From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
To: Vivek Goyal <vgoyal@redhat.com>
Cc: virtio-fs@redhat.com, mszeredi@redhat.com, qemu-devel@nongnu.org
Subject: Re: [PATCH v5 9/9] virtiofsd: Add an option to enable/disable security label
Date: Mon, 7 Feb 2022 12:40:21 +0000 [thread overview]
Message-ID: <YgETNXv8AnnuLQR/@work-vm> (raw)
In-Reply-To: <20220202193935.268777-10-vgoyal@redhat.com>
* Vivek Goyal (vgoyal@redhat.com) wrote:
> Provide an option "-o security_label/no_security_label" to enable/disable
> security label functionality. By default these are turned off.
>
> If enabled, server will indicate to client that it is capable of handling
> one security label during file creation. Typically this is expected to
> be a SELinux label. File server will set this label on the file. It will
> try to set it atomically wherever possible. But its not possible in
> all the cases.
>
> Signed-off-by: Vivek Goyal <vgoyal@redhat.com>
> ---
> docs/tools/virtiofsd.rst | 7 +++++++
> tools/virtiofsd/helper.c | 1 +
> tools/virtiofsd/passthrough_ll.c | 15 +++++++++++++++
> 3 files changed, 23 insertions(+)
>
> diff --git a/docs/tools/virtiofsd.rst b/docs/tools/virtiofsd.rst
> index 07ac0be551..a2c005f4a0 100644
> --- a/docs/tools/virtiofsd.rst
> +++ b/docs/tools/virtiofsd.rst
> @@ -104,6 +104,13 @@ Options
> * posix_acl|no_posix_acl -
> Enable/disable posix acl support. Posix ACLs are disabled by default.
>
> + * security_label|no_security_label -
> + Enable/disable security label support. Security labels are disabled by
> + default. This will allow client to send a MAC label of file during
^ the ^ a
> + file creation. Typically this is expected to be SELinux security
^ an
> + label. Server will try to set that label on newly created file
^The server
> + atomically wherever possible.
> +
> .. option:: --socket-path=PATH
>
> Listen on vhost-user UNIX domain socket at PATH.
> diff --git a/tools/virtiofsd/helper.c b/tools/virtiofsd/helper.c
> index a8295d975a..e226fc590f 100644
> --- a/tools/virtiofsd/helper.c
> +++ b/tools/virtiofsd/helper.c
> @@ -187,6 +187,7 @@ void fuse_cmdline_help(void)
> " default: no_allow_direct_io\n"
> " -o announce_submounts Announce sub-mount points to the guest\n"
> " -o posix_acl/no_posix_acl Enable/Disable posix_acl. (default: disabled)\n"
> + " -o security_label/no_security_label Enable/Disable security label. (default: disabled)\n"
> );
> }
>
> diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
> index 43c9b6dbe5..fe8f3ccbb6 100644
> --- a/tools/virtiofsd/passthrough_ll.c
> +++ b/tools/virtiofsd/passthrough_ll.c
> @@ -181,6 +181,7 @@ struct lo_data {
> int user_posix_acl, posix_acl;
> /* Keeps track if /proc/<pid>/attr/fscreate should be used or not */
> bool use_fscreate;
> + int user_security_label;
> };
>
> static const struct fuse_opt lo_opts[] = {
> @@ -215,6 +216,8 @@ static const struct fuse_opt lo_opts[] = {
> { "no_killpriv_v2", offsetof(struct lo_data, user_killpriv_v2), 0 },
> { "posix_acl", offsetof(struct lo_data, user_posix_acl), 1 },
> { "no_posix_acl", offsetof(struct lo_data, user_posix_acl), 0 },
> + { "security_label", offsetof(struct lo_data, user_security_label), 1 },
> + { "no_security_label", offsetof(struct lo_data, user_security_label), 0 },
> FUSE_OPT_END
> };
> static bool use_syslog = false;
> @@ -771,6 +774,17 @@ static void lo_init(void *userdata, struct fuse_conn_info *conn)
> fuse_log(FUSE_LOG_DEBUG, "lo_init: disabling posix_acl\n");
> conn->want &= ~FUSE_CAP_POSIX_ACL;
> }
> +
> + if (lo->user_security_label == 1) {
> + if (!(conn->capable & FUSE_CAP_SECURITY_CTX)) {
> + fuse_log(FUSE_LOG_ERR, "lo_init: Can not enable security label."
