openkylin
/
libvirt
mirror of https://gitee.com/openkylin/libvirt.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity
3,780 Commits 7 Branches 582 Tags 800 MiB
C 96.1%
Python 1.4%
Meson 0.9%
Perl 0.6%
Shell 0.5%
Other 0.4%
Go to file
Daniel P. Berrange 0c0e0d0263 Refactor setup & cleanup of security labels in security driver 
The current security driver architecture has the following
split of logic

 * domainGenSecurityLabel

    Allocate the unique label for the domain about to be started

 * domainGetSecurityLabel

    Retrieve the current live security label for a process

 * domainSetSecurityLabel

    Apply the previously allocated label to the current process
    Setup all disk image / device labelling

 * domainRestoreSecurityLabel

    Restore the original disk image / device labelling.
    Release the unique label for the domain

The 'domainSetSecurityLabel' method is special because it runs
in the context of the child process between the fork + exec.

This is require in order to set the process label. It is not
required in order to label disks/devices though. Having the
disk labelling code run in the child process limits what it
can do.

In particularly libvirtd would like to remember the current
disk image label, and only change shared image labels for the
first VM to start. This requires use & update of global state
in the libvirtd daemon, and thus cannot run in the child
process context.

The solution is to split domainSetSecurityLabel into two parts,
one applies process label, and the other handles disk image
labelling. At the same time domainRestoreSecurityLabel is
similarly split, just so that it matches the style. Thus the
previous 4 methods are replaced by the following 6 new methods

 * domainGenSecurityLabel

    Allocate the unique label for the domain about to be started
    No actual change here.

 * domainReleaseSecurityLabel

   Release the unique label for the domain

 * domainGetSecurityProcessLabel

   Retrieve the current live security label for a process
   Merely renamed for clarity.

 * domainSetSecurityProcessLabel

   Apply the previously allocated label to the current process

 * domainRestoreSecurityAllLabel

    Restore the original disk image / device labelling.

 * domainSetSecurityAllLabel

    Setup all disk image / device labelling

The SELinux and AppArmour drivers are then updated to comply with
this new spec. Notice that the AppArmour driver was actually a
little different. It was creating its profile for the disk image
and device labels in the 'domainGenSecurityLabel' method, where as
the SELinux driver did it in 'domainSetSecurityLabel'. With the
new method split, we can have consistency, with both drivers doing
that in the domainSetSecurityAllLabel method.

