Red Hat Bugzilla – Bug 822594
[6.4 FEAT] SELinux updates for QEMU sandboxing with seccomp
Last modified: 2012-08-21 11:43:58 EDT
1. Feature Overview: Feature Id: [73755] a. Name of Feature: [6.4 FEAT] SELinux updates for QEMU sandboxing with seccomp b. Feature Description This feature will provide any required SELinux policy support on top of QEMU seccomp sandboxing support. QEMU support will be provided to limit QEMU to only the system calls that it requires. New seccomp Kernel functionality is intended to be used to declare the whitelisted syscalls and syscall parameters. This will limit QEMU's syscall footprint, and therefore the potential Kernel attack surface. The idea is that if an attacker were to execute abitrary code, they would only be able to use the whitelisted syscalls. 2. Feature Details: Sponsor: LTC Security Architectures: Arch Specificity: both Affects Kernel Modules: No Delivery Mechanism: Direct from Community Category: other Request Type: Package - Version Update d. Upstream Acceptance: Not Started Sponsor Priority P2 f. Severity: normal IBM Confidential: No Code Contribution: unsure g. Component Version Target: --- 3. Business Case This feature will further increase the security of the KVM hypervisor by tightening QEMU's SELinux policy in addition to the limiting the potential Kernel attack surface within QEMU. 4. Primary contact at Red Hat: John Jarvis, jjarvis@redhat.com 5. Primary contacts at Partner: Project Management Contact: Stephanie A. Glass, sglass@us.ibm.com Technical contact(s): Corey C. Bryant, bryntcor@us.ibm.com
The QEMU sandboxing effort with seccomp should not require any SELinux policy modifications to function. If any changes are necessary they should be treated as bugs against the sandboxing code and/or SELinux policy. I think the best approach here is to close this feature request and track any issues that arise directly in BZ 822593. Let me know if you have any concerns about closing this request.
------- Comment From bryntcor@us.ibm.com 2012-05-21 17:07 EDT------- (In reply to comment #5) > The QEMU sandboxing effort with seccomp should not require any SELinux > policy modifications to function. If any changes are necessary they should > be treated as bugs against the sandboxing code and/or SELinux policy. > > I think the best approach here is to close this feature request and track > any issues that arise directly in BZ 822593. Let me know if you have any > concerns about closing this request. I agree, this BZ can be closed.
*** This bug has been marked as a duplicate of bug 822593 ***