From patchwork Fri Aug 23 16:21:54 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Cole Robinson X-Patchwork-Id: 172118 Delivered-To: patch@linaro.org Received: by 2002:a92:d204:0:0:0:0:0 with SMTP id y4csp886118ily; Fri, 23 Aug 2019 09:22:33 -0700 (PDT) X-Google-Smtp-Source: APXvYqzxaOFNrHhKm4Rl/nO2w5sgIZMg709EA55vnzBA+WbSuYencFi5G2hSkqh52J+P2H6znxxL X-Received: by 2002:a05:6214:11b3:: with SMTP id u19mr4691010qvv.46.1566577353639; Fri, 23 Aug 2019 09:22:33 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1566577353; cv=none; d=google.com; s=arc-20160816; b=NWQ+C5w8kMj1XRcaeAN7u04uY7iqqTusyj2E42pRrdtDI/ap0KROswbnoSRxUxWi0c OAf2om5Pn7xIIe9fXkQDc9ttB0ZUq31fzAsYFSnYFMLhEBVd/bSW/dV3IvrnEiejjYdC HVecxeESp76DvrxlTdMjHV1MetNpuneYG/qiJRQt5magu6/UvqSkwdXOLeK+tpiOEskT KgdT4QjSxeT67Ei86A6CZrJ9PgYSO7Zv7xJGxXZuzZ96WTztjN7zfHlOJevev4wPVtAZ ph2BDBDqm4rLg0TG+9SN/q99T8hUisyQV9If1TpT7jbtTDzFKkj/U8xmuQjYxj73Q0n/ /TdQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:sender:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :cc:mime-version:references:in-reply-to:message-id:date:to:from :delivered-to; bh=hzpVpgOP76dE6UcEe4UsIQepP48OHBmVWtJrHIc1M18=; b=P8+Iyn3KEW7LXrcLM865+nYcsUIy1FYaYMka4NZeJxYMuKtCmIv6fCcUdsSaJIdMy1 HQWg6UWFLS/HKTbUMkA+cYCy3HGlC3lG+w8xFSYFXQVJ+kTU2lQRKo7KCtVn0w2mQ13K 1Ziiev0uI42dfeAxeyAz4w2BJUbsymIpNv+FYxLzUYmpBg8xSUumKCEIJWDRBKVZYDQp JrxpLS7r/pREDl0W8XvweR9NTb7/JeojiMcQSA+VEBC59QwMwcmssUOZ0gRSqaW5Qb9W B944hYEU21Lf48FFIKPN0Z3tMBSGfYsOvr/mYTERFsPBr7NUaJGD44P5xvQzQNEh32fE YC9g== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of libvir-list-bounces@redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com. [209.132.183.28]) by mx.google.com with ESMTPS id h1si2107086qkg.311.2019.08.23.09.22.33 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 23 Aug 2019 09:22:33 -0700 (PDT) Received-SPF: pass (google.com: domain of libvir-list-bounces@redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; Authentication-Results: mx.google.com; spf=pass (google.com: domain of libvir-list-bounces@redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 324D0335C1; Fri, 23 Aug 2019 16:22:32 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 0BEBA1001B35; Fri, 23 Aug 2019 16:22:32 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id C974124F37; Fri, 23 Aug 2019 16:22:31 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x7NGMA8q006048 for ; Fri, 23 Aug 2019 12:22:10 -0400 Received: by smtp.corp.redhat.com (Postfix) id 339BE60605; Fri, 23 Aug 2019 16:22:10 +0000 (UTC) Delivered-To: libvirt-list@redhat.com Received: from worklaptop.redhat.com (ovpn-122-169.rdu2.redhat.com [10.10.122.169]) by smtp.corp.redhat.com (Postfix) with ESMTP id B5DAE60872; Fri, 23 Aug 2019 16:22:09 +0000 (UTC) From: Cole Robinson To: libvirt-list@redhat.com Date: Fri, 23 Aug 2019 12:21:54 -0400 Message-Id: <0d43c27193a39be9ef207e8b7f476d30e883e53c.1566576129.git.crobinso@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-loop: libvir-list@redhat.com Cc: =?utf-8?q?Marc-Andr=C3=A9_Lureau?= Subject: [libvirt] [PATCH v2 10/16] qemu: add qemuSecurityStartVhostUserGPU helper X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.38]); Fri, 23 Aug 2019 16:22:32 +0000 (UTC) From: Marc-André Lureau See function documentation. Used in a following patch. Signed-off-by: Marc-André Lureau Signed-off-by: Cole Robinson --- src/qemu/qemu_security.c | 47 ++++++++++++++++++++++++++++++++++++++++ src/qemu/qemu_security.h | 6 +++++ 2 files changed, 53 insertions(+) diff --git a/src/qemu/qemu_security.c b/src/qemu/qemu_security.c index 3cd6d9bd3d..86b06594f6 100644 --- a/src/qemu/qemu_security.c +++ b/src/qemu/qemu_security.c @@ -433,6 +433,53 @@ qemuSecurityRestoreChardevLabel(virQEMUDriverPtr driver, } +/* + * qemuSecurityStartVhostUserGPU: + * + * @driver: the QEMU driver + * @vm: the domain object + * @cmd: the command to run + * @existstatus: pointer to int returning exit status of process + * @cmdret: pointer to int returning result of virCommandRun + * + * Start the vhost-user-gpu process with approriate labels. + * This function returns -1 on security setup error, 0 if all the + * setup was done properly. In case the virCommand failed to run + * 0 is returned but cmdret is set appropriately with the process + * exitstatus also set. + */ +int +qemuSecurityStartVhostUserGPU(virQEMUDriverPtr driver, + virDomainObjPtr vm, + virCommandPtr cmd, + int *exitstatus, + int *cmdret) +{ + int ret = -1; + + if (virSecurityManagerSetChildProcessLabel(driver->securityManager, + vm->def, cmd) < 0) + goto cleanup; + + if (virSecurityManagerPreFork(driver->securityManager) < 0) + goto cleanup; + + ret = 0; + + *cmdret = virCommandRun(cmd, exitstatus); + + virSecurityManagerPostFork(driver->securityManager); + + if (*cmdret < 0) + goto cleanup; + + return 0; + + cleanup: + return ret; +} + + /* * qemuSecurityStartTPMEmulator: * diff --git a/src/qemu/qemu_security.h b/src/qemu/qemu_security.h index 68e377f418..a48ed8ec78 100644 --- a/src/qemu/qemu_security.h +++ b/src/qemu/qemu_security.h @@ -77,6 +77,12 @@ int qemuSecurityRestoreChardevLabel(virQEMUDriverPtr driver, virDomainObjPtr vm, virDomainChrDefPtr chr); +int qemuSecurityStartVhostUserGPU(virQEMUDriverPtr driver, + virDomainObjPtr vm, + virCommandPtr cmd, + int *exitstatus, + int *cmdret); + int qemuSecurityStartTPMEmulator(virQEMUDriverPtr driver, virDomainObjPtr vm, virCommandPtr cmd,