* [Qemu-devel] [PATCH 0/5] 9pfs: local: fix metadata of mapped-file security mode
@ 2017-05-05 14:36 Greg Kurz
2017-05-05 14:37 ` [Qemu-devel] [PATCH 1/5] 9pfs: check return value of v9fs_co_name_to_path() Greg Kurz
` (6 more replies)
0 siblings, 7 replies; 24+ messages in thread
From: Greg Kurz @ 2017-05-05 14:36 UTC (permalink / raw)
To: qemu-devel; +Cc: Léo Gaspard, Eric Blake, Greg Kurz
This series fixes two issues in the local backend when using the mapped-file
security mode:
- allow chmod and chown to succeed on the virtfs root (patch 4)
- completely hide the metadata files from the client (patch 5)
Patch 2 resolves '.' and '..' in paths, and patch 3 reworks the way we open
files accordingly. They could be squashed together in a single patch (this
was the case in earlier versions actually), but I decided to separate them
for easier review.
Léo,
I'd appreciate if you could test this series (especially patch 4) on your
setup.
Cheers.
--
Greg
---
Greg Kurz (5):
9pfs: check return value of v9fs_co_name_to_path()
9pfs: local: resolve special directories in paths
9pfs: local: simplify file opening
9pfs: local: metadata file for the VirtFS root
9pfs: local: forbid client access to metadata
hw/9pfs/9p-local.c | 164 ++++++++++++++++++++++++++++++++++++++++------------
hw/9pfs/9p-util.c | 26 +++-----
hw/9pfs/9p.c | 36 ++++++++---
3 files changed, 160 insertions(+), 66 deletions(-)
^ permalink raw reply [flat|nested] 24+ messages in thread
* [Qemu-devel] [PATCH 1/5] 9pfs: check return value of v9fs_co_name_to_path()
2017-05-05 14:36 [Qemu-devel] [PATCH 0/5] 9pfs: local: fix metadata of mapped-file security mode Greg Kurz
@ 2017-05-05 14:37 ` Greg Kurz
2017-05-05 16:55 ` Eric Blake
2017-05-05 14:37 ` [Qemu-devel] [PATCH 2/5] 9pfs: local: resolve special directories in paths Greg Kurz
` (5 subsequent siblings)
6 siblings, 1 reply; 24+ messages in thread
From: Greg Kurz @ 2017-05-05 14:37 UTC (permalink / raw)
To: qemu-devel; +Cc: Léo Gaspard, Eric Blake, Greg Kurz
These v9fs_co_name_to_path() call sites have always been around. I guess
no care was taken to check the return value because the name_to_path
operation could never fail at the time. This is no longer true: the
handle and synth backends can already fail this operation, and so will the
local backend soon.
Signed-off-by: Greg Kurz <groug@kaod.org>
---
hw/9pfs/9p.c | 36 +++++++++++++++++++++++++-----------
1 file changed, 25 insertions(+), 11 deletions(-)
diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c
index c80ba67389ce..dc5250b342fa 100644
--- a/hw/9pfs/9p.c
+++ b/hw/9pfs/9p.c
@@ -2576,7 +2576,10 @@ static int coroutine_fn v9fs_complete_rename(V9fsPDU *pdu, V9fsFidState *fidp,
err = -EINVAL;
goto out;
}
- v9fs_co_name_to_path(pdu, &dirfidp->path, name->data, &new_path);
+ err = v9fs_co_name_to_path(pdu, &dirfidp->path, name->data, &new_path);
+ if (err < 0) {
+ goto out;
+ }
} else {
old_name = fidp->path.data;
end = strrchr(old_name, '/');
@@ -2588,8 +2591,11 @@ static int coroutine_fn v9fs_complete_rename(V9fsPDU *pdu, V9fsFidState *fidp,
new_name = g_malloc0(end - old_name + name->size + 1);
strncat(new_name, old_name, end - old_name);
strncat(new_name + (end - old_name), name->data, name->size);
- v9fs_co_name_to_path(pdu, NULL, new_name, &new_path);
+ err = v9fs_co_name_to_path(pdu, NULL, new_name, &new_path);
g_free(new_name);
+ if (err < 0) {
+ goto out;
+ }
}
err = v9fs_co_rename(pdu, &fidp->path, &new_path);
if (err < 0) {
@@ -2669,20 +2675,26 @@ out_nofid:
v9fs_string_free(&name);
}
-static void coroutine_fn v9fs_fix_fid_paths(V9fsPDU *pdu, V9fsPath *olddir,
- V9fsString *old_name,
- V9fsPath *newdir,
- V9fsString *new_name)
+static int coroutine_fn v9fs_fix_fid_paths(V9fsPDU *pdu, V9fsPath *olddir,
+ V9fsString *old_name,
+ V9fsPath *newdir,
+ V9fsString *new_name)
{
V9fsFidState *tfidp;
V9fsPath oldpath, newpath;
V9fsState *s = pdu->s;
-
+ int err;
v9fs_path_init(&oldpath);
v9fs_path_init(&newpath);
- v9fs_co_name_to_path(pdu, olddir, old_name->data, &oldpath);
- v9fs_co_name_to_path(pdu, newdir, new_name->data, &newpath);
+ err = v9fs_co_name_to_path(pdu, olddir, old_name->data, &oldpath);
+ if (err < 0) {
+ goto out;
+ }
+ err = v9fs_co_name_to_path(pdu, newdir, new_name->data, &newpath);
+ if (err < 0) {
+ goto out;
+ }
/*
* Fixup fid's pointing to the old name to
@@ -2694,8 +2706,10 @@ static void coroutine_fn v9fs_fix_fid_paths(V9fsPDU *pdu, V9fsPath *olddir,
v9fs_fix_path(&tfidp->path, &newpath, strlen(oldpath.data));
}
}
+out:
v9fs_path_free(&oldpath);
v9fs_path_free(&newpath);
+ return err;
}
static int coroutine_fn v9fs_complete_renameat(V9fsPDU *pdu, int32_t olddirfid,
@@ -2729,8 +2743,8 @@ static int coroutine_fn v9fs_complete_renameat(V9fsPDU *pdu, int32_t olddirfid,
}
if (s->ctx.export_flags & V9FS_PATHNAME_FSCONTEXT) {
/* Only for path based fid we need to do the below fixup */
- v9fs_fix_fid_paths(pdu, &olddirfidp->path, old_name,
- &newdirfidp->path, new_name);
+ err = v9fs_fix_fid_paths(pdu, &olddirfidp->path, old_name,
+ &newdirfidp->path, new_name);
}
out:
if (olddirfidp) {
^ permalink raw reply related [flat|nested] 24+ messages in thread
* [Qemu-devel] [PATCH 2/5] 9pfs: local: resolve special directories in paths
2017-05-05 14:36 [Qemu-devel] [PATCH 0/5] 9pfs: local: fix metadata of mapped-file security mode Greg Kurz
2017-05-05 14:37 ` [Qemu-devel] [PATCH 1/5] 9pfs: check return value of v9fs_co_name_to_path() Greg Kurz
@ 2017-05-05 14:37 ` Greg Kurz
2017-05-05 16:59 ` Eric Blake
2017-05-05 14:37 ` [Qemu-devel] [PATCH 3/5] 9pfs: local: simplify file opening Greg Kurz
` (4 subsequent siblings)
6 siblings, 1 reply; 24+ messages in thread
From: Greg Kurz @ 2017-05-05 14:37 UTC (permalink / raw)
To: qemu-devel; +Cc: Léo Gaspard, Eric Blake, Greg Kurz
When using the mapped-file security mode, the creds of a path /foo/bar
are stored in the /foo/.virtfs_metadata/bar file. This is okay for all
paths unless they end with '.' or '..', because we cannot create the
corresponding file in the metadata directory.
This patch ensures that '.' and '..' are resolved in all paths.
The core code only passes path elements (no '/') to the backend, with
the notable exception of the '/' path, which refers to the virtfs root.
This patch preserve the current behavior of converting it to '.' so
that it can be passed to "*at()" syscalls ('/' would mean the host root).
Signed-off-by: Greg Kurz <groug@kaod.org>
---
hw/9pfs/9p-local.c | 30 +++++++++++++++++++++++-------
1 file changed, 23 insertions(+), 7 deletions(-)
diff --git a/hw/9pfs/9p-local.c b/hw/9pfs/9p-local.c
index f3ebca4f7a56..92262f3c3e37 100644
--- a/hw/9pfs/9p-local.c
+++ b/hw/9pfs/9p-local.c
@@ -1097,14 +1097,30 @@ static int local_name_to_path(FsContext *ctx, V9fsPath *dir_path,
const char *name, V9fsPath *target)
{
if (dir_path) {
- v9fs_path_sprintf(target, "%s/%s", dir_path->data, name);
- } else if (strcmp(name, "/")) {
- v9fs_path_sprintf(target, "%s", name);
+ if (!strcmp(name, ".")) {
+ /* "." relative to "foo/bar" is "foo/bar" */
+ v9fs_path_copy(target, dir_path);
+ } else if (!strcmp(name, "..")) {
+ if (!strcmp(dir_path->data, ".")) {
+ /* ".." relative to the root is "." */
+ v9fs_path_sprintf(target, ".");
+ } else {
+ char *tmp = g_path_get_dirname(dir_path->data);
+ /* ".." relative to "foo/bar" is equivalent to "foo" */
+ v9fs_path_sprintf(target, "%s", tmp);
+ g_free(tmp);
+ }
+ } else {
+ assert(!strchr(name, '/'));
+ v9fs_path_sprintf(target, "%s/%s", dir_path->data, name);
+ }
+ } else if (!strcmp(name, "/") || !strcmp(name, ".") ||
+ !strcmp(name, "..")) {
+ /* This is the root fid */
+ v9fs_path_sprintf(target, ".");
} else {
- /* We want the path of the export root to be relative, otherwise
- * "*at()" syscalls would treat it as "/" in the host.
- */
- v9fs_path_sprintf(target, "%s", ".");
+ assert(!strchr(name, '/'));
+ v9fs_path_sprintf(target, "./%s", name);
}
return 0;
}
^ permalink raw reply related [flat|nested] 24+ messages in thread
* [Qemu-devel] [PATCH 3/5] 9pfs: local: simplify file opening
2017-05-05 14:36 [Qemu-devel] [PATCH 0/5] 9pfs: local: fix metadata of mapped-file security mode Greg Kurz
2017-05-05 14:37 ` [Qemu-devel] [PATCH 1/5] 9pfs: check return value of v9fs_co_name_to_path() Greg Kurz
2017-05-05 14:37 ` [Qemu-devel] [PATCH 2/5] 9pfs: local: resolve special directories in paths Greg Kurz
@ 2017-05-05 14:37 ` Greg Kurz
2017-05-05 17:01 ` Eric Blake
2017-05-05 14:37 ` [Qemu-devel] [PATCH 4/5] 9pfs: local: metadata file for the VirtFS root Greg Kurz
` (3 subsequent siblings)
6 siblings, 1 reply; 24+ messages in thread
From: Greg Kurz @ 2017-05-05 14:37 UTC (permalink / raw)
To: qemu-devel; +Cc: Léo Gaspard, Eric Blake, Greg Kurz
All paths in the virtfs directory now start with "./" (except the virtfs
root itself which is exactly ".").
We hence don't need to skip leading '/' characters anymore, nor to handle
the empty path case. Also, since virtfs will only ever be supported on
linux+glibc hosts, we can use strchrnul() and come up with a much simplier
code to walk through the path elements. And we don't need to dup() the
passed directory fd.
Signed-off-by: Greg Kurz <groug@kaod.org>
---
hw/9pfs/9p-local.c | 5 -----
hw/9pfs/9p-util.c | 26 ++++++++++----------------
2 files changed, 10 insertions(+), 21 deletions(-)
diff --git a/hw/9pfs/9p-local.c b/hw/9pfs/9p-local.c
index 92262f3c3e37..bb6e296df317 100644
--- a/hw/9pfs/9p-local.c
+++ b/hw/9pfs/9p-local.c
@@ -54,11 +54,6 @@ int local_open_nofollow(FsContext *fs_ctx, const char *path, int flags,
{
LocalData *data = fs_ctx->private;
- /* All paths are relative to the path data->mountfd points to */
- while (*path == '/') {
- path++;
- }
-
return relative_openat_nofollow(data->mountfd, path, flags, mode);
}
diff --git a/hw/9pfs/9p-util.c b/hw/9pfs/9p-util.c
index fdb4d5737635..e46399a9119d 100644
--- a/hw/9pfs/9p-util.c
+++ b/hw/9pfs/9p-util.c
@@ -17,14 +17,11 @@
int relative_openat_nofollow(int dirfd, const char *path, int flags,
mode_t mode)
{
- int fd;
+ int fd = dirfd;
- fd = dup(dirfd);
- if (fd == -1) {
- return -1;
- }
+ assert(*path);
- while (*path) {
+ while (*path && fd != -1) {
const char *c;
int next_fd;
char *head;
@@ -33,25 +30,22 @@ int relative_openat_nofollow(int dirfd, const char *path, int flags,
assert(path[0] != '/');
head = g_strdup(path);
- c = strchr(path, '/');
- if (c) {
+ c = strchrnul(path, '/');
+ if (*c) {
+ /* Intermediate path element */
head[c - path] = 0;
+ path = c + 1;
next_fd = openat_dir(fd, head);
} else {
+ /* Rightmost path element */
next_fd = openat_file(fd, head, flags, mode);
+ path = c;
}
g_free(head);
- if (next_fd == -1) {
+ if (dirfd != fd) {
close_preserve_errno(fd);
- return -1;
}
- close(fd);
fd = next_fd;
-
- if (!c) {
- break;
- }
- path = c + 1;
}
return fd;
^ permalink raw reply related [flat|nested] 24+ messages in thread
* [Qemu-devel] [PATCH 4/5] 9pfs: local: metadata file for the VirtFS root
2017-05-05 14:36 [Qemu-devel] [PATCH 0/5] 9pfs: local: fix metadata of mapped-file security mode Greg Kurz
` (2 preceding siblings ...)
2017-05-05 14:37 ` [Qemu-devel] [PATCH 3/5] 9pfs: local: simplify file opening Greg Kurz
@ 2017-05-05 14:37 ` Greg Kurz
2017-05-05 17:11 ` Eric Blake
2017-05-05 14:37 ` [Qemu-devel] [PATCH 5/5] 9pfs: local: forbid client access to metadata Greg Kurz
` (2 subsequent siblings)
6 siblings, 1 reply; 24+ messages in thread
From: Greg Kurz @ 2017-05-05 14:37 UTC (permalink / raw)
To: qemu-devel; +Cc: Léo Gaspard, Eric Blake, Greg Kurz
When using the mapped-file security, credentials are stored in a metadata
directory located in the parent directory. This is okay for all paths with
the notable exception of the root path, since we don't want and probably
can't create a metadata directory above the virtfs directory on the host.
This patch introduces a dedicated metadata file, sitting in the virtfs root
for this purpose. It relies on the fact that the "." name necessarily refer
to the virtfs root.
As for the metadata directory, we don't want the client to see this file.
The current code only cares for readdir() but there are many other places
to fix actually. The filtering logic is hence put in a separate function.
Before:
# ls -ld
drwxr-xr-x. 3 greg greg 4096 May 5 12:49 .
# chown root.root .
chown: changing ownership of '.': Is a directory
# ls -ld
drwxr-xr-x. 3 greg greg 4096 May 5 12:49 .
After:
# ls -ld
drwxr-xr-x. 3 greg greg 4096 May 5 12:49 .
