From: "Dr. David Alan Gilbert (git)" <dgilbert@redhat.com>
To: qemu-devel@nongnu.org, stefanha@redhat.com, vgoyal@redhat.com
Subject: [PATCH 043/104] virtiofsd: check input buffer size in fuse_lowlevel.c ops
Date: Thu, 12 Dec 2019 16:38:03 +0000 [thread overview]
Message-ID: <20191212163904.159893-44-dgilbert@redhat.com> (raw)
In-Reply-To: <20191212163904.159893-1-dgilbert@redhat.com>
From: Stefan Hajnoczi <stefanha@redhat.com>
Each FUSE operation involves parsing the input buffer. Currently the
code assumes the input buffer is large enough for the expected
arguments. This patch uses fuse_mbuf_iter to check the size.
Most operations are simple to convert. Some are more complicated due to
variable-length inputs or different sizes depending on the protocol
version.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
---
tools/virtiofsd/fuse_lowlevel.c | 581 +++++++++++++++++++++++++-------
1 file changed, 456 insertions(+), 125 deletions(-)
diff --git a/tools/virtiofsd/fuse_lowlevel.c b/tools/virtiofsd/fuse_lowlevel.c
index 4b1777b991..bd5ca2f157 100644
--- a/tools/virtiofsd/fuse_lowlevel.c
+++ b/tools/virtiofsd/fuse_lowlevel.c
@@ -18,6 +18,7 @@
#include <assert.h>
#include <errno.h>
#include <limits.h>
+#include <stdbool.h>
#include <stddef.h>
#include <stdio.h>
#include <stdlib.h>
@@ -26,7 +27,6 @@
#include <unistd.h>
-#define PARAM(inarg) (((char *)(inarg)) + sizeof(*(inarg)))
#define OFFSET_MAX 0x7fffffffffffffffLL
struct fuse_pollhandle {
@@ -708,9 +708,14 @@ int fuse_reply_lseek(fuse_req_t req, off_t off)
return send_reply_ok(req, &arg, sizeof(arg));
}
-static void do_lookup(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
+static void do_lookup(fuse_req_t req, fuse_ino_t nodeid,
+ struct fuse_mbuf_iter *iter)
{
- char *name = (char *)inarg;
+ const char *name = fuse_mbuf_iter_advance_str(iter);
+ if (!name) {
+ fuse_reply_err(req, EINVAL);
+ return;
+ }
if (req->se->op.lookup) {
req->se->op.lookup(req, nodeid, name);
@@ -719,9 +724,16 @@ static void do_lookup(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
}
}
-static void do_forget(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
+static void do_forget(fuse_req_t req, fuse_ino_t nodeid,
+ struct fuse_mbuf_iter *iter)
{
- struct fuse_forget_in *arg = (struct fuse_forget_in *)inarg;
+ struct fuse_forget_in *arg;
+
+ arg = fuse_mbuf_iter_advance(iter, sizeof(*arg));
+ if (!arg) {
+ fuse_reply_err(req, EINVAL);
+ return;
+ }
if (req->se->op.forget) {
req->se->op.forget(req, nodeid, arg->nlookup);
@@ -731,20 +743,48 @@ static void do_forget(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
}
static void do_batch_forget(fuse_req_t req, fuse_ino_t nodeid,
- const void *inarg)
+ struct fuse_mbuf_iter *iter)
{
- struct fuse_batch_forget_in *arg = (void *)inarg;
- struct fuse_forget_one *param = (void *)PARAM(arg);
- unsigned int i;
+ struct fuse_batch_forget_in *arg;
+ struct fuse_forget_data *forgets;
+ size_t scount;
(void)nodeid;
+ arg = fuse_mbuf_iter_advance(iter, sizeof(*arg));
+ if (!arg) {
+ fuse_reply_none(req);
+ return;
+ }
+
+ /*
+ * Prevent integer overflow. The compiler emits the following warning
+ * unless we use the scount local variable:
+ *
+ * error: comparison is always false due to limited range of data type
+ * [-Werror=type-limits]
+ *
+ * This may be true on 64-bit hosts but we need this check for 32-bit
+ * hosts.
+ */
+ scount = arg->count;
+ if (scount > SIZE_MAX / sizeof(forgets[0])) {
+ fuse_reply_none(req);
+ return;
+ }
+
+ forgets = fuse_mbuf_iter_advance(iter, arg->count * sizeof(forgets[0]));
+ if (!forgets) {
+ fuse_reply_none(req);
+ return;
+ }
+
if (req->se->op.forget_multi) {
- req->se->op.forget_multi(req, arg->count,
- (struct fuse_forget_data *)param);
+ req->se->op.forget_multi(req, arg->count, forgets);
} else if (req->se->op.forget) {
+ unsigned int i;
+
for (i = 0; i < arg->count; i++) {
- struct fuse_forget_one *forget = ¶m[i];
struct fuse_req *dummy_req;
dummy_req = fuse_ll_alloc_req(req->se);
@@ -756,7 +796,7 @@ static void do_batch_forget(fuse_req_t req, fuse_ino_t nodeid,
dummy_req->ctx = req->ctx;
dummy_req->ch = NULL;
- req->se->op.forget(dummy_req, forget->nodeid, forget->nlookup);
+ req->se->op.forget(dummy_req, forgets[i].ino, forgets[i].nlookup);
}
fuse_reply_none(req);
} else {
@@ -764,12 +804,19 @@ static void do_batch_forget(fuse_req_t req, fuse_ino_t nodeid,
}
}
-static void do_getattr(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
+static void do_getattr(fuse_req_t req, fuse_ino_t nodeid,
+ struct fuse_mbuf_iter *iter)
{
struct fuse_file_info *fip = NULL;
struct fuse_file_info fi;
- struct fuse_getattr_in *arg = (struct fuse_getattr_in *)inarg;
+ struct fuse_getattr_in *arg;
+
+ arg = fuse_mbuf_iter_advance(iter, sizeof(*arg));
+ if (!arg) {
+ fuse_reply_err(req, EINVAL);
+ return;
+ }
if (arg->getattr_flags & FUSE_GETATTR_FH) {
memset(&fi, 0, sizeof(fi));
@@ -784,14 +831,21 @@ static void do_getattr(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
}
}
-static void do_setattr(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
+static void do_setattr(fuse_req_t req, fuse_ino_t nodeid,
+ struct fuse_mbuf_iter *iter)
{
- struct fuse_setattr_in *arg = (struct fuse_setattr_in *)inarg;
-
if (req->se->op.setattr) {
+ struct fuse_setattr_in *arg;
struct fuse_file_info *fi = NULL;
struct fuse_file_info fi_store;
struct stat stbuf;
+
+ arg = fuse_mbuf_iter_advance(iter, sizeof(*arg));
+ if (!arg) {
+ fuse_reply_err(req, EINVAL);
+ return;
+ }
+
memset(&stbuf, 0, sizeof(stbuf));
convert_attr(arg, &stbuf);
if (arg->valid & FATTR_FH) {
@@ -812,9 +866,16 @@ static void do_setattr(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
}
}
-static void do_access(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
+static void do_access(fuse_req_t req, fuse_ino_t nodeid,
+ struct fuse_mbuf_iter *iter)
{
- struct fuse_access_in *arg = (struct fuse_access_in *)inarg;
+ struct fuse_access_in *arg;
+
+ arg = fuse_mbuf_iter_advance(iter, sizeof(*arg));
+ if (!arg) {
+ fuse_reply_err(req, EINVAL);
+ return;
+ }
if (req->se->op.access) {
req->se->op.access(req, nodeid, arg->mask);
@@ -823,9 +884,10 @@ static void do_access(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
}
}
-static void do_readlink(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
