Re: [PATCH 5/5] [PATCH 2/2] tools: hv: skip iso9660 mounts in hv_vss_daemon

Re: [PATCH 5/5] [PATCH 2/2] tools: hv: skip iso9660 mounts in hv_vss_daemon

[Greg KH]

Again with the Subject:?

Take a day to relax and fix it all up and resend it then, don't rush.

greg k-h

[PATCH 0/5] Tools: hv: snapshot

[K. Y. Srinivasan]

These five patches were sent by Olaf a while ago. Greg wanted these
re-submitted. I have tested these patches.

Olaf Hering (5):
  Tools: hv: fix warnings in hv_vss_daemon
  tools: hv: fix checks for origin of netlink message in hv_vss_daemon
  tools: hv: use getmntent in hv_vss_daemon
  tools: hv: use FIFREEZE/FITHAW in hv_vss_daemon
  tools: hv: skip iso9660 mounts in hv_vss_daemon

 tools/hv/hv_vss_daemon.c |   78 +++++++++++++++++++++++++++++++---------------
 1 files changed, 53 insertions(+), 25 deletions(-)

-- 
1.7.4.1

[PATCH 1/5] Tools: hv: fix warnings in hv_vss_daemon

[K. Y. Srinivasan]

From: Olaf Hering <olaf@aepfle.de>

This change fixes a few compile errors:

hv_vss_daemon.c:64:15: warning: unknown escape sequence '\/'
hv_vss_daemon.c:64:15: warning: unknown escape sequence '\/'
hv_vss_daemon.c: In function 'vss_operate':
hv_vss_daemon.c:66: warning: 'return' with no value, in function returning non-void
hv_vss_daemon.c: In function 'main':
hv_vss_daemon.c:130: warning: ignoring return value of 'daemon', declared with attribute warn_unused_result
hv_vss_daemon.c: In function 'vss_operate':
hv_vss_daemon.c:47: warning: 'fs_op' may be used uninitialized in this function

Signed-off-by: Olaf Hering <olaf@aepfle.de>
Signed-off-by: K. Y. Srinivasan <kys@microsoft.com>
---
 tools/hv/hv_vss_daemon.c |   12 ++++++++----
 1 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/tools/hv/hv_vss_daemon.c b/tools/hv/hv_vss_daemon.c
index 9526995..2a03d0b 100644
--- a/tools/hv/hv_vss_daemon.c
+++ b/tools/hv/hv_vss_daemon.c
@@ -51,7 +51,7 @@ static int vss_operate(int operation)
 	FILE *file;
 	char *p;
 	char *x;
-	int error;
+	int error = 0;
 
 	switch (operation) {
 	case VSS_OP_FREEZE:
@@ -60,11 +60,13 @@ static int vss_operate(int operation)
 	case VSS_OP_THAW:
 		fs_op = "-u ";
 		break;
+	default:
+		return -1;
 	}
 
-	file = popen("mount | awk '/^\/dev\// { print $3}'", "r");
+	file = popen("mount | awk '/^\\/dev\\// { print $3}'", "r");
 	if (file == NULL)
-		return;
+		return -1;
 
 	while ((p = fgets(buf, sizeof(buf), file)) != NULL) {
 		x = strchr(p, '\n');
@@ -128,7 +130,9 @@ int main(void)
 	int	op;
 	struct hv_vss_msg *vss_msg;
 
-	daemon(1, 0);
+	if (daemon(1, 0))
+		return 1;
+
 	openlog("Hyper-V VSS", 0, LOG_USER);
 	syslog(LOG_INFO, "VSS starting; pid is:%d", getpid());
 
-- 
1.7.4.1

[PATCH 2/5] tools: hv: fix checks for origin of netlink message in hv_vss_daemon

[K. Y. Srinivasan]

From: Olaf Hering <olaf@aepfle.de>

Similar to what commit 95a69adab9acfc3981c504737a2b6578e4d846ef ("tools:
hv: Netlink source address validation allows DoS") does in
hv_kvp_daemon, improve checks for origin of netlink connector message.

