From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:48413)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <aneesh.kumar@linux.vnet.ibm.com>) id 1XCWgv-0002rw-P3
	for qemu-devel@nongnu.org; Wed, 30 Jul 2014 12:25:33 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <aneesh.kumar@linux.vnet.ibm.com>) id 1XCWgn-0001jJ-Vj
	for qemu-devel@nongnu.org; Wed, 30 Jul 2014 12:25:25 -0400
Received: from e28smtp08.in.ibm.com ([122.248.162.8]:38079)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <aneesh.kumar@linux.vnet.ibm.com>) id 1XCWgn-0001ih-ED
	for qemu-devel@nongnu.org; Wed, 30 Jul 2014 12:25:17 -0400
Received: from /spool/local
	by e28smtp08.in.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use
	Only! Violators will be prosecuted
	for <qemu-devel@nongnu.org> from <aneesh.kumar@linux.vnet.ibm.com>;
	Wed, 30 Jul 2014 21:55:13 +0530
Received: from d28relay02.in.ibm.com (d28relay02.in.ibm.com [9.184.220.59])
	by d28dlp02.in.ibm.com (Postfix) with ESMTP id 69BFC3940043
	for <Qemu-devel@nongnu.org>; Wed, 30 Jul 2014 21:55:10 +0530 (IST)
Received: from d28av04.in.ibm.com (d28av04.in.ibm.com [9.184.220.66])
	by d28relay02.in.ibm.com (8.13.8/8.13.8/NCO v10.0) with ESMTP id
	s6UGPCGX41877528
	for <Qemu-devel@nongnu.org>; Wed, 30 Jul 2014 21:55:13 +0530
Received: from d28av04.in.ibm.com (localhost [127.0.0.1])
	by d28av04.in.ibm.com (8.14.4/8.14.4/NCO v10.0 AVout) with ESMTP id
	s6UGP9CD008192
	for <Qemu-devel@nongnu.org>; Wed, 30 Jul 2014 21:55:09 +0530
From: "Aneesh Kumar K.V" <aneesh.kumar@linux.vnet.ibm.com>
In-Reply-To: <53D90245.2050903@msgid.tls.msk.ru>
References: <53D90245.2050903@msgid.tls.msk.ru>
Date: Wed, 30 Jul 2014 21:55:08 +0530
Message-ID: <87k36u3jbv.fsf@linux.vnet.ibm.com>
MIME-Version: 1.0
Content-Type: text/plain
Subject: Re: [Qemu-devel] 9p mapped-* security model infos are
	architecture-specific
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Michael Tokarev <mjt@tls.msk.ru>, Qemu Development List <Qemu-devel@nongnu.org>

Michael Tokarev <mjt@tls.msk.ru> writes:

> Apparently the the mapped-* security models results in a raw bytes
> being dumped to host without any architecture normalization (in
> host byte order).  This may even lead to security issues in guest
> when the same files are served from another host for example.
>
> This bug has been initially submitted against debian qemu package, see
> http://bugs.debian.org/755740
>

Thanks for reporting the bug. Yes we do have issue with
mapped-xattr. But mapped-file should be ok. We record the uid/gid as
string in the file.

-aneesh