# chown bin.bin .
# ls -ld
drwxr-xr-x. 3 root root 4096 May 5 12:50 .
and from the host:
ls -al .virtfs_metadata_root
-rwx------. 1 greg greg 26 May 5 12:50 .virtfs_metadata_root
$ cat .virtfs_metadata_root
virtfs.uid=0
virtfs.gid=0
Reported-by: Léo Gaspard <leo@gaspard.io>
Signed-off-by: Greg Kurz <groug@kaod.org>
---
hw/9pfs/9p-local.c | 88 ++++++++++++++++++++++++++++++++++++----------------
1 file changed, 61 insertions(+), 27 deletions(-)
diff --git a/hw/9pfs/9p-local.c b/hw/9pfs/9p-local.c
index bb6e296df317..b427d2928800 100644
--- a/hw/9pfs/9p-local.c
+++ b/hw/9pfs/9p-local.c
@@ -78,6 +78,7 @@ static void unlinkat_preserve_errno(int dirfd, const char *path, int flags)
}
#define VIRTFS_META_DIR ".virtfs_metadata"
+#define VIRTFS_META_ROOT_FILE VIRTFS_META_DIR "_root"
static FILE *local_fopenat(int dirfd, const char *name, const char *mode)
{
@@ -114,13 +115,17 @@ static void local_mapped_file_attr(int dirfd, const char *name,
char buf[ATTR_MAX];
int map_dirfd;
- map_dirfd = openat_dir(dirfd, VIRTFS_META_DIR);
- if (map_dirfd == -1) {
- return;
- }
+ if (strcmp(name, ".")) {
+ map_dirfd = openat_dir(dirfd, VIRTFS_META_DIR);
+ if (map_dirfd == -1) {
+ return;
+ }
- fp = local_fopenat(map_dirfd, name, "r");
- close_preserve_errno(map_dirfd);
+ fp = local_fopenat(map_dirfd, name, "r");
+ close_preserve_errno(map_dirfd);
+ } else {
+ fp = local_fopenat(dirfd, VIRTFS_META_ROOT_FILE, "r");
+ }
if (!fp) {
return;
}
@@ -198,26 +203,38 @@ static int local_set_mapped_file_attrat(int dirfd, const char *name,
int ret;
char buf[ATTR_MAX];
int uid = -1, gid = -1, mode = -1, rdev = -1;
- int map_dirfd;
-
- ret = mkdirat(dirfd, VIRTFS_META_DIR, 0700);
- if (ret < 0 && errno != EEXIST) {
- return -1;
- }
-
- map_dirfd = openat_dir(dirfd, VIRTFS_META_DIR);
- if (map_dirfd == -1) {
- return -1;
- }
+ int map_dirfd, map_fd;
+ bool is_root = !strcmp(name, ".");
+
+ if (is_root) {
+ fp = local_fopenat(dirfd, VIRTFS_META_ROOT_FILE, "r");
+ if (!fp) {
+ if (errno == ENOENT) {
+ goto update_map_file;
+ } else {
+ return -1;
+ }
+ }
+ } else {
+ ret = mkdirat(dirfd, VIRTFS_META_DIR, 0700);
+ if (ret < 0 && errno != EEXIST) {
+ return -1;
+ }
- fp = local_fopenat(map_dirfd, name, "r");
- if (!fp) {
- if (errno == ENOENT) {
- goto update_map_file;
- } else {
- close_preserve_errno(map_dirfd);
+ map_dirfd = openat_dir(dirfd, VIRTFS_META_DIR);
+ if (map_dirfd == -1) {
return -1;
}
+
+ fp = local_fopenat(map_dirfd, name, "r");
+ if (!fp) {
+ if (errno == ENOENT) {
+ goto update_map_file;
+ } else {
+ close_preserve_errno(map_dirfd);
+ return -1;
+ }
+ }
}
memset(buf, 0, ATTR_MAX);
while (fgets(buf, ATTR_MAX, fp)) {
@@ -235,12 +252,21 @@ static int local_set_mapped_file_attrat(int dirfd, const char *name,
fclose(fp);
update_map_file:
- fp = local_fopenat(map_dirfd, name, "w");
- close_preserve_errno(map_dirfd);
+ if (is_root) {
+ fp = local_fopenat(dirfd, VIRTFS_META_ROOT_FILE, "w");
+ } else {
+ fp = local_fopenat(map_dirfd, name, "w");
+ close_preserve_errno(map_dirfd);
+ }
if (!fp) {
return -1;
}
+ map_fd = fileno(fp);
+ assert(map_fd != -1);
+ ret = fchmod(map_fd, 0700);
+ assert(ret == 0);
+
if (credp->fc_uid != -1) {
uid = credp->fc_uid;
}
@@ -447,6 +473,14 @@ static off_t local_telldir(FsContext *ctx, V9fsFidOpenState *fs)
return telldir(fs->dir.stream);
}
+static bool local_must_skip_metadata(FsContext *fs_ctx, const char *name)
+{
+ return
+ fs_ctx->export_flags & V9FS_SM_MAPPED_FILE &&
+ (!strcmp(name, VIRTFS_META_DIR) ||
+ !strcmp(name, VIRTFS_META_ROOT_FILE));
+}
+
static struct dirent *local_readdir(FsContext *ctx, V9fsFidOpenState *fs)
{
struct dirent *entry;
@@ -460,8 +494,8 @@ again:
if (ctx->export_flags & V9FS_SM_MAPPED) {
entry->d_type = DT_UNKNOWN;
} else if (ctx->export_flags & V9FS_SM_MAPPED_FILE) {
- if (!strcmp(entry->d_name, VIRTFS_META_DIR)) {
- /* skp the meta data directory */
+ if (local_must_skip_metadata(ctx, entry->d_name)) {
+ /* skip the meta data stuff */
goto again;
}
entry->d_type = DT_UNKNOWN;
^ permalink raw reply related [flat|nested] 24+ messages in thread
* [Qemu-devel] [PATCH 5/5] 9pfs: local: forbid client access to metadata
2017-05-05 14:36 [Qemu-devel] [PATCH 0/5] 9pfs: local: fix metadata of mapped-file security mode Greg Kurz
` (3 preceding siblings ...)
2017-05-05 14:37 ` [Qemu-devel] [PATCH 4/5] 9pfs: local: metadata file for the VirtFS root Greg Kurz
@ 2017-05-05 14:37 ` Greg Kurz
2017-05-05 17:13 ` Eric Blake
2017-05-05 15:25 ` [Qemu-devel] [PATCH 0/5] 9pfs: local: fix metadata of mapped-file security mode no-reply
2017-05-08 15:33 ` Leo Gaspard
6 siblings, 1 reply; 24+ messages in thread
From: Greg Kurz @ 2017-05-05 14:37 UTC (permalink / raw)
To: qemu-devel; +Cc: Léo Gaspard, Eric Blake, Greg Kurz
When using the mapped-file security mode, we shouldn't let the client
mess with the metadata. The current code already hides it but the
client can still access the metadata through several operations.
This patch fixes the issue by:
- preventing the creation of fids pointing to the metadata (name_to_path)
- failing various operations taking a dirpath and a name arguments if
name is a metadata reserved name
Signed-off-by: Greg Kurz <groug@kaod.org>
---
hw/9pfs/9p-local.c | 41 +++++++++++++++++++++++++++++++++++++++++
1 file changed, 41 insertions(+)
diff --git a/hw/9pfs/9p-local.c b/hw/9pfs/9p-local.c
index b427d2928800..93cadac302c9 100644
--- a/hw/9pfs/9p-local.c
+++ b/hw/9pfs/9p-local.c
@@ -588,6 +588,11 @@ static int local_mknod(FsContext *fs_ctx, V9fsPath *dir_path,
int err = -1;
int dirfd;
+ if (local_must_skip_metadata(fs_ctx, name)) {
+ errno = EINVAL;
+ return -1;
+ }
+
dirfd = local_opendir_nofollow(fs_ctx, dir_path->data);
if (dirfd == -1) {
return -1;
@@ -634,6 +639,11 @@ static int local_mkdir(FsContext *fs_ctx, V9fsPath *dir_path,
int err = -1;
int dirfd;
+ if (local_must_skip_metadata(fs_ctx, name)) {
+ errno = EINVAL;
+ return -1;
+ }
+
dirfd = local_opendir_nofollow(fs_ctx, dir_path->data);
if (dirfd == -1) {
return -1;
@@ -723,6 +733,11 @@ static int local_open2(FsContext *fs_ctx, V9fsPath *dir_path, const char *name,
int err = -1;
int dirfd;
+ if (local_must_skip_metadata(fs_ctx, name)) {
+ errno = EINVAL;
+ return -1;
+ }
+
/*
* Mark all the open to not follow symlinks
*/
@@ -781,6 +796,11 @@ static int local_symlink(FsContext *fs_ctx, const char *oldpath,
int err = -1;
int dirfd;
+ if (local_must_skip_metadata(fs_ctx, name)) {
+ errno = EINVAL;
+ return -1;
+ }
+
dirfd = local_opendir_nofollow(fs_ctx, dir_path->data);
if (dirfd == -1) {
return -1;
@@ -855,6 +875,11 @@ static int local_link(FsContext *ctx, V9fsPath *oldpath,
int ret = -1;
int odirfd, ndirfd;
+ if (local_must_skip_metadata(ctx, name)) {
+ errno = EINVAL;
+ return -1;
+ }
+
odirfd = local_opendir_nofollow(ctx, odirpath);
if (odirfd == -1) {
goto out;
@@ -983,6 +1008,11 @@ static int local_unlinkat_common(FsContext *ctx, int dirfd, const char *name,
{
int ret = -1;
+ if (local_must_skip_metadata(ctx, name)) {
+ errno = EINVAL;
+ return -1;
+ }
+
if (ctx->export_flags & V9FS_SM_MAPPED_FILE) {
int map_dirfd;
@@ -1125,6 +1155,11 @@ static int local_lremovexattr(FsContext *ctx, V9fsPath *fs_path,
static int local_name_to_path(FsContext *ctx, V9fsPath *dir_path,
const char *name, V9fsPath *target)
{
+ if (local_must_skip_metadata(ctx, name)) {
+ errno = EINVAL;
+ return -1;
+ }
+
if (dir_path) {
if (!strcmp(name, ".")) {
/* "." relative to "foo/bar" is "foo/bar" */
@@ -1161,6 +1196,12 @@ static int local_renameat(FsContext *ctx, V9fsPath *olddir,
int ret;
int odirfd, ndirfd;
+ if (local_must_skip_metadata(ctx, old_name) ||
+ local_must_skip_metadata(ctx, new_name)) {
+ errno = EINVAL;
+ return -1;
+ }
+
odirfd = local_opendir_nofollow(ctx, olddir->data);
if (odirfd == -1) {
return -1;
^ permalink raw reply related [flat|nested] 24+ messages in thread
* Re: [Qemu-devel] [PATCH 0/5] 9pfs: local: fix metadata of mapped-file security mode
2017-05-05 14:36 [Qemu-devel] [PATCH 0/5] 9pfs: local: fix metadata of mapped-file security mode Greg Kurz
` (4 preceding siblings ...)
2017-05-05 14:37 ` [Qemu-devel] [PATCH 5/5] 9pfs: local: forbid client access to metadata Greg Kurz
@ 2017-05-05 15:25 ` no-reply
2017-05-08 15:33 ` Leo Gaspard
6 siblings, 0 replies; 24+ messages in thread
From: no-reply @ 2017-05-05 15:25 UTC (permalink / raw)
To: groug; +Cc: famz, qemu-devel, leo
Hi,
This series failed build test on s390x host. Please find the details below.
Message-id: 149399500677.29022.12340124231191204194.stgit@bahia.lan
Subject: [Qemu-devel] [PATCH 0/5] 9pfs: local: fix metadata of mapped-file security mode
Type: series
=== TEST SCRIPT BEGIN ===
#!/bin/bash
# Testing script will be invoked under the git checkout with
# HEAD pointing to a commit that has the patches applied on top of "base"
# branch
set -e
echo "=== ENV ==="
env
echo "=== PACKAGES ==="
rpm -qa
echo "=== TEST BEGIN ==="
CC=$HOME/bin/cc
INSTALL=$PWD/install
BUILD=$PWD/build
echo -n "Using CC: "
realpath $CC
mkdir -p $BUILD $INSTALL
SRC=$PWD
cd $BUILD
$SRC/configure --cc=$CC --prefix=$INSTALL
make -j4
# XXX: we need reliable clean up
# make check -j4 V=1
make install
=== TEST SCRIPT END ===
Updating 3c8cf5a9c21ff8782164d1def7f44bd888713384
From https://github.com/patchew-project/qemu
* [new tag] patchew/149399500677.29022.12340124231191204194.stgit@bahia.lan -> patchew/149399500677.29022.12340124231191204194.stgit@bahia.lan
Switched to a new branch 'test'
fef3284 9pfs: local: forbid client access to metadata
febca87 9pfs: local: metadata file for the VirtFS root
a02f710 9pfs: local: simplify file opening
42db39c 9pfs: local: resolve special directories in paths
956e6dc 9pfs: check return value of v9fs_co_name_to_path()
=== OUTPUT BEGIN ===
=== ENV ===
XDG_SESSION_ID=37638
SHELL=/bin/sh
USER=fam
PATCHEW=/home/fam/patchew/patchew-cli -s http://patchew.org --nodebug
PATH=/usr/bin:/bin
PWD=/var/tmp/patchew-tester-tmp-px6jo9r8/src
LANG=en_US.UTF-8
HOME=/home/fam
SHLVL=2
LOGNAME=fam
DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1012/bus
XDG_RUNTIME_DIR=/run/user/1012
_=/usr/bin/env
=== PACKAGES ===
gpg-pubkey-873529b8-54e386ff
xz-libs-5.2.2-2.fc24.s390x
libxshmfence-1.2-3.fc24.s390x
giflib-4.1.6-15.fc24.s390x
trousers-lib-0.3.13-6.fc24.s390x
ncurses-base-6.0-6.20160709.fc25.noarch
gmp-6.1.1-1.fc25.s390x
libidn-1.33-1.fc25.s390x
slang-2.3.0-7.fc25.s390x
libsemanage-2.5-8.fc25.s390x
pkgconfig-0.29.1-1.fc25.s390x
alsa-lib-1.1.1-2.fc25.s390x
yum-metadata-parser-1.1.4-17.fc25.s390x
python3-slip-dbus-0.6.4-4.fc25.noarch
python2-cssselect-0.9.2-1.fc25.noarch
python-fedora-0.8.0-2.fc25.noarch
createrepo_c-libs-0.10.0-6.fc25.s390x
initscripts-9.69-1.fc25.s390x
wget-1.18-2.fc25.s390x
dhcp-client-4.3.5-1.fc25.s390x
parted-3.2-21.fc25.s390x
flex-2.6.0-3.fc25.s390x
colord-libs-1.3.4-1.fc25.s390x
python-osbs-client-0.33-3.fc25.noarch
perl-Pod-Simple-3.35-1.fc25.noarch
python2-simplejson-3.10.0-1.fc25.s390x
brltty-5.4-2.fc25.s390x
librados2-10.2.4-2.fc25.s390x
tcp_wrappers-7.6-83.fc25.s390x
libcephfs_jni1-10.2.4-2.fc25.s390x
nettle-devel-3.3-1.fc25.s390x
bzip2-devel-1.0.6-21.fc25.s390x
libuuid-2.28.2-2.fc25.s390x
pango-1.40.4-1.fc25.s390x
python3-dnf-1.1.10-6.fc25.noarch
cryptsetup-libs-1.7.4-1.fc25.s390x
texlive-kpathsea-doc-svn41139-33.fc25.1.noarch
netpbm-10.77.00-3.fc25.s390x
openssh-7.4p1-4.fc25.s390x
texlive-kpathsea-bin-svn40473-33.20160520.fc25.1.s390x
texlive-graphics-svn41015-33.fc25.1.noarch
texlive-dvipdfmx-def-svn40328-33.fc25.1.noarch
texlive-mfware-svn40768-33.fc25.1.noarch
texlive-texlive-scripts-svn41433-33.fc25.1.noarch
texlive-euro-svn22191.1.1-33.fc25.1.noarch
texlive-etex-svn37057.0-33.fc25.1.noarch
texlive-iftex-svn29654.0.2-33.fc25.1.noarch
texlive-palatino-svn31835.0-33.fc25.1.noarch
texlive-texlive-docindex-svn41430-33.fc25.1.noarch
texlive-xunicode-svn30466.0.981-33.fc25.1.noarch
texlive-koma-script-svn41508-33.fc25.1.noarch
texlive-pst-grad-svn15878.1.06-33.fc25.1.noarch