+static void do_readlink(fuse_req_t req, fuse_ino_t nodeid,
+ struct fuse_mbuf_iter *iter)
{
- (void)inarg;
+ (void)iter;
if (req->se->op.readlink) {
req->se->op.readlink(req, nodeid);
@@ -834,10 +896,18 @@ static void do_readlink(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
}
}
-static void do_mknod(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
+static void do_mknod(fuse_req_t req, fuse_ino_t nodeid,
+ struct fuse_mbuf_iter *iter)
{
- struct fuse_mknod_in *arg = (struct fuse_mknod_in *)inarg;
- char *name = PARAM(arg);
+ struct fuse_mknod_in *arg;
+ const char *name;
+
+ arg = fuse_mbuf_iter_advance(iter, sizeof(*arg));
+ name = fuse_mbuf_iter_advance_str(iter);
+ if (!arg || !name) {
+ fuse_reply_err(req, EINVAL);
+ return;
+ }
req->ctx.umask = arg->umask;
@@ -848,22 +918,37 @@ static void do_mknod(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
}
}
-static void do_mkdir(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
+static void do_mkdir(fuse_req_t req, fuse_ino_t nodeid,
+ struct fuse_mbuf_iter *iter)
{
- struct fuse_mkdir_in *arg = (struct fuse_mkdir_in *)inarg;
+ struct fuse_mkdir_in *arg;
+ const char *name;
+
+ arg = fuse_mbuf_iter_advance(iter, sizeof(*arg));
+ name = fuse_mbuf_iter_advance_str(iter);
+ if (!arg || !name) {
+ fuse_reply_err(req, EINVAL);
+ return;
+ }
req->ctx.umask = arg->umask;
if (req->se->op.mkdir) {
- req->se->op.mkdir(req, nodeid, PARAM(arg), arg->mode);
+ req->se->op.mkdir(req, nodeid, name, arg->mode);
} else {
fuse_reply_err(req, ENOSYS);
}
}
-static void do_unlink(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
+static void do_unlink(fuse_req_t req, fuse_ino_t nodeid,
+ struct fuse_mbuf_iter *iter)
{
- char *name = (char *)inarg;
+ const char *name = fuse_mbuf_iter_advance_str(iter);
+
+ if (!name) {
+ fuse_reply_err(req, EINVAL);
+ return;
+ }
if (req->se->op.unlink) {
req->se->op.unlink(req, nodeid, name);
@@ -872,9 +957,15 @@ static void do_unlink(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
}
}
-static void do_rmdir(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
+static void do_rmdir(fuse_req_t req, fuse_ino_t nodeid,
+ struct fuse_mbuf_iter *iter)
{
- char *name = (char *)inarg;
+ const char *name = fuse_mbuf_iter_advance_str(iter);
+
+ if (!name) {
+ fuse_reply_err(req, EINVAL);
+ return;
+ }
if (req->se->op.rmdir) {
req->se->op.rmdir(req, nodeid, name);
@@ -883,10 +974,16 @@ static void do_rmdir(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
}
}
-static void do_symlink(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
+static void do_symlink(fuse_req_t req, fuse_ino_t nodeid,
+ struct fuse_mbuf_iter *iter)
{
- char *name = (char *)inarg;
- char *linkname = ((char *)inarg) + strlen((char *)inarg) + 1;
+ const char *name = fuse_mbuf_iter_advance_str(iter);
+ const char *linkname = fuse_mbuf_iter_advance_str(iter);
+
+ if (!name || !linkname) {
+ fuse_reply_err(req, EINVAL);
+ return;
+ }
if (req->se->op.symlink) {
req->se->op.symlink(req, linkname, nodeid, name);
@@ -895,11 +992,20 @@ static void do_symlink(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
}
}
-static void do_rename(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
+static void do_rename(fuse_req_t req, fuse_ino_t nodeid,
+ struct fuse_mbuf_iter *iter)
{
- struct fuse_rename_in *arg = (struct fuse_rename_in *)inarg;
- char *oldname = PARAM(arg);
- char *newname = oldname + strlen(oldname) + 1;
+ struct fuse_rename_in *arg;
+ const char *oldname;
+ const char *newname;
+
+ arg = fuse_mbuf_iter_advance(iter, sizeof(*arg));
+ oldname = fuse_mbuf_iter_advance_str(iter);
+ newname = fuse_mbuf_iter_advance_str(iter);
+ if (!arg || !oldname || !newname) {
+ fuse_reply_err(req, EINVAL);
+ return;
+ }
if (req->se->op.rename) {
req->se->op.rename(req, nodeid, oldname, arg->newdir, newname, 0);
@@ -908,11 +1014,20 @@ static void do_rename(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
}
}
-static void do_rename2(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
+static void do_rename2(fuse_req_t req, fuse_ino_t nodeid,
+ struct fuse_mbuf_iter *iter)
{
- struct fuse_rename2_in *arg = (struct fuse_rename2_in *)inarg;
- char *oldname = PARAM(arg);
- char *newname = oldname + strlen(oldname) + 1;
+ struct fuse_rename2_in *arg;
+ const char *oldname;
+ const char *newname;
+
+ arg = fuse_mbuf_iter_advance(iter, sizeof(*arg));
+ oldname = fuse_mbuf_iter_advance_str(iter);
+ newname = fuse_mbuf_iter_advance_str(iter);
+ if (!arg || !oldname || !newname) {
+ fuse_reply_err(req, EINVAL);
+ return;
+ }
if (req->se->op.rename) {
req->se->op.rename(req, nodeid, oldname, arg->newdir, newname,
@@ -922,24 +1037,38 @@ static void do_rename2(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
}
}
-static void do_link(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
+static void do_link(fuse_req_t req, fuse_ino_t nodeid,
+ struct fuse_mbuf_iter *iter)
{
- struct fuse_link_in *arg = (struct fuse_link_in *)inarg;
+ struct fuse_link_in *arg = fuse_mbuf_iter_advance(iter, sizeof(*arg));
+ const char *name = fuse_mbuf_iter_advance_str(iter);
+
+ if (!arg || !name) {
+ fuse_reply_err(req, EINVAL);
+ return;
+ }
if (req->se->op.link) {
- req->se->op.link(req, arg->oldnodeid, nodeid, PARAM(arg));
+ req->se->op.link(req, arg->oldnodeid, nodeid, name);
} else {
fuse_reply_err(req, ENOSYS);
}
}
-static void do_create(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
+static void do_create(fuse_req_t req, fuse_ino_t nodeid,
+ struct fuse_mbuf_iter *iter)
{
- struct fuse_create_in *arg = (struct fuse_create_in *)inarg;
-
if (req->se->op.create) {
+ struct fuse_create_in *arg;
struct fuse_file_info fi;
- char *name = PARAM(arg);
+ const char *name;
+
+ arg = fuse_mbuf_iter_advance(iter, sizeof(*arg));
+ name = fuse_mbuf_iter_advance_str(iter);
+ if (!arg || !name) {
+ fuse_reply_err(req, EINVAL);
+ return;
+ }
memset(&fi, 0, sizeof(fi));
fi.flags = arg->flags;
@@ -952,11 +1081,18 @@ static void do_create(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
}
}
-static void do_open(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
+static void do_open(fuse_req_t req, fuse_ino_t nodeid,
+ struct fuse_mbuf_iter *iter)
{
- struct fuse_open_in *arg = (struct fuse_open_in *)inarg;
+ struct fuse_open_in *arg;
struct fuse_file_info fi;
