Re: libvirt? qemu change that mmaps ELF files breaks libvirt svirt handl

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: libvirt? qemu change that mmaps ELF files breaks libvirt svirt handl

From:	Christian Borntraeger
Subject:	Re: libvirt? qemu change that mmaps ELF files breaks libvirt svirt handling for os.kernel
Date:	Fri, 4 Oct 2019 14:18:49 +0200
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.8.0


On 04.10.19 14:13, Paolo Bonzini wrote:
> On 04/10/19 14:03, Christian Borntraeger wrote:
>> Stefano, Paolo,
>>
>> I have an interesting fail in QEMU 
>>
>> 2019-10-04T12:00:32.675188Z qemu-system-s390x: GLib: g_mapped_file_unref: 
>> assertion 'file != NULL' failed
>> that bisected to 
>> commit 816b9fe450220e19acb91a0ce4a8ade7000648d1 (refs/bisect/bad)
>>     elf-ops.h: Map into memory the ELF to load
>>
>> strace tells that I can read the ELF file, but not mmap
>> strace:
>> 214365 openat(AT_FDCWD, "/var/lib/libvirt/images/test_cpu_timer.elf", 
>> O_RDONLY) = 36
>> 214365 read(46, "\177ELF\2\2\1\0\0\0\0\0\0\0\0\0", 16) = 16
>> 214365 lseek(46, 0, SEEK_SET)           = 0
>> [...]
>> 214365 fstat(46, {st_mode=S_IFREG|0755, st_size=168176, ...}) = 0
>> 214365 mmap(NULL, 168176, PROT_READ|PROT_WRITE, MAP_PRIVATE, 46, 0) = -1 
>> EACCES (Permission denied)
>>
>> So reading from /var/lib/libvirt/images/test_cpu_timer.elf does work, 
>> mmaping does not.
>> setenforce 0 makes the problem go away. 
>>
>> This might be more of an issue in libvirt, setting the svirt context too
>> restrictive, but I am not too deep into the svirt part of libvirt.
>> Reverting the qemu commit makes the problem go away.
> 
> Yes, the policy is too restrictive in my opinion.
> 
> Can you include the output of "audit2allow" and/or "audit2allow -R"?
> 
> Thanks,
> 
> Paolo
> 

require {
        type unconfined_t;
        type virt_content_t;
        type svirt_t;
        type systemd_tmpfiles_t;
        type user_home_t;
        type NetworkManager_t;
        class file { entrypoint execute ioctl lock map open read write };
        class bpf prog_run;
}

#============= svirt_t ==============
allow svirt_t user_home_t:file { entrypoint execute ioctl lock open read write 
};

#!!!! This avc can be allowed using the boolean 'domain_can_mmap_files'
allow svirt_t virt_content_t:file map;
corecmd_bin_entry_type(svirt_t)
userdom_manage_user_home_content_dirs(svirt_t)
userdom_map_user_home_files(svirt_t)
virt_rw_svirt_image(svirt_t)

#============= systemd_tmpfiles_t ==============
kernel_read_usermodehelper_state(systemd_tmpfiles_t)

#============= unconfined_t ==============
allow unconfined_t NetworkManager_t:bpf prog_run;

[Prev in Thread]

Current Thread

[Next in Thread]

libvirt? qemu change that mmaps ELF files breaks libvirt svirt handling for os.kernel, Christian Borntraeger, 2019/10/04
- Re: libvirt? qemu change that mmaps ELF files breaks libvirt svirt handling for os.kernel, Paolo Bonzini, 2019/10/04
  - Re: libvirt? qemu change that mmaps ELF files breaks libvirt svirt handling for os.kernel, Christian Borntraeger <=
    - Re: libvirt? qemu change that mmaps ELF files breaks libvirt svirt handling for os.kernel, Daniel P . Berrangé, 2019/10/04
    - Re: libvirt? qemu change that mmaps ELF files breaks libvirt svirt handling for os.kernel, Christian Borntraeger, 2019/10/04
    - Re: libvirt? qemu change that mmaps ELF files breaks libvirt svirt handling for os.kernel, Paolo Bonzini, 2019/10/04

Prev by Date: Re: libvirt? qemu change that mmaps ELF files breaks libvirt svirt handling for os.kernel
Next by Date: Re: [PULL 12/30] Makefile: Remove generated files when doing 'distclean'
Previous by thread: Re: libvirt? qemu change that mmaps ELF files breaks libvirt svirt handling for os.kernel
Next by thread: Re: libvirt? qemu change that mmaps ELF files breaks libvirt svirt handling for os.kernel
Index(es):
- Date
- Thread