texlive-pst-blur-svn15878.2.0-33.fc25.1.noarch
texlive-jknapltx-svn19440.0-33.fc25.1.noarch
netpbm-progs-10.77.00-3.fc25.s390x
texinfo-6.1-4.fc25.s390x
openssl-devel-1.0.2k-1.fc25.s390x
python2-sssdconfig-1.15.2-1.fc25.noarch
gdk-pixbuf2-2.36.6-1.fc25.s390x
mesa-libEGL-13.0.4-3.fc25.s390x
pcre-cpp-8.40-6.fc25.s390x
pcre-utf16-8.40-6.fc25.s390x
glusterfs-extra-xlators-3.10.1-1.fc25.s390x
mesa-libGL-devel-13.0.4-3.fc25.s390x
nss-devel-3.29.3-1.1.fc25.s390x
libaio-0.3.110-6.fc24.s390x
libfontenc-1.1.3-3.fc24.s390x
lzo-2.08-8.fc24.s390x
isl-0.14-5.fc24.s390x
libXau-1.0.8-6.fc24.s390x
linux-atm-libs-2.5.1-14.fc24.s390x
libXext-1.3.3-4.fc24.s390x
libXxf86vm-1.1.4-3.fc24.s390x
bison-3.0.4-4.fc24.s390x
perl-srpm-macros-1-20.fc25.noarch
gawk-4.1.3-8.fc25.s390x
libwayland-client-1.12.0-1.fc25.s390x
perl-Exporter-5.72-366.fc25.noarch
perl-version-0.99.17-1.fc25.s390x
fftw-libs-double-3.3.5-3.fc25.s390x
libssh2-1.8.0-1.fc25.s390x
ModemManager-glib-1.6.4-1.fc25.s390x
newt-python3-0.52.19-2.fc25.s390x
python-munch-2.0.4-3.fc25.noarch
python-bugzilla-1.2.2-4.fc25.noarch
libedit-3.1-16.20160618cvs.fc25.s390x
python-pycurl-7.43.0-4.fc25.s390x
createrepo_c-0.10.0-6.fc25.s390x
device-mapper-multipath-libs-0.4.9-83.fc25.s390x
yum-3.4.3-510.fc25.noarch
dhcp-common-4.3.5-1.fc25.noarch
dracut-config-rescue-044-78.fc25.s390x
teamd-1.26-1.fc25.s390x
mozjs17-17.0.0-16.fc25.s390x
libselinux-2.5-13.fc25.s390x
libgo-devel-6.3.1-1.fc25.s390x
NetworkManager-libnm-1.4.4-3.fc25.s390x
python2-pyparsing-2.1.10-1.fc25.noarch
cairo-gobject-1.14.8-1.fc25.s390x
ethtool-4.8-1.fc25.s390x
xorg-x11-proto-devel-7.7-20.fc25.noarch
brlapi-0.6.5-2.fc25.s390x
librados-devel-10.2.4-2.fc25.s390x
libXinerama-devel-1.1.3-6.fc24.s390x
quota-4.03-7.fc25.s390x
lua-posix-33.3.1-3.fc25.s390x
usbredir-devel-0.7.1-2.fc24.s390x
python-libs-2.7.13-1.fc25.s390x
libX11-devel-1.6.4-4.fc25.s390x
python-devel-2.7.13-1.fc25.s390x
libepoxy-1.4.1-1.fc25.s390x
freetype-devel-2.6.5-3.fc25.s390x
python3-dnf-plugins-core-0.1.21-5.fc25.noarch
perl-macros-5.24.1-385.fc25.s390x
texlive-pdftex-doc-svn41149-33.fc25.1.noarch
mariadb-config-10.1.21-3.fc25.s390x
openssh-clients-7.4p1-4.fc25.s390x
iptables-1.6.0-3.fc25.s390x
texlive-texlive.infra-svn41280-33.fc25.1.noarch
texlive-graphics-cfg-svn40269-33.fc25.1.noarch
texlive-bibtex-svn40768-33.fc25.1.noarch
texlive-mfware-bin-svn40473-33.20160520.fc25.1.s390x
texlive-texlive-scripts-bin-svn29741.0-33.20160520.fc25.1.noarch
texlive-sauerj-svn15878.0-33.fc25.1.noarch
texlive-enctex-svn34957.0-33.fc25.1.noarch
texlive-ifetex-svn24853.1.2-33.fc25.1.noarch
texlive-ntgclass-svn15878.2.1a-33.fc25.1.noarch
texlive-tex-gyre-math-svn41264-33.fc25.1.noarch
texlive-bera-svn20031.0-33.fc25.1.noarch
texlive-ms-svn29849.0-33.fc25.1.noarch
texlive-pst-fill-svn15878.1.01-33.fc25.1.noarch
texlive-ctable-svn38672-33.fc25.1.noarch
texlive-extsizes-svn17263.1.4a-33.fc25.1.noarch
texlive-collection-latexrecommended-svn35765.0-33.20160520.fc25.1.noarch
perl-Filter-1.57-1.fc25.s390x
krb5-workstation-1.14.4-7.fc25.s390x
python2-rpm-macros-3-12.fc25.noarch
audit-libs-2.7.4-1.fc25.s390x
libglvnd-egl-0.2.999-14.20170308git8e6e102.fc25.s390x
libglvnd-opengl-0.2.999-14.20170308git8e6e102.fc25.s390x
pcre-devel-8.40-6.fc25.s390x
gdbm-1.13-1.fc25.s390x
mesa-libGLES-devel-13.0.4-3.fc25.s390x
java-1.8.0-openjdk-1.8.0.121-10.b14.fc25.s390x
gpg-pubkey-efe550f5-5220ba41
gpg-pubkey-81b46521-55b3ca9a
filesystem-3.2-37.fc24.s390x
libffi-3.1-9.fc24.s390x
keyutils-libs-1.5.9-8.fc24.s390x
libnfnetlink-1.0.1-8.fc24.s390x
libtheora-1.1.1-14.fc24.s390x
xml-common-0.6.3-44.fc24.noarch
autoconf-2.69-22.fc24.noarch
libXt-1.1.5-3.fc24.s390x
kbd-legacy-2.0.3-3.fc24.noarch
ghostscript-fonts-5.50-35.fc24.noarch
libXevie-1.0.3-11.fc24.s390x
libcap-2.25-2.fc25.s390x
mpfr-3.1.5-1.fc25.s390x
perl-Carp-1.40-365.fc25.noarch
libmnl-1.0.4-1.fc25.s390x
perl-Unicode-EastAsianWidth-1.33-8.fc25.noarch
libwayland-cursor-1.12.0-1.fc25.s390x
python-krbV-1.0.90-12.fc25.s390x
python2-urllib3-1.15.1-3.fc25.noarch
fipscheck-1.4.1-11.fc25.s390x
libndp-1.6-1.fc25.s390x
gnupg2-2.1.13-2.fc25.s390x
libXfixes-5.0.3-1.fc25.s390x
adwaita-icon-theme-3.22.0-1.fc25.noarch
dconf-0.26.0-1.fc25.s390x
ncurses-devel-6.0-6.20160709.fc25.s390x
dejagnu-1.6-1.fc25.noarch
libstdc++-devel-6.3.1-1.fc25.s390x
python-beautifulsoup4-4.5.3-1.fc25.noarch
device-mapper-1.02.136-3.fc25.s390x
subversion-1.9.5-1.fc25.s390x
libtool-ltdl-2.4.6-13.fc25.s390x
libevent-2.0.22-1.fc25.s390x
atk-devel-2.22.0-1.fc25.s390x
libev-4.24-1.fc25.s390x
xorg-x11-fonts-Type1-7.5-16.fc24.noarch
libtasn1-devel-4.10-1.fc25.s390x
vte291-devel-0.46.1-1.fc25.s390x
brlapi-devel-0.6.5-2.fc25.s390x
pulseaudio-libs-10.0-2.fc25.s390x
libnl3-cli-3.2.29-2.fc25.s390x
perl-libs-5.24.1-385.fc25.s390x
glib2-2.50.3-1.fc25.s390x
python3-firewall-0.4.4.4-1.fc25.noarch
python2-rpm-4.13.0.1-1.fc25.s390x
gnutls-3.5.10-1.fc25.s390x
pango-devel-1.40.4-1.fc25.s390x
dnf-1.1.10-6.fc25.noarch
texlive-metafont-bin-svn40987-33.20160520.fc25.1.s390x
texlive-xkeyval-svn35741.2.7a-33.fc25.1.noarch
texlive-euler-svn17261.2.5-33.fc25.1.noarch
texlive-mptopdf-svn41282-33.fc25.1.noarch
texlive-wasy-svn35831.0-33.fc25.1.noarch
texlive-avantgar-svn31835.0-33.fc25.1.noarch
texlive-eurosym-svn17265.1.4_subrfix-33.fc25.1.noarch
texlive-knuth-lib-svn35820.0-33.fc25.1.noarch
texlive-parallel-svn15878.0-33.fc25.1.noarch
texlive-texlive-msg-translations-svn41431-33.fc25.1.noarch
texlive-latex-svn40218-33.fc25.1.noarch
texlive-lualatex-math-svn40621-33.fc25.1.noarch
texlive-auto-pst-pdf-svn23723.0.6-33.fc25.1.noarch
texlive-powerdot-svn38984-33.fc25.1.noarch
texlive-wasysym-svn15878.2.0-33.fc25.1.noarch
ImageMagick-libs-6.9.3.0-6.fc25.s390x
geoclue2-2.4.5-1.fc25.s390x
perl-IO-Socket-IP-0.39-1.fc25.noarch
gdb-7.12.1-47.fc25.s390x
python2-pyasn1-0.2.3-1.fc25.noarch
libglvnd-0.2.999-14.20170308git8e6e102.fc25.s390x
libglvnd-gles-0.2.999-14.20170308git8e6e102.fc25.s390x
gdk-pixbuf2-devel-2.36.6-1.fc25.s390x
libidn2-2.0.0-1.fc25.s390x
system-python-libs-3.5.3-4.fc25.s390x
GeoIP-1.6.10-1.fc25.s390x
at-spi2-core-devel-2.22.1-1.fc25.s390x
gpg-pubkey-34ec9cba-54e38751
gpg-pubkey-030d5aed-55b577f0
basesystem-11-2.fc24.noarch
libmpc-1.0.2-5.fc24.s390x
libunistring-0.9.4-3.fc24.s390x
libmodman-2.0.1-12.fc24.s390x
lsscsi-0.28-3.fc24.s390x
kbd-misc-2.0.3-3.fc24.noarch
rpmconf-base-1.0.18-2.fc25.noarch
libxml2-2.9.3-4.fc25.s390x
kmod-23-1.fc25.s390x
newt-0.52.19-2.fc25.s390x
perl-Text-Unidecode-1.27-3.fc25.noarch
plymouth-core-libs-0.9.3-0.6.20160620git0e65b86c.fc25.s390x
which-2.21-1.fc25.s390x
python3-slip-0.6.4-4.fc25.noarch
python3-systemd-232-1.fc25.s390x
python-lockfile-0.11.0-4.fc25.noarch
python2-requests-2.10.0-4.fc25.noarch
libarchive-3.2.2-1.fc25.s390x
libnghttp2-1.13.0-2.fc25.s390x
python-urlgrabber-3.10.1-9.fc25.noarch
iputils-20161105-1.fc25.s390x
rest-0.8.0-1.fc25.s390x
adwaita-cursor-theme-3.22.0-1.fc25.noarch
authconfig-6.2.10-14.fc25.s390x
expat-devel-2.2.0-1.fc25.s390x
automake-1.15-7.fc25.noarch
shared-mime-info-1.8-1.fc25.s390x
pigz-2.3.4-1.fc25.s390x
device-mapper-libs-1.02.136-3.fc25.s390x
dnsmasq-2.76-2.fc25.s390x
fedora-packager-0.6.0.1-1.fc25.noarch
gcc-c++-6.3.1-1.fc25.s390x
libwebp-0.5.2-1.fc25.s390x
boost-system-1.60.0-10.fc25.s390x
libasyncns-0.8-10.fc24.s390x
libXau-devel-1.0.8-6.fc24.s390x
libverto-libev-0.2.6-6.fc24.s390x
python3-html5lib-0.999-9.fc25.noarch
ttmkfdir-3.0.9-48.fc24.s390x
pulseaudio-libs-glib2-10.0-2.fc25.s390x
wpa_supplicant-2.6-1.fc25.s390x
texlive-lib-2016-33.20160520.fc25.s390x
libXi-devel-1.7.9-1.fc25.s390x
python3-distro-1.0.3-1.fc25.noarch
rpm-plugin-systemd-inhibit-4.13.0.1-1.fc25.s390x
gnutls-c++-3.5.10-1.fc25.s390x
texlive-texlive-common-doc-svn40682-33.fc25.1.noarch
packagedb-cli-2.14.1-1.fc25.noarch
rpcbind-0.2.4-5.fc25.s390x
texlive-metafont-svn40793-33.fc25.1.noarch
texlive-tools-svn40934-33.fc25.1.noarch
texlive-enumitem-svn24146.3.5.2-33.fc25.1.noarch
texlive-mptopdf-bin-svn18674.0-33.20160520.fc25.1.noarch
texlive-underscore-svn18261.0-33.fc25.1.noarch
texlive-anysize-svn15878.0-33.fc25.1.noarch
texlive-euenc-svn19795.0.1h-33.fc25.1.noarch
texlive-kastrup-svn15878.0-33.fc25.1.noarch
texlive-paralist-svn39247-33.fc25.1.noarch
texlive-texlive-en-svn41185-33.fc25.1.noarch
texlive-tipa-svn29349.1.3-33.fc25.1.noarch
texlive-currfile-svn40725-33.fc25.1.noarch
texlive-pst-node-svn40743-33.fc25.1.noarch
texlive-pst-slpe-svn24391.1.31-33.fc25.1.noarch
texlive-typehtml-svn17134.0-33.fc25.1.noarch
SDL2-devel-2.0.5-3.fc25.s390x
perl-Module-CoreList-5.20170320-1.fc25.noarch
libcroco-0.6.11-3.fc25.s390x
publicsuffix-list-dafsa-20170206-1.fc25.noarch
pcre-8.40-6.fc25.s390x
cups-libs-2.2.0-8.fc25.s390x
gtk-update-icon-cache-3.22.11-1.fc25.s390x
libcurl-7.51.0-6.fc25.s390x
python3-libs-3.5.3-4.fc25.s390x
bluez-libs-devel-5.44-1.fc25.s390x
kernel-4.10.8-200.fc25.s390x
fontpackages-filesystem-1.44-17.fc24.noarch
groff-base-1.22.3-8.fc24.s390x
ilmbase-2.2.0-5.fc24.s390x
OpenEXR-libs-2.2.0-5.fc24.s390x
hesiod-3.2.1-6.fc24.s390x
sysfsutils-2.1.0-19.fc24.s390x
ocaml-srpm-macros-2-4.fc24.noarch
mailx-12.5-19.fc24.s390x
ncurses-libs-6.0-6.20160709.fc25.s390x
ipset-libs-6.29-1.fc25.s390x
gmp-devel-6.1.1-1.fc25.s390x
python-pip-8.1.2-2.fc25.noarch
harfbuzz-1.3.2-1.fc25.s390x
python2-iniparse-0.4-20.fc25.noarch
python3-iniparse-0.4-20.fc25.noarch
python3-kickstart-2.32-1.fc25.noarch
perl-Net-SSLeay-1.78-1.fc25.s390x
drpm-0.3.0-3.fc25.s390x
glib-networking-2.50.0-1.fc25.s390x
webkitgtk3-2.4.11-3.fc25.s390x
libXaw-1.0.13-4.fc25.s390x
xorg-x11-font-utils-7.5-32.fc25.s390x
hardlink-1.1-1.fc25.s390x
libcom_err-1.43.3-1.fc25.s390x
python2-dateutil-2.6.0-1.fc25.noarch
libXpm-3.5.12-1.fc25.s390x
python2-smmap-2.0.1-1.fc25.noarch
poppler-data-0.4.7-6.fc25.noarch
nspr-devel-4.13.1-1.fc25.s390x
librbd1-10.2.4-2.fc25.s390x
libsndfile-1.0.27-1.fc25.s390x
perl-Digest-MD5-2.55-2.fc25.s390x
wayland-protocols-devel-1.7-1.fc25.noarch
libacl-devel-2.2.52-11.fc24.s390x
texi2html-5.0-4.fc24.noarch
libxkbcommon-0.7.1-1.fc25.s390x
freetype-2.6.5-3.fc25.s390x
libuuid-devel-2.28.2-2.fc25.s390x
coreutils-common-8.25-16.fc25.s390x
gdb-headless-7.12.1-47.fc25.s390x
libcacard-2.5.3-1.fc25.s390x
perl-threads-shared-1.55-1.fc25.s390x
python2-rpkg-1.49-2.fc25.noarch
libwmf-lite-0.2.8.4-50.fc25.s390x
unbound-libs-1.6.0-6.fc25.s390x
texlive-tetex-svn41059-33.fc25.1.noarch
texlive-thumbpdf-svn34621.3.16-33.fc25.1.noarch
texlive-carlisle-svn18258.0-33.fc25.1.noarch
texlive-makeindex-bin-svn40473-33.20160520.fc25.1.s390x
texlive-pdftex-svn41149-33.fc25.1.noarch
texlive-csquotes-svn39538-33.fc25.1.noarch
texlive-courier-svn35058.0-33.fc25.1.noarch
texlive-helvetic-svn31835.0-33.fc25.1.noarch
texlive-mfnfss-svn19410.0-33.fc25.1.noarch
texlive-sepnum-svn20186.2.0-33.fc25.1.noarch
texlive-utopia-svn15878.0-33.fc25.1.noarch
texlive-luatexbase-svn38550-33.fc25.1.noarch
texlive-pst-3d-svn17257.1.10-33.fc25.1.noarch
texlive-latex-bin-bin-svn14050.0-33.20160520.fc25.1.noarch
texlive-l3experimental-svn41163-33.fc25.1.noarch
bind99-libs-9.9.9-4.P6.fc25.s390x
net-tools-2.0-0.40.20160329git.fc25.s390x
perl-Pod-Perldoc-3.28-1.fc25.noarch
openssl-1.0.2k-1.fc25.s390x
man-pages-4.06-4.fc25.noarch
libdrm-2.4.77-1.fc25.s390x
p11-kit-0.23.2-3.fc25.s390x
glusterfs-cli-3.10.1-1.fc25.s390x
git-core-2.9.3-3.fc25.s390x
python3-3.5.3-4.fc25.s390x
python3-magic-5.29-4.fc25.noarch
p11-kit-trust-0.23.2-3.fc25.s390x
gpg-pubkey-95a43f54-5284415a
dejavu-fonts-common-2.35-3.fc24.noarch
libSM-1.2.2-4.fc24.s390x
diffutils-3.3-13.fc24.s390x
libogg-1.3.2-5.fc24.s390x
hunspell-en-US-0.20140811.1-5.fc24.noarch
libdaemon-0.14-10.fc24.s390x
patch-2.7.5-3.fc24.s390x
libsysfs-2.1.0-19.fc24.s390x
procmail-3.22-39.fc24.s390x
libXdamage-1.1.4-8.fc24.s390x
libotf-0.9.13-7.fc24.s390x
urw-fonts-2.4-22.fc24.noarch
crontabs-1.11-12.20150630git.fc24.noarch
ppp-2.4.7-9.fc24.s390x
polkit-0.113-5.fc24.s390x
cyrus-sasl-2.1.26-26.2.fc24.s390x
zlib-devel-1.2.8-10.fc24.s390x
time-1.7-49.fc24.s390x
gpg-pubkey-fdb19c98-56fd6333