NB, the AppArmour changes here haven't been compiled so may not
build.
 		2010-01-21 14:00:16 +00:00
.gnulib@146d914507 logging: confirm that we want to ignore a write error 2010-01-19 21:28:41 +01:00
build-aux Commit bootstrap .gitignore additions 2010-01-12 14:36:11 -05:00
daemon Make all bitfields unsigned ints to avoid unexpected values in casts 2010-01-20 16:33:02 +00:00
docs Implement support for multi IQN 2010-01-21 12:50:52 +01:00
examples gnulib added a new syntax-check test: use $(VAR), not @VAR@ 2010-01-18 09:50:08 +01:00
include Add new API virDomainMemoryStats to header and drivers 2009-12-20 13:28:42 +01:00
m4 remove all .cvsignore files 2009-07-08 16:17:51 +02:00
po Implement path lookup for USB by vendor:product 2010-01-13 15:24:41 -05:00
proxy gnulib added a new syntax-check test: use $(VAR), not @VAR@ 2010-01-18 09:50:08 +01:00
python gnulib added a new syntax-check test: use $(VAR), not @VAR@ 2010-01-18 09:50:08 +01:00
src Refactor setup & cleanup of security labels in security driver 2010-01-21 14:00:16 +00:00
tests Unset copied environment variables in qemuxml2argvtest 2010-01-20 23:22:15 +01:00
tools Document cpu-compare command in virsh man page 2010-01-20 16:23:05 +01:00
.gitignore Remove some auto-generated files 2009-10-09 13:01:22 +01:00
.gitmodules make .gnulib a submodule 2009-07-08 16:17:51 +02:00
.hgignore Add qemuhelptest to .*ignore files 2009-06-16 14:06:48 +00:00
.x-sc_avoid_ctype_macros exempt gnulib from ctype-macros prohibition 2008-10-28 17:36:31 +00:00
.x-sc_avoid_if_before_free avoid a "make syntax-check" failure 2009-07-09 20:00:37 +02:00
.x-sc_avoid_write Fully asynchronous monitor I/O processing 2009-11-10 13:27:18 +00:00
.x-sc_m4_quote_check syntax-check: enable more checks 2009-02-03 13:08:36 +00:00
.x-sc_prohibit_HAVE_MBRTOWC maint: sync from coreutils 2009-01-29 18:06:19 +00:00
.x-sc_prohibit_VIR_ERR_NO_MEMORY Various syntax-check fixes. 2009-10-26 10:34:05 +01:00
.x-sc_prohibit_asprintf add .x-sc_prohibit_asprintf 2008-12-23 13:40:42 +00:00
.x-sc_prohibit_gethostby Various syntax-check fixes. 2009-10-26 10:34:05 +01:00
.x-sc_prohibit_gethostname Add a new syntax-check rule for gethostname. 2009-10-26 10:34:27 +01:00
.x-sc_prohibit_have_config_h maint: sync from coreutils 2009-01-29 18:06:19 +00:00
.x-sc_prohibit_nonreentrant Tighten up nonreentrant syntax-check. 2009-10-26 10:33:42 +01:00
.x-sc_prohibit_strcmp exempt gnulib/ from "make syntax-check" strcmp prohibition 2008-05-14 21:18:27 +00:00
.x-sc_prohibit_strcmp_and_strncmp Ignore docs/ directory for strcmp() syntax check 2009-11-23 11:58:13 +00:00
.x-sc_prohibit_strncpy Various syntax-check fixes. 2009-10-26 10:34:05 +01:00
.x-sc_require_config_h Various syntax-check fixes. 2009-10-26 10:34:05 +01:00
.x-sc_require_config_h_first Misc syntax-check fixes 2009-09-21 14:41:47 +01:00
.x-sc_trailing_blank build: exempt *.ico files from the trailing blank check 2008-10-16 13:28:07 +00:00
AUTHORS Add Jiri Denemark <jdenemar@redhat.com> to commiters 2010-01-19 14:41:19 +01:00
COPYING.LIB remove all trailing blank lines 2009-07-16 15:06:42 +02:00
ChangeLog-old generate ChangeLog from git logs into distribution tarball 2009-07-08 16:17:51 +02:00
HACKING Replace old CVS references with GIT 2010-01-08 18:08:22 +01:00
Makefile.am add AppArmor test and examples to dist 2009-12-14 13:40:42 +01:00
Makefile.nonreentrant syntax-check: enable prohibit_nonreentrant 2009-02-05 16:28:41 +00:00
README Correct typos in the documentation (Atsushi SAKAI) 2008-01-24 10:15:13 +00:00
README-hacking build: automatically rerun ./bootstrap when needed 2009-07-10 13:39:28 +02:00
TODO Remove all trailing blanks; turn on the rule to detect them. 2008-02-05 19:27:37 +00:00
acinclude.m4 remove all trailing blank lines 2009-07-16 15:06:42 +02:00
autobuild.sh Enable ESX driver build on Mingw32 2009-07-31 16:15:51 +01:00
autogen.sh Add --system flag to autogen.sh to make it easy to build with right prefix 2009-12-07 14:13:53 +00:00
bootstrap logging: confirm that we want to ignore a write error 2010-01-19 21:28:41 +01:00
cfg.mk gnulib added a new syntax-check test: use $(VAR), not @VAR@ 2010-01-18 09:50:08 +01:00
configure.in Change detection of xen so that it's actually automatic rather than forced. 2010-01-18 02:12:48 +01:00
libvirt.pc.in * libvirt.pc.in: applied patch from Daniel Berrange to fix --cflags 2006-03-24 13:18:12 +00:00
libvirt.spec.in Release of libvirt-0.7.5 2009-12-23 17:00:22 +01:00
mingw32-libvirt.spec.in Make pki_check.sh into an installed & supported tool 2009-09-21 14:41:46 +01:00

README 

         LibVirt : simple API for virtualization

  Libvirt is a C toolkit to interact with the virtualization capabilities
of recent versions of Linux (and other OSes). It is free software
available under the GNU Lesser General Public License. Virtualization of
the Linux Operating System means the ability to run multiple instances of
Operating Systems concurrently on a single hardware system where the basic
resources are driven by a Linux instance. The library aim at providing
long term stable C API initially for the Xen paravirtualization but
should be able to integrate other virtualization mechanisms if needed.

Daniel Veillard <veillard@redhat.com>