From: "Venkateswararao Jujjuri (JV)" <jvrao@linux.vnet.ibm.com>
To: qemu-devel@nongnu.org
Cc: aliguori@us.ibm.com,
"Venkateswararao Jujjuri (JV)" <jvrao@linux.vnet.ibm.com>
Subject: [Qemu-devel] [PATCH 5/6] virtio-9p: Implemented security model for symlink and link.
Date: Mon, 10 May 2010 13:24:03 -0700 [thread overview]
Message-ID: <1273523044-26939-6-git-send-email-jvrao@linux.vnet.ibm.com> (raw)
In-Reply-To: <1273523044-26939-1-git-send-email-jvrao@linux.vnet.ibm.com>
Signed-off-by: Venkateswararao Jujjuri <jvrao@linux.vnet.ibm.com>
---
hw/file-op-9p.h | 4 +-
hw/virtio-9p-local.c | 74 +++++++++++++++++++++++++++++++++++++------------
hw/virtio-9p.c | 24 +++++++++++-----
3 files changed, 75 insertions(+), 27 deletions(-)
diff --git a/hw/file-op-9p.h b/hw/file-op-9p.h
index f87a35e..6ecc009 100644
--- a/hw/file-op-9p.h
+++ b/hw/file-op-9p.h
@@ -53,8 +53,8 @@ typedef struct FileOperations
int (*mknod)(FsContext *, const char *, FsCred *);
int (*utime)(FsContext *, const char *, const struct utimbuf *);
int (*remove)(FsContext *, const char *);
- int (*symlink)(FsContext *, const char *, const char *);
- int (*link)(FsContext *, const char *, const char *);
+ int (*symlink)(FsContext *, const char *, const char *, FsCred *);
+ int (*link)(FsContext *, const char *, const char *, FsCred *);
int (*setuid)(FsContext *, uid_t);
int (*close)(FsContext *, int);
int (*closedir)(FsContext *, DIR *);
diff --git a/hw/virtio-9p-local.c b/hw/virtio-9p-local.c
index 5589f72..89b17f0 100644
--- a/hw/virtio-9p-local.c
+++ b/hw/virtio-9p-local.c
@@ -74,12 +74,25 @@ static int local_set_xattr(const char *path, FsCred *credp)
}
}
return 0;
- }
+}
-static ssize_t local_readlink(FsContext *ctx, const char *path,
- char *buf, size_t bufsz)
+static ssize_t local_readlink(FsContext *fs_ctx, const char *path,
+ char *buf, size_t bufsz)
{
- return readlink(rpath(ctx, path), buf, bufsz);
+ ssize_t tsize = -1;
+ if (fs_ctx->fs_sm == sm_mapped) {
+ int fd;
+ fd = open(rpath(fs_ctx, path), O_RDONLY);
+ if (fd == -1) {
+ return -1;
+ }
+ tsize = read(fd, (void *)buf, bufsz);
+ close(fd);
+ return tsize;
+ } else if (fs_ctx->fs_sm == sm_passthrough) {
+ tsize = readlink(rpath(fs_ctx, path), buf, bufsz);
+ }
+ return tsize;
}
static int local_close(FsContext *ctx, int fd)
@@ -219,32 +232,57 @@ err_end:
return fd;
}
-static int local_symlink(FsContext *ctx, const char *oldpath,
- const char *newpath)
+
+static int local_symlink(FsContext *fs_ctx, const char *oldpath,
+ const char *newpath, FsCred *credp)
{
- return symlink(oldpath, rpath(ctx, newpath));
+ int err = -1;
+ /* Determine the security model */
+ if (fs_ctx->fs_sm == sm_mapped) {
+ int fd;
+ ssize_t oldpath_size, write_size;
+ fd = open(rpath(fs_ctx, newpath), O_CREAT|O_EXCL|O_RDWR,
+ SM_LOCAL_MODE_BITS);
+ if (fd == -1) {
+ return -1;
+ }
+ /* Write the oldpath (target) to the file. */
+ oldpath_size = strlen(oldpath) + 1;
+ write_size = write(fd, (void *)oldpath, oldpath_size);
+ if (write_size != oldpath_size) {
+ close(fd);
+ remove(rpath(fs_ctx, newpath));
+ return -1;
+ }
+ close(fd);
+ /* Set cleint credentials in symlink's xattr */
+ credp->fc_mode = credp->fc_mode|S_IFLNK;
+ err = local_set_xattr(rpath(fs_ctx, newpath), credp);
+ if (err == -1) {
+ remove(rpath(fs_ctx, newpath));
+ return err;
+ }
+ } else if (fs_ctx->fs_sm == sm_passthrough) {
+ local_set_cred(credp);
+ err = symlink(oldpath, rpath(fs_ctx, newpath));
+ }
+ return err;
}
-static int local_link(FsContext *ctx, const char *oldpath, const char *newpath)