fedora-release-25-1.noarch
libcap-ng-0.7.8-1.fc25.s390x
binutils-2.26.1-1.fc25.s390x
lcms2-2.8-2.fc25.s390x
libcomps-0.1.7-5.fc25.s390x
less-481-6.fc25.s390x
apr-1.5.2-4.fc25.s390x
perl-constant-1.33-367.fc25.noarch
perl-Data-Dumper-2.161-1.fc25.s390x
ipcalc-0.1.8-1.fc25.s390x
libteam-1.26-1.fc25.s390x
gmp-c++-6.1.1-1.fc25.s390x
fontconfig-2.12.1-1.fc25.s390x
enchant-1.6.0-14.fc25.s390x
pyliblzma-0.5.3-16.fc25.s390x
libsepol-devel-2.5-10.fc25.s390x
python3-ordered-set-2.0.0-4.fc25.noarch
python3-rpmconf-1.0.18-2.fc25.noarch
python-ipaddress-1.0.16-3.fc25.noarch
python2-kerberos-1.2.5-1.fc25.s390x
python2-pysocks-1.5.6-5.fc25.noarch
fipscheck-lib-1.4.1-11.fc25.s390x
libatomic_ops-7.4.4-1.fc25.s390x
net-snmp-agent-libs-5.7.3-13.fc25.s390x
dracut-044-78.fc25.s390x
python2-pygpgme-0.3-18.fc25.s390x
libsoup-2.56.0-2.fc25.s390x
orc-0.4.26-1.fc25.s390x
yum-utils-1.1.31-511.fc25.noarch
libXrender-0.9.10-1.fc25.s390x
libXrandr-1.5.1-1.fc25.s390x
go-srpm-macros-2-7.fc25.noarch
gnupg2-smime-2.1.13-2.fc25.s390x
guile-devel-2.0.13-1.fc25.s390x
uboot-tools-2016.09.01-2.fc25.s390x
pykickstart-2.32-1.fc25.noarch
python-bunch-1.0.1-9.fc25.noarch
perl-generators-1.10-1.fc25.noarch
perl-Mozilla-CA-20160104-3.fc25.noarch
glibc-all-langpacks-2.24-4.fc25.s390x
bzip2-libs-1.0.6-21.fc25.s390x
libpng-1.6.27-1.fc25.s390x
desktop-file-utils-0.23-2.fc25.s390x
python2-cccolutils-1.4-1.fc25.s390x
python2-lxml-3.7.2-1.fc25.s390x
redhat-rpm-config-45-1.fc25.noarch
elfutils-libs-0.168-1.fc25.s390x
device-mapper-event-libs-1.02.136-3.fc25.s390x
lvm2-libs-2.02.167-3.fc25.s390x
elfutils-0.168-1.fc25.s390x
python2-gitdb-2.0.0-1.fc25.noarch
gcc-gfortran-6.3.1-1.fc25.s390x
libselinux-python-2.5-13.fc25.s390x
openjpeg2-2.1.2-3.fc25.s390x
js-jquery-2.2.4-1.fc25.noarch
boost-thread-1.60.0-10.fc25.s390x
json-c-0.12-7.fc24.s390x
librbd-devel-10.2.4-2.fc25.s390x
libXcursor-devel-1.1.14-6.fc24.s390x
python3-beautifulsoup4-4.5.3-1.fc25.noarch
latex2html-2012-7.fc24.noarch
lksctp-tools-1.0.16-5.fc24.s390x
vte291-0.46.1-1.fc25.s390x
libfdt-1.4.2-1.fc25.s390x
libXft-devel-2.3.2-4.fc24.s390x
libattr-devel-2.4.47-16.fc24.s390x
libiscsi-devel-1.15.0-2.fc24.s390x
gettext-0.19.8.1-3.fc25.s390x
libjpeg-turbo-devel-1.5.1-0.fc25.s390x
libX11-1.6.4-4.fc25.s390x
pulseaudio-libs-devel-10.0-2.fc25.s390x
ccache-3.3.3-1.fc25.s390x
systemd-libs-231-14.fc25.s390x
nss-softokn-freebl-3.29.3-1.0.fc25.s390x
libepoxy-devel-1.4.1-1.fc25.s390x
krb5-libs-1.14.4-7.fc25.s390x
libmount-2.28.2-2.fc25.s390x
python3-decorator-4.0.11-1.fc25.noarch
rpm-plugin-selinux-4.13.0.1-1.fc25.s390x
perl-threads-2.15-1.fc25.s390x
tzdata-java-2017b-1.fc25.noarch
python-srpm-macros-3-12.fc25.noarch
libsmartcols-2.28.2-2.fc25.s390x
kernel-core-4.10.5-200.fc25.s390x
kernel-modules-4.10.5-200.fc25.s390x
texlive-kpathsea-svn41139-33.fc25.1.noarch
texlive-amsmath-svn41561-33.fc25.1.noarch
texlive-thumbpdf-bin-svn6898.0-33.20160520.fc25.1.noarch
texlive-psnfss-svn33946.9.2a-33.fc25.1.noarch
texlive-subfig-svn15878.1.3-33.fc25.1.noarch
texlive-fancybox-svn18304.1.4-33.fc25.1.noarch
texlive-lua-alt-getopt-svn29349.0.7.0-33.fc25.1.noarch
texlive-natbib-svn20668.8.31b-33.fc25.1.noarch
texlive-pdftex-bin-svn40987-33.20160520.fc25.1.s390x
texlive-xdvi-svn40768-33.fc25.1.noarch
texlive-crop-svn15878.1.5-33.fc25.1.noarch
texlive-babel-english-svn30264.3.3p-33.fc25.1.noarch
texlive-cmextra-svn32831.0-33.fc25.1.noarch
texlive-fancyhdr-svn15878.3.1-33.fc25.1.noarch
texlive-luatex-svn40963-33.fc25.1.noarch
texlive-knuth-local-svn38627-33.fc25.1.noarch
texlive-mflogo-font-svn36898.1.002-33.fc25.1.noarch
texlive-parskip-svn19963.2.0-33.fc25.1.noarch
texlive-section-svn20180.0-33.fc25.1.noarch
texlive-textcase-svn15878.0-33.fc25.1.noarch
texlive-updmap-map-svn41159-33.fc25.1.noarch
texlive-attachfile-svn38830-33.fc25.1.noarch
nss-3.29.3-1.1.fc25.s390x
glusterfs-client-xlators-3.10.1-1.fc25.s390x
libglvnd-glx-0.2.999-14.20170308git8e6e102.fc25.s390x
libtiff-4.0.7-4.fc25.s390x
dbus-devel-1.11.12-1.fc25.s390x
java-1.8.0-openjdk-headless-1.8.0.121-10.b14.fc25.s390x
pcre2-utf16-10.23-5.fc25.s390x
git-core-doc-2.9.3-3.fc25.s390x
iproute-4.10.0-1.fc25.s390x
nfs-utils-2.1.1-3.rc1.fc25.s390x
libglvnd-core-devel-0.2.999-14.20170308git8e6e102.fc25.s390x
python-magic-5.29-4.fc25.noarch
pcre2-devel-10.23-5.fc25.s390x
p11-kit-devel-0.23.2-3.fc25.s390x
texlive-luaotfload-svn40902-33.fc25.1.noarch
texlive-unicode-math-svn38462-33.fc25.1.noarch
texlive-fancyvrb-svn18492.2.8-33.fc25.1.noarch
texlive-pst-pdf-bin-svn7838.0-33.20160520.fc25.1.noarch
texlive-amscls-svn36804.0-33.fc25.1.noarch
texlive-ltxmisc-svn21927.0-33.fc25.1.noarch
texlive-breqn-svn38099.0.98d-33.fc25.1.noarch
texlive-xetex-def-svn40327-33.fc25.1.noarch
openssh-server-7.4p1-4.fc25.s390x
sendmail-8.15.2-8.fc25.s390x
python-firewall-0.4.4.4-1.fc25.noarch
python3-sssdconfig-1.15.2-1.fc25.noarch
tzdata-2017b-1.fc25.noarch
hunspell-1.4.1-2.fc25.s390x
gpg-pubkey-8e1431d5-53bcbac7
zlib-1.2.8-10.fc24.s390x
sed-4.2.2-15.fc24.s390x
psmisc-22.21-8.fc24.s390x
gpm-libs-1.20.7-9.fc24.s390x
zip-3.0-16.fc24.s390x
hostname-3.15-7.fc24.s390x
libyubikey-1.13-2.fc24.s390x
sg3_utils-libs-1.41-3.fc24.s390x
polkit-pkla-compat-0.1-7.fc24.s390x
passwd-0.79-8.fc24.s390x
trousers-0.3.13-6.fc24.s390x
grubby-8.40-3.fc24.s390x
rootfiles-8.1-19.fc24.noarch
nettle-3.3-1.fc25.s390x
jansson-2.9-1.fc25.s390x
libksba-1.3.5-1.fc25.s390x
perl-Text-ParseWords-3.30-365.fc25.noarch
perl-PathTools-3.63-366.fc25.s390x
perl-File-Temp-0.23.04-365.fc25.noarch
fuse-libs-2.9.7-1.fc25.s390x
perl-Pod-Escapes-1.07-365.fc25.noarch
perl-Term-ANSIColor-4.05-2.fc25.noarch
perl-URI-1.71-5.fc25.noarch
libXfont-1.5.2-1.fc25.s390x
python-six-1.10.0-3.fc25.noarch
dbus-glib-0.108-1.fc25.s390x
gobject-introspection-1.50.0-1.fc25.s390x
libpwquality-1.3.0-6.fc25.s390x
python-gobject-base-3.22.0-1.fc25.s390x
python-html5lib-0.999-9.fc25.noarch
python3-dbus-1.2.4-2.fc25.s390x
python3-chardet-2.3.0-1.fc25.noarch
python3-urllib3-1.15.1-3.fc25.noarch
python-offtrac-0.1.0-7.fc25.noarch
python2-cryptography-1.5.3-3.fc25.s390x
python2-requests-kerberos-0.10.0-2.fc25.noarch
libserf-1.3.9-1.fc25.s390x
libdatrie-0.2.9-3.fc25.s390x
s390utils-base-1.36.0-1.fc25.s390x
kpartx-0.4.9-83.fc25.s390x
s390utils-cpuplugd-1.36.0-1.fc25.s390x
rpmconf-1.0.18-2.fc25.noarch
s390utils-osasnmpd-1.36.0-1.fc25.s390x
python-dnf-plugins-extras-common-0.0.12-4.fc25.noarch
fpc-srpm-macros-1.0-1.fc25.noarch
libuser-0.62-4.fc25.s390x
man-db-2.7.5-3.fc25.s390x
sqlite-3.14.2-1.fc25.s390x
python-systemd-doc-232-1.fc25.s390x
libdb-5.3.28-16.fc25.s390x
lz4-1.7.5-1.fc25.s390x
tar-1.29-3.fc25.s390x
emacs-common-25.1-3.fc25.s390x
unzip-6.0-31.fc25.s390x
bodhi-client-0.9.12.2-6.fc25.noarch
glibc-headers-2.24-4.fc25.s390x
cairo-1.14.8-1.fc25.s390x
ca-certificates-2017.2.11-1.0.fc25.noarch
NetworkManager-glib-1.4.4-3.fc25.s390x
gcc-go-6.3.1-1.fc25.s390x
cracklib-dicts-2.9.6-4.fc25.s390x
libselinux-python3-2.5-13.fc25.s390x
python2-enchant-1.6.8-1.fc25.noarch
boost-iostreams-1.60.0-10.fc25.s390x
userspace-rcu-0.9.2-2.fc25.s390x
libXext-devel-1.3.3-4.fc24.s390x
libXrandr-devel-1.5.1-1.fc25.s390x
perl-XML-XPath-1.39-1.fc25.noarch
python3-lxml-3.7.2-1.fc25.s390x
vte-profile-0.46.1-1.fc25.s390x
sqlite-devel-3.14.2-1.fc25.s390x
libiscsi-1.15.0-2.fc24.s390x
fontconfig-devel-2.12.1-1.fc25.s390x
libfdt-devel-1.4.2-1.fc25.s390x
ceph-devel-compat-10.2.4-2.fc25.s390x
zlib-static-1.2.8-10.fc24.s390x
chrpath-0.16-3.fc24.s390x
python-2.7.13-1.fc25.s390x
kernel-core-4.9.5-200.fc25.s390x
info-6.1-4.fc25.s390x
iptables-libs-1.6.0-3.fc25.s390x
bind-license-9.10.4-4.P6.fc25.noarch
lua-5.3.4-1.fc25.s390x
libfdisk-2.28.2-2.fc25.s390x
dnf-plugins-core-0.1.21-5.fc25.noarch
selinux-policy-3.13.1-225.11.fc25.noarch
perl-Errno-1.25-385.fc25.s390x
perl-Storable-2.56-368.fc25.s390x
python2-decorator-4.0.11-1.fc25.noarch
mariadb-common-10.1.21-3.fc25.s390x
systemtap-client-3.1-2.fc25.s390x
libnetfilter_conntrack-1.0.6-2.fc25.s390x
texlive-texlive.infra-bin-svn40312-33.20160520.fc25.1.s390x
texlive-ifluatex-svn41346-33.fc25.1.noarch
texlive-fp-svn15878.0-33.fc25.1.noarch
texlive-latex-fonts-svn28888.0-33.fc25.1.noarch
texlive-bibtex-bin-svn40473-33.20160520.fc25.1.s390x
texlive-glyphlist-svn28576.0-33.fc25.1.noarch
texlive-marvosym-svn29349.2.2a-33.fc25.1.noarch
texlive-tex-bin-svn40987-33.20160520.fc25.1.s390x
texlive-texconfig-svn40768-33.fc25.1.noarch
texlive-wasy2-ps-svn35830.0-33.fc25.1.noarch
texlive-psfrag-svn15878.3.04-33.fc25.1.noarch
texlive-charter-svn15878.0-33.fc25.1.noarch
texlive-ec-svn25033.1.0-33.fc25.1.noarch
texlive-lineno-svn21442.4.41-33.fc25.1.noarch
texlive-hyphen-base-svn41138-33.fc25.1.noarch
texlive-manfnt-font-svn35799.0-33.fc25.1.noarch
texlive-ncntrsbk-svn31835.0-33.fc25.1.noarch
texlive-pst-math-svn34786.0.63-33.fc25.1.noarch
texlive-symbol-svn31835.0-33.fc25.1.noarch
texlive-environ-svn33821.0.3-33.fc25.1.noarch
texlive-algorithms-svn38085.0.1-33.fc25.1.noarch
glusterfs-libs-3.10.1-1.fc25.s390x
mesa-libwayland-egl-13.0.4-3.fc25.s390x
glusterfs-api-3.10.1-1.fc25.s390x
kernel-core-4.10.8-200.fc25.s390x
mesa-libwayland-egl-devel-13.0.4-3.fc25.s390x
nss-tools-3.29.3-1.1.fc25.s390x
pcre2-10.23-5.fc25.s390x
perl-Git-2.9.3-3.fc25.noarch
gssproxy-0.7.0-3.fc25.s390x
glusterfs-server-3.10.1-1.fc25.s390x
libglvnd-devel-0.2.999-14.20170308git8e6e102.fc25.s390x
python3-hawkey-0.6.4-3.fc25.s390x
vim-enhanced-8.0.514-1.fc25.s390x
mesa-libgbm-devel-13.0.4-3.fc25.s390x
texlive-ifplatform-svn21156.0.4-33.fc25.1.noarch
texlive-eso-pic-svn37925.2.0g-33.fc25.1.noarch
texlive-xcolor-svn41044-33.fc25.1.noarch
texlive-pst-eps-svn15878.1.0-33.fc25.1.noarch
texlive-pst-text-svn15878.1.00-33.fc25.1.noarch
texlive-rotating-svn16832.2.16b-33.fc25.1.noarch
texlive-pdfpages-svn40638-33.fc25.1.noarch
texlive-cm-super-svn15878.0-33.fc25.1.noarch
texlive-xetex-svn41438-33.fc25.1.noarch
dnf-yum-1.1.10-6.fc25.noarch
mariadb-libs-10.1.21-3.fc25.s390x
rpmlint-1.9-8.fc25.noarch
systemtap-sdt-devel-3.1-2.fc25.s390x
libseccomp-devel-2.3.2-1.fc25.s390x
telnet-0.17-67.fc25.s390x
gpgme-1.8.0-10.fc25.s390x
apr-util-1.5.4-3.fc24.s390x
rsync-3.1.2-2.fc24.s390x
jbigkit-libs-2.1-5.fc24.s390x
pixman-0.34.0-2.fc24.s390x
dwz-0.12-2.fc24.s390x
expect-5.45-22.fc24.s390x
libsigsegv-2.10-10.fc24.s390x
fakeroot-libs-1.20.2-4.fc24.s390x
m17n-lib-1.7.0-5.fc24.s390x
libverto-0.2.6-6.fc24.s390x
libXmu-1.1.2-4.fc24.s390x
libXcursor-1.1.14-6.fc24.s390x
python-kitchen-1.2.4-2.fc24.noarch
polkit-libs-0.113-5.fc24.s390x
fakeroot-1.20.2-4.fc24.s390x
blktrace-1.1.0-3.fc24.s390x
usermode-1.111-8.fc24.s390x
kbd-2.0.3-3.fc24.s390x
libaio-devel-0.3.110-6.fc24.s390x
web-assets-filesystem-5-4.fc24.noarch
expat-2.2.0-1.fc25.s390x
libgpg-error-1.24-1.fc25.s390x
libgcrypt-1.6.6-1.fc25.s390x
findutils-4.6.0-8.fc25.s390x
libassuan-2.4.3-1.fc25.s390x
libusbx-1.0.21-1.fc25.s390x
libxslt-1.1.28-13.fc25.s390x
libmetalink-0.1.3-1.fc25.s390x
perl-File-Path-2.12-365.fc25.noarch
perl-MIME-Base64-3.15-365.fc25.s390x
ncurses-6.0-6.20160709.fc25.s390x
libwayland-server-1.12.0-1.fc25.s390x
perl-Fedora-VSP-0.001-4.fc25.noarch
perl-libintl-perl-1.26-1.fc25.s390x
shadow-utils-4.2.1-11.fc25.s390x
atk-2.22.0-1.fc25.s390x
pam-1.3.0-1.fc25.s390x
harfbuzz-icu-1.3.2-1.fc25.s390x
libsecret-0.18.5-2.fc25.s390x
s390utils-iucvterm-1.36.0-1.fc25.s390x
python3-requests-2.10.0-4.fc25.noarch
pyusb-1.0.0-2.fc25.noarch
python-enum34-1.0.4-6.fc25.noarch
pyOpenSSL-16.0.0-2.fc25.noarch
pyxattr-0.5.3-8.fc25.s390x
libbabeltrace-1.4.0-3.fc25.s390x
libthai-0.1.25-1.fc25.s390x
deltarpm-3.6-17.fc25.s390x
s390utils-mon_statd-1.36.0-1.fc25.s390x
device-mapper-multipath-0.4.9-83.fc25.s390x
python3-pygpgme-0.3-18.fc25.s390x
libreport-filesystem-2.8.0-1.fc25.s390x
ghc-srpm-macros-1.4.2-4.fc25.noarch
rpmdevtools-8.9-1.fc25.noarch
python-dnf-plugins-extras-migrate-0.0.12-4.fc25.noarch
perl-IO-Socket-SSL-2.038-1.fc25.noarch
perl-File-ShareDir-1.102-7.fc25.noarch
tcl-8.6.6-1.fc25.s390x
glibc-2.24-4.fc25.s390x
elfutils-libelf-0.168-1.fc25.s390x
