Re: [uml-devel] Re: Patch for buffer overrun in serial/console device logic

[Doug Dumitru <doug@easyco.com>]

Jeff Dike wrote:
> doug@easyco.com said:
> 
>>The code itself involves a lot of extra parameters from kernel to user
>> space as things like the current user aren't propogated down.  I
>>personally think that our current patch set is "100% ugly" and would
>>not  consider posting it as-is.  If people are interested in
>>transparent  numeric UID/GID to hostfs, then I would be happy to clean
>>up what we  have and submit it. 
> 
> 
> OK, that ain't the way to do it.  Anything that involves passing a parallel
> set of creds through VFS will cause Al Viro to lop my head off.  Since I'm
> somewhat attached to it, I will not propose such a thing, no matter how cleaned
> up it is.

There are actually a couple of sets of issues here.

1.  The "_user" stuff needs to get to UID, GID, and UMASK.

2.  When the "_user" stuff does IO, it should "become" the users in 
UID/GID.  This way permissions "just work" and you don't have to clean 
anything up after the fact.

Addressing (1), I could always just transition a pointer to "current" 
and really open up a can of worms.

This breaks just about every rule of "object orientation", but on the 
other hand, file systems usually do have access to the process state, so 
maybe this is the "correct" approach.

Doing a seteuid(...) ... around the IO calls is actually pretty clean. 
I implemented it with a "change" / "unchange" set of helper routines and 
it pretty much worked first shot.

> What would work is to store the creds in a separate container of some sort
> on the host, and reference that inside hostfs when doing permission checks.
> 
> This is more or less what UMSDOS does, from what I understand, and it keeps
> the nastiness contained within hostfs.
> 
> That journalling is a neat idea, BTW.
> 
> 				Jeff

--------------------------------------------------------------------
Doug Dumitru     800-470-2756     (610-237-2000)
EasyCo LLC       doug@easyco.com  http://easyco.com
--------------------------------------------------------------------
D3, U2, jBase Virtual Servers.    Off-site backup over the internet.
Develop/test/deploy from $20/mo.  Fast, secure, cheaper than tape.
http://mirroredservers.com        http://mirroredbackup.com



-------------------------------------------------------
This SF.net email is sponsored by: SF.net Giveback Program.
SourceForge.net hosts over 70,000 Open Source Projects.
See the people who have HELPED US provide better services:
Click here: http://sourceforge.net/supporters.php
_______________________________________________
User-mode-linux-devel mailing list
User-mode-linux-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/user-mode-linux-devel