rpms
/
libvirt
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
libvirt/libvirt-0.7.7-caps-option.p...

111 lines
4.3 KiB
Diff
Raw Blame History

diff -rup libvirt-0.7.7/src/qemu/libvirtd_qemu.aug new/src/qemu/libvirtd_qemu.aug
--- libvirt-0.7.7/src/qemu/libvirtd_qemu.aug 2010-06-17 12:38:52.998946000 -0400
+++ new/src/qemu/libvirtd_qemu.aug 2010-06-17 12:39:28.504148000 -0400
@@ -39,6 +39,7 @@ module Libvirtd_qemu =
| str_entry "hugetlbfs_mount"
| bool_entry "relaxed_acs_check"
| bool_entry "vnc_allow_host_audio"
+ | bool_entry "clear_emulator_capabilities"
(* Each enty in the config is one of the following three ... *)
let entry = vnc_entry
diff -rup libvirt-0.7.7/src/qemu/qemu.conf new/src/qemu/qemu.conf
--- libvirt-0.7.7/src/qemu/qemu.conf 2010-06-17 12:38:53.001953000 -0400
+++ new/src/qemu/qemu.conf 2010-06-17 12:39:28.508149000 -0400
@@ -178,3 +178,12 @@
# QEMU_AUDIO_DRV environment variable when using VNC.
#
# vnc_allow_host_audio = 0
+
+# If clear_emulator_capabilities is enabled, libvirt will drop all
+# privileged capabilities of the QEmu/KVM emulator. This is enabled by
+# default.
+#
+# Warning: Disabling this option means that a compromised guest can
+# exploit the privileges and possibly do damage to the host.
+#
+# clear_emulator_capabilities = 1
diff -rup libvirt-0.7.7/src/qemu/qemu_conf.c new/src/qemu/qemu_conf.c
--- libvirt-0.7.7/src/qemu/qemu_conf.c 2010-06-17 12:38:53.010946000 -0400
+++ new/src/qemu/qemu_conf.c 2010-06-17 12:39:28.526151000 -0400
@@ -103,6 +103,7 @@ int qemudLoadDriverConfig(struct qemud_d
/* Setup critical defaults */
driver->dynamicOwnership = 1;
+ driver->clearEmulatorCapabilities = 1;
if (!(driver->vncListen = strdup("127.0.0.1"))) {
virReportOOMError();
@@ -354,6 +355,10 @@ int qemudLoadDriverConfig(struct qemud_d
CHECK_TYPE ("vnc_allow_host_audio", VIR_CONF_LONG);
if (p) driver->vncAllowHostAudio = p->l;
+ p = virConfGetValue (conf, "clear_emulator_capabilities");
+ CHECK_TYPE ("clear_emulator_capabilities", VIR_CONF_LONG);
+ if (p) driver->clearEmulatorCapabilities = p->l;
+
virConfFree (conf);
return 0;
}
diff -rup libvirt-0.7.7/src/qemu/qemu_conf.h new/src/qemu/qemu_conf.h
--- libvirt-0.7.7/src/qemu/qemu_conf.h 2010-06-17 12:38:53.015945000 -0400
+++ new/src/qemu/qemu_conf.h 2010-06-17 12:39:28.531146000 -0400
@@ -129,8 +129,8 @@ struct qemud_driver {
ebtablesContext *ebtables;
unsigned int relaxedACS : 1;
-
unsigned int vncAllowHostAudio : 1;
+ unsigned int clearEmulatorCapabilities : 1;
virCapsPtr caps;
diff -rup libvirt-0.7.7/src/qemu/qemu_driver.c new/src/qemu/qemu_driver.c
--- libvirt-0.7.7/src/qemu/qemu_driver.c 2010-06-17 12:38:52.988953000 -0400
+++ new/src/qemu/qemu_driver.c 2010-06-17 12:39:28.542147000 -0400
@@ -2699,7 +2699,7 @@ static int qemudStartVMDaemon(virConnect
int stdin_fd) {
const char **argv = NULL, **tmp;
const char **progenv = NULL;
- int i, ret;
+ int i, ret, runflags;
struct stat sb;
int *tapfds = NULL;
int ntapfds = 0;
@@ -2893,9 +2893,16 @@ static int qemudStartVMDaemon(virConnect
for (i = 0 ; i < ntapfds ; i++)
FD_SET(tapfds[i], &keepfd);
+ VIR_DEBUG("Clear emulator capabilities: %d",
+ driver->clearEmulatorCapabilities);
+ runflags = VIR_EXEC_NONBLOCK;
+ if (driver->clearEmulatorCapabilities) {
+ runflags |= VIR_EXEC_CLEAR_CAPS;
+ }
+
ret = virExecDaemonize(argv, progenv, &keepfd, &child,
stdin_fd, &logfile, &logfile,
- VIR_EXEC_NONBLOCK | VIR_EXEC_CLEAR_CAPS,
+ runflags,
qemudSecurityHook, &hookData,
pidfile);
VIR_FREE(pidfile);
diff -rup libvirt-0.7.7/src/qemu/test_libvirtd_qemu.aug new/src/qemu/test_libvirtd_qemu.aug
--- libvirt-0.7.7/src/qemu/test_libvirtd_qemu.aug 2010-06-17 12:38:53.018948000 -0400
+++ new/src/qemu/test_libvirtd_qemu.aug 2010-06-17 12:39:28.546145000 -0400
@@ -99,6 +99,8 @@ hugetlbfs_mount = \"/dev/hugepages\"
relaxed_acs_check = 1
vnc_allow_host_audio = 1
+
+clear_emulator_capabilities = 0
"
test Libvirtd_qemu.lns get conf =
@@ -208,3 +210,5 @@ vnc_allow_host_audio = 1
{ "relaxed_acs_check" = "1" }
{ "#empty" }
{ "vnc_allow_host_audio" = "1" }
+{ "#empty" }
+{ "clear_emulator_capabilities" = "0" }
Reference in New Issue View Git Blame Copy Permalink