+ arg = fuse_mbuf_iter_advance(iter, sizeof(*arg));
+ if (!arg) {
+ fuse_reply_err(req, EINVAL);
+ return;
+ }
+
memset(&fi, 0, sizeof(fi));
fi.flags = arg->flags;
@@ -967,13 +1103,15 @@ static void do_open(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
}
}
-static void do_read(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
+static void do_read(fuse_req_t req, fuse_ino_t nodeid,
+ struct fuse_mbuf_iter *iter)
{
- struct fuse_read_in *arg = (struct fuse_read_in *)inarg;
-
if (req->se->op.read) {
+ struct fuse_read_in *arg;
struct fuse_file_info fi;
+ arg = fuse_mbuf_iter_advance(iter, sizeof(*arg));
+
memset(&fi, 0, sizeof(fi));
fi.fh = arg->fh;
fi.lock_owner = arg->lock_owner;
@@ -984,11 +1122,24 @@ static void do_read(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
}
}
-static void do_write(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
+static void do_write(fuse_req_t req, fuse_ino_t nodeid,
+ struct fuse_mbuf_iter *iter)
{
- struct fuse_write_in *arg = (struct fuse_write_in *)inarg;
+ struct fuse_write_in *arg;
struct fuse_file_info fi;
- char *param;
+ const char *param;
+
+ arg = fuse_mbuf_iter_advance(iter, sizeof(*arg));
+ if (!arg) {
+ fuse_reply_err(req, EINVAL);
+ return;
+ }
+
+ param = fuse_mbuf_iter_advance(iter, arg->size);
+ if (!param) {
+ fuse_reply_err(req, EINVAL);
+ return;
+ }
memset(&fi, 0, sizeof(fi));
fi.fh = arg->fh;
@@ -996,7 +1147,6 @@ static void do_write(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
fi.lock_owner = arg->lock_owner;
fi.flags = arg->flags;
- param = PARAM(arg);
if (req->se->op.write) {
req->se->op.write(req, nodeid, param, arg->size, arg->offset, &fi);
@@ -1054,11 +1204,18 @@ static void do_write_buf(fuse_req_t req, fuse_ino_t nodeid,
se->op.write_buf(req, nodeid, pbufv, arg->offset, &fi);
}
-static void do_flush(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
+static void do_flush(fuse_req_t req, fuse_ino_t nodeid,
+ struct fuse_mbuf_iter *iter)
{
- struct fuse_flush_in *arg = (struct fuse_flush_in *)inarg;
+ struct fuse_flush_in *arg;
struct fuse_file_info fi;
+ arg = fuse_mbuf_iter_advance(iter, sizeof(*arg));
+ if (!arg) {
+ fuse_reply_err(req, EINVAL);
+ return;
+ }
+
memset(&fi, 0, sizeof(fi));
fi.fh = arg->fh;
fi.flush = 1;
@@ -1071,19 +1228,26 @@ static void do_flush(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
}
}
-static void do_release(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
+static void do_release(fuse_req_t req, fuse_ino_t nodeid,
+ struct fuse_mbuf_iter *iter)
{
- struct fuse_release_in *arg = (struct fuse_release_in *)inarg;
+ struct fuse_release_in *arg;
struct fuse_file_info fi;
+ arg = fuse_mbuf_iter_advance(iter, sizeof(*arg));
+ if (!arg) {
+ fuse_reply_err(req, EINVAL);
+ return;
+ }
+
memset(&fi, 0, sizeof(fi));
fi.flags = arg->flags;
fi.fh = arg->fh;
fi.flush = (arg->release_flags & FUSE_RELEASE_FLUSH) ? 1 : 0;
fi.lock_owner = arg->lock_owner;
+
if (arg->release_flags & FUSE_RELEASE_FLOCK_UNLOCK) {
fi.flock_release = 1;
- fi.lock_owner = arg->lock_owner;
}
if (req->se->op.release) {
@@ -1093,11 +1257,19 @@ static void do_release(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
}
}
-static void do_fsync(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
+static void do_fsync(fuse_req_t req, fuse_ino_t nodeid,
+ struct fuse_mbuf_iter *iter)
{
- struct fuse_fsync_in *arg = (struct fuse_fsync_in *)inarg;
+ struct fuse_fsync_in *arg;
struct fuse_file_info fi;
- int datasync = arg->fsync_flags & 1;
+ int datasync;
+
+ arg = fuse_mbuf_iter_advance(iter, sizeof(*arg));
+ if (!arg) {
+ fuse_reply_err(req, EINVAL);
+ return;
+ }
+ datasync = arg->fsync_flags & 1;
memset(&fi, 0, sizeof(fi));
fi.fh = arg->fh;
@@ -1113,11 +1285,18 @@ static void do_fsync(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
}
}
-static void do_opendir(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
+static void do_opendir(fuse_req_t req, fuse_ino_t nodeid,
+ struct fuse_mbuf_iter *iter)
{
- struct fuse_open_in *arg = (struct fuse_open_in *)inarg;
+ struct fuse_open_in *arg;
struct fuse_file_info fi;
+ arg = fuse_mbuf_iter_advance(iter, sizeof(*arg));
+ if (!arg) {
+ fuse_reply_err(req, EINVAL);
+ return;
+ }
+
memset(&fi, 0, sizeof(fi));
fi.flags = arg->flags;
@@ -1128,11 +1307,18 @@ static void do_opendir(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
}
}
-static void do_readdir(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
+static void do_readdir(fuse_req_t req, fuse_ino_t nodeid,
+ struct fuse_mbuf_iter *iter)
{
- struct fuse_read_in *arg = (struct fuse_read_in *)inarg;
+ struct fuse_read_in *arg;
struct fuse_file_info fi;
+ arg = fuse_mbuf_iter_advance(iter, sizeof(*arg));
+ if (!arg) {
+ fuse_reply_err(req, EINVAL);
+ return;
+ }
+
memset(&fi, 0, sizeof(fi));
fi.fh = arg->fh;
@@ -1143,11 +1329,18 @@ static void do_readdir(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
}
}
-static void do_readdirplus(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
+static void do_readdirplus(fuse_req_t req, fuse_ino_t nodeid,
+ struct fuse_mbuf_iter *iter)
{
- struct fuse_read_in *arg = (struct fuse_read_in *)inarg;
+ struct fuse_read_in *arg;
struct fuse_file_info fi;
+ arg = fuse_mbuf_iter_advance(iter, sizeof(*arg));
+ if (!arg) {
+ fuse_reply_err(req, EINVAL);
+ return;
+ }
+
memset(&fi, 0, sizeof(fi));
fi.fh = arg->fh;
@@ -1158,11 +1351,18 @@ static void do_readdirplus(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
}
}
-static void do_releasedir(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
+static void do_releasedir(fuse_req_t req, fuse_ino_t nodeid,
+ struct fuse_mbuf_iter *iter)
{
- struct fuse_release_in *arg = (struct fuse_release_in *)inarg;
+ struct fuse_release_in *arg;
struct fuse_file_info fi;
+ arg = fuse_mbuf_iter_advance(iter, sizeof(*arg));
+ if (!arg) {
+ fuse_reply_err(req, EINVAL);
+ return;
+ }
+
memset(&fi, 0, sizeof(fi));
fi.flags = arg->flags;
fi.fh = arg->fh;
@@ -1174,11 +1374,19 @@ static void do_releasedir(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
}
}
-static void do_fsyncdir(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
+static void do_fsyncdir(fuse_req_t req, fuse_ino_t nodeid,
+ struct fuse_mbuf_iter *iter)
{
- struct fuse_fsync_in *arg = (struct fuse_fsync_in *)inarg;
+ struct fuse_fsync_in *arg;
struct fuse_file_info fi;