perl-Scalar-List-Utils-1.47-1.fc25.s390x
bzip2-1.0.6-21.fc25.s390x
libss-1.43.3-1.fc25.s390x
libselinux-utils-2.5-13.fc25.s390x
koji-1.11.0-1.fc25.noarch
python3-enchant-1.6.8-1.fc25.noarch
python2-dockerfile-parse-0.0.5-7.fc25.noarch
systemd-bootchart-231-2.fc25.s390x
gcc-objc-6.3.1-1.fc25.s390x
e2fsprogs-1.43.3-1.fc25.s390x
libstdc++-static-6.3.1-1.fc25.s390x
libpng-devel-1.6.27-1.fc25.s390x
perl-XML-Parser-2.44-5.fc25.s390x
lttng-ust-2.8.1-2.fc25.s390x
libXfixes-devel-5.0.3-1.fc25.s390x
libXcomposite-devel-0.4.4-8.fc24.s390x
quota-nls-4.03-7.fc25.noarch
python3-javapackages-4.7.0-6.1.fc25.noarch
libcephfs_jni-devel-10.2.4-2.fc25.s390x
keyutils-libs-devel-1.5.9-8.fc24.s390x
libicu-devel-57.1-4.fc25.s390x
harfbuzz-devel-1.3.2-1.fc25.s390x
libidn-devel-1.33-1.fc25.s390x
libnfs-1.9.8-2.fc24.s390x
libssh2-devel-1.8.0-1.fc25.s390x
qemu-sanity-check-nodeps-1.1.5-5.fc24.s390x
alsa-lib-devel-1.1.1-2.fc25.s390x
libnl3-3.2.29-2.fc25.s390x
kernel-modules-4.9.5-200.fc25.s390x
libpsl-0.17.0-1.fc25.s390x
lua-libs-5.3.4-1.fc25.s390x
libseccomp-2.3.2-1.fc25.s390x
nss-softokn-freebl-devel-3.29.3-1.0.fc25.s390x
copy-jdk-configs-2.2-2.fc25.noarch
json-glib-1.2.6-1.fc25.s390x
python2-dnf-1.1.10-6.fc25.noarch
bind-libs-lite-9.10.4-4.P6.fc25.s390x
perl-IO-1.36-385.fc25.s390x
python2-GitPython-2.1.3-1.fc25.noarch
linux-firmware-20170313-72.git695f2d6d.fc25.noarch
systemd-container-231-14.fc25.s390x
gnutls-dane-3.5.10-1.fc25.s390x
texlive-tetex-bin-svn36770.0-33.20160520.fc25.1.noarch
texlive-amsfonts-svn29208.3.04-33.fc25.1.noarch
texlive-babel-svn40706-33.fc25.1.noarch
texlive-colortbl-svn29803.v1.0a-33.fc25.1.noarch
texlive-babelbib-svn25245.1.31-33.fc25.1.noarch
texlive-footmisc-svn23330.5.5b-33.fc25.1.noarch
texlive-makeindex-svn40768-33.fc25.1.noarch
texlive-plain-svn40274-33.fc25.1.noarch
texlive-texconfig-bin-svn29741.0-33.20160520.fc25.1.noarch
texlive-zapfding-svn31835.0-33.fc25.1.noarch
texlive-microtype-svn41127-33.fc25.1.noarch
texlive-bookman-svn31835.0-33.fc25.1.noarch
texlive-dvisvgm-def-svn41011-33.fc25.1.noarch
texlive-finstrut-svn21719.0.5-33.fc25.1.noarch
texlive-hyph-utf8-svn41189-33.fc25.1.noarch
texlive-lualibs-svn40370-33.fc25.1.noarch
glusterfs-3.10.1-1.fc25.s390x
mesa-libglapi-13.0.4-3.fc25.s390x
mesa-libgbm-13.0.4-3.fc25.s390x
kernel-modules-4.10.8-200.fc25.s390x
glusterfs-fuse-3.10.1-1.fc25.s390x
openldap-2.4.44-10.fc25.s390x
pcre-utf32-8.40-6.fc25.s390x
git-2.9.3-3.fc25.s390x
python2-gluster-3.10.1-1.fc25.s390x
glusterfs-devel-3.10.1-1.fc25.s390x
mesa-libEGL-devel-13.0.4-3.fc25.s390x
glusterfs-api-devel-3.10.1-1.fc25.s390x
sudo-1.8.19p2-1.fc25.s390x
python2-hawkey-0.6.4-3.fc25.s390x
texlive-mparhack-svn15878.1.4-33.fc25.1.noarch
texlive-pspicture-svn15878.0-33.fc25.1.noarch
texlive-soul-svn15878.2.4-33.fc25.1.noarch
texlive-trimspaces-svn15878.1.1-33.fc25.1.noarch
texlive-varwidth-svn24104.0.92-33.fc25.1.noarch
texlive-geometry-svn19716.5.6-33.fc25.1.noarch
texlive-memoir-svn41203-33.fc25.1.noarch
texlive-pgf-svn40966-33.fc25.1.noarch
texlive-pst-coil-svn37377.1.07-33.fc25.1.noarch
texlive-pst-plot-svn41242-33.fc25.1.noarch
texlive-latex-bin-svn41438-33.fc25.1.noarch
texlive-ucs-svn35853.2.2-33.fc25.1.noarch
texlive-ae-svn15878.1.4-33.fc25.1.noarch
texlive-xetex-bin-svn41091-33.20160520.fc25.1.s390x
fedora-upgrade-26.1-1.fc25.noarch
fedpkg-1.28-1.fc25.noarch
perl-Thread-Queue-3.12-1.fc25.noarch
gstreamer1-plugins-base-1.10.4-1.fc25.s390x
screen-4.5.1-1.fc25.s390x
strace-4.16-1.fc25.s390x
fedora-repos-25-3.noarch
libacl-2.2.52-11.fc24.s390x
cdparanoia-libs-10.2-21.fc24.s390x
ustr-1.0.4-21.fc24.s390x
libusb-0.1.5-7.fc24.s390x
readline-devel-6.3-8.fc24.s390x
chkconfig-1.8-1.fc25.s390x
avahi-libs-0.6.32-4.fc25.s390x
perl-Unicode-Normalize-1.25-365.fc25.s390x
perl-libnet-3.10-1.fc25.noarch
perl-podlators-4.09-1.fc25.noarch
graphite2-1.3.6-1.fc25.s390x
dbus-python-1.2.4-2.fc25.s390x
libgnome-keyring-3.12.0-7.fc25.s390x
python-backports-1.0-8.fc25.s390x
python-pycparser-2.14-7.fc25.noarch
plymouth-scripts-0.9.3-0.6.20160620git0e65b86c.fc25.s390x
cronie-1.5.1-2.fc25.s390x
python2-librepo-1.7.18-3.fc25.s390x
libXv-1.0.11-1.fc25.s390x
python2-ndg_httpsclient-0.4.0-4.fc25.noarch
btrfs-progs-4.6.1-1.fc25.s390x
libgcc-6.3.1-1.fc25.s390x
libgomp-6.3.1-1.fc25.s390x
perl-Encode-2.88-5.fc25.s390x
cracklib-2.9.6-4.fc25.s390x
libobjc-6.3.1-1.fc25.s390x
gcc-6.3.1-1.fc25.s390x
python3-dnf-plugin-system-upgrade-0.7.1-4.fc25.noarch
NetworkManager-1.4.4-3.fc25.s390x
glibc-static-2.24-4.fc25.s390x
boost-random-1.60.0-10.fc25.s390x
libref_array-0.1.5-29.fc25.s390x
libXrender-devel-0.9.10-1.fc25.s390x
javapackages-tools-4.7.0-6.1.fc25.noarch
keyutils-1.5.9-8.fc24.s390x
libcom_err-devel-1.43.3-1.fc25.s390x
graphite2-devel-1.3.6-1.fc25.s390x
lzo-minilzo-2.08-8.fc24.s390x
libusbx-devel-1.0.21-1.fc25.s390x
virglrenderer-devel-0.5.0-1.20160411git61846f92f.fc25.s390x
acpica-tools-20160831-1.fc25.s390x
grep-2.27-2.fc25.s390x
dnf-conf-1.1.10-6.fc25.noarch
crypto-policies-20160921-4.gitf3018dd.fc25.noarch
rpm-build-libs-4.13.0.1-1.fc25.s390x
libnfsidmap-0.27-1.fc25.s390x
systemtap-devel-3.1-2.fc25.s390x
systemd-231-14.fc25.s390x
SDL2-2.0.5-3.fc25.s390x
texlive-etex-pkg-svn39355-33.fc25.1.noarch
texlive-multido-svn18302.1.42-33.fc25.1.noarch
texlive-gsftopk-svn40768-33.fc25.1.noarch
texlive-pst-ovl-svn40873-33.fc25.1.noarch
texlive-ltabptch-svn17533.1.74d-33.fc25.1.noarch
texlive-cite-svn36428.5.5-33.fc25.1.noarch
texlive-fpl-svn15878.1.002-33.fc25.1.noarch
texlive-mathpazo-svn15878.1.003-33.fc25.1.noarch
texlive-rcs-svn15878.0-33.fc25.1.noarch
texlive-type1cm-svn21820.0-33.fc25.1.noarch
texlive-l3kernel-svn41246-33.fc25.1.noarch
texlive-hyperref-svn41396-33.fc25.1.noarch
texlive-pst-tree-svn24142.1.12-33.fc25.1.noarch
texlive-sansmathaccent-svn30187.0-33.fc25.1.noarch
texlive-dvipdfmx-bin-svn40273-33.20160520.fc25.1.s390x
texlive-zapfchan-svn31835.0-33.fc25.1.noarch
firewalld-0.4.4.4-1.fc25.noarch
glib2-static-2.50.3-1.fc25.s390x
libmicrohttpd-0.9.52-3.fc25.s390x
perl-open-1.10-385.fc25.noarch
bash-completion-2.5-1.fc25.noarch
libsolv-0.6.26-3.fc25.s390x
ghostscript-core-9.20-7.fc25.s390x
nss-util-devel-3.29.3-1.1.fc25.s390x
kernel-headers-4.10.8-200.fc25.s390x
system-python-3.5.3-4.fc25.s390x
iproute-tc-4.10.0-1.fc25.s390x
audit-2.7.4-1.fc25.s390x
gpg-pubkey-a29cb19c-53bcbba6
m4-1.4.17-9.fc24.s390x
liblockfile-1.09-4.fc24.s390x
sg3_utils-1.41-3.fc24.s390x
libXinerama-1.1.3-6.fc24.s390x
libXft-2.3.2-4.fc24.s390x
tcp_wrappers-libs-7.6-83.fc25.s390x
perl-Text-Tabs+Wrap-2013.0523-365.fc25.noarch
perl-Error-0.17024-7.fc25.noarch
perl-Term-Cap-1.17-365.fc25.noarch
perl-Pod-Usage-1.69-1.fc25.noarch
device-mapper-persistent-data-0.6.3-1.fc25.s390x
net-snmp-libs-5.7.3-13.fc25.s390x
libgusb-0.2.9-1.fc25.s390x
python3-six-1.10.0-3.fc25.noarch
python3-pysocks-1.5.6-5.fc25.noarch
python-chardet-2.3.0-1.fc25.noarch
python2-cffi-1.7.0-2.fc25.s390x
gc-devel-7.4.4-1.fc25.s390x
plymouth-0.9.3-0.6.20160620git0e65b86c.fc25.s390x
ebtables-2.0.10-21.fc25.s390x
python3-librepo-1.7.18-3.fc25.s390x
net-snmp-5.7.3-13.fc25.s390x
at-spi2-atk-2.22.0-1.fc25.s390x
avahi-autoipd-0.6.32-4.fc25.s390x
libcrypt-nss-2.24-4.fc25.s390x
libgo-6.3.1-1.fc25.s390x
cpp-6.3.1-1.fc25.s390x
glibc-devel-2.24-4.fc25.s390x
emacs-25.1-3.fc25.s390x
pyparsing-2.1.10-1.fc25.noarch
libproxy-0.4.14-1.fc25.s390x
python3-pyparsing-2.1.10-1.fc25.noarch
libcollection-0.7.0-29.fc25.s390x
libcephfs-devel-10.2.4-2.fc25.s390x
libXdamage-devel-1.1.4-8.fc24.s390x
libverto-devel-0.2.6-6.fc24.s390x
snappy-1.1.3-2.fc24.s390x
cairo-gobject-devel-1.14.8-1.fc25.s390x
cyrus-sasl-devel-2.1.26-26.2.fc24.s390x
kernel-devel-4.9.5-200.fc25.s390x
libXi-1.7.9-1.fc25.s390x
distribution-gpg-keys-1.11-1.fc25.noarch
texlive-base-2016-33.20160520.fc25.noarch
gstreamer1-1.10.4-1.fc25.s390x
python3-rpm-4.13.0.1-1.fc25.s390x
systemtap-runtime-3.1-2.fc25.s390x
perl-SelfLoader-1.23-385.fc25.noarch
bind99-license-9.9.9-4.P6.fc25.noarch
texlive-booktabs-svn40846-33.fc25.1.noarch
texlive-lm-svn28119.2.004-33.fc25.1.noarch
texlive-gsftopk-bin-svn40473-33.20160520.fc25.1.s390x
texlive-tex-svn40793-33.fc25.1.noarch
texlive-fancyref-svn15878.0.9c-33.fc25.1.noarch
texlive-chngcntr-svn17157.1.0a-33.fc25.1.noarch
texlive-fix2col-svn38770-33.fc25.1.noarch
texlive-marginnote-svn41382-33.fc25.1.noarch
texlive-pxfonts-svn15878.0-33.fc25.1.noarch
texlive-txfonts-svn15878.0-33.fc25.1.noarch
texlive-l3packages-svn41246-33.fc25.1.noarch
texlive-oberdiek-svn41346-33.fc25.1.noarch
texlive-pst-tools-svn34067.0.05-33.fc25.1.noarch
texlive-tex-gyre-svn18651.2.004-33.fc25.1.noarch
texlive-dvipdfmx-svn41149-33.fc25.1.noarch
texlive-collection-fontsrecommended-svn35830.0-33.20160520.fc25.1.noarch
gnutls-devel-3.5.10-1.fc25.s390x
libcacard-devel-2.5.3-1.fc25.s390x
selinux-policy-targeted-3.13.1-225.11.fc25.noarch
ykpers-1.18.0-2.fc25.s390x
python2-idna-2.5-1.fc25.noarch
dbus-libs-1.11.12-1.fc25.s390x
ghostscript-x11-9.20-7.fc25.s390x
vim-minimal-8.0.514-1.fc25.s390x
libdrm-devel-2.4.77-1.fc25.s390x
file-libs-5.29-4.fc25.s390x
gtk3-devel-3.22.11-1.fc25.s390x
policycoreutils-2.5-20.fc25.s390x
python-async-0.6.1-9.fc22.s390x
dejavu-sans-mono-fonts-2.35-3.fc24.noarch
popt-1.16-7.fc24.s390x
cyrus-sasl-lib-2.1.26-26.2.fc24.s390x
xz-5.2.2-2.fc24.s390x
libpipeline-1.4.1-2.fc24.s390x
pinentry-0.9.7-2.fc24.s390x
pth-2.0.7-27.fc24.s390x
libsepol-2.5-10.fc25.s390x
sqlite-libs-3.14.2-1.fc25.s390x
libxcb-1.12-1.fc25.s390x
libicu-57.1-4.fc25.s390x
perl-Getopt-Long-2.49.1-1.fc25.noarch
avahi-glib-0.6.32-4.fc25.s390x
python3-pip-8.1.2-2.fc25.noarch
python3-libcomps-0.1.7-5.fc25.s390x
python-slip-0.6.4-4.fc25.noarch
python2-libcomps-0.1.7-5.fc25.s390x
gc-7.4.4-1.fc25.s390x
s390utils-cmsfs-1.36.0-1.fc25.s390x
newt-python-0.52.19-2.fc25.s390x
valgrind-3.12.0-1.fc25.s390x
emacs-filesystem-25.1-3.fc25.noarch
libdb-utils-5.3.28-16.fc25.s390x
qt5-srpm-macros-5.7.1-1.fc25.noarch
elfutils-default-yama-scope-0.168-1.fc25.noarch
device-mapper-event-1.02.136-3.fc25.s390x
perl-Class-Inspector-1.31-2.fc25.noarch
poppler-0.45.0-2.fc25.s390x
libbasicobjects-0.1.1-29.fc25.s390x
libradosstriper1-10.2.4-2.fc25.s390x
libXxf86vm-devel-1.1.4-3.fc24.s390x
gsm-1.0.16-1.fc25.s390x
zziplib-0.13.62-7.fc24.s390x
libpaper-1.1.24-12.fc24.s390x
libini_config-1.3.0-29.fc25.s390x
snappy-devel-1.1.3-2.fc24.s390x
libcap-ng-devel-0.7.8-1.fc25.s390x
libxkbcommon-devel-0.7.1-1.fc25.s390x
kernel-4.9.5-200.fc25.s390x
nss-softokn-3.29.3-1.0.fc25.s390x
openssl-libs-1.0.2k-1.fc25.s390x
libkadm5-1.14.4-7.fc25.s390x
rpm-libs-4.13.0.1-1.fc25.s390x
perl-5.24.1-385.fc25.s390x
util-linux-2.28.2-2.fc25.s390x
libICE-1.0.9-8.fc25.s390x
texlive-etoolbox-svn38031.2.2a-33.fc25.1.noarch
texlive-dvips-svn41149-33.fc25.1.noarch
texlive-latexconfig-svn40274-33.fc25.1.noarch
texlive-tex-ini-files-svn40533-33.fc25.1.noarch
texlive-qstest-svn15878.0-33.fc25.1.noarch
texlive-cmap-svn41168-33.fc25.1.noarch
texlive-luatex-bin-svn41091-33.20160520.fc25.1.s390x
texlive-mflogo-svn38628-33.fc25.1.noarch
texlive-sansmath-svn17997.1.1-33.fc25.1.noarch
texlive-unicode-data-svn39808-33.fc25.1.noarch
texlive-luaotfload-bin-svn34647.0-33.20160520.fc25.1.noarch
texlive-listings-svn37534.1.6-33.fc25.1.noarch
texlive-pstricks-svn41321-33.fc25.1.noarch
texlive-metalogo-svn18611.0.12-33.fc25.1.noarch
texlive-collection-latex-svn41011-33.20160520.fc25.1.noarch
kernel-4.10.5-200.fc25.s390x
python2-dnf-plugins-core-0.1.21-5.fc25.noarch
xkeyboard-config-2.20-2.fc25.noarch
nss-util-3.29.3-1.1.fc25.s390x
dbus-1.11.12-1.fc25.s390x
ghostscript-9.20-7.fc25.s390x
vim-filesystem-8.0.514-1.fc25.s390x
jasper-libs-1.900.13-3.fc25.s390x
file-5.29-4.fc25.s390x
curl-7.51.0-6.fc25.s390x
perl-Test-Harness-3.39-1.fc25.noarch
libattr-2.4.47-16.fc24.s390x
acl-2.2.52-11.fc24.s390x
libvisual-0.4.0-20.fc24.s390x
libpcap-1.7.4-2.fc24.s390x
libutempter-1.1.6-8.fc24.s390x
libgudev-230-3.fc24.s390x
popt-devel-1.16-7.fc24.s390x
make-4.1-5.fc24.s390x
hicolor-icon-theme-0.15-3.fc24.noarch