Signed-off-by: Olaf Hering <olaf@aepfle.de>
Signed-off-by: K. Y. Srinivasan <kys@microsoft.com>
---
 tools/hv/hv_vss_daemon.c |    8 +++++++-
 1 files changed, 7 insertions(+), 1 deletions(-)

diff --git a/tools/hv/hv_vss_daemon.c b/tools/hv/hv_vss_daemon.c
index 2a03d0b..dc3eb1e 100644
--- a/tools/hv/hv_vss_daemon.c
+++ b/tools/hv/hv_vss_daemon.c
@@ -186,13 +186,19 @@ int main(void)
 		len = recvfrom(fd, vss_recv_buffer, sizeof(vss_recv_buffer), 0,
 				addr_p, &addr_l);
 
-		if (len < 0 || addr.nl_pid) {
+		if (len < 0) {
 			syslog(LOG_ERR, "recvfrom failed; pid:%u error:%d %s",
 					addr.nl_pid, errno, strerror(errno));
 			close(fd);
 			return -1;
 		}
 
+		if (addr.nl_pid) {
+			syslog(LOG_WARNING, "Received packet from untrusted pid:%u",
+					addr.nl_pid);
+			continue;
+		}
+
 		incoming_msg = (struct nlmsghdr *)vss_recv_buffer;
 
 		if (incoming_msg->nlmsg_type != NLMSG_DONE)
-- 
1.7.4.1

[PATCH 3/5] tools: hv: use getmntent in hv_vss_daemon

[K. Y. Srinivasan]

From: Olaf Hering <olaf@aepfle.de>

As suggested by Paolo Bonzini, use getmntent instead of parsing output
of mount(1).

Signed-off-by: Olaf Hering <olaf@aepfle.de>
Signed-off-by: K. Y. Srinivasan <kys@microsoft.com>
---
 tools/hv/hv_vss_daemon.c |   39 +++++++++++++++++++++------------------
 1 files changed, 21 insertions(+), 18 deletions(-)

diff --git a/tools/hv/hv_vss_daemon.c b/tools/hv/hv_vss_daemon.c
index dc3eb1e..e37d86c 100644
--- a/tools/hv/hv_vss_daemon.c
+++ b/tools/hv/hv_vss_daemon.c
@@ -23,6 +23,7 @@
 #include <sys/poll.h>
 #include <linux/types.h>
 #include <stdio.h>
+#include <mntent.h>
 #include <stdlib.h>
 #include <unistd.h>
 #include <string.h>
@@ -47,11 +48,10 @@ static int vss_operate(int operation)
 {
 	char *fs_op;
 	char cmd[512];
-	char buf[512];
-	FILE *file;
-	char *p;
-	char *x;
-	int error = 0;
+	char match[] = "/dev/";
+	FILE *mounts;
+	struct mntent *ent;
+	int error = 0, root_seen = 0;
 
 	switch (operation) {
 	case VSS_OP_FREEZE:
@@ -64,25 +64,28 @@ static int vss_operate(int operation)
 		return -1;
 	}
 
-	file = popen("mount | awk '/^\\/dev\\// { print $3}'", "r");
-	if (file == NULL)
+	mounts = setmntent("/proc/mounts", "r");
+	if (mounts == NULL)
 		return -1;
 
-	while ((p = fgets(buf, sizeof(buf), file)) != NULL) {
-		x = strchr(p, '\n');
-		*x = '\0';
-		if (!strncmp(p, "/", sizeof("/")))
+	while((ent = getmntent(mounts))) {
+		if (strncmp(ent->mnt_fsname, match, strlen(match)))
 			continue;
-
-		sprintf(cmd, "%s %s %s", "fsfreeze ", fs_op, p);
+		if (strcmp(ent->mnt_dir, "/") == 0) {
+			root_seen = 1;
+			continue;
+		}
+		snprintf(cmd, sizeof(cmd), "fsfreeze %s '%s'", fs_op, ent->mnt_dir);
 		syslog(LOG_INFO, "VSS cmd is %s\n", cmd);
-		error = system(cmd);
+		error |= system(cmd);
 	}
-	pclose(file);
+	endmntent(mounts);
 
-	sprintf(cmd, "%s %s %s", "fsfreeze ", fs_op, "/");
-	syslog(LOG_INFO, "VSS cmd is %s\n", cmd);
-	error = system(cmd);
+	if (root_seen) {
+		sprintf(cmd, "fsfreeze %s /", fs_op);
+		syslog(LOG_INFO, "VSS cmd is %s\n", cmd);
+		error |= system(cmd);
+	}
 
 	return error;
 }
-- 
1.7.4.1

[PATCH 4/5] tools: hv: use FIFREEZE/FITHAW in hv_vss_daemon

[K. Y. Srinivasan]

From: Olaf Hering <olaf@aepfle.de>

As suggested by Paolo Bonzini, use ioctl instead of calling fsfreeze.