- int datasync = arg->fsync_flags & 1;
+ int datasync;
+
+ arg = fuse_mbuf_iter_advance(iter, sizeof(*arg));
+ if (!arg) {
+ fuse_reply_err(req, EINVAL);
+ return;
+ }
+ datasync = arg->fsync_flags & 1;
memset(&fi, 0, sizeof(fi));
fi.fh = arg->fh;
@@ -1190,10 +1398,11 @@ static void do_fsyncdir(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
}
}
-static void do_statfs(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
+static void do_statfs(fuse_req_t req, fuse_ino_t nodeid,
+ struct fuse_mbuf_iter *iter)
{
(void)nodeid;
- (void)inarg;
+ (void)iter;
if (req->se->op.statfs) {
req->se->op.statfs(req, nodeid);
@@ -1206,11 +1415,25 @@ static void do_statfs(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
}
}
-static void do_setxattr(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
+static void do_setxattr(fuse_req_t req, fuse_ino_t nodeid,
+ struct fuse_mbuf_iter *iter)
{
- struct fuse_setxattr_in *arg = (struct fuse_setxattr_in *)inarg;
- char *name = PARAM(arg);
- char *value = name + strlen(name) + 1;
+ struct fuse_setxattr_in *arg;
+ const char *name;
+ const char *value;
+
+ arg = fuse_mbuf_iter_advance(iter, sizeof(*arg));
+ name = fuse_mbuf_iter_advance_str(iter);
+ if (!arg || !name) {
+ fuse_reply_err(req, EINVAL);
+ return;
+ }
+
+ value = fuse_mbuf_iter_advance(iter, arg->size);
+ if (!value) {
+ fuse_reply_err(req, EINVAL);
+ return;
+ }
if (req->se->op.setxattr) {
req->se->op.setxattr(req, nodeid, name, value, arg->size, arg->flags);
@@ -1219,20 +1442,36 @@ static void do_setxattr(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
}
}
-static void do_getxattr(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
+static void do_getxattr(fuse_req_t req, fuse_ino_t nodeid,
+ struct fuse_mbuf_iter *iter)
{
- struct fuse_getxattr_in *arg = (struct fuse_getxattr_in *)inarg;
+ struct fuse_getxattr_in *arg;
+ const char *name;
+
+ arg = fuse_mbuf_iter_advance(iter, sizeof(*arg));
+ name = fuse_mbuf_iter_advance_str(iter);
+ if (!arg || !name) {
+ fuse_reply_err(req, EINVAL);
+ return;
+ }
if (req->se->op.getxattr) {
- req->se->op.getxattr(req, nodeid, PARAM(arg), arg->size);
+ req->se->op.getxattr(req, nodeid, name, arg->size);
} else {
fuse_reply_err(req, ENOSYS);
}
}
-static void do_listxattr(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
+static void do_listxattr(fuse_req_t req, fuse_ino_t nodeid,
+ struct fuse_mbuf_iter *iter)
{
- struct fuse_getxattr_in *arg = (struct fuse_getxattr_in *)inarg;
+ struct fuse_getxattr_in *arg;
+
+ arg = fuse_mbuf_iter_advance(iter, sizeof(*arg));
+ if (!arg) {
+ fuse_reply_err(req, EINVAL);
+ return;
+ }
if (req->se->op.listxattr) {
req->se->op.listxattr(req, nodeid, arg->size);
@@ -1241,9 +1480,15 @@ static void do_listxattr(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
}
}
-static void do_removexattr(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
+static void do_removexattr(fuse_req_t req, fuse_ino_t nodeid,
+ struct fuse_mbuf_iter *iter)
{
- char *name = (char *)inarg;
+ const char *name = fuse_mbuf_iter_advance_str(iter);
+
+ if (!name) {
+ fuse_reply_err(req, EINVAL);
+ return;
+ }
if (req->se->op.removexattr) {
req->se->op.removexattr(req, nodeid, name);
@@ -1267,12 +1512,19 @@ static void convert_fuse_file_lock(struct fuse_file_lock *fl,
flock->l_pid = fl->pid;
}
-static void do_getlk(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
+static void do_getlk(fuse_req_t req, fuse_ino_t nodeid,
+ struct fuse_mbuf_iter *iter)
{
- struct fuse_lk_in *arg = (struct fuse_lk_in *)inarg;
+ struct fuse_lk_in *arg;
struct fuse_file_info fi;
struct flock flock;
+ arg = fuse_mbuf_iter_advance(iter, sizeof(*arg));
+ if (!arg) {
+ fuse_reply_err(req, EINVAL);
+ return;
+ }
+
memset(&fi, 0, sizeof(fi));
fi.fh = arg->fh;
fi.lock_owner = arg->owner;
@@ -1286,12 +1538,18 @@ static void do_getlk(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
}
static void do_setlk_common(fuse_req_t req, fuse_ino_t nodeid,
- const void *inarg, int sleep)
+ struct fuse_mbuf_iter *iter, int sleep)
{
- struct fuse_lk_in *arg = (struct fuse_lk_in *)inarg;
+ struct fuse_lk_in *arg;
struct fuse_file_info fi;
struct flock flock;
+ arg = fuse_mbuf_iter_advance(iter, sizeof(*arg));
+ if (!arg) {
+ fuse_reply_err(req, EINVAL);
+ return;
+ }
+
memset(&fi, 0, sizeof(fi));
fi.fh = arg->fh;
fi.lock_owner = arg->owner;
@@ -1329,14 +1587,16 @@ static void do_setlk_common(fuse_req_t req, fuse_ino_t nodeid,
}
}
-static void do_setlk(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
+static void do_setlk(fuse_req_t req, fuse_ino_t nodeid,
+ struct fuse_mbuf_iter *iter)
{
- do_setlk_common(req, nodeid, inarg, 0);
+ do_setlk_common(req, nodeid, iter, 0);
}
-static void do_setlkw(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
+static void do_setlkw(fuse_req_t req, fuse_ino_t nodeid,
+ struct fuse_mbuf_iter *iter)
{
- do_setlk_common(req, nodeid, inarg, 1);
+ do_setlk_common(req, nodeid, iter, 1);
}
static int find_interrupted(struct fuse_session *se, struct fuse_req *req)
@@ -1381,12 +1641,20 @@ static int find_interrupted(struct fuse_session *se, struct fuse_req *req)
return 0;
}
-static void do_interrupt(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
+static void do_interrupt(fuse_req_t req, fuse_ino_t nodeid,
+ struct fuse_mbuf_iter *iter)
{
- struct fuse_interrupt_in *arg = (struct fuse_interrupt_in *)inarg;
+ struct fuse_interrupt_in *arg;
struct fuse_session *se = req->se;
(void)nodeid;
+
+ arg = fuse_mbuf_iter_advance(iter, sizeof(*arg));
+ if (!arg) {
+ fuse_reply_err(req, EINVAL);
+ return;
+ }
+
if (se->debug) {
fuse_log(FUSE_LOG_DEBUG, "INTERRUPT: %llu\n",
(unsigned long long)arg->unique);
@@ -1427,9 +1695,15 @@ static struct fuse_req *check_interrupt(struct fuse_session *se,
}
}
-static void do_bmap(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
+static void do_bmap(fuse_req_t req, fuse_ino_t nodeid,
+ struct fuse_mbuf_iter *iter)
{
- struct fuse_bmap_in *arg = (struct fuse_bmap_in *)inarg;
+ struct fuse_bmap_in *arg = fuse_mbuf_iter_advance(iter, sizeof(*arg));
+
+ if (!arg) {
+ fuse_reply_err(req, EINVAL);
+ return;
+ }
if (req->se->op.bmap) {
req->se->op.bmap(req, nodeid, arg->blocksize, arg->block);
@@ -1438,18 +1712,34 @@ static void do_bmap(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
}
}