setup-2.10.4-1.fc25.noarch
bash-4.3.43-4.fc25.s390x
nspr-4.13.1-1.fc25.s390x
libjpeg-turbo-1.5.1-0.fc25.s390x
perl-Socket-2.024-1.fc25.s390x
perl-HTTP-Tiny-0.070-1.fc25.noarch
ipset-6.29-1.fc25.s390x
python2-setuptools-25.1.1-1.fc25.noarch
gsettings-desktop-schemas-3.22.0-1.fc25.s390x
python3-setuptools-25.1.1-1.fc25.noarch
python-slip-dbus-0.6.4-4.fc25.noarch
python2-ply-3.8-2.fc25.noarch
dtc-1.4.2-1.fc25.s390x
guile-2.0.13-1.fc25.s390x
cronie-anacron-1.5.1-2.fc25.s390x
libXtst-1.2.3-1.fc25.s390x
iso-codes-3.70-1.fc25.noarch
s390utils-1.36.0-1.fc25.s390x
python-backports-ssl_match_hostname-3.5.0.1-3.fc25.noarch
fedora-cert-0.6.0.1-1.fc25.noarch
libstdc++-6.3.1-1.fc25.s390x
subversion-libs-1.9.5-1.fc25.s390x
libgfortran-6.3.1-1.fc25.s390x
libtasn1-4.10-1.fc25.s390x
dnf-plugin-system-upgrade-0.7.1-4.fc25.noarch
lvm2-2.02.167-3.fc25.s390x
libselinux-devel-2.5-13.fc25.s390x
perl-Time-Local-1.250-1.fc25.noarch
libtirpc-1.0.1-3.rc3.fc25.s390x
libradosstriper-devel-10.2.4-2.fc25.s390x
flac-libs-1.3.2-1.fc25.s390x
perl-Digest-1.17-366.fc25.noarch
teckit-2.5.1-15.fc24.s390x
libpath_utils-0.2.1-29.fc25.s390x
attr-2.4.47-16.fc24.s390x
usbredir-0.7.1-2.fc24.s390x
cairo-devel-1.14.8-1.fc25.s390x
lzo-devel-2.08-8.fc24.s390x
libcap-devel-2.25-2.fc25.s390x
opus-1.1.3-2.fc25.s390x
firewalld-filesystem-0.4.4.4-1.fc25.noarch
coreutils-8.25-16.fc25.s390x
krb5-devel-1.14.4-7.fc25.s390x
rpm-4.13.0.1-1.fc25.s390x
kernel-devel-4.10.5-200.fc25.s390x
systemd-pam-231-14.fc25.s390x
libbsd-0.8.3-1.fc25.s390x
texlive-url-svn32528.3.4-33.fc25.1.noarch
texlive-dvips-bin-svn40987-33.20160520.fc25.1.s390x
texlive-index-svn24099.4.1beta-33.fc25.1.noarch
texlive-setspace-svn24881.6.7a-33.fc25.1.noarch
texlive-mathtools-svn38833-33.fc25.1.noarch
texlive-cm-svn32865.0-33.fc25.1.noarch
texlive-graphics-def-svn41879-33.fc25.1.noarch
texlive-mdwtools-svn15878.1.05.4-33.fc25.1.noarch
texlive-rsfs-svn15878.0-33.fc25.1.noarch
texlive-ucharcat-svn38907-33.fc25.1.noarch
texlive-fontspec-svn41262-33.fc25.1.noarch
texlive-showexpl-svn32737.v0.3l-33.fc25.1.noarch
texlive-pstricks-add-svn40744-33.fc25.1.noarch
texlive-beamer-svn36461.3.36-33.fc25.1.noarch
texlive-collection-basic-svn41149-33.20160520.fc25.1.noarch
mock-1.3.4-1.fc25.noarch
rpm-build-4.13.0.1-1.fc25.s390x
xemacs-filesystem-21.5.34-20.20170124hgf412e9f093d4.fc25.noarch
nss-sysinit-3.29.3-1.1.fc25.s390x
hawkey-0.6.4-3.fc25.s390x
mesa-libGLES-13.0.4-3.fc25.s390x
vim-common-8.0.514-1.fc25.s390x
gdk-pixbuf2-modules-2.36.6-1.fc25.s390x
bluez-libs-5.44-1.fc25.s390x
libcurl-devel-7.51.0-6.fc25.s390x
mc-4.8.19-1.fc25.s390x
gpg-pubkey-a0a7badb-52844296
readline-6.3-8.fc24.s390x
cpio-2.12-3.fc24.s390x
qrencode-libs-3.4.2-6.fc24.s390x
libXcomposite-0.4.4-8.fc24.s390x
procps-ng-3.3.10-11.fc24.s390x
GConf2-3.2.6-16.fc24.s390x
xz-devel-5.2.2-2.fc24.s390x
fedora-logos-22.0.0-3.fc24.s390x
gpg-pubkey-e372e838-56fd7943
kmod-libs-23-1.fc25.s390x
perl-parent-0.236-1.fc25.noarch
perl-TermReadKey-2.37-1.fc25.s390x
dhcp-libs-4.3.5-1.fc25.s390x
ncurses-c++-libs-6.0-6.20160709.fc25.s390x
gzip-1.8-1.fc25.s390x
python3-gobject-base-3.22.0-1.fc25.s390x
python2-yubico-1.3.2-3.fc25.noarch
s390utils-ziomon-1.36.0-1.fc25.s390x
librepo-1.7.18-3.fc25.s390x
librsvg2-2.40.16-2.fc25.s390x
gnat-srpm-macros-4-1.fc25.noarch
python-decoratortools-1.8-12.fc25.noarch
m17n-db-1.7.0-7.fc25.noarch
glibc-common-2.24-4.fc25.s390x
e2fsprogs-libs-1.43.3-1.fc25.s390x
libvorbis-1.3.5-1.fc25.s390x
gcc-gdb-plugin-6.3.1-1.fc25.s390x
perl-Time-HiRes-1.9741-1.fc25.s390x
npth-1.3-1.fc25.s390x
libcephfs1-10.2.4-2.fc25.s390x
wayland-devel-1.12.0-1.fc25.s390x
libxcb-devel-1.12-1.fc25.s390x
perl-encoding-2.19-5.fc25.s390x
python3-cssselect-0.9.2-1.fc25.noarch
gettext-libs-0.19.8.1-3.fc25.s390x
at-spi2-atk-devel-2.22.0-1.fc25.s390x
virglrenderer-0.5.0-1.20160411git61846f92f.fc25.s390x
pixman-devel-0.34.0-2.fc24.s390x
libnfs-devel-1.9.8-2.fc24.s390x
libX11-common-1.6.4-4.fc25.noarch
nss-softokn-devel-3.29.3-1.0.fc25.s390x
libblkid-2.28.2-2.fc25.s390x
bind-libs-9.10.4-4.P6.fc25.s390x
glib2-devel-2.50.3-1.fc25.s390x
systemd-udev-231-14.fc25.s390x
texlive-ifxetex-svn19685.0.5-33.fc25.1.noarch
texlive-caption-svn41409-33.fc25.1.noarch
texlive-float-svn15878.1.3d-33.fc25.1.noarch
texlive-pdftex-def-svn22653.0.06d-33.fc25.1.noarch
texlive-xdvi-bin-svn40750-33.20160520.fc25.1.s390x
texlive-beton-svn15878.0-33.fc25.1.noarch
texlive-filecontents-svn24250.1.3-33.fc25.1.noarch
texlive-lm-math-svn36915.1.959-33.fc25.1.noarch
texlive-pslatex-svn16416.0-33.fc25.1.noarch
texlive-times-svn35058.0-33.fc25.1.noarch
texlive-breakurl-svn29901.1.40-33.fc25.1.noarch
texlive-filehook-svn24280.0.5d-33.fc25.1.noarch
texlive-pst-pdf-svn31660.1.1v-33.fc25.1.noarch
texlive-seminar-svn34011.1.62-33.fc25.1.noarch
texlive-xetexconfig-svn41133-33.fc25.1.noarch
systemtap-3.1-2.fc25.s390x
python-rpm-macros-3-12.fc25.noarch
rpm-devel-4.13.0.1-1.fc25.s390x
nss-pem-1.0.3-3.fc25.s390x
mesa-libGL-13.0.4-3.fc25.s390x
at-spi2-core-2.22.1-1.fc25.s390x
pcre2-utf32-10.23-5.fc25.s390x
gtk3-3.22.11-1.fc25.s390x
GeoIP-GeoLite-data-2017.04-1.fc25.noarch
pcre-static-8.40-6.fc25.s390x
kernel-devel-4.10.8-200.fc25.s390x
=== TEST BEGIN ===
Using CC: /home/fam/bin/cc
Install prefix /var/tmp/patchew-tester-tmp-px6jo9r8/src/install
BIOS directory /var/tmp/patchew-tester-tmp-px6jo9r8/src/install/share/qemu
binary directory /var/tmp/patchew-tester-tmp-px6jo9r8/src/install/bin
library directory /var/tmp/patchew-tester-tmp-px6jo9r8/src/install/lib
module directory /var/tmp/patchew-tester-tmp-px6jo9r8/src/install/lib/qemu
libexec directory /var/tmp/patchew-tester-tmp-px6jo9r8/src/install/libexec
include directory /var/tmp/patchew-tester-tmp-px6jo9r8/src/install/include
config directory /var/tmp/patchew-tester-tmp-px6jo9r8/src/install/etc
local state directory /var/tmp/patchew-tester-tmp-px6jo9r8/src/install/var
Manual directory /var/tmp/patchew-tester-tmp-px6jo9r8/src/install/share/man
ELF interp prefix /usr/gnemul/qemu-%M
Source path /var/tmp/patchew-tester-tmp-px6jo9r8/src
C compiler /home/fam/bin/cc
Host C compiler cc
C++ compiler c++
Objective-C compiler /home/fam/bin/cc
ARFLAGS rv
CFLAGS -O2 -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 -g
QEMU_CFLAGS -I/usr/include/pixman-1 -Werror -DHAS_LIBSSH2_SFTP_FSYNC -pthread -I/usr/include/glib-2.0 -I/usr/lib64/glib-2.0/include -D_GNU_SOURCE -m64 -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -Wstrict-prototypes -Wredundant-decls -Wall -Wundef -Wwrite-strings -Wmissing-prototypes -fno-strict-aliasing -fno-common -fwrapv -Wendif-labels -Wno-shift-negative-value -Wno-missing-include-dirs -Wempty-body -Wnested-externs -Wformat-security -Wformat-y2k -Winit-self -Wignored-qualifiers -Wold-style-declaration -Wold-style-definition -Wtype-limits -fstack-protector-strong -I/usr/include/p11-kit-1 -I/usr/include/libpng16 -I/usr/include/libdrm -I/usr/include/cacard -I/usr/include/nss3 -I/usr/include/nspr4 -I/usr/include/glib-2.0 -I/usr/lib64/glib-2.0/include -I/usr/include/libusb-1.0
LDFLAGS -Wl,--warn-common -m64 -g
make make
install install
python python -B
smbd /usr/sbin/smbd
module support no
host CPU s390x
host big endian yes
target list aarch64-softmmu alpha-softmmu arm-softmmu cris-softmmu i386-softmmu lm32-softmmu m68k-softmmu microblazeel-softmmu microblaze-softmmu mips64el-softmmu mips64-softmmu mipsel-softmmu mips-softmmu moxie-softmmu nios2-softmmu or1k-softmmu ppc64-softmmu ppcemb-softmmu ppc-softmmu s390x-softmmu sh4eb-softmmu sh4-softmmu sparc64-softmmu sparc-softmmu tricore-softmmu unicore32-softmmu x86_64-softmmu xtensaeb-softmmu xtensa-softmmu aarch64-linux-user alpha-linux-user armeb-linux-user arm-linux-user cris-linux-user hppa-linux-user i386-linux-user m68k-linux-user microblazeel-linux-user microblaze-linux-user mips64el-linux-user mips64-linux-user mipsel-linux-user mips-linux-user mipsn32el-linux-user mipsn32-linux-user nios2-linux-user or1k-linux-user ppc64abi32-linux-user ppc64le-linux-user ppc64-linux-user ppc-linux-user s390x-linux-user sh4eb-linux-user sh4-linux-user sparc32plus-linux-user sparc64-linux-user sparc-linux-user tilegx-linux-user x86_64-linux-user
tcg debug enabled no
gprof enabled no
sparse enabled no
strip binaries yes
profiler no
static build no
pixman system
SDL support yes (2.0.5)
GTK support yes (3.22.11)
GTK GL support yes
VTE support yes (0.46.1)
TLS priority NORMAL
GNUTLS support yes
GNUTLS rnd yes
libgcrypt no
libgcrypt kdf no
nettle yes (3.3)
nettle kdf yes
libtasn1 yes
curses support yes
virgl support yes
curl support yes
mingw32 support no
Audio drivers oss
Block whitelist (rw)
Block whitelist (ro)
VirtFS support yes
VNC support yes
VNC SASL support yes
VNC JPEG support yes
VNC PNG support yes
xen support no
brlapi support yes
bluez support yes
Documentation yes
PIE no
vde support no
netmap support no
Linux AIO support yes
ATTR/XATTR support yes
Install blobs yes
KVM support yes
HAX support no
RDMA support no
TCG interpreter no
fdt support yes
preadv support yes
fdatasync yes
madvise yes
posix_madvise yes
libcap-ng support yes
vhost-net support yes
vhost-scsi support yes
vhost-vsock support yes
Trace backends log
spice support no
rbd support yes
xfsctl support no
smartcard support yes
libusb yes
usb net redir yes
OpenGL support yes
OpenGL dmabufs yes
libiscsi support yes
libnfs support yes
build guest agent yes
QGA VSS support no
QGA w32 disk info no
QGA MSI support no
seccomp support no
coroutine backend ucontext
coroutine pool yes
debug stack usage no
GlusterFS support yes
gcov gcov
gcov enabled no
TPM support yes
libssh2 support yes
TPM passthrough no
QOM debugging yes
lzo support yes
snappy support yes
bzip2 support yes
NUMA host support no
tcmalloc support no
jemalloc support no
avx2 optimization no
replication support yes
VxHS block device no
GEN aarch64-softmmu/config-devices.mak.tmp
GEN alpha-softmmu/config-devices.mak.tmp
GEN cris-softmmu/config-devices.mak.tmp
GEN arm-softmmu/config-devices.mak.tmp
GEN cris-softmmu/config-devices.mak
GEN alpha-softmmu/config-devices.mak
GEN i386-softmmu/config-devices.mak.tmp
GEN lm32-softmmu/config-devices.mak.tmp
GEN arm-softmmu/config-devices.mak
GEN aarch64-softmmu/config-devices.mak
GEN m68k-softmmu/config-devices.mak.tmp
GEN microblazeel-softmmu/config-devices.mak.tmp
GEN lm32-softmmu/config-devices.mak
GEN i386-softmmu/config-devices.mak
GEN microblaze-softmmu/config-devices.mak.tmp
GEN m68k-softmmu/config-devices.mak
GEN mips64el-softmmu/config-devices.mak.tmp
GEN microblazeel-softmmu/config-devices.mak
GEN mips64-softmmu/config-devices.mak.tmp
GEN mipsel-softmmu/config-devices.mak.tmp
GEN microblaze-softmmu/config-devices.mak
GEN mips-softmmu/config-devices.mak.tmp
GEN mips64el-softmmu/config-devices.mak
GEN moxie-softmmu/config-devices.mak.tmp
GEN mips64-softmmu/config-devices.mak
GEN mipsel-softmmu/config-devices.mak
GEN nios2-softmmu/config-devices.mak.tmp
GEN mips-softmmu/config-devices.mak
GEN ppc64-softmmu/config-devices.mak.tmp
GEN moxie-softmmu/config-devices.mak
GEN or1k-softmmu/config-devices.mak.tmp
GEN ppcemb-softmmu/config-devices.mak.tmp
GEN nios2-softmmu/config-devices.mak
GEN ppc-softmmu/config-devices.mak.tmp
GEN or1k-softmmu/config-devices.mak
GEN s390x-softmmu/config-devices.mak.tmp
GEN ppc64-softmmu/config-devices.mak
GEN sh4eb-softmmu/config-devices.mak.tmp
GEN ppcemb-softmmu/config-devices.mak
GEN s390x-softmmu/config-devices.mak
GEN sh4-softmmu/config-devices.mak.tmp
GEN ppc-softmmu/config-devices.mak
GEN sparc64-softmmu/config-devices.mak.tmp
GEN sparc-softmmu/config-devices.mak.tmp
GEN sh4eb-softmmu/config-devices.mak
GEN sh4-softmmu/config-devices.mak
GEN tricore-softmmu/config-devices.mak.tmp
GEN unicore32-softmmu/config-devices.mak.tmp
GEN sparc64-softmmu/config-devices.mak
GEN sparc-softmmu/config-devices.mak
GEN x86_64-softmmu/config-devices.mak.tmp
GEN tricore-softmmu/config-devices.mak
GEN xtensaeb-softmmu/config-devices.mak.tmp
GEN unicore32-softmmu/config-devices.mak
