Re: [Qemu-devel] [PATCH 07/29] 9pfs: local: introduce symlink-attack saf

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH 07/29] 9pfs: local: introduce symlink-attack saf

From:	Stefan Hajnoczi
Subject:	Re: [Qemu-devel] [PATCH 07/29] 9pfs: local: introduce symlink-attack safe xattr helpers
Date:	Thu, 23 Feb 2017 13:44:41 +0000
User-agent:	Mutt/1.7.1 (2016-10-04)

On Mon, Feb 20, 2017 at 03:40:15PM +0100, Greg Kurz wrote:
> +static ssize_t do_xattrat_op(int op_type, int dirfd, const char *path,
> +                             const char *name, void *value, size_t size,
> +                             int flags)
> +{
> +    struct xattrat_data *data;
> +    pid_t pid;
> +    ssize_t ret = -1;
> +    int wstatus;
> +
> +    data = mmap(NULL, sizeof(*data) + size, PROT_READ | PROT_WRITE,
> +                MAP_SHARED | MAP_ANONYMOUS, -1, 0);
> +    if (data == MAP_FAILED) {
> +        return -1;
> +    }
> +    data->ret = -1;
> +
> +    pid = fork();
> +    if (pid < 0) {
> +        goto err_out;
> +    } else if (pid == 0) {
> +        if (fchdir(dirfd) == 0) {
> +            switch (op_type) {
> +            case XATTRAT_OP_GET:
> +                data->ret = lgetxattr(path, name, data->value, size);
> +                break;
> +            case XATTRAT_OP_LIST:
> +                data->ret = llistxattr(path, data->value, size);
> +                break;
> +            case XATTRAT_OP_SET:
> +                data->ret = lsetxattr(path, name, value, size, flags);
> +                break;
> +            case XATTRAT_OP_REMOVE:
> +                data->ret = lremovexattr(path, name);
> +                break;
> +            default:
> +                g_assert_not_reached();
> +            }
> +        }
> +        data->serrno = errno;
> +        _exit(0);
> +    }
> +    assert(waitpid(pid, &wstatus, 0) == pid && WIFEXITED(wstatus));
> +
> +    ret = data->ret;
> +    if (ret < 0) {
> +        errno = data->serrno;
> +        goto err_out;
> +    }
> +    if (value) {
> +        memcpy(value, data->value, data->ret);
> +    }
> +err_out:
> +    munmap_preserver_errno(data, sizeof(*data) + size);
> +    return ret;
> +}

Forking is ugly since QEMU is a multi-threaded program.  We brainstormed
alternatives on IRC like using /proc/self/fd/$fd to work around the
missing getxattrat() API.

Stefan

signature.asc
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] [PATCH 03/29] 9pfs: remove side-effects in local_open() and local_opendir(), (continued)
- [Qemu-devel] [PATCH 03/29] 9pfs: remove side-effects in local_open() and local_opendir(), Greg Kurz, 2017/02/20
  - Re: [Qemu-devel] [PATCH 03/29] 9pfs: remove side-effects in local_open() and local_opendir(), Stefan Hajnoczi, 2017/02/23
- [Qemu-devel] [PATCH 04/29] 9pfs: introduce openat_nofollow() helper, Greg Kurz, 2017/02/20
  - Re: [Qemu-devel] [PATCH 04/29] 9pfs: introduce openat_nofollow() helper, Stefan Hajnoczi, 2017/02/23
    - Re: [Qemu-devel] [PATCH 04/29] 9pfs: introduce openat_nofollow() helper, Greg Kurz, 2017/02/23
- [Qemu-devel] [PATCH 05/29] 9pfs: local: keep a file descriptor on the shared folder, Greg Kurz, 2017/02/20
  - Re: [Qemu-devel] [PATCH 05/29] 9pfs: local: keep a file descriptor on the shared folder, Stefan Hajnoczi, 2017/02/23
- [Qemu-devel] [PATCH 06/29] 9pfs: local: open/opendir: don't follow symlinks, Greg Kurz, 2017/02/20
  - Re: [Qemu-devel] [PATCH 06/29] 9pfs: local: open/opendir: don't follow symlinks, Stefan Hajnoczi, 2017/02/23
- [Qemu-devel] [PATCH 07/29] 9pfs: local: introduce symlink-attack safe xattr helpers, Greg Kurz, 2017/02/20
  - Re: [Qemu-devel] [PATCH 07/29] 9pfs: local: introduce symlink-attack safe xattr helpers, Stefan Hajnoczi <=
    - Re: [Qemu-devel] [PATCH 07/29] 9pfs: local: introduce symlink-attack safe xattr helpers, Greg Kurz, 2017/02/23
  - Re: [Qemu-devel] [PATCH 07/29] 9pfs: local: introduce symlink-attack safe xattr helpers, Eric Blake, 2017/02/23
    - Re: [Qemu-devel] [PATCH 07/29] 9pfs: local: introduce symlink-attack safe xattr helpers, Jann Horn, 2017/02/23
    - Re: [Qemu-devel] [PATCH 07/29] 9pfs: local: introduce symlink-attack safe xattr helpers, Greg Kurz, 2017/02/23
    - Re: [Qemu-devel] [PATCH 07/29] 9pfs: local: introduce symlink-attack safe xattr helpers, Greg Kurz, 2017/02/23
- [Qemu-devel] [PATCH 08/29] 9pfs: local: lgetxattr: don't follow symlinks, Greg Kurz, 2017/02/20
  - Re: [Qemu-devel] [PATCH 08/29] 9pfs: local: lgetxattr: don't follow symlinks, Stefan Hajnoczi, 2017/02/23
- [Qemu-devel] [PATCH 09/29] 9pfs: local: llistxattr: don't follow symlinks, Greg Kurz, 2017/02/20
  - Re: [Qemu-devel] [PATCH 09/29] 9pfs: local: llistxattr: don't follow symlinks, Stefan Hajnoczi, 2017/02/23
- [Qemu-devel] [PATCH 10/29] 9pfs: local: lsetxattr: don't follow symlinks, Greg Kurz, 2017/02/20

Prev by Date: [Qemu-devel] [Bug 1490611] Re: Using qemu >=2.2.1 to convert raw->VHD (fixed) adds extra padding to the result file, which Microsoft Azure rejects as invalid
Next by Date: Re: [Qemu-devel] [PATCH 08/29] 9pfs: local: lgetxattr: don't follow symlinks
Previous by thread: [Qemu-devel] [PATCH 07/29] 9pfs: local: introduce symlink-attack safe xattr helpers
Next by thread: Re: [Qemu-devel] [PATCH 07/29] 9pfs: local: introduce symlink-attack safe xattr helpers
Index(es):
- Date
- Thread