From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:56080) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1a3R3C-0003hA-OK for qemu-devel@nongnu.org; Mon, 30 Nov 2015 11:11:42 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1a3R39-0003J6-Ih for qemu-devel@nongnu.org; Mon, 30 Nov 2015 11:11:38 -0500 Received: from e06smtp08.uk.ibm.com ([195.75.94.104]:43543) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1a3R39-0003Is-8k for qemu-devel@nongnu.org; Mon, 30 Nov 2015 11:11:35 -0500 Received: from localhost by e06smtp08.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Mon, 30 Nov 2015 16:11:34 -0000 Received: from b06cxnps4075.portsmouth.uk.ibm.com (d06relay12.portsmouth.uk.ibm.com [9.149.109.197]) by d06dlp03.portsmouth.uk.ibm.com (Postfix) with ESMTP id 9080F1B08061 for ; Mon, 30 Nov 2015 16:11:57 +0000 (GMT) Received: from d06av05.portsmouth.uk.ibm.com (d06av05.portsmouth.uk.ibm.com [9.149.37.229]) by b06cxnps4075.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id tAUGBW1s10092912 for ; Mon, 30 Nov 2015 16:11:32 GMT Received: from d06av05.portsmouth.uk.ibm.com (localhost [127.0.0.1]) by d06av05.portsmouth.uk.ibm.com (8.14.4/8.14.4/NCO v10.0 AVout) with ESMTP id tAUGBVWb029718 for ; Mon, 30 Nov 2015 09:11:31 -0700 From: Greg Kurz Date: Mon, 30 Nov 2015 17:11:19 +0100 Message-Id: <1448899880-24623-2-git-send-email-gkurz@linux.vnet.ibm.com> In-Reply-To: <1448899880-24623-1-git-send-email-gkurz@linux.vnet.ibm.com> References: <1448899880-24623-1-git-send-email-gkurz@linux.vnet.ibm.com> Subject: [Qemu-devel] [PULL 1/2] fsdev-proxy-helper: avoid TOC/TOU race List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: qemu-devel@nongnu.org Cc: Peter Maydell , Greg Kurz , "Aneesh Kumar K.V" , Paolo Bonzini From: Paolo Bonzini There is a minor time of check/time of use race between statfs and chroot. It can be fixed easily by stat-ing the root after it has been changed. Signed-off-by: Paolo Bonzini Reviewed-by: Greg Kurz Signed-off-by: Greg Kurz --- fsdev/virtfs-proxy-helper.c | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/fsdev/virtfs-proxy-helper.c b/fsdev/virtfs-proxy-helper.c index 9097d15c989c..ad1da0d6f530 100644 --- a/fsdev/virtfs-proxy-helper.c +++ b/fsdev/virtfs-proxy-helper.c @@ -1128,10 +1128,19 @@ int main(int argc, char **argv) } } + if (chdir("/") < 0) { + do_perror("chdir"); + goto error; + } + if (chroot(rpath) < 0) { + do_perror("chroot"); + goto error; + } + get_version = false; #ifdef FS_IOC_GETVERSION /* check whether underlying FS support IOC_GETVERSION */ - retval = statfs(rpath, &st_fs); + retval = statfs("/", &st_fs); if (!retval) { switch (st_fs.f_type) { case EXT2_SUPER_MAGIC: @@ -1144,16 +1153,7 @@ int main(int argc, char **argv) } #endif - if (chdir("/") < 0) { - do_perror("chdir"); - goto error; - } - if (chroot(rpath) < 0) { - do_perror("chroot"); - goto error; - } umask(0); - if (init_capabilities() < 0) { goto error; } -- 2.4.3