-static void do_ioctl(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
+static void do_ioctl(fuse_req_t req, fuse_ino_t nodeid,
+ struct fuse_mbuf_iter *iter)
{
- struct fuse_ioctl_in *arg = (struct fuse_ioctl_in *)inarg;
- unsigned int flags = arg->flags;
- void *in_buf = arg->in_size ? PARAM(arg) : NULL;
+ struct fuse_ioctl_in *arg;
+ unsigned int flags;
+ void *in_buf = NULL;
struct fuse_file_info fi;
+ arg = fuse_mbuf_iter_advance(iter, sizeof(*arg));
+ if (!arg) {
+ fuse_reply_err(req, EINVAL);
+ return;
+ }
+
+ flags = arg->flags;
if (flags & FUSE_IOCTL_DIR && !(req->se->conn.want & FUSE_CAP_IOCTL_DIR)) {
fuse_reply_err(req, ENOTTY);
return;
}
+ if (arg->in_size) {
+ in_buf = fuse_mbuf_iter_advance(iter, arg->in_size);
+ if (!in_buf) {
+ fuse_reply_err(req, EINVAL);
+ return;
+ }
+ }
+
memset(&fi, 0, sizeof(fi));
fi.fh = arg->fh;
@@ -1470,11 +1760,18 @@ void fuse_pollhandle_destroy(struct fuse_pollhandle *ph)
free(ph);
}
-static void do_poll(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
+static void do_poll(fuse_req_t req, fuse_ino_t nodeid,
+ struct fuse_mbuf_iter *iter)
{
- struct fuse_poll_in *arg = (struct fuse_poll_in *)inarg;
+ struct fuse_poll_in *arg;
struct fuse_file_info fi;
+ arg = fuse_mbuf_iter_advance(iter, sizeof(*arg));
+ if (!arg) {
+ fuse_reply_err(req, EINVAL);
+ return;
+ }
+
memset(&fi, 0, sizeof(fi));
fi.fh = arg->fh;
fi.poll_events = arg->events;
@@ -1498,11 +1795,18 @@ static void do_poll(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
}
}
-static void do_fallocate(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
+static void do_fallocate(fuse_req_t req, fuse_ino_t nodeid,
+ struct fuse_mbuf_iter *iter)
{
- struct fuse_fallocate_in *arg = (struct fuse_fallocate_in *)inarg;
+ struct fuse_fallocate_in *arg;
struct fuse_file_info fi;
+ arg = fuse_mbuf_iter_advance(iter, sizeof(*arg));
+ if (!arg) {
+ fuse_reply_err(req, EINVAL);
+ return;
+ }
+
memset(&fi, 0, sizeof(fi));
fi.fh = arg->fh;
@@ -1515,12 +1819,17 @@ static void do_fallocate(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
}
static void do_copy_file_range(fuse_req_t req, fuse_ino_t nodeid_in,
- const void *inarg)
+ struct fuse_mbuf_iter *iter)
{
- struct fuse_copy_file_range_in *arg =
- (struct fuse_copy_file_range_in *)inarg;
+ struct fuse_copy_file_range_in *arg;
struct fuse_file_info fi_in, fi_out;
+ arg = fuse_mbuf_iter_advance(iter, sizeof(*arg));
+ if (!arg) {
+ fuse_reply_err(req, EINVAL);
+ return;
+ }
+
memset(&fi_in, 0, sizeof(fi_in));
fi_in.fh = arg->fh_in;
@@ -1537,11 +1846,17 @@ static void do_copy_file_range(fuse_req_t req, fuse_ino_t nodeid_in,
}
}
-static void do_lseek(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
+static void do_lseek(fuse_req_t req, fuse_ino_t nodeid,
+ struct fuse_mbuf_iter *iter)
{
- struct fuse_lseek_in *arg = (struct fuse_lseek_in *)inarg;
+ struct fuse_lseek_in *arg;
struct fuse_file_info fi;
+ arg = fuse_mbuf_iter_advance(iter, sizeof(*arg));
+ if (!arg) {
+ fuse_reply_err(req, EINVAL);
+ return;
+ }
memset(&fi, 0, sizeof(fi));
fi.fh = arg->fh;
@@ -1552,15 +1867,33 @@ static void do_lseek(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
}
}
-static void do_init(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
+static void do_init(fuse_req_t req, fuse_ino_t nodeid,
+ struct fuse_mbuf_iter *iter)
{
- struct fuse_init_in *arg = (struct fuse_init_in *)inarg;
+ size_t compat_size = offsetof(struct fuse_init_in, max_readahead);
+ struct fuse_init_in *arg;
struct fuse_init_out outarg;
struct fuse_session *se = req->se;
size_t bufsize = se->bufsize;
size_t outargsize = sizeof(outarg);
(void)nodeid;
+
+ /* First consume the old fields... */
+ arg = fuse_mbuf_iter_advance(iter, compat_size);
+ if (!arg) {
+ fuse_reply_err(req, EINVAL);
+ return;
+ }
+
+ /* ...and now consume the new fields. */
+ if (arg->major == 7 && arg->minor >= 6) {
+ if (!fuse_mbuf_iter_advance(iter, sizeof(*arg) - compat_size)) {
+ fuse_reply_err(req, EINVAL);
+ return;
+ }
+ }
+
if (se->debug) {
fuse_log(FUSE_LOG_DEBUG, "INIT: %u.%u\n", arg->major, arg->minor);
if (arg->major == 7 && arg->minor >= 6) {
@@ -1793,12 +2126,13 @@ static void do_init(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
send_reply_ok(req, &outarg, outargsize);
}
-static void do_destroy(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
+static void do_destroy(fuse_req_t req, fuse_ino_t nodeid,
+ struct fuse_mbuf_iter *iter)
{
struct fuse_session *se = req->se;
(void)nodeid;
- (void)inarg;
+ (void)iter;
se->got_destroy = 1;
if (se->op.destroy) {
@@ -1979,7 +2313,7 @@ int fuse_req_interrupted(fuse_req_t req)
}
static struct {
- void (*func)(fuse_req_t, fuse_ino_t, const void *);
+ void (*func)(fuse_req_t, fuse_ino_t, struct fuse_mbuf_iter *);
const char *name;
} fuse_ll_ops[] = {
[FUSE_LOOKUP] = { do_lookup, "LOOKUP" },
@@ -2063,7 +2397,6 @@ void fuse_session_process_buf_int(struct fuse_session *se,
const struct fuse_buf *buf = bufv->buf;
struct fuse_mbuf_iter iter = FUSE_MBUF_ITER_INIT(buf);
struct fuse_in_header *in;
- const void *inarg;
struct fuse_req *req;
int err;
@@ -2141,13 +2474,11 @@ void fuse_session_process_buf_int(struct fuse_session *se,
}
}
- inarg = (void *)&in[1];
if (in->opcode == FUSE_WRITE && se->op.write_buf) {
do_write_buf(req, in->nodeid, &iter, bufv);
} else {
- fuse_ll_ops[in->opcode].func(req, in->nodeid, inarg);
+ fuse_ll_ops[in->opcode].func(req, in->nodeid, &iter);
}
-
return;
reply_err:
--
2.23.0
next prev parent reply other threads:[~2019-12-12 17:13 UTC|newest]
Thread overview: 307+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-12-12 16:37 [PATCH 000/104] virtiofs daemon [all] Dr. David Alan Gilbert (git)
2019-12-12 16:37 ` [PATCH 001/104] virtiofsd: Pull in upstream headers Dr. David Alan Gilbert (git)
2020-01-03 11:54 ` Daniel P. Berrangé
2020-01-15 17:38 ` Philippe Mathieu-Daudé
2019-12-12 16:37 ` [PATCH 002/104] virtiofsd: Pull in kernel's fuse.h Dr. David Alan Gilbert (git)
2020-01-03 11:56 ` Daniel P. Berrangé
2019-12-12 16:37 ` [PATCH 003/104] virtiofsd: Add auxiliary .c's Dr. David Alan Gilbert (git)
2020-01-03 11:57 ` Daniel P. Berrangé
2019-12-12 16:37 ` [PATCH 004/104] virtiofsd: Add fuse_lowlevel.c Dr. David Alan Gilbert (git)
2020-01-03 11:58 ` Daniel P. Berrangé
2019-12-12 16:37 ` [PATCH 005/104] virtiofsd: Add passthrough_ll Dr. David Alan Gilbert (git)
