Commit Graph

32 Commits

Author SHA1 Message Date
Julia Suvorova
3e015d815b use g_path_get_basename instead of basename
basename(3) and dirname(3) modify their argument and may return
pointers to statically allocated memory which may be overwritten by
subsequent calls.
g_path_get_basename and g_path_get_dirname have no such issues, and
therefore more preferable.

Signed-off-by: Julia Suvorova <jusual@mail.ru>
Message-Id: <1519888086-4207-1-git-send-email-jusual@mail.ru>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-06 14:01:29 +01:00
ZhiPeng Lu
3c08f4a433 fsdev: fix memory leak in main()
@rpath and @sock_name are not freed and leaked.

[groug, not really leaked since the program exits just after that. But it
 is always good practice to free allocated memory]

Signed-off-by: Zhipeng Lu <lu.zhipeng@zte.com.cn>
Signed-off-by: Greg Kurz <groug@kaod.org>
2017-09-05 14:01:16 +02:00
Greg Kurz
24df3371d9 9pfs: assume utimensat() and futimens() are present
The utimensat() and futimens() syscalls have been around for ages (ie,
glibc 2.6 and linux 2.6.22), and the decision was already taken to
switch to utimensat() anyway when fixing CVE-2016-9602 in 2.9.

Signed-off-by: Greg Kurz <groug@kaod.org>
Reviewed-by: Eric Blake <eblake@redhat.com>
2017-05-25 10:30:14 +02:00
Greg Kurz
4be56c1959 fsdev: fix virtfs-proxy-helper cwd
Since chroot() doesn't change the current directory, it is indeed a good
practice to chdir() to the target directory and then then chroot(), or
to chroot() to the target directory and then chdir("/").

The current code does neither of them actually. Let's go for the latter.

This doesn't fix any security issue since all of this takes place before
the helper begins to process requests.

Signed-off-by: Greg Kurz <groug@kaod.org>
Reviewed-by: Eric Blake <eblake@redhat.com>
2017-05-25 10:30:13 +02:00
Peter Maydell
fbc0412709 9pfs: Clean up includes
Clean up includes so that osdep.h is included first and headers
which it implies are not included manually.

This commit was created with scripts/clean-includes.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1453832250-766-18-git-send-email-peter.maydell@linaro.org
2016-01-29 15:07:23 +00:00
Wei Liu
2209bd050a fsdev: rename virtio-9p-marshal.{c,h} to 9p-iov-marshal.{c,h}
And rename v9fs_marshal to v9fs_iov_marshal, v9fs_unmarshal to
v9fs_iov_unmarshal.

The rationale behind this change is that, this marshalling interface is
used both by virtio and proxy helper. Renaming files and functions to
reflect the true nature of this interface.

Xen transport is going to have its own marshalling interface.

Signed-off-by: Wei Liu <wei.liu2@citrix.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2016-01-08 14:35:06 +05:30
Wei Liu
494a8ebe71 9pfs: rename virtio-9p-proxy.{c,h} to 9p-proxy.{c,h}
Those two files are not virtio specific. Rename them to use generic
names.

Fix includes in various C files. Change define guards and comments
in header files.

Signed-off-by: Wei Liu <wei.liu2@citrix.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2016-01-08 12:38:15 +05:30
Paolo Bonzini
49f817caaf fsdev-proxy-helper: avoid TOC/TOU race
There is a minor time of check/time of use race between statfs and chroot.
It can be fixed easily by stat-ing the root after it has been changed.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
2015-11-30 12:31:53 +01:00
Stefan Hajnoczi
f8d30a4f96 virtfs-proxy-helper: fail gracefully if socket path is too long
Replace the assertion check with graceful failure when the socket path
is too long.  Programs should not crash on invalid input.  Print an
error message and exit properly.

Cc: Shannon Zhao <zhaoshenglong@huawei.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2015-06-16 20:32:29 +05:30
Stefan Hajnoczi
bf6667d63e virtfs-proxy-helper: add missing long option terminator
The getopt_long(3) long options array must have a zeroed terminator.

This patch solves a segmentation fault when an unknown command-line
option is encountered:

  $ fsdev/virtfs-proxy-helper --help
  Segmentation fault (core dumped)

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2015-06-16 20:32:29 +05:30
Viswesh
de7ad4ce1f Fix typos in comments
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Viswesh <visweshn92@gmail.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-03-19 11:30:37 +03:00
Shannon Zhao
25ee9a7fa3 virtfs-proxy: Fix possible overflow
It's detected by coverity. The socket name specified
should fit in the sockadd_un.sun_path. If not abort.

Signed-off-by: Shannon Zhao <zhaoshenglong@huawei.com>
Signed-off-by: Shannon Zhao <shannon.zhao@linaro.org>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2015-03-16 13:29:12 +05:30
Shannon Zhao
821c447675 fsdev/virtfs-proxy-helper: Fix improper use of negative value
It's detected by coverity. Check the return value of proxy_marshal.

