[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PATCH RFC 03/36] 9pfs: local: split mknod operation per se
From: |
Greg Kurz |
Subject: |
[Qemu-devel] [PATCH RFC 03/36] 9pfs: local: split mknod operation per security model |
Date: |
Mon, 30 Jan 2017 13:09:59 +0100 |
User-agent: |
StGit/0.17.1-20-gc0b1b-dirty |
Having all security models implemented in one monolithic function is
cumbersome. Especially when the need arises to fix something in the
shared code, as it forces to change all the paths at the same time.
This doesn't fix any bug, it is just preparatory cleanup.
Signed-off-by: Greg Kurz <address@hidden>
---
hw/9pfs/9p-local.c | 129 +++++++++++++++++++++++++++++++++++++---------------
1 file changed, 92 insertions(+), 37 deletions(-)
diff --git a/hw/9pfs/9p-local.c b/hw/9pfs/9p-local.c
index 73a20657f1fc..7f513c5728f6 100644
--- a/hw/9pfs/9p-local.c
+++ b/hw/9pfs/9p-local.c
@@ -510,8 +510,8 @@ static int local_chmod(FsContext *fs_ctx, V9fsPath
*fs_path, FsCred *credp)
g_assert_not_reached();
}
-static int local_mknod(FsContext *fs_ctx, V9fsPath *dir_path,
- const char *name, FsCred *credp)
+static int local_mknod_mapped(FsContext *fs_ctx, V9fsPath *dir_path,
+ const char *name, FsCred *credp)
{
char *path;
int err = -1;
@@ -523,42 +523,49 @@ static int local_mknod(FsContext *fs_ctx, V9fsPath
*dir_path,
v9fs_string_sprintf(&fullname, "%s/%s", dir_path->data, name);
path = fullname.data;
- /* Determine the security model */
- if (fs_ctx->export_flags & V9FS_SM_MAPPED) {
- buffer = rpath(fs_ctx, path);
- err = mknod(buffer, SM_LOCAL_MODE_BITS|S_IFREG, 0);
- if (err == -1) {
- goto out;
- }
- err = local_set_xattr(buffer, credp);
- if (err == -1) {
- serrno = errno;
- goto err_end;
- }
- } else if (fs_ctx->export_flags & V9FS_SM_MAPPED_FILE) {
+ buffer = rpath(fs_ctx, path);
+ err = mknod(buffer, SM_LOCAL_MODE_BITS | S_IFREG, 0);
+ if (err == -1) {
+ goto out;
+ }
+ err = local_set_xattr(buffer, credp);
+ if (err == -1) {
+ serrno = errno;
+ goto err_end;
+ }
+ goto out;
- buffer = rpath(fs_ctx, path);
- err = mknod(buffer, SM_LOCAL_MODE_BITS|S_IFREG, 0);
- if (err == -1) {
- goto out;
- }
- err = local_set_mapped_file_attr(fs_ctx, path, credp);
- if (err == -1) {
- serrno = errno;
- goto err_end;
- }
- } else if ((fs_ctx->export_flags & V9FS_SM_PASSTHROUGH) ||
- (fs_ctx->export_flags & V9FS_SM_NONE)) {
- buffer = rpath(fs_ctx, path);
- err = mknod(buffer, credp->fc_mode, credp->fc_rdev);
- if (err == -1) {
- goto out;
- }
- err = local_post_create_passthrough(fs_ctx, path, credp);
- if (err == -1) {
- serrno = errno;
- goto err_end;
- }
+err_end:
+ remove(buffer);
+ errno = serrno;
+out:
+ g_free(buffer);
+ v9fs_string_free(&fullname);
+ return err;
+}
+
+static int local_mknod_mapped_file(FsContext *fs_ctx, V9fsPath *dir_path,
+ const char *name, FsCred *credp)
+{
+ char *path;
+ int err = -1;
+ int serrno = 0;
+ V9fsString fullname;
+ char *buffer = NULL;
+
+ v9fs_string_init(&fullname);
+ v9fs_string_sprintf(&fullname, "%s/%s", dir_path->data, name);
+ path = fullname.data;
+
+ buffer = rpath(fs_ctx, path);
