From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 1D7ADCAC5B9 for ; Fri, 26 Sep 2025 14:03:37 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1v291v-00063h-Mu; Fri, 26 Sep 2025 10:02:35 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1v291s-00062s-It for qemu-devel@nongnu.org; Fri, 26 Sep 2025 10:02:33 -0400 Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1v291g-0004bS-Ap for qemu-devel@nongnu.org; Fri, 26 Sep 2025 10:02:32 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1758895334; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=bkjZlEac+MVkgqtYFNeV6qzfD3BV83YEmSYkc/NyeGo=; b=PiVvzF2fuFN6pOWQTjrY9uhy28F9SOBDk9i5hcZsnB+SgvjcNGQyPbh+iHAYMmfkElIKNs kBCru7SXyeRAxYO2XfAUphAkBAPNXV2rGK4KI0RYVv1BIooyi5mD9+lBip14bohu5i+Ijo O50PQ68jFj7mrcg1Vc85tlH9ZBwfG6c= Received: from mx-prod-mc-06.mail-002.prod.us-west-2.aws.redhat.com (ec2-35-165-154-97.us-west-2.compute.amazonaws.com [35.165.154.97]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-606-diTzCOEYMfW_HrjpD7H9dA-1; Fri, 26 Sep 2025 10:02:08 -0400 X-MC-Unique: diTzCOEYMfW_HrjpD7H9dA-1 X-Mimecast-MFC-AGG-ID: diTzCOEYMfW_HrjpD7H9dA_1758895327 Received: from mx-prod-int-05.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-05.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.17]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-06.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 766861800451; Fri, 26 Sep 2025 14:02:07 +0000 (UTC) Received: from toolbx.redhat.com (unknown [10.42.28.175]) by mx-prod-int-05.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id 7D8811956095; Fri, 26 Sep 2025 14:02:02 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: qemu-devel@nongnu.org Cc: Thomas Huth , Stefan Hajnoczi , =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Peter Maydell , Markus Armbruster , Paolo Bonzini , "Michael S. Tsirkin" , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Subject: [PATCH v2 04/32] system: check security for accelerator types Date: Fri, 26 Sep 2025 15:01:15 +0100 Message-ID: <20250926140144.1998694-5-berrange@redhat.com> In-Reply-To: <20250926140144.1998694-1-berrange@redhat.com> References: <20250926140144.1998694-1-berrange@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Scanned-By: MIMEDefang 3.0 on 10.30.177.17 Received-SPF: pass client-ip=170.10.133.124; envelope-from=berrange@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -24 X-Spam_score: -2.5 X-Spam_bar: -- X-Spam_report: (-2.5 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.446, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_HELO_PASS=-0.001, T_SPF_TEMPERROR=0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org This wires up the accelerator creation code to apply the compat policy security check. When multiple -accel options are given, normal fallback logic applies. IOW, if one is rejected by the security check, it will carry on to try the next accelerator until one passes the security check. Signed-off-by: Daniel P. Berrangé --- system/vl.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/system/vl.c b/system/vl.c index 00f3694725..6f7fdb8663 100644 --- a/system/vl.c +++ b/system/vl.c @@ -2383,12 +2383,21 @@ static int do_configure_accelerator(void *opaque, QemuOpts *opts, Error **errp) AccelState *accel; int ret; bool qtest_with_kvm; + Error *local_err = NULL; if (!acc) { error_setg(errp, QERR_MISSING_PARAMETER, "accel"); goto bad; } + if (!compat_policy_check_security(&compat_policy, + object_class_get_name(OBJECT_CLASS(ac)), + object_class_is_secure(OBJECT_CLASS(ac)), + &local_err)) { + error_report_err(local_err); + goto bad; + } + qtest_with_kvm = g_str_equal(acc, "kvm") && qtest_chrdev != NULL; if (!ac) { -- 2.50.1