SVirt/TODO

From SELinux Wiki

(Difference between revisions)

Jump to: navigation, search

Current revision

1 sVirt To Do List

[edit] sVirt To Do List

[edit] For v0.30

~~Fix SELinux build configuration~~
~~Simplify qemudNodeGetSecurityModel~~
~~Add "test" security driver~~
~~Fix security driver probe logic~~
~~Ensure VIR_CONNECT_RO checked where appropriate~~

[edit] (via feedback from v0.20)

~~Move security model/doi to last fields in virsh dominfo~~
~~Change virDomainSecLabel -> virSecurityLabel~~
- ~~similar change to API calls~~
~~Change virDomainSecModel -> virSecurityModel~~
- ~~similar change to API calls~~
- ~~general renaming then of seclabel to security~~
~~Use CHECK_LIB/HEADER to detect libselinux (and fix build system in general)~~
~~Rename virDomainGetSecModel to virNodeGetSecurityModel~~
Integrate model into SecurityLabel (in case node config differs) ? [n/a]
~~Change -2 error returns to -1~~
~~Use remoteDispatchOOMError() for OOM errors~~
~~Create virXPathStringLimit() from virDomainSecLabelDefParseXMLString()~~

[edit] For v0.40

MCS dynamic labeling for simple isolation

[edit] Before v1.00

Convert existing storage labeling

Move libvirt symbols to public API before merge.

Identify which tools and related docs need to be made sVirt-aware

Security review by KVM and core virt folk

Review overall policy to ensure e.g. all command-line tools catered for, things like memory peek don't breach design etc.

Policy for save/dump/restore

Integration with GUI tools (virt-manager etc.)

General OS integration

Basic storage labeling support (investigate labeling for non-image devices, e.g. mapping UUID, HAL etc.)
- Possibly include context-mount labeling of NFS bind mounts for remote images

Have domains run in separate directories to allow persistent labeling of resources (e.g. at rest, use MCS c0). (Check with danpb to see what the plans are here)

Find owner for Fedora (dwalsh or danpb ?) and add to feature wiki

Investigate generator.py for new API calls

Make autostart work properly

Policy for /dev/kvm (and similar)

Policy for control sockets, virtual console, vnc access, shared devices, parent/child communications etc.

Placement and policy for VM log files

Debug integration with audit subsystem

Add testcases to libvirt test framework
- Expand "test" security driver

Handle qemud restart

Integration with oVirt ?

libvirtd config: require enforcing mode option ?

Do we need MAC policy for defining and undefining domains?

[edit] Post v1.00

Support for session mode (not just system mode)
- Integrate with RBAC/UBAC ?

Make DOI configurable

Migrate isolated domains between security models

Deployment of labeled appliances via virt-image etc.

Migration of labeled domains

Integration with virtual firewalling

Integration with Labeled Networking/IPSec/Labeled NFS (e.g. use of overlay VPNs for networks on host)

Extensive device labeling support
- Labeling for all kinds of devices
- Boot from network storage

Strong binding of resources to domains, via e.g. crypto, TPM, vTPM etc.

Support virtualization in policy generation wizard

Support for other security models (SMACK)

Retrieved from "http://selinuxproject.org/page/SVirt/TODO"