Signed-off-by: Shannon Zhao <zhaoshenglong@huawei.com>
Signed-off-by: Shannon Zhao <shannon.zhao@linaro.org>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2015-03-16 11:50:07 +05:30
Gonglei
88ea8ed74c virtfs-proxy-helper: Fix possible socket leak.
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-02-10 09:27:20 +03:00
Tim Comer
b0f9300ca3 virtfs-proxy-helper: fix call to accept
The current code calls accept() without initializing the size parameter
which means the accept call might write too much to the stack.

URL: https://bugs.gentoo.org/486714
Signed-off-by: Tim Comer <comer0@gmail.com>
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2014-04-28 08:55:32 +04:00
Markus Armbruster
d77f7779b4 fsdev: Fix overrun after readlink() fills buffer completely
readlink() returns the number of bytes written to the buffer, and it
doesn't write a terminating null byte.  do_readlink() writes it
itself.  Overruns the buffer when readlink() filled it completely.

Fix by reserving space for the null byte when calling readlink(), like
we do elsewhere.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2014-02-26 12:24:07 +05:30
Dong Xu Wang
c7e775e4dd remove double semicolons
Signed-off-by: Dong Xu Wang <wdongxu@linux.vnet.ibm.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2013-05-12 13:25:55 +04:00
Markus Armbruster
606017de2f virtfs-proxy-helper: Fix unchecked strdup() by conv. to g_strdup()
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-01-30 11:14:46 +01:00
Paolo Bonzini
1de7afc984 misc: move include files to include/qemu/
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-12-19 08:32:39 +01:00
Paolo Bonzini
9fd2ecdc8c virtfs-proxy-helper: use setresuid and setresgid
The setfsuid and setfsgid system calls are obscure and they complicate
the error checking (that glibc's warn_unused_result "feature" forces
us to do).  Switch to the standard setresuid and setresgid functions.

Signed-off-by: Paolo Bonzini <pbonini@redhat.com
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2012-12-05 21:55:54 +05:30
M. Mohan Kumar
5fc6dbae74 fsdev: Fix parameter parsing for proxy helper
This fixes a crash when using sockfd with proxy FsDriver

Signed-off-by: M. Mohan Kumar <mohan@in.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2012-01-30 10:54:16 +05:30
Stefan Weil
c5c7d3f0a7 virtfs-proxy-helper: Add missing printf format attribute
Every function with printf like arguments must have it
(see file HACKING), so add it.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-01-13 10:37:00 +00:00
Stefan Weil
e7e4a6ccae virtfs-proxy-helper: Clean include files
The common standard include files are already included via qemu-common.h,
and for the socket related include files there is qemu_socket.h, so the
code can be reduced by some lines.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-01-13 10:37:00 +00:00
Stefan Weil
822b635d90 virtfs-proxy-helper: Fix compilation on newer systems
Include file attr/xattr.h is not available on "newer" systems
(for example Fedora 12 or Debian Squeeze).

See comments in qemu-xattr.h for more information.
This file handles the system dependencies automatically.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-01-13 10:37:00 +00:00
M. Mohan Kumar
84a87cc4cc hw/9pfs: Add support to use named socket for proxy FS
Add option to use named socket for communicating between proxy helper
and qemu proxy FS. Access to socket can be given by using command line
options -u and -g.

Signed-off-by: M. Mohan Kumar <mohan@in.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2012-01-04 21:23:55 +05:30
M. Mohan Kumar
d090e452d4 hw/9pfs: Proxy getversion
Add proxy getversion to get generation number

Signed-off-by: M. Mohan Kumar <mohan@in.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2012-01-04 20:20:55 +05:30
M. Mohan Kumar
d52b09e475 hw/9pfs: xattr interfaces in proxy filesystem driver
Add xattr support for proxy FS

Signed-off-by: M. Mohan Kumar <mohan@in.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2012-01-04 20:20:46 +05:30
M. Mohan Kumar
ea75fc4ec5 hw/9pfs: File ownership and others
Add file ownership interfaces like chmod/chown, utime update, rename,
remove and truncating files for proxy FS

Signed-off-by: M. Mohan Kumar <mohan@in.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2012-01-04 20:19:48 +05:30
M. Mohan Kumar
b178adc3e7 hw/9pfs: Add stat/readlink/statfs for proxy FS
Signed-off-by: M. Mohan Kumar <mohan@in.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2012-01-04 20:19:39 +05:30
M. Mohan Kumar
39f8c32c3f hw/9pfs: Create other filesystem objects
Add interfaces to create filesystem objects like directory,
device nodes, symbolic links, links for proxy filesytem driver

Signed-off-by: M. Mohan Kumar <mohan@in.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2012-01-04 20:18:09 +05:30
M. Mohan Kumar
daf0b9aca9 hw/9pfs: Open and create files
Add interfaces to open and create files for proxy file system driver.

Signed-off-by: M. Mohan Kumar <mohan@in.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2012-01-04 20:14:28 +05:30
M. Mohan Kumar
17bff52b62 hw/9pfs: File system helper process for qemu 9p proxy FS
Provide root privilege access to QEMU 9p proxy filesystem using socket
communication.

Proxy helper is started by root user as:
~ # virtfs-proxy-helper -f|--fd <socket descriptor> -p|--path <path-to-share>

Signed-off-by: M. Mohan Kumar <mohan@in.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2012-01-04 20:14:02 +05:30