2020-01-03 12:01 ` Daniel P. Berrangé
2020-01-03 12:15 ` Dr. David Alan Gilbert
2020-01-03 12:33 ` Daniel P. Berrangé
2020-01-03 14:37 ` Dr. David Alan Gilbert
2019-12-12 16:37 ` [PATCH 006/104] virtiofsd: Trim down imported files Dr. David Alan Gilbert (git)
2020-01-03 12:02 ` Daniel P. Berrangé
2020-01-21 9:58 ` Xiao Yang
2020-01-21 10:51 ` Dr. David Alan Gilbert
2020-01-22 0:57 ` Xiao Yang
2019-12-12 16:37 ` [PATCH 007/104] virtiofsd: Format imported files to qemu style Dr. David Alan Gilbert (git)
2020-01-03 12:04 ` Daniel P. Berrangé
2020-01-09 12:21 ` Aleksandar Markovic
2019-12-12 16:37 ` [PATCH 008/104] virtiofsd: remove mountpoint dummy argument Dr. David Alan Gilbert (git)
2020-01-03 12:12 ` Daniel P. Berrangé
2019-12-12 16:37 ` [PATCH 009/104] virtiofsd: remove unused notify reply support Dr. David Alan Gilbert (git)
2020-01-03 12:14 ` Daniel P. Berrangé
2019-12-12 16:37 ` [PATCH 010/104] virtiofsd: Fix fuse_daemonize ignored return values Dr. David Alan Gilbert (git)
2020-01-03 12:18 ` Daniel P. Berrangé
2019-12-12 16:37 ` [PATCH 011/104] virtiofsd: Fix common header and define for QEMU builds Dr. David Alan Gilbert (git)
2020-01-03 12:22 ` Daniel P. Berrangé
2020-01-06 16:29 ` Dr. David Alan Gilbert
2019-12-12 16:37 ` [PATCH 012/104] virtiofsd: Trim out compatibility code Dr. David Alan Gilbert (git)
2020-01-03 12:26 ` Daniel P. Berrangé
2019-12-12 16:37 ` [PATCH 013/104] virtiofsd: Make fsync work even if only inode is passed in Dr. David Alan Gilbert (git)
2020-01-03 15:13 ` Daniel P. Berrangé
2019-12-12 16:37 ` [PATCH 014/104] virtiofsd: Add options for virtio Dr. David Alan Gilbert (git)
2020-01-03 15:18 ` Daniel P. Berrangé
2020-01-10 16:01 ` Dr. David Alan Gilbert
2019-12-12 16:37 ` [PATCH 015/104] virtiofsd: add -o source=PATH to help output Dr. David Alan Gilbert (git)
2020-01-03 15:18 ` Daniel P. Berrangé
2019-12-12 16:37 ` [PATCH 016/104] virtiofsd: Open vhost connection instead of mounting Dr. David Alan Gilbert (git)
2020-01-03 15:21 ` Daniel P. Berrangé
2020-01-21 6:57 ` Misono Tomohiro
2020-01-21 11:38 ` Dr. David Alan Gilbert
2019-12-12 16:37 ` [PATCH 017/104] virtiofsd: Start wiring up vhost-user Dr. David Alan Gilbert (git)
2020-01-03 15:25 ` Daniel P. Berrangé
2019-12-12 16:37 ` [PATCH 018/104] virtiofsd: Add main virtio loop Dr. David Alan Gilbert (git)
2020-01-03 15:26 ` Daniel P. Berrangé
2019-12-12 16:37 ` [PATCH 019/104] virtiofsd: get/set features callbacks Dr. David Alan Gilbert (git)
2020-01-03 15:26 ` Daniel P. Berrangé
2019-12-12 16:37 ` [PATCH 020/104] virtiofsd: Start queue threads Dr. David Alan Gilbert (git)
2020-01-03 15:27 ` Daniel P. Berrangé
2019-12-12 16:37 ` [PATCH 021/104] virtiofsd: Poll kick_fd for queue Dr. David Alan Gilbert (git)
2020-01-03 15:33 ` Daniel P. Berrangé
2019-12-12 16:37 ` [PATCH 022/104] virtiofsd: Start reading commands from queue Dr. David Alan Gilbert (git)
2020-01-03 15:34 ` Daniel P. Berrangé
2019-12-12 16:37 ` [PATCH 023/104] virtiofsd: Send replies to messages Dr. David Alan Gilbert (git)
2020-01-03 15:36 ` Daniel P. Berrangé
2019-12-12 16:37 ` [PATCH 024/104] virtiofsd: Keep track of replies Dr. David Alan Gilbert (git)
2020-01-03 15:41 ` Daniel P. Berrangé
2019-12-12 16:37 ` [PATCH 025/104] virtiofsd: Add Makefile wiring for virtiofsd contrib Dr. David Alan Gilbert (git)
2019-12-13 16:02 ` Liam Merwick
2019-12-13 16:56 ` Dr. David Alan Gilbert
2020-01-03 15:41 ` Daniel P. Berrangé
2019-12-12 16:37 ` [PATCH 026/104] virtiofsd: Fast path for virtio read Dr. David Alan Gilbert (git)
2020-01-17 18:54 ` Masayoshi Mizuma
2020-01-20 12:32 ` Dr. David Alan Gilbert
2019-12-12 16:37 ` [PATCH 027/104] virtiofsd: add --fd=FDNUM fd passing option Dr. David Alan Gilbert (git)
2020-01-06 14:12 ` Daniel P. Berrangé
2019-12-12 16:37 ` [PATCH 028/104] virtiofsd: make -f (foreground) the default Dr. David Alan Gilbert (git)
2020-01-06 14:19 ` Daniel P. Berrangé
2019-12-12 16:37 ` [PATCH 029/104] virtiofsd: add vhost-user.json file Dr. David Alan Gilbert (git)
2020-01-06 14:19 ` Daniel P. Berrangé
2019-12-12 16:37 ` [PATCH 030/104] virtiofsd: add --print-capabilities option Dr. David Alan Gilbert (git)
2020-01-06 14:20 ` Daniel P. Berrangé
2019-12-12 16:37 ` [PATCH 031/104] virtiofs: Add maintainers entry Dr. David Alan Gilbert (git)
2020-01-06 14:21 ` Daniel P. Berrangé
2020-01-15 17:19 ` Philippe Mathieu-Daudé
2019-12-12 16:37 ` [PATCH 032/104] virtiofsd: passthrough_ll: create new files in caller's context Dr. David Alan Gilbert (git)
2020-01-06 14:30 ` Daniel P. Berrangé
2020-01-06 19:00 ` Dr. David Alan Gilbert
2020-01-06 19:08 ` Dr. David Alan Gilbert
2020-01-07 9:22 ` Daniel P. Berrangé
2020-01-10 13:05 ` Dr. David Alan Gilbert
2019-12-12 16:37 ` [PATCH 033/104] virtiofsd: passthrough_ll: add lo_map for ino/fh indirection Dr. David Alan Gilbert (git)
2020-01-17 21:44 ` Masayoshi Mizuma
2019-12-12 16:37 ` [PATCH 034/104] virtiofsd: passthrough_ll: add ino_map to hide lo_inode pointers Dr. David Alan Gilbert (git)
2020-01-17 21:45 ` Masayoshi Mizuma
2019-12-12 16:37 ` [PATCH 035/104] virtiofsd: passthrough_ll: add dirp_map to hide lo_dirp pointers Dr. David Alan Gilbert (git)
2020-01-17 13:58 ` Philippe Mathieu-Daudé
2019-12-12 16:37 ` [PATCH 036/104] virtiofsd: passthrough_ll: add fd_map to hide file descriptors Dr. David Alan Gilbert (git)
2020-01-17 22:32 ` Masayoshi Mizuma
2019-12-12 16:37 ` [PATCH 037/104] virtiofsd: passthrough_ll: add fallback for racy ops Dr. David Alan Gilbert (git)
2020-01-18 16:22 ` Masayoshi Mizuma
2020-01-20 13:26 ` Dr. David Alan Gilbert
2019-12-12 16:37 ` [PATCH 038/104] virtiofsd: validate path components Dr. David Alan Gilbert (git)
2020-01-06 14:32 ` Daniel P. Berrangé
2019-12-12 16:37 ` [PATCH 039/104] virtiofsd: Plumb fuse_bufvec through to do_write_buf Dr. David Alan Gilbert (git)
2020-01-17 21:01 ` Masayoshi Mizuma
2019-12-12 16:38 ` [PATCH 040/104] virtiofsd: Pass write iov's all the way through Dr. David Alan Gilbert (git)
2020-01-19 8:08 ` Xiao Yang
2020-01-20 8:24 ` Philippe Mathieu-Daudé
2020-01-20 13:28 ` Dr. David Alan Gilbert
2019-12-12 16:38 ` [PATCH 041/104] virtiofsd: add fuse_mbuf_iter API Dr. David Alan Gilbert (git)
2020-01-16 14:17 ` Sergio Lopez
2019-12-12 16:38 ` [PATCH 042/104] virtiofsd: validate input buffer sizes in do_write_buf() Dr. David Alan Gilbert (git)