-== sVirt To Do List ==
+== [[sVirt]] To Do List ==
 === For v0.30 ===
+* <s>Fix SELinux build configuration</s>
+* <s>Simplify qemudNodeGetSecurityModel</s>
+* <s>Add "test" security driver</s>
+* <s>Fix security driver probe logic</s>
+* <s>Ensure VIR_CONNECT_RO checked where appropriate</s>
-* Fix have/with SELinux build configuration
+==== (via feedback from v0.20) ====
-* Convert existing storage labeling
+* <s>Move security model/doi to last fields in virsh dominfo</s>
+* <s>Change virDomainSecLabel -> virSecurityLabel</s>
+** <s>similar change to API calls</s>
+* <s>Change virDomainSecModel -> virSecurityModel</s>
+** <s>similar change to API calls</s>
+** <s>general renaming then of seclabel to security</s>
+* <s>Use CHECK_LIB/HEADER to detect libselinux (and fix build system in general)</s>
+* <s>Rename virDomainGetSecModel to virNodeGetSecurityModel</s>
+* <s>''Integrate model into SecurityLabel (in case node config differs) ?''  [n/a]</s>
+* <s>Change -2 error returns to -1</s>
+* <s>Use remoteDispatchOOMError() for OOM errors</s>
+* <s>Create virXPathStringLimit() from virDomainSecLabelDefParseXMLString()</s>
+----
+=== For v0.40 ===
+* MCS dynamic labeling for simple isolation
 ----
 === Before v1.00 ===
-* MCS dynamic labeling for simple isolation.
+* Convert existing storage labeling
-* Security review by KVM and core virt folk.
+* Move libvirt symbols to public API before merge.
-* Review overall policy to ensure e.g. all command-line tools catered for, things memory peek don't breach design etc.
+* Identify which tools and related docs need to be made sVirt-aware
+* Security review by KVM and core virt folk
+* Review overall policy to ensure e.g. all command-line tools catered for, things like memory peek don't breach design etc.
+* Policy for save/dump/restore
 * Integration with GUI tools (virt-manager etc.)
-* General OS integration.
+* General OS integration
-* Basic storage labeling support.
+* Basic storage labeling support (investigate labeling for non-image devices, e.g. mapping UUID, HAL etc.)
+** Possibly include context-mount labeling of NFS bind mounts for remote images
-* Have domains run in separate directories to allow persistent labeling of resources (e.g. at rest, use MCS c0).  (Check with danpb to see what the plans are here).
+* Have domains run in separate directories to allow persistent labeling of resources (e.g. at rest, use MCS c0).  (Check with danpb to see what the plans are here)
-* Find owner for Fedora (dwalsh or danpb ?) and add to feature wiki.
+* Find owner for Fedora (dwalsh or danpb ?) and add to feature wiki
-* Investigate generator.py for new API calls.
+* Investigate generator.py for new API calls
-* Make autostart work properly.
+* Make autostart work properly
-* Policy for /dev/kvm (and similar).
+* Policy for /dev/kvm (and similar)
 * Policy for control sockets, virtual console, vnc access, shared devices, parent/child communications etc.
-* Placement and policy for VM log files.
+* Placement and policy for VM log files
-* Debug integration with audit subsystem.
+* Debug integration with audit subsystem
-* Add testcases to libvirt test framework.
+* Add testcases to libvirt test framework
+** Expand "test" security driver
-* Handle qemud restart.
+* Handle qemud restart
+* Integration with oVirt ?
+* libvirtd config: require enforcing mode option ?
+* Do we need MAC policy for defining and undefining domains?
 ----
 === Post v1.00 ===
-* Support for session mode (not just system mode).
+* Support for session mode (not just system mode)
+** Integrate with RBAC/UBAC ?
-* Make DOI configurable.
+* Make DOI configurable
-* Migrate isolated domains between security models.
+* Migrate isolated domains between security models
 * Deployment of labeled appliances via virt-image etc.
-* Migration of labeled domains.
+* Migration of labeled domains
+* Integration with virtual firewalling
+* Integration with Labeled Networking/IPSec/Labeled NFS  (e.g. use of overlay VPNs for networks on host)
+* Extensive device labeling support
+** Labeling for all kinds of devices
+** Boot from network storage
-* Integration with virtual firewalling.
+* Strong binding of resources to domains, via e.g. crypto, TPM, vTPM etc.
-* Integration with Labeled Networking/IPSec/Labeled NFS.
+* Support virtualization in policy generation wizard
-* Extensive device labeling support.
+* Support for other security models (SMACK)

SVirt/TODO

From SELinux Wiki

Current revision

Contents

[edit] sVirt To Do List

[edit] For v0.30

[edit] (via feedback from v0.20)

[edit] For v0.40

[edit] Before v1.00

[edit] Post v1.00

Views

Personal tools

Navigation

Search

Toolbox