From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([208.118.235.92]:44165) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1TK6Sr-0002mR-Tr for qemu-devel@nongnu.org; Fri, 05 Oct 2012 07:53:10 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1TK6Sl-0002to-VZ for qemu-devel@nongnu.org; Fri, 05 Oct 2012 07:53:09 -0400 Received: from mx1.redhat.com ([209.132.183.28]:61458) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1TK6Sl-0002tb-N7 for qemu-devel@nongnu.org; Fri, 05 Oct 2012 07:53:03 -0400 Message-ID: <506ECA16.1040109@redhat.com> Date: Fri, 05 Oct 2012 05:52:54 -0600 From: Eric Blake MIME-Version: 1.0 References: <1349426179-16712-1-git-send-email-mohan@in.ibm.com> In-Reply-To: <1349426179-16712-1-git-send-email-mohan@in.ibm.com> Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="------------enigE93D33B8FE2FB0AE78FA556E" Subject: Re: [Qemu-devel] [PATCH] fsdev: Don't ignore setfsuid/setfsgid return values List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: "M. Mohan Kumar" Cc: stefanha@gmail.com, qemu-devel@nongnu.org, aneesh.kumar@linux.vnet.ibm.com This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enigE93D33B8FE2FB0AE78FA556E Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On 10/05/2012 02:36 AM, M. Mohan Kumar wrote: > From: "M. Mohan Kumar" >=20 > In current implementation of setfsuid/setfsgid there is no way to know > if it failed by checking the return value. This patch assumes > setfsuid/setfsgid returns -1 in case of error. Eventually kernel code > needs to be fixed. According to the Fedora 17 man page: RETURN VALUE On success, the previous value of fsuid is returned. On error, the current value of fsuid is returned. NOTES When glibc determines that the argument is not a valid user ID, it will return -1 and set errno to EINVAL without attempting the system call= =2E BUGS No error messages of any kind are returned to the caller. At the very least, EPERM should be returned when the call fails (because the caller lacks the CAP_SETUID capability). Eww - self-contradictory. I think the reason that F17 marked these functions warn_unused_return is because there HAS been an effort to make these functions return sane values that can be used to detect when errors have occurred. >=20 > Signed-off-by: M. Mohan Kumar > --- > fsdev/virtfs-proxy-helper.c | 9 ++++++--- > 1 file changed, 6 insertions(+), 3 deletions(-) >=20 > diff --git a/fsdev/virtfs-proxy-helper.c b/fsdev/virtfs-proxy-helper.c > index f9a8270..ed5eede 100644 > --- a/fsdev/virtfs-proxy-helper.c > +++ b/fsdev/virtfs-proxy-helper.c > @@ -290,9 +290,12 @@ static int setfsugid(int uid, int gid) > CAP_DAC_OVERRIDE, > }; > =20 > - setfsgid(gid); > - setfsuid(uid); > - > + if (setfsgid(gid) < 0) { > + return -errno; > + } > + if (setfsuid(uid) < 0) { > + return -errno; > + } At any rate, this silences the compiler warning I was hitting, so: Tested-by: Eric Blake --=20 Eric Blake eblake@redhat.com +1-919-301-3266 Libvirt virtualization library http://libvirt.org --------------enigE93D33B8FE2FB0AE78FA556E Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Public key at http://people.redhat.com/eblake/eblake.gpg Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iQEcBAEBCAAGBQJQbsoXAAoJEKeha0olJ0NqjxQH/1Wu/jfXeOOVDJSCXbqr+SvE KDlJVB74UDVdGdGQpE3o2B2shbSQTVFHIUO8/b0FNqtj+rd6UJnlKuu1w6p6DNTJ enF/gB/AlBaiX1xkg3EYR/zgHyoDF5zbLV+qQ6uT12Szs8gI2Ql2SXv7d2Q/lfRz GUuZvoUhBHPWKo7kZa7CbKmrOPc8GzBMpPY7wyaG7jziKngS7eMHFcMaO9pMulTk dZ5m+fEb5RNZZpIvTvkCpYAxdG5zM7uHSTl8t9UBjyfKvZnFnUJ0q8CMJcyTesGx +r+Ta/qZUpxsSo5F/45kA2JDzy7VbqBdgGt9AXDgZ+d59cuUjYvE0VpzvLjc7+I= =Ojyy -----END PGP SIGNATURE----- --------------enigE93D33B8FE2FB0AE78FA556E--