From: "Dr. David Alan Gilbert (git)" <dgilbert@redhat.com>
To: qemu-devel@nongnu.org, aiyutao@huawei.com,
peter.maydell@linaro.org, vgoyal@redhat.com, lersek@redhat.com,
alex.chen@huawei.com, armbru@redhat.com, tu.guoyi@h3c.com
Cc: stefanha@redhat.com, quintela@redhat.com
Subject: [PULL 09/15] virtiofsd: Check file type in lo_flush()
Date: Fri, 18 Dec 2020 10:41:11 +0000 [thread overview]
Message-ID: <20201218104117.199096-10-dgilbert@redhat.com> (raw)
In-Reply-To: <20201218104117.199096-1-dgilbert@redhat.com>
From: Vivek Goyal <vgoyal@redhat.com>
Currently lo_flush() is written in such a way that it expects to receive
a FLUSH requests on a regular file (and not directories). For example,
we call lo_fi_fd() which searches lo->fd_map. If we open directories
using opendir(), we keep don't keep track of these in lo->fd_map instead
we keep them in lo->dir_map. So we expect lo_flush() to be called on
regular files only.
Even linux fuse client calls FLUSH only for regular files and not
directories. So put a check for filetype and return EBADF if
lo_flush() is called on a non-regular file.
Reported-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Vivek Goyal <vgoyal@redhat.com>
Message-Id: <20201211142544.GB3285@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
---
tools/virtiofsd/passthrough_ll.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
index 4f805cbb82..b00be648d3 100644
--- a/tools/virtiofsd/passthrough_ll.c
+++ b/tools/virtiofsd/passthrough_ll.c
@@ -1961,6 +1961,12 @@ static void lo_flush(fuse_req_t req, fuse_ino_t ino, struct fuse_file_info *fi)
return;
}
+ if (!S_ISREG(inode->filetype)) {
+ lo_inode_put(lo, &inode);
+ fuse_reply_err(req, EBADF);
+ return;
+ }
+
/* An fd is going away. Cleanup associated posix locks */
if (lo->posix_lock) {
pthread_mutex_lock(&inode->plock_mutex);
--
2.29.2
next prev parent reply other threads:[~2020-12-18 11:04 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-12-18 10:41 [PULL 00/15] migration queue Dr. David Alan Gilbert (git)
2020-12-18 10:41 ` [PULL 01/15] monitor:open brace '{' following struct go on the same line Dr. David Alan Gilbert (git)
2020-12-18 10:41 ` [PULL 02/15] monitor:braces {} are necessary for all arms of this statement Dr. David Alan Gilbert (git)
2020-12-18 10:41 ` [PULL 03/15] monitor:Don't use '#' flag of printf format ('%#') in format strings Dr. David Alan Gilbert (git)
2020-12-18 10:41 ` [PULL 04/15] hmp-commands.hx: List abbreviation after command for cont, quit, print Dr. David Alan Gilbert (git)
2020-12-18 10:41 ` [PULL 05/15] virtiofsd: Use --thread-pool-size=0 to mean no thread pool Dr. David Alan Gilbert (git)
2020-12-18 10:41 ` [PULL 06/15] virtiofsd: make the debug log timestamp on stderr more human-readable Dr. David Alan Gilbert (git)
2020-12-18 10:41 ` [PULL 07/15] virtiofsd: Set up posix_lock hash table for root inode Dr. David Alan Gilbert (git)
2020-12-18 10:41 ` [PULL 08/15] virtiofsd: Disable posix_lock hash table if remote locks are not enabled Dr. David Alan Gilbert (git)
2020-12-18 10:41 ` Dr. David Alan Gilbert (git) [this message]
2020-12-18 10:41 ` [PULL 10/15] virtiofsd: update FUSE_FORGET comment on "lo_inode.nlookup" Dr. David Alan Gilbert (git)
2020-12-18 10:41 ` [PULL 11/15] virtiofsd: Remove useless code about send_notify_iov Dr. David Alan Gilbert (git)
2020-12-18 10:41 ` [PULL 12/15] docs/devel/migration: Improve debugging section a bit Dr. David Alan Gilbert (git)
2020-12-18 10:41 ` [PULL 13/15] savevm: Remove dead code in save_snapshot() Dr. David Alan Gilbert (git)
2020-12-18 10:41 ` [PULL 14/15] savevm: Delete snapshots just created in case of error Dr. David Alan Gilbert (git)
2020-12-18 10:41 ` [PULL 15/15] migration: Don't allow migration if vm is in POSTMIGRATE Dr. David Alan Gilbert (git)
2020-12-31 19:15 ` [PULL 00/15] migration queue Peter Maydell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201218104117.199096-10-dgilbert@redhat.com \
--to=dgilbert@redhat.com \
--cc=aiyutao@huawei.com \
--cc=alex.chen@huawei.com \
--cc=armbru@redhat.com \
--cc=lersek@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
--cc=quintela@redhat.com \
--cc=stefanha@redhat.com \
--cc=tu.guoyi@h3c.com \
--cc=vgoyal@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).