+static int local_link(FsContext *fs_ctx, const char *oldpath,
+ const char *newpath, FsCred *credp)
{
- char *tmp = qemu_strdup(rpath(ctx, oldpath));
- int err, serrno = 0;
+ char *tmp = qemu_strdup(rpath(fs_ctx, oldpath));
+ int err;
if (tmp == NULL) {
return -ENOMEM;
}
- err = link(tmp, rpath(ctx, newpath));
- if (err == -1) {
- serrno = errno;
- }
+ err = link(tmp, rpath(fs_ctx, newpath));
qemu_free(tmp);
- if (err == -1) {
- errno = serrno;
- }
-
return err;
}
diff --git a/hw/virtio-9p.c b/hw/virtio-9p.c
index bbeba7c..9da14f8 100644
--- a/hw/virtio-9p.c
+++ b/hw/virtio-9p.c
@@ -197,15 +197,25 @@ static int v9fs_do_open2(V9fsState *s, V9fsCreateState *vs)
return s->ops->open2(&s->ctx, vs->fullname.data, flags, &cred);
}
-static int v9fs_do_symlink(V9fsState *s, V9fsString *oldpath,
- V9fsString *newpath)
+static int v9fs_do_symlink(V9fsState *s, V9fsCreateState *vs)
{
- return s->ops->symlink(&s->ctx, oldpath->data, newpath->data);
+ FsCred cred;
+ cred_init(&cred);
+ cred.fc_uid = vs->fidp->uid;
+ cred.fc_mode = vs->perm | 0777;
+
+ return s->ops->symlink(&s->ctx, vs->extension.data, vs->fullname.data,
+ &cred);
}
-static int v9fs_do_link(V9fsState *s, V9fsString *oldpath, V9fsString *newpath)
+static int v9fs_do_link(V9fsState *s, V9fsFidState *nfidp, V9fsCreateState *vs)
{
- return s->ops->link(&s->ctx, oldpath->data, newpath->data);
+ FsCred cred;
+ cred_init(&cred);
+ cred.fc_uid = nfidp->uid;
+ cred.fc_mode = vs->perm & 0777;
+
+ return s->ops->link(&s->ctx, nfidp->path.data, vs->fullname.data, &cred);
}
static int v9fs_do_truncate(V9fsState *s, V9fsString *path, off_t size)
@@ -1778,7 +1788,7 @@ static void v9fs_create_post_lstat(V9fsState *s, V9fsCreateState *vs, int err)
err = v9fs_do_mkdir(s, vs);
v9fs_create_post_mkdir(s, vs, err);
} else if (vs->perm & P9_STAT_MODE_SYMLINK) {
- err = v9fs_do_symlink(s, &vs->extension, &vs->fullname);
+ err = v9fs_do_symlink(s, vs);
v9fs_create_post_perms(s, vs, err);
} else if (vs->perm & P9_STAT_MODE_LINK) {
int32_t nfid = atoi(vs->extension.data);
@@ -1787,7 +1797,7 @@ static void v9fs_create_post_lstat(V9fsState *s, V9fsCreateState *vs, int err)
err = -errno;
v9fs_post_create(s, vs, err);
}
- err = v9fs_do_link(s, &nfidp->path, &vs->fullname);
+ err = v9fs_do_link(s, nfidp, vs);
v9fs_create_post_perms(s, vs, err);
} else if (vs->perm & P9_STAT_MODE_DEVICE) {
char ctype;
--
1.6.5.2
next prev parent reply other threads:[~2010-05-10 20:20 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-05-10 20:23 [Qemu-devel] [PATCH 0/6] virtio-9p:Introducing security model for VirtFS Venkateswararao Jujjuri (JV)
2010-05-10 20:23 ` [Qemu-devel] [PATCH 1/6] virtio-9p: Introduces an option to specify the security model Venkateswararao Jujjuri (JV)
2010-05-10 20:24 ` [Qemu-devel] [PATCH 2/6] virtio-9p: Rearrange fileop structures Venkateswararao Jujjuri (JV)
2010-05-10 20:24 ` [Qemu-devel] [PATCH 3/6] virtio-9p: modify create/open2 and mkdir for new security model Venkateswararao Jujjuri (JV)
2010-05-10 20:24 ` [Qemu-devel] [PATCH 4/6] virtio-9p: Implement Security model for mknod related files Venkateswararao Jujjuri (JV)
2010-05-10 20:24 ` Venkateswararao Jujjuri (JV) [this message]
2010-05-10 20:24 ` [Qemu-devel] [PATCH 6/6] virtio-9p: Implemented Security model for lstat and fstat Venkateswararao Jujjuri (JV)
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1273523044-26939-6-git-send-email-jvrao@linux.vnet.ibm.com \
--to=jvrao@linux.vnet.ibm.com \
--cc=aliguori@us.ibm.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).