GEN xtensa-softmmu/config-devices.mak.tmp
GEN aarch64-linux-user/config-devices.mak.tmp
GEN xtensaeb-softmmu/config-devices.mak
GEN aarch64-linux-user/config-devices.mak
GEN xtensa-softmmu/config-devices.mak
GEN alpha-linux-user/config-devices.mak.tmp
GEN arm-linux-user/config-devices.mak.tmp
GEN armeb-linux-user/config-devices.mak.tmp
GEN x86_64-softmmu/config-devices.mak
GEN cris-linux-user/config-devices.mak.tmp
GEN alpha-linux-user/config-devices.mak
GEN arm-linux-user/config-devices.mak
GEN armeb-linux-user/config-devices.mak
GEN cris-linux-user/config-devices.mak
GEN hppa-linux-user/config-devices.mak.tmp
GEN i386-linux-user/config-devices.mak.tmp
GEN m68k-linux-user/config-devices.mak.tmp
GEN microblazeel-linux-user/config-devices.mak.tmp
GEN m68k-linux-user/config-devices.mak
GEN hppa-linux-user/config-devices.mak
GEN i386-linux-user/config-devices.mak
GEN microblazeel-linux-user/config-devices.mak
GEN microblaze-linux-user/config-devices.mak.tmp
GEN mips64el-linux-user/config-devices.mak.tmp
GEN mips64-linux-user/config-devices.mak.tmp
GEN mipsel-linux-user/config-devices.mak.tmp
GEN microblaze-linux-user/config-devices.mak
GEN mips64el-linux-user/config-devices.mak
GEN mips-linux-user/config-devices.mak.tmp
GEN mipsel-linux-user/config-devices.mak
GEN mips64-linux-user/config-devices.mak
GEN mipsn32el-linux-user/config-devices.mak.tmp
GEN nios2-linux-user/config-devices.mak.tmp
GEN mipsn32-linux-user/config-devices.mak.tmp
GEN mips-linux-user/config-devices.mak
GEN mipsn32el-linux-user/config-devices.mak
GEN or1k-linux-user/config-devices.mak.tmp
GEN nios2-linux-user/config-devices.mak
GEN mipsn32-linux-user/config-devices.mak
GEN ppc64abi32-linux-user/config-devices.mak.tmp
GEN ppc64le-linux-user/config-devices.mak.tmp
GEN ppc64-linux-user/config-devices.mak.tmp
GEN ppc64abi32-linux-user/config-devices.mak
GEN or1k-linux-user/config-devices.mak
GEN ppc-linux-user/config-devices.mak.tmp
GEN ppc64-linux-user/config-devices.mak
GEN ppc64le-linux-user/config-devices.mak
GEN s390x-linux-user/config-devices.mak.tmp
GEN sh4eb-linux-user/config-devices.mak.tmp
GEN sh4-linux-user/config-devices.mak.tmp
GEN s390x-linux-user/config-devices.mak
GEN ppc-linux-user/config-devices.mak
GEN sh4eb-linux-user/config-devices.mak
GEN sparc32plus-linux-user/config-devices.mak.tmp
GEN sh4-linux-user/config-devices.mak
GEN sparc64-linux-user/config-devices.mak.tmp
GEN sparc-linux-user/config-devices.mak.tmp
GEN tilegx-linux-user/config-devices.mak.tmp
GEN sparc32plus-linux-user/config-devices.mak
GEN sparc64-linux-user/config-devices.mak
GEN sparc-linux-user/config-devices.mak
GEN x86_64-linux-user/config-devices.mak.tmp
GEN tilegx-linux-user/config-devices.mak
GEN config-host.h
GEN qemu-options.def
GEN x86_64-linux-user/config-devices.mak
GEN qmp-commands.h
GEN qapi-types.h
GEN qapi-visit.h
GEN qapi-event.h
GEN qmp-marshal.c
GEN qapi-types.c
GEN qapi-visit.c
GEN qapi-event.c
GEN qmp-introspect.h
GEN qmp-introspect.c
GEN trace/generated-tcg-tracers.h
GEN trace/generated-helpers-wrappers.h
GEN trace/generated-helpers.h
GEN module_block.h
GEN trace/generated-helpers.c
GEN tests/test-qapi-types.h
GEN tests/test-qapi-visit.h
GEN tests/test-qapi-event.h
GEN tests/test-qmp-commands.h
GEN tests/test-qmp-introspect.h
GEN trace-root.h
GEN util/trace.h
GEN crypto/trace.h
GEN io/trace.h
GEN migration/trace.h
GEN block/trace.h
GEN backends/trace.h
GEN hw/block/trace.h
GEN hw/block/dataplane/trace.h
GEN hw/char/trace.h
GEN hw/intc/trace.h
GEN hw/net/trace.h
GEN hw/virtio/trace.h
GEN hw/audio/trace.h
GEN hw/misc/trace.h
GEN hw/scsi/trace.h
GEN hw/usb/trace.h
GEN hw/display/trace.h
GEN hw/nvram/trace.h
GEN hw/input/trace.h
GEN hw/dma/trace.h
GEN hw/timer/trace.h
GEN hw/sparc/trace.h
GEN hw/sd/trace.h
GEN hw/isa/trace.h
GEN hw/mem/trace.h
GEN hw/i386/trace.h
GEN hw/i386/xen/trace.h
GEN hw/9pfs/trace.h
GEN hw/ppc/trace.h
GEN hw/pci/trace.h
GEN hw/s390x/trace.h
GEN hw/vfio/trace.h
GEN hw/acpi/trace.h
GEN hw/arm/trace.h
GEN hw/alpha/trace.h
GEN hw/xen/trace.h
GEN ui/trace.h
GEN audio/trace.h
GEN net/trace.h
GEN target/i386/trace.h
GEN target/arm/trace.h
GEN target/mips/trace.h
GEN target/sparc/trace.h
GEN target/s390x/trace.h
GEN target/ppc/trace.h
GEN qom/trace.h
GEN linux-user/trace.h
GEN qapi/trace.h
GEN trace-root.c
GEN util/trace.c
GEN crypto/trace.c
GEN io/trace.c
GEN migration/trace.c
GEN block/trace.c
GEN backends/trace.c
GEN hw/block/trace.c
GEN hw/block/dataplane/trace.c
GEN hw/char/trace.c
GEN hw/intc/trace.c
GEN hw/virtio/trace.c
GEN hw/net/trace.c
GEN hw/audio/trace.c
GEN hw/misc/trace.c
GEN hw/usb/trace.c
GEN hw/scsi/trace.c
GEN hw/nvram/trace.c
GEN hw/display/trace.c
GEN hw/input/trace.c
GEN hw/timer/trace.c
GEN hw/dma/trace.c
GEN hw/sparc/trace.c
GEN hw/sd/trace.c
GEN hw/isa/trace.c
GEN hw/mem/trace.c
GEN hw/i386/trace.c
GEN hw/i386/xen/trace.c
GEN hw/9pfs/trace.c
GEN hw/ppc/trace.c
GEN hw/pci/trace.c
GEN hw/s390x/trace.c
GEN hw/vfio/trace.c
GEN hw/acpi/trace.c
GEN hw/arm/trace.c
GEN hw/alpha/trace.c
GEN hw/xen/trace.c
GEN ui/trace.c
GEN audio/trace.c
GEN net/trace.c
GEN target/arm/trace.c
GEN target/i386/trace.c
GEN target/mips/trace.c
GEN target/sparc/trace.c
GEN target/ppc/trace.c
GEN target/s390x/trace.c
GEN qom/trace.c
GEN linux-user/trace.c
GEN qapi/trace.c
GEN config-all-devices.mak
GEN qemu-options.texi
GEN qemu-monitor.texi
CC tests/qemu-iotests/socket_scm_helper.o
GEN qemu-img-cmds.texi
GEN qemu-monitor-info.texi
GEN qemu-img.1
GEN qemu-nbd.8
GEN qemu-ga.8
GEN docs/version.texi
GEN docs/qemu-qmp-qapi.texi
GEN docs/qemu-ga-qapi.texi
GEN fsdev/virtfs-proxy-helper.1
GEN qga/qapi-generated/qga-qapi-types.h
GEN qga/qapi-generated/qga-qapi-visit.h
GEN qga/qapi-generated/qga-qmp-commands.h
GEN qga/qapi-generated/qga-qapi-types.c
GEN qga/qapi-generated/qga-qapi-visit.c
GEN qga/qapi-generated/qga-qmp-marshal.c
CC qmp-introspect.o
CC qapi-visit.o
CC qapi-types.o
CC qapi-event.o
CC qapi/qapi-visit-core.o
CC qapi/qapi-dealloc-visitor.o
CC qapi/qobject-input-visitor.o
CC qapi/qobject-output-visitor.o
CC qapi/qmp-registry.o
CC qapi/qmp-dispatch.o
CC qapi/string-input-visitor.o
CC qapi/string-output-visitor.o
CC qapi/opts-visitor.o
CC qapi/qapi-clone-visitor.o
CC qapi/qmp-event.o
CC qapi/qapi-util.o
CC qobject/qnull.o
CC qobject/qint.o
CC qobject/qstring.o
CC qobject/qdict.o
CC qobject/qlist.o
CC qobject/qfloat.o
CC qobject/qbool.o
CC qobject/qjson.o
CC qobject/qobject.o
CC qobject/json-lexer.o
CC qobject/json-streamer.o
CC qobject/json-parser.o
CC trace/control.o
CC trace/qmp.o
CC util/osdep.o
CC util/cutils.o
CC util/unicode.o
CC util/qemu-timer-common.o
CC util/bufferiszero.o
CC util/lockcnt.o
CC util/aiocb.o
CC util/async.o
CC util/thread-pool.o
CC util/qemu-timer.o
CC util/main-loop.o
CC util/iohandler.o
CC util/aio-posix.o
CC util/compatfd.o
CC util/event_notifier-posix.o
CC util/mmap-alloc.o
CC util/oslib-posix.o
CC util/qemu-openpty.o
CC util/qemu-thread-posix.o
CC util/memfd.o
CC util/envlist.o
CC util/module.o
CC util/path.o
CC util/host-utils.o
CC util/bitmap.o
CC util/hbitmap.o
CC util/bitops.o
CC util/fifo8.o
CC util/acl.o
CC util/error.o
CC util/qemu-error.o
CC util/id.o
CC util/iov.o
CC util/qemu-config.o
CC util/qemu-sockets.o
CC util/uri.o
CC util/notify.o
CC util/qemu-option.o
CC util/qemu-progress.o
CC util/keyval.o
CC util/hexdump.o
CC util/crc32c.o
CC util/uuid.o
CC util/throttle.o
CC util/getauxval.o
CC util/readline.o
CC util/rcu.o
CC util/qemu-coroutine.o
CC util/qemu-coroutine-lock.o
CC util/qemu-coroutine-io.o
CC util/qemu-coroutine-sleep.o
CC util/coroutine-ucontext.o
CC util/buffer.o
CC util/timed-average.o
CC util/base64.o
CC util/log.o
CC util/qdist.o
CC util/qht.o
CC util/range.o
CC util/systemd.o
CC trace-root.o
CC util/trace.o
CC crypto/trace.o
CC migration/trace.o
CC io/trace.o
CC block/trace.o
CC backends/trace.o
CC hw/block/trace.o
CC hw/block/dataplane/trace.o
CC hw/intc/trace.o
CC hw/char/trace.o
CC hw/net/trace.o
CC hw/virtio/trace.o
CC hw/audio/trace.o
CC hw/misc/trace.o
CC hw/usb/trace.o
CC hw/scsi/trace.o
CC hw/display/trace.o
CC hw/nvram/trace.o
CC hw/input/trace.o
CC hw/timer/trace.o
CC hw/dma/trace.o
CC hw/sparc/trace.o
CC hw/sd/trace.o
CC hw/isa/trace.o
CC hw/mem/trace.o
CC hw/i386/trace.o
CC hw/i386/xen/trace.o
CC hw/9pfs/trace.o
CC hw/ppc/trace.o
CC hw/pci/trace.o
CC hw/s390x/trace.o
CC hw/vfio/trace.o
CC hw/acpi/trace.o
CC hw/arm/trace.o
CC hw/alpha/trace.o
CC hw/xen/trace.o
CC ui/trace.o
CC audio/trace.o
CC net/trace.o
CC target/i386/trace.o
CC target/arm/trace.o
CC target/mips/trace.o
CC target/sparc/trace.o
CC target/s390x/trace.o
CC target/ppc/trace.o
CC qom/trace.o
CC linux-user/trace.o
CC qapi/trace.o
CC crypto/pbkdf-stub.o
CC stubs/arch-query-cpu-def.o
CC stubs/arch-query-cpu-model-expansion.o
CC stubs/arch-query-cpu-model-comparison.o
CC stubs/arch-query-cpu-model-baseline.o
CC stubs/bdrv-next-monitor-owned.o
CC stubs/blk-commit-all.o
CC stubs/blockdev-close-all-bdrv-states.o
CC stubs/clock-warp.o
CC stubs/cpu-get-clock.o
CC stubs/cpu-get-icount.o
CC stubs/dump.o
CC stubs/error-printf.o
CC stubs/fdset.o
CC stubs/gdbstub.o
CC stubs/get-vm-name.o
CC stubs/iothread-lock.o
CC stubs/iothread.o
CC stubs/is-daemonized.o
CC stubs/linux-aio.o
CC stubs/machine-init-done.o
CC stubs/migr-blocker.o
CC stubs/monitor.o
CC stubs/notify-event.o
CC stubs/qtest.o
CC stubs/replay.o
CC stubs/runstate-check.o
CC stubs/set-fd-handler.o
CC stubs/slirp.o
CC stubs/sysbus.o
CC stubs/uuid.o
CC stubs/trace-control.o
CC stubs/vmstate.o
CC stubs/vm-stop.o
CC stubs/qmp_pc_dimm_device_list.o
CC stubs/target-monitor-defs.o
CC stubs/target-get-monitor-def.o
CC stubs/pc_madt_cpu_entry.o
CC stubs/vmgenid.o
CC stubs/xen-common.o
CC stubs/xen-hvm.o
CC contrib/ivshmem-client/ivshmem-client.o
CC contrib/ivshmem-client/main.o
CC contrib/ivshmem-server/ivshmem-server.o
CC contrib/ivshmem-server/main.o
CC qemu-nbd.o
CC block.o
CC blockjob.o
CC qemu-io-cmds.o
CC replication.o
CC block/raw-format.o
CC block/qcow.o
CC block/vdi.o
CC block/vmdk.o
CC block/cloop.o
CC block/bochs.o
CC block/vpc.o
CC block/vvfat.o
CC block/dmg.o
CC block/qcow2.o
CC block/qcow2-refcount.o
CC block/qcow2-cluster.o
CC block/qcow2-snapshot.o
CC block/qcow2-cache.o
CC block/qed.o
CC block/qed-gencb.o
CC block/qed-l2-cache.o
CC block/qed-table.o
CC block/qed-cluster.o
CC block/qed-check.o
CC block/vhdx.o
CC block/vhdx-endian.o
CC block/vhdx-log.o
CC block/quorum.o
CC block/parallels.o
CC block/blkdebug.o
CC block/blkverify.o
CC block/blkreplay.o
CC block/block-backend.o
CC block/snapshot.o
CC block/qapi.o
CC block/file-posix.o
CC block/linux-aio.o
CC block/null.o
CC block/mirror.o
CC block/commit.o
CC block/io.o
CC block/throttle-groups.o
CC block/nbd.o
CC block/nbd-client.o
CC block/sheepdog.o
CC block/iscsi-opts.o
CC block/accounting.o
CC block/dirty-bitmap.o
CC block/write-threshold.o
CC block/backup.o
CC block/replication.o
CC block/crypto.o
CC nbd/server.o
CC nbd/client.o
CC nbd/common.o
CC block/iscsi.o
CC block/nfs.o
CC block/curl.o
CC block/rbd.o
CC block/gluster.o
CC block/ssh.o
CC block/dmg-bz2.o
CC crypto/init.o
CC crypto/hash.o
CC crypto/hash-nettle.o
CC crypto/hmac.o
CC crypto/hmac-nettle.o
CC crypto/aes.o
CC crypto/desrfb.o
CC crypto/cipher.o
CC crypto/tlscreds.o
CC crypto/tlscredsanon.o
CC crypto/tlscredsx509.o
CC crypto/tlssession.o
CC crypto/secret.o
CC crypto/random-gnutls.o
CC crypto/pbkdf.o
CC crypto/pbkdf-nettle.o
CC crypto/ivgen.o
CC crypto/ivgen-essiv.o
CC crypto/ivgen-plain.o
CC crypto/ivgen-plain64.o
CC crypto/afsplit.o
CC crypto/xts.o
CC crypto/block.o
CC crypto/block-qcow.o
CC io/channel.o
CC crypto/block-luks.o
CC io/channel-buffer.o
CC io/channel-command.o
CC io/channel-file.o
CC io/channel-socket.o
CC io/channel-watch.o
CC io/channel-tls.o
CC io/channel-websock.o
CC io/channel-util.o
CC io/dns-resolver.o
CC io/task.o
CC qom/object.o
CC qom/container.o
CC qom/object_interfaces.o
CC qom/qom-qobject.o
GEN qemu-img-cmds.h
CC qemu-io.o