2020-01-16 14:19 ` Sergio Lopez
2019-12-12 16:38 ` Dr. David Alan Gilbert (git) [this message]
2020-01-16 14:25 ` [PATCH 043/104] virtiofsd: check input buffer size in fuse_lowlevel.c ops Sergio Lopez
2019-12-12 16:38 ` [PATCH 044/104] virtiofsd: prevent ".." escape in lo_do_lookup() Dr. David Alan Gilbert (git)
2020-01-16 14:33 ` Sergio Lopez
2019-12-12 16:38 ` [PATCH 045/104] virtiofsd: prevent ".." escape in lo_do_readdir() Dr. David Alan Gilbert (git)
2020-01-16 14:35 ` Sergio Lopez
2019-12-12 16:38 ` [PATCH 046/104] virtiofsd: use /proc/self/fd/ O_PATH file descriptor Dr. David Alan Gilbert (git)
2020-01-15 18:09 ` Philippe Mathieu-Daudé
2020-01-17 9:42 ` Dr. David Alan Gilbert
2019-12-12 16:38 ` [PATCH 047/104] virtiofsd: sandbox mount namespace Dr. David Alan Gilbert (git)
2020-01-06 14:36 ` Daniel P. Berrangé
2019-12-12 16:38 ` [PATCH 048/104] virtiofsd: move to an empty network namespace Dr. David Alan Gilbert (git)
2020-01-06 14:37 ` Daniel P. Berrangé
2019-12-12 16:38 ` [PATCH 049/104] virtiofsd: move to a new pid namespace Dr. David Alan Gilbert (git)
2020-01-06 14:40 ` Daniel P. Berrangé
2019-12-12 16:38 ` [PATCH 050/104] virtiofsd: add seccomp whitelist Dr. David Alan Gilbert (git)
2020-01-06 14:56 ` Daniel P. Berrangé
2020-01-06 18:54 ` Dr. David Alan Gilbert
2019-12-12 16:38 ` [PATCH 051/104] virtiofsd: Parse flag FUSE_WRITE_KILL_PRIV Dr. David Alan Gilbert (git)
2020-01-15 12:06 ` Misono Tomohiro
2020-01-15 14:34 ` Dr. David Alan Gilbert
2020-01-16 14:37 ` Sergio Lopez
2019-12-12 16:38 ` [PATCH 052/104] virtiofsd: cap-ng helpers Dr. David Alan Gilbert (git)
2020-01-06 14:58 ` Daniel P. Berrangé
2019-12-12 16:38 ` [PATCH 053/104] virtiofsd: Drop CAP_FSETID if client asked for it Dr. David Alan Gilbert (git)
2020-01-16 4:41 ` Misono Tomohiro
2020-01-16 15:21 ` Sergio Lopez
2019-12-12 16:38 ` [PATCH 054/104] virtiofsd: set maximum RLIMIT_NOFILE limit Dr. David Alan Gilbert (git)
2020-01-06 15:00 ` Daniel P. Berrangé
2020-01-15 17:09 ` Philippe Mathieu-Daudé
2020-01-15 17:38 ` Dr. David Alan Gilbert
2019-12-12 16:38 ` [PATCH 055/104] virtiofsd: fix libfuse information leaks Dr. David Alan Gilbert (git)
2020-01-06 15:01 ` Daniel P. Berrangé
2020-01-15 17:07 ` Philippe Mathieu-Daudé
2019-12-12 16:38 ` [PATCH 056/104] virtiofsd: add security guide document Dr. David Alan Gilbert (git)
2020-01-06 15:03 ` Daniel P. Berrangé
2020-01-06 17:53 ` Dr. David Alan Gilbert
2020-01-07 10:05 ` Daniel P. Berrangé
2020-01-09 17:02 ` Dr. David Alan Gilbert
2019-12-12 16:38 ` [PATCH 057/104] virtiofsd: add --syslog command-line option Dr. David Alan Gilbert (git)
2020-01-06 15:05 ` Daniel P. Berrangé
2019-12-12 16:38 ` [PATCH 058/104] virtiofsd: print log only when priority is high enough Dr. David Alan Gilbert (git)
2020-01-06 15:10 ` Daniel P. Berrangé
2020-01-06 17:05 ` Dr. David Alan Gilbert
2020-01-06 17:20 ` Daniel P. Berrangé
2020-01-06 17:27 ` Dr. David Alan Gilbert
2019-12-12 16:38 ` [PATCH 059/104] virtiofsd: Add ID to the log with FUSE_LOG_DEBUG level Dr. David Alan Gilbert (git)
2020-01-06 15:18 ` Daniel P. Berrangé
2020-01-06 17:47 ` Dr. David Alan Gilbert
2019-12-12 16:38 ` [PATCH 060/104] virtiofsd: Add timestamp " Dr. David Alan Gilbert (git)
2020-01-07 11:11 ` Daniel P. Berrangé
2019-12-12 16:38 ` [PATCH 061/104] virtiofsd: Handle reinit Dr. David Alan Gilbert (git)
2020-01-07 11:12 ` Daniel P. Berrangé
2019-12-12 16:38 ` [PATCH 062/104] virtiofsd: Handle hard reboot Dr. David Alan Gilbert (git)
2020-01-07 11:14 ` Daniel P. Berrangé
2020-01-10 15:43 ` Dr. David Alan Gilbert
2020-01-20 6:46 ` Misono Tomohiro
2020-01-22 18:28 ` Dr. David Alan Gilbert
2019-12-12 16:38 ` [PATCH 063/104] virtiofsd: Kill threads when queues are stopped Dr. David Alan Gilbert (git)
2020-01-07 11:16 ` Daniel P. Berrangé
2019-12-12 16:38 ` [PATCH 064/104] vhost-user: Print unexpected slave message types Dr. David Alan Gilbert (git)
2020-01-07 11:18 ` Daniel P. Berrangé
2019-12-12 16:38 ` [PATCH 065/104] contrib/libvhost-user: Protect slave fd with mutex Dr. David Alan Gilbert (git)
2020-01-07 11:19 ` Daniel P. Berrangé
2019-12-12 16:38 ` [PATCH 066/104] virtiofsd: passthrough_ll: add renameat2 support Dr. David Alan Gilbert (git)
2020-01-07 11:21 ` Daniel P. Berrangé
2020-01-10 9:52 ` Dr. David Alan Gilbert
2020-01-13 20:06 ` Dr. David Alan Gilbert
2020-01-14 8:29 ` Daniel P. Berrangé
2020-01-14 10:07 ` Dr. David Alan Gilbert
2020-01-14 10:12 ` Daniel P. Berrangé
2019-12-12 16:38 ` [PATCH 067/104] virtiofsd: passthrough_ll: disable readdirplus on cache=never Dr. David Alan Gilbert (git)
2020-01-07 11:22 ` Daniel P. Berrangé
2019-12-12 16:38 ` [PATCH 068/104] virtiofsd: passthrough_ll: control readdirplus Dr. David Alan Gilbert (git)
2020-01-07 11:23 ` Daniel P. Berrangé
2020-01-10 15:04 ` Dr. David Alan Gilbert
2020-01-10 15:13 ` Miklos Szeredi
2020-01-10 15:18 ` Daniel P. Berrangé
2020-01-10 15:30 ` Miklos Szeredi
2020-01-10 15:40 ` Vivek Goyal
2020-01-10 16:00 ` Miklos Szeredi
2019-12-12 16:38 ` [PATCH 069/104] virtiofsd: rename unref_inode() to unref_inode_lolocked() Dr. David Alan Gilbert (git)
2020-01-07 11:23 ` Daniel P. Berrangé
2019-12-12 16:38 ` [PATCH 070/104] virtiofsd: fail when parent inode isn't known in lo_do_lookup() Dr. David Alan Gilbert (git)
2020-01-16 7:17 ` Misono Tomohiro
2020-01-20 10:08 ` Sergio Lopez
2019-12-12 16:38 ` [PATCH 071/104] virtiofsd: extract root inode init into setup_root() Dr. David Alan Gilbert (git)
2020-01-16 7:20 ` Misono Tomohiro
2020-01-16 15:51 ` Dr. David Alan Gilbert
2020-01-20 10:09 ` Sergio Lopez
2019-12-12 16:38 ` [PATCH 072/104] virtiofsd: passthrough_ll: fix refcounting on remove/rename Dr. David Alan Gilbert (git)
2020-01-16 11:56 ` Misono Tomohiro
2020-01-16 16:45 ` Dr. David Alan Gilbert
2020-01-17 10:19 ` Miklos Szeredi
2020-01-17 11:37 ` Dr. David Alan Gilbert
2020-01-17 18:43 ` Dr. David Alan Gilbert
2020-01-20 10:17 ` Sergio Lopez
2020-01-20 10:56 ` Dr. David Alan Gilbert
2019-12-12 16:38 ` [PATCH 073/104] virtiofsd: passthrough_ll: clean up cache related options Dr. David Alan Gilbert (git)
2020-01-07 11:24 ` Daniel P. Berrangé
2019-12-12 16:38 ` [PATCH 074/104] virtiofsd: passthrough_ll: use hashtable Dr. David Alan Gilbert (git)
2020-01-07 11:28 ` Daniel P. Berrangé
2019-12-12 16:38 ` [PATCH 075/104] virtiofsd: Clean up inodes on destroy Dr. David Alan Gilbert (git)