> + " kernel does not support FUSE_SECURITY_CTX capability.\n");
> + }
Do you need to exit in this case - or at least clear the flag?
Dave
> + conn->want |= FUSE_CAP_SECURITY_CTX;
> + } else {
> + fuse_log(FUSE_LOG_DEBUG, "lo_init: disabling security label\n");
> + conn->want &= ~FUSE_CAP_SECURITY_CTX;
> + }
> }
>
> static void lo_getattr(fuse_req_t req, fuse_ino_t ino,
> @@ -4279,6 +4293,7 @@ int main(int argc, char *argv[])
> .proc_self_task = -1,
> .user_killpriv_v2 = -1,
> .user_posix_acl = -1,
> + .user_security_label = -1,
> };
> struct lo_map_elem *root_elem;
> struct lo_map_elem *reserve_elem;
> --
> 2.34.1
>
--
Dr. David Alan Gilbert / dgilbert@redhat.com / Manchester, UK
next prev parent reply other threads:[~2022-02-07 13:00 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-02-02 19:39 [PATCH v5 0/9] virtiofsd: Add support for file security context at file creation Vivek Goyal
2022-02-02 19:39 ` [PATCH v5 1/9] virtiofsd: Fix breakage due to fuse_init_in size change Vivek Goyal
2022-02-02 19:39 ` [PATCH v5 2/9] linux-headers: Update headers to v5.17-rc1 Vivek Goyal
2022-02-02 19:39 ` [PATCH v5 3/9] virtiofsd: Parse extended "struct fuse_init_in" Vivek Goyal
2022-02-03 18:56 ` Dr. David Alan Gilbert
2022-02-07 13:31 ` Vivek Goyal
2022-02-02 19:39 ` [PATCH v5 4/9] virtiofsd: Extend size of fuse_conn_info->capable and ->want fields Vivek Goyal
2022-02-02 19:39 ` [PATCH v5 5/9] virtiofsd, fuse_lowlevel.c: Add capability to parse security context Vivek Goyal
2022-02-03 19:41 ` Dr. David Alan Gilbert
2022-02-07 13:47 ` Vivek Goyal
2022-02-02 19:39 ` [PATCH v5 6/9] virtiofsd: Move core file creation code in separate function Vivek Goyal
2022-02-02 19:39 ` [PATCH v5 7/9] virtiofsd: Create new file with fscreate set Vivek Goyal
2022-02-07 11:38 ` Dr. David Alan Gilbert
2022-02-07 14:07 ` Vivek Goyal
2022-02-02 19:39 ` [PATCH v5 8/9] virtiofsd: Create new file using O_TMPFILE and set security context Vivek Goyal
2022-02-07 12:23 ` Dr. David Alan Gilbert
2022-02-02 19:39 ` [PATCH v5 9/9] virtiofsd: Add an option to enable/disable security label Vivek Goyal
2022-02-07 12:40 ` Dr. David Alan Gilbert [this message]
2022-02-07 14:13 ` Vivek Goyal
2022-02-07 12:49 ` [PATCH v5 0/9] virtiofsd: Add support for file security context at file creation Dr. David Alan Gilbert
2022-02-07 14:30 ` Vivek Goyal
2022-02-07 16:06 ` Dr. David Alan Gilbert
2022-02-07 13:05 ` Daniel P. Berrangé
2022-02-07 13:24 ` Vivek Goyal
2022-02-07 13:30 ` Daniel P. Berrangé
2022-02-07 14:50 ` Vivek Goyal
2022-02-07 21:19 ` Vivek Goyal
2022-02-07 21:34 ` Daniel Walsh
2022-02-08 8:59 ` Daniel P. Berrangé
2022-02-09 10:24 ` [Virtio-fs] " German Maglione
2022-02-09 15:08 ` Vivek Goyal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YgETNXv8AnnuLQR/@work-vm \
--to=dgilbert@redhat.com \
--cc=mszeredi@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=vgoyal@redhat.com \
--cc=virtio-fs@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).