Signed-off-by: Olaf Hering <olaf@aepfle.de>
Signed-off-by: K. Y. Srinivasan <kys@microsoft.com>
---
 tools/hv/hv_vss_daemon.c |   31 ++++++++++++++++++++++---------
 1 files changed, 22 insertions(+), 9 deletions(-)

diff --git a/tools/hv/hv_vss_daemon.c b/tools/hv/hv_vss_daemon.c
index e37d86c..830d606 100644
--- a/tools/hv/hv_vss_daemon.c
+++ b/tools/hv/hv_vss_daemon.c
@@ -21,7 +21,9 @@
 #include <sys/types.h>
 #include <sys/socket.h>
 #include <sys/poll.h>
+#include <sys/ioctl.h>
 #include <linux/types.h>
+#include <fcntl.h>
 #include <stdio.h>
 #include <mntent.h>
 #include <stdlib.h>
@@ -30,6 +32,7 @@
 #include <ctype.h>
 #include <errno.h>
 #include <arpa/inet.h>
+#include <linux/fs.h>
 #include <linux/connector.h>
 #include <linux/hyperv.h>
 #include <linux/netlink.h>
@@ -44,21 +47,35 @@ static struct sockaddr_nl addr;
 #endif
 
 
+static int vss_do_freeze(char *dir, unsigned int cmd, char *fs_op)
+{
+	int ret, fd = open(dir, O_RDONLY);
+
+	if (fd < 0)
+		return 1;
+	ret = ioctl(fd, cmd, 0);
+	syslog(LOG_INFO, "VSS: %s of %s: %s\n", fs_op, dir, strerror(errno));
+	close(fd);
+	return !!ret;
+}
+
 static int vss_operate(int operation)
 {
 	char *fs_op;
-	char cmd[512];
 	char match[] = "/dev/";
 	FILE *mounts;
 	struct mntent *ent;
+	unsigned int cmd;
 	int error = 0, root_seen = 0;
 
 	switch (operation) {
 	case VSS_OP_FREEZE:
-		fs_op = "-f ";
+		cmd = FIFREEZE;
+		fs_op = "freeze";
 		break;
 	case VSS_OP_THAW:
-		fs_op = "-u ";
+		cmd = FITHAW;
+		fs_op = "thaw";
 		break;
 	default:
 		return -1;
@@ -75,16 +92,12 @@ static int vss_operate(int operation)
 			root_seen = 1;
 			continue;
 		}
-		snprintf(cmd, sizeof(cmd), "fsfreeze %s '%s'", fs_op, ent->mnt_dir);
-		syslog(LOG_INFO, "VSS cmd is %s\n", cmd);
-		error |= system(cmd);
+		error |= vss_do_freeze(ent->mnt_dir, cmd, fs_op);
 	}
 	endmntent(mounts);
 
 	if (root_seen) {
-		sprintf(cmd, "fsfreeze %s /", fs_op);
-		syslog(LOG_INFO, "VSS cmd is %s\n", cmd);
-		error |= system(cmd);
+		error |= vss_do_freeze("/", cmd, fs_op);
 	}
 
 	return error;
-- 
1.7.4.1

[PATCH 5/5] [PATCH 2/2] tools: hv: skip iso9660 mounts in hv_vss_daemon

[K. Y. Srinivasan]

From: Olaf Hering <olaf@aepfle.de>

freeze does not work for iso9660 filesystems. A ENOSUPP may be caught
in the freeze case, but the subsequent thaw call would fail and leads to
a false error.

Signed-off-by: Olaf Hering <olaf@aepfle.de>
Signed-off-by: K. Y. Srinivasan <kys@microsoft.com>
---
 tools/hv/hv_vss_daemon.c |    2 ++
 1 files changed, 2 insertions(+), 0 deletions(-)

diff --git a/tools/hv/hv_vss_daemon.c b/tools/hv/hv_vss_daemon.c
index 830d606..f06cd8c 100644
--- a/tools/hv/hv_vss_daemon.c
+++ b/tools/hv/hv_vss_daemon.c
@@ -88,6 +88,8 @@ static int vss_operate(int operation)
 	while((ent = getmntent(mounts))) {
 		if (strncmp(ent->mnt_fsname, match, strlen(match)))
 			continue;
+		if (strcmp(ent->mnt_type, "iso9660") == 0)
+			continue;
 		if (strcmp(ent->mnt_dir, "/") == 0) {
 			root_seen = 1;
 			continue;
-- 
1.7.4.1