+ err = mknod(buffer, SM_LOCAL_MODE_BITS | S_IFREG, 0);
+ if (err == -1) {
+ goto out;
+ }
+ err = local_set_mapped_file_attr(fs_ctx, path, credp);
+ if (err == -1) {
+ serrno = errno;
+ goto err_end;
}
goto out;
@@ -571,6 +578,54 @@ out:
return err;
}
+static int local_mknod_passthrough(FsContext *fs_ctx, V9fsPath *dir_path,
+ const char *name, FsCred *credp)
+{
+ char *path;
+ int err = -1;
+ int serrno = 0;
+ V9fsString fullname;
+ char *buffer = NULL;
+
+ v9fs_string_init(&fullname);
+ v9fs_string_sprintf(&fullname, "%s/%s", dir_path->data, name);
+ path = fullname.data;
+
+ buffer = rpath(fs_ctx, path);
+ err = mknod(buffer, credp->fc_mode, credp->fc_rdev);
+ if (err == -1) {
+ goto out;
+ }
+ err = local_post_create_passthrough(fs_ctx, path, credp);
+ if (err == -1) {
+ serrno = errno;
+ goto err_end;
+ }
+ goto out;
+
+err_end:
+ remove(buffer);
+ errno = serrno;
+out:
+ g_free(buffer);
+ v9fs_string_free(&fullname);
+ return err;
+}
+
+static int local_mknod(FsContext *fs_ctx, V9fsPath *dir_path, const char *name,
+ FsCred *credp)
+{
+ if (fs_ctx->export_flags & V9FS_SM_MAPPED) {
+ return local_mknod_mapped(fs_ctx, dir_path, name, credp);
+ } else if (fs_ctx->export_flags & V9FS_SM_MAPPED_FILE) {
+ return local_mknod_mapped_file(fs_ctx, dir_path, name, credp);
+ } else if ((fs_ctx->export_flags & V9FS_SM_PASSTHROUGH) ||
+ (fs_ctx->export_flags & V9FS_SM_NONE)) {
+ return local_mknod_passthrough(fs_ctx, dir_path, name, credp);
+ }
+ g_assert_not_reached();
+}
+
static int local_mkdir(FsContext *fs_ctx, V9fsPath *dir_path,
const char *name, FsCred *credp)
{
- [Qemu-devel] [PATCH RFC 00/36] 9pfs: local: fix vulnerability to symlink attacks, Greg Kurz, 2017/01/30
- [Qemu-devel] [PATCH RFC 01/36] 9pfs: local: move xattr security ops to 9p-xattr.c, Greg Kurz, 2017/01/30
- [Qemu-devel] [PATCH RFC 02/36] 9pfs: local: split chmod operation per security model, Greg Kurz, 2017/01/30
- [Qemu-devel] [PATCH RFC 03/36] 9pfs: local: split mknod operation per security model,
Greg Kurz <=
- [Qemu-devel] [PATCH RFC 04/36] 9pfs: local: split mkdir operation per security model, Greg Kurz, 2017/01/30
- [Qemu-devel] [PATCH RFC 05/36] 9pfs: local: split open2 operation per security model, Greg Kurz, 2017/01/30
- [Qemu-devel] [PATCH RFC 08/36] 9pfs: local: improve error handling in link op, Greg Kurz, 2017/01/30
- [Qemu-devel] [PATCH RFC 09/36] 9pfs: local: post link operation for mapped-file security, Greg Kurz, 2017/01/30
- [Qemu-devel] [PATCH RFC 07/36] 9pfs: local: split mkdir operation per security model, Greg Kurz, 2017/01/30
- [Qemu-devel] [PATCH RFC 10/36] v9fs: local: improve error handling in rename op, Greg Kurz, 2017/01/30
- [Qemu-devel] [PATCH RFC 11/36] 9pfs: local: post rename operation for mapped-file security, Greg Kurz, 2017/01/30
- [Qemu-devel] [PATCH RFC 12/36] 9pfs: local: pre remove operation for mapped-file security, Greg Kurz, 2017/01/30
- [Qemu-devel] [PATCH RFC 06/36] 9pfs: local: split symlink operation per security model, Greg Kurz, 2017/01/30
- [Qemu-devel] [PATCH RFC 13/36] 9pfs: local: pre unlikat operation for mapped-file security, Greg Kurz, 2017/01/30