/qemu/qemu_migration.c
index 98b9d01315..43741e1d14 100644
--- a/src/qemu/qemu_migration.c
+++ b/src/qemu/qemu_migration.c
@@ -1304,8 +1304,12 @@ qemuMigrationToFile(struct qemud_driver *driver, virDomainObjPtr vm,
     if (qemuCaps && qemuCapsGet(qemuCaps, QEMU_CAPS_MIGRATE_QEMU_FD) &&
         (!compressor || pipe(pipeFD) == 0)) {
         /* All right! We can use fd migration, which means that qemu
-         * doesn't have to open() the file, so we don't have to futz
-         * around with granting access or revoking it later.  */
+         * doesn't have to open() the file, so while we still have to
+         * grant SELinux access, we can do it on fd and avoid cleanup
+         * later, as well as skip futzing with cgroup.  */
+        if (virSecurityManagerSetFDLabel(driver->securityManager, vm,
+                                         compressor ? pipeFD[1] : fd) < 0)
+            goto cleanup;
         is_reg = true;
         bypassSecurityDriver = true;
     } else {
-- 
2.39.5