2020-01-07 11:29 ` Daniel P. Berrangé
2019-12-12 16:38 ` [PATCH 076/104] virtiofsd: support nanosecond resolution for file timestamp Dr. David Alan Gilbert (git)
2020-01-07 11:30 ` Daniel P. Berrangé
2019-12-12 16:38 ` [PATCH 077/104] virtiofsd: fix error handling in main() Dr. David Alan Gilbert (git)
2020-01-07 11:30 ` Daniel P. Berrangé
2019-12-12 16:38 ` [PATCH 078/104] virtiofsd: cleanup allocated resource in se Dr. David Alan Gilbert (git)
2020-01-07 11:34 ` Daniel P. Berrangé
2019-12-12 16:38 ` [PATCH 079/104] virtiofsd: fix memory leak on lo.source Dr. David Alan Gilbert (git)
2020-01-07 11:37 ` Daniel P. Berrangé
2020-01-09 17:38 ` Dr. David Alan Gilbert
2019-12-12 16:38 ` [PATCH 080/104] virtiofsd: add helper for lo_data cleanup Dr. David Alan Gilbert (git)
2020-01-07 11:40 ` Daniel P. Berrangé
2020-01-09 17:41 ` Dr. David Alan Gilbert
2019-12-12 16:38 ` [PATCH 081/104] virtiofsd: Prevent multiply running with same vhost_user_socket Dr. David Alan Gilbert (git)
2020-01-07 11:43 ` Daniel P. Berrangé
2019-12-12 16:38 ` [PATCH 082/104] virtiofsd: enable PARALLEL_DIROPS during INIT Dr. David Alan Gilbert (git)
2020-01-07 11:44 ` Daniel P. Berrangé
2019-12-12 16:38 ` [PATCH 083/104] virtiofsd: fix incorrect error handling in lo_do_lookup Dr. David Alan Gilbert (git)
2020-01-07 11:45 ` Daniel P. Berrangé
2019-12-12 16:38 ` [PATCH 084/104] Virtiofsd: fix memory leak on fuse queueinfo Dr. David Alan Gilbert (git)
2020-01-15 11:20 ` Misono Tomohiro
2020-01-15 16:57 ` Dr. David Alan Gilbert
2020-01-16 0:54 ` misono.tomohiro
2020-01-16 12:19 ` Dr. David Alan Gilbert
2020-01-20 10:24 ` Sergio Lopez
2020-01-20 10:54 ` Dr. David Alan Gilbert
2019-12-12 16:38 ` [PATCH 085/104] virtiofsd: Support remote posix locks Dr. David Alan Gilbert (git)
2020-01-15 23:38 ` Masayoshi Mizuma
2020-01-16 13:26 ` Vivek Goyal
2020-01-17 9:27 ` Dr. David Alan Gilbert
2019-12-12 16:38 ` [PATCH 086/104] virtiofsd: use fuse_lowlevel_is_virtio() in fuse_session_destroy() Dr. David Alan Gilbert (git)
2020-01-07 12:01 ` Daniel P. Berrangé
2020-01-07 13:24 ` Dr. David Alan Gilbert
2019-12-12 16:38 ` [PATCH 087/104] virtiofsd: prevent fv_queue_thread() vs virtio_loop() races Dr. David Alan Gilbert (git)
2020-01-07 12:02 ` Daniel P. Berrangé
2019-12-12 16:38 ` [PATCH 088/104] virtiofsd: make lo_release() atomic Dr. David Alan Gilbert (git)
2020-01-07 12:03 ` Daniel P. Berrangé
2019-12-12 16:38 ` [PATCH 089/104] virtiofsd: prevent races with lo_dirp_put() Dr. David Alan Gilbert (git)
2020-01-17 13:52 ` Philippe Mathieu-Daudé
2019-12-12 16:38 ` [PATCH 090/104] virtiofsd: rename inode->refcount to inode->nlookup Dr. David Alan Gilbert (git)
2020-01-17 13:54 ` Philippe Mathieu-Daudé
2019-12-12 16:38 ` [PATCH 091/104] libvhost-user: Fix some memtable remap cases Dr. David Alan Gilbert (git)
2020-01-17 13:58 ` Marc-André Lureau
2020-01-20 15:50 ` Dr. David Alan Gilbert
2019-12-12 16:38 ` [PATCH 092/104] virtiofsd: add man page Dr. David Alan Gilbert (git)
2019-12-13 14:33 ` Liam Merwick
2019-12-13 15:26 ` Dr. David Alan Gilbert
2020-01-07 12:13 ` Daniel P. Berrangé
2020-01-09 20:02 ` Dr. David Alan Gilbert
2020-01-10 9:30 ` Daniel P. Berrangé
2020-01-10 11:06 ` Dr. David Alan Gilbert
2019-12-12 16:38 ` [PATCH 093/104] virtiofsd: introduce inode refcount to prevent use-after-free Dr. David Alan Gilbert (git)
2020-01-16 12:25 ` Misono Tomohiro
2020-01-16 17:21 ` Stefan Hajnoczi
2020-01-16 17:42 ` Dr. David Alan Gilbert
2020-01-17 0:47 ` misono.tomohiro
2020-01-20 10:28 ` Sergio Lopez
2019-12-12 16:38 ` [PATCH 094/104] virtiofsd: do not always set FUSE_FLOCK_LOCKS Dr. David Alan Gilbert (git)
2020-01-17 8:50 ` Misono Tomohiro
2020-01-20 10:31 ` Sergio Lopez
2019-12-12 16:38 ` [PATCH 095/104] virtiofsd: convert more fprintf and perror to use fuse log infra Dr. David Alan Gilbert (git)
2020-01-07 12:16 ` Daniel P. Berrangé
2020-01-16 12:29 ` Misono Tomohiro
2020-01-16 16:32 ` Dr. David Alan Gilbert
2019-12-12 16:38 ` [PATCH 096/104] virtiofsd: Reset O_DIRECT flag during file open Dr. David Alan Gilbert (git)
2020-01-07 12:17 ` Daniel P. Berrangé
2019-12-12 16:38 ` [PATCH 097/104] virtiofsd: Fix data corruption with O_APPEND wirte in writeback mode Dr. David Alan Gilbert (git)
2020-01-07 12:20 ` Daniel P. Berrangé
2020-01-07 13:27 ` Dr. David Alan Gilbert
2019-12-12 16:38 ` [PATCH 098/104] virtiofsd: add definition of fuse_buf_writev() Dr. David Alan Gilbert (git)
2020-01-07 12:21 ` Daniel P. Berrangé
2019-12-12 16:38 ` [PATCH 099/104] virtiofsd: use fuse_buf_writev to replace fuse_buf_write for better performance Dr. David Alan Gilbert (git)
2020-01-07 12:23 ` Daniel P. Berrangé
2020-01-10 13:15 ` Dr. David Alan Gilbert
2019-12-12 16:39 ` [PATCH 100/104] virtiofsd: process requests in a thread pool Dr. David Alan Gilbert (git)
2020-01-20 12:54 ` Misono Tomohiro
2019-12-12 16:39 ` [PATCH 101/104] virtiofsd: prevent FUSE_INIT/FUSE_DESTROY races Dr. David Alan Gilbert (git)
2020-01-15 23:05 ` Masayoshi Mizuma
2020-01-16 12:24 ` Dr. David Alan Gilbert
2020-01-17 13:40 ` Philippe Mathieu-Daudé
2020-01-17 15:28 ` Dr. David Alan Gilbert
2020-01-17 15:30 ` Philippe Mathieu-Daudé
2019-12-12 16:39 ` [PATCH 102/104] virtiofsd: fix lo_destroy() resource leaks Dr. David Alan Gilbert (git)
2020-01-17 13:43 ` Philippe Mathieu-Daudé
2019-12-12 16:39 ` [PATCH 103/104] virtiofsd: add --thread-pool-size=NUM option Dr. David Alan Gilbert (git)
2020-01-07 12:25 ` Daniel P. Berrangé
2020-01-17 13:35 ` Philippe Mathieu-Daudé
2019-12-12 16:39 ` [PATCH 104/104] virtiofsd: Convert lo_destroy to take the lo->mutex lock itself Dr. David Alan Gilbert (git)
2020-01-17 13:33 ` Philippe Mathieu-Daudé
2019-12-12 18:21 ` [PATCH 000/104] virtiofs daemon [all] no-reply
2020-01-17 11:32 ` Dr. David Alan Gilbert
2020-01-17 13:32 ` [PATCH 105/104] virtiofsd: Unref old/new inodes with the same mutex lock in lo_rename() Philippe Mathieu-Daudé
2020-01-19 8:35 ` Xiao Yang
2020-01-20 8:27 ` Philippe Mathieu-Daudé
2020-01-20 18:52 ` Dr. David Alan Gilbert
2020-01-20 18:55 ` Philippe Mathieu-Daudé
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191212163904.159893-44-dgilbert@redhat.com \
--to=dgilbert@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=stefanha@redhat.com \
--cc=vgoyal@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).