CC fsdev/virtfs-proxy-helper.o
CC fsdev/9p-marshal.o
CC fsdev/9p-iov-marshal.o
CC qemu-bridge-helper.o
CC blockdev.o
CC blockdev-nbd.o
CC iothread.o
CC qdev-monitor.o
CC device-hotplug.o
CC os-posix.o
CC page_cache.o
CC accel.o
CC bt-host.o
CC bt-vhci.o
CC dma-helpers.o
CC vl.o
CC tpm.o
CC device_tree.o
CC qmp-marshal.o
CC qmp.o
CC hmp.o
CC cpus-common.o
CC audio/audio.o
CC audio/noaudio.o
CC audio/wavaudio.o
CC audio/sdlaudio.o
CC audio/mixeng.o
CC audio/ossaudio.o
CC audio/wavcapture.o
CC backends/rng.o
CC backends/rng-egd.o
CC backends/rng-random.o
CC backends/msmouse.o
CC backends/wctablet.o
CC backends/testdev.o
CC backends/baum.o
CC backends/tpm.o
CC backends/hostmem.o
CC backends/hostmem-ram.o
CC backends/hostmem-file.o
CC backends/cryptodev.o
CC backends/cryptodev-builtin.o
CC block/stream.o
CC disas/alpha.o
CC disas/arm.o
CXX disas/arm-a64.o
CC disas/cris.o
CC disas/hppa.o
CC disas/i386.o
CC disas/m68k.o
CC disas/microblaze.o
CC disas/mips.o
CC disas/nios2.o
CC disas/moxie.o
CC disas/ppc.o
CC disas/s390.o
CC disas/sh4.o
CC disas/sparc.o
CC disas/lm32.o
CXX disas/libvixl/vixl/utils.o
CXX disas/libvixl/vixl/compiler-intrinsics.o
CXX disas/libvixl/vixl/a64/instructions-a64.o
CXX disas/libvixl/vixl/a64/decoder-a64.o
CXX disas/libvixl/vixl/a64/disasm-a64.o
CC fsdev/qemu-fsdev.o
CC fsdev/qemu-fsdev-opts.o
CC fsdev/qemu-fsdev-throttle.o
CC fsdev/qemu-fsdev-dummy.o
CC hw/9pfs/9p.o
CC hw/9pfs/9p-util.o
CC hw/9pfs/9p-local.o
CC hw/9pfs/9p-xattr.o
CC hw/9pfs/9p-xattr-user.o
In file included from /var/tmp/patchew-tester-tmp-px6jo9r8/src/hw/9pfs/9p-local.c:18:0:
/var/tmp/patchew-tester-tmp-px6jo9r8/src/hw/9pfs/9p-local.c: In function ‘local_set_mapped_file_attrat’:
/var/tmp/patchew-tester-tmp-px6jo9r8/src/hw/9pfs/9p-util.h:19:5: error: ‘map_dirfd’ may be used uninitialized in this function [-Werror=maybe-uninitialized]
close(fd);
^~~~~~~~~
/var/tmp/patchew-tester-tmp-px6jo9r8/src/hw/9pfs/9p-local.c:206:9: note: ‘map_dirfd’ was declared here
int map_dirfd, map_fd;
^~~~~~~~~
cc1: all warnings being treated as errors
/var/tmp/patchew-tester-tmp-px6jo9r8/src/rules.mak:69: recipe for target 'hw/9pfs/9p-local.o' failed
make: *** [hw/9pfs/9p-local.o] Error 1
make: *** Waiting for unfinished jobs....
=== OUTPUT END ===
Test command exited with code: 2
---
Email generated automatically by Patchew [http://patchew.org/].
Please send your feedback to patchew-devel@freelists.org
^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: [Qemu-devel] [PATCH 1/5] 9pfs: check return value of v9fs_co_name_to_path()
2017-05-05 14:37 ` [Qemu-devel] [PATCH 1/5] 9pfs: check return value of v9fs_co_name_to_path() Greg Kurz
@ 2017-05-05 16:55 ` Eric Blake
2017-05-05 17:30 ` Greg Kurz
0 siblings, 1 reply; 24+ messages in thread
From: Eric Blake @ 2017-05-05 16:55 UTC (permalink / raw)
To: Greg Kurz, qemu-devel; +Cc: Léo Gaspard
[-- Attachment #1: Type: text/plain, Size: 1332 bytes --]
On 05/05/2017 09:37 AM, Greg Kurz wrote:
> These v9fs_co_name_to_path() call sites have always been around. I guess
> no care was taken to check the return value because the name_to_path
> operation could never fail at the time. This is no longer true: the
> handle and synth backends can already fail this operation, and so will the
> local backend soon.
>
> Signed-off-by: Greg Kurz <groug@kaod.org>
> ---
> hw/9pfs/9p.c | 36 +++++++++++++++++++++++++-----------
> 1 file changed, 25 insertions(+), 11 deletions(-)
>
> @@ -2588,8 +2591,11 @@ static int coroutine_fn v9fs_complete_rename(V9fsPDU *pdu, V9fsFidState *fidp,
> new_name = g_malloc0(end - old_name + name->size + 1);
> strncat(new_name, old_name, end - old_name);
> strncat(new_name + (end - old_name), name->data, name->size);
Ad long as you're here, you could replace this strncat mess with the
shorter:
new_name = g_strdup_printf("%.*s%.*s", end - old_name, old_name,
name->size, name->data);
(or with further simplifications if you have NUL-terminated data). But
that can be a separate cleanup.
Reviewed-by: Eric Blake <eblake@redhat.com>
--
Eric Blake, Principal Software Engineer
Red Hat, Inc. +1-919-301-3266
Virtualization: qemu.org | libvirt.org
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 604 bytes --]
^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: [Qemu-devel] [PATCH 2/5] 9pfs: local: resolve special directories in paths
2017-05-05 14:37 ` [Qemu-devel] [PATCH 2/5] 9pfs: local: resolve special directories in paths Greg Kurz
@ 2017-05-05 16:59 ` Eric Blake
2017-05-09 9:12 ` Greg Kurz
0 siblings, 1 reply; 24+ messages in thread
From: Eric Blake @ 2017-05-05 16:59 UTC (permalink / raw)
To: Greg Kurz, qemu-devel; +Cc: Léo Gaspard
[-- Attachment #1: Type: text/plain, Size: 3093 bytes --]
On 05/05/2017 09:37 AM, Greg Kurz wrote:
> When using the mapped-file security mode, the creds of a path /foo/bar
> are stored in the /foo/.virtfs_metadata/bar file. This is okay for all
> paths unless they end with '.' or '..', because we cannot create the
> corresponding file in the metadata directory.
>
> This patch ensures that '.' and '..' are resolved in all paths.
>
> The core code only passes path elements (no '/') to the backend, with
> the notable exception of the '/' path, which refers to the virtfs root.
> This patch preserve the current behavior of converting it to '.' so
s/preserve/preserves/
> that it can be passed to "*at()" syscalls ('/' would mean the host root).
>
> Signed-off-by: Greg Kurz <groug@kaod.org>
> ---
> hw/9pfs/9p-local.c | 30 +++++++++++++++++++++++-------
> 1 file changed, 23 insertions(+), 7 deletions(-)
>
> diff --git a/hw/9pfs/9p-local.c b/hw/9pfs/9p-local.c
> index f3ebca4f7a56..92262f3c3e37 100644
> --- a/hw/9pfs/9p-local.c
> +++ b/hw/9pfs/9p-local.c
> @@ -1097,14 +1097,30 @@ static int local_name_to_path(FsContext *ctx, V9fsPath *dir_path,
> const char *name, V9fsPath *target)
> {
> if (dir_path) {
> - v9fs_path_sprintf(target, "%s/%s", dir_path->data, name);
> - } else if (strcmp(name, "/")) {
> - v9fs_path_sprintf(target, "%s", name);
> + if (!strcmp(name, ".")) {
> + /* "." relative to "foo/bar" is "foo/bar" */
> + v9fs_path_copy(target, dir_path);
> + } else if (!strcmp(name, "..")) {
> + if (!strcmp(dir_path->data, ".")) {
> + /* ".." relative to the root is "." */
> + v9fs_path_sprintf(target, ".");
> + } else {
> + char *tmp = g_path_get_dirname(dir_path->data);
> + /* ".." relative to "foo/bar" is equivalent to "foo" */
True only if bar is not a symlink to some other directory. What
guarantees do you have that you are not going to be inadvertently
skipping a traversal through symlinks and thereby picking the wrong
location for '..'?
> + v9fs_path_sprintf(target, "%s", tmp);
> + g_free(tmp);
> + }
> + } else {
> + assert(!strchr(name, '/'));
> + v9fs_path_sprintf(target, "%s/%s", dir_path->data, name);
> + }
> + } else if (!strcmp(name, "/") || !strcmp(name, ".") ||
> + !strcmp(name, "..")) {
> + /* This is the root fid */
> + v9fs_path_sprintf(target, ".");
> } else {
> - /* We want the path of the export root to be relative, otherwise
> - * "*at()" syscalls would treat it as "/" in the host.
> - */
> - v9fs_path_sprintf(target, "%s", ".");
> + assert(!strchr(name, '/'));
> + v9fs_path_sprintf(target, "./%s", name);
> }
> return 0;
> }
>
>
--
Eric Blake, Principal Software Engineer
Red Hat, Inc. +1-919-301-3266
Virtualization: qemu.org | libvirt.org
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 604 bytes --]
^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: [Qemu-devel] [PATCH 3/5] 9pfs: local: simplify file opening
2017-05-05 14:37 ` [Qemu-devel] [PATCH 3/5] 9pfs: local: simplify file opening Greg Kurz
@ 2017-05-05 17:01 ` Eric Blake
2017-05-09 9:23 ` Greg Kurz
0 siblings, 1 reply; 24+ messages in thread
From: Eric Blake @ 2017-05-05 17:01 UTC (permalink / raw)
To: Greg Kurz, qemu-devel; +Cc: Léo Gaspard
[-- Attachment #1: Type: text/plain, Size: 1355 bytes --]
On 05/05/2017 09:37 AM, Greg Kurz wrote:
> All paths in the virtfs directory now start with "./" (except the virtfs
> root itself which is exactly ".").
>
> We hence don't need to skip leading '/' characters anymore, nor to handle
> the empty path case. Also, since virtfs will only ever be supported on
> linux+glibc hosts, we can use strchrnul() and come up with a much simplier
> code to walk through the path elements. And we don't need to dup() the
> passed directory fd.
>
> Signed-off-by: Greg Kurz <groug@kaod.org>
> ---
> hw/9pfs/9p-local.c | 5 -----
> hw/9pfs/9p-util.c | 26 ++++++++++----------------
> 2 files changed, 10 insertions(+), 21 deletions(-)
>
> diff --git a/hw/9pfs/9p-local.c b/hw/9pfs/9p-local.c
> index 92262f3c3e37..bb6e296df317 100644
> --- a/hw/9pfs/9p-local.c
> +++ b/hw/9pfs/9p-local.c
> @@ -54,11 +54,6 @@ int local_open_nofollow(FsContext *fs_ctx, const char *path, int flags,
> {
> LocalData *data = fs_ctx->private;
>
> - /* All paths are relative to the path data->mountfd points to */
> - while (*path == '/') {
> - path++;
> - }
Is it worth adding any assert()s in place of the deleted code?
Otherwise looks okay.
--
Eric Blake, Principal Software Engineer
Red Hat, Inc. +1-919-301-3266
Virtualization: qemu.org | libvirt.org
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 604 bytes --]
^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: [Qemu-devel] [PATCH 4/5] 9pfs: local: metadata file for the VirtFS root
2017-05-05 14:37 ` [Qemu-devel] [PATCH 4/5] 9pfs: local: metadata file for the VirtFS root Greg Kurz
@ 2017-05-05 17:11 ` Eric Blake
2017-05-09 9:31 ` Greg Kurz
0 siblings, 1 reply; 24+ messages in thread
From: Eric Blake @ 2017-05-05 17:11 UTC (permalink / raw)
To: Greg Kurz, qemu-devel; +Cc: Léo Gaspard
[-- Attachment #1: Type: text/plain, Size: 2094 bytes --]
On 05/05/2017 09:37 AM, Greg Kurz wrote:
> When using the mapped-file security, credentials are stored in a metadata
> directory located in the parent directory. This is okay for all paths with
> the notable exception of the root path, since we don't want and probably
> can't create a metadata directory above the virtfs directory on the host.
>
> This patch introduces a dedicated metadata file, sitting in the virtfs root
> for this purpose. It relies on the fact that the "." name necessarily refer
s/refer/refers/
> to the virtfs root.
>
> As for the metadata directory, we don't want the client to see this file.
> The current code only cares for readdir() but there are many other places
> to fix actually. The filtering logic is hence put in a separate function.
>
> Before:
>
> # ls -ld
> drwxr-xr-x. 3 greg greg 4096 May 5 12:49 .
> # chown root.root .
> chown: changing ownership of '.': Is a directory
> # ls -ld
> drwxr-xr-x. 3 greg greg 4096 May 5 12:49 .
>
> After:
>
> # ls -ld
> drwxr-xr-x. 3 greg greg 4096 May 5 12:49 .
> # chown bin.bin .
> # ls -ld
> drwxr-xr-x. 3 root root 4096 May 5 12:50 .
Huh? How does chown bin.bin result in root.root? Copy-and-paste error?
>
> and from the host:
>
> ls -al .virtfs_metadata_root
> -rwx------. 1 greg greg 26 May 5 12:50 .virtfs_metadata_root
> $ cat .virtfs_metadata_root
> virtfs.uid=0
> virtfs.gid=0
So what happens if the guest tries to manipulate
./.virtfs_metadata_root? I know you are filtering it so that readdir()
and such can't see it, but do you have sane errors for the guest's
attempt to circumvent those hidden names?
>
> Reported-by: Léo Gaspard <leo@gaspard.io>
> Signed-off-by: Greg Kurz <groug@kaod.org>
> ---
> hw/9pfs/9p-local.c | 88 ++++++++++++++++++++++++++++++++++++----------------
> 1 file changed, 61 insertions(+), 27 deletions(-)
>
> diff --git a/hw/9pfs/9p-local.c b/hw/9pfs/9p-local.c
--
Eric Blake, Principal Software Engineer
Red Hat, Inc. +1-919-301-3266
Virtualization: qemu.org | libvirt.org
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 604 bytes --]
^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: [Qemu-devel] [PATCH 5/5] 9pfs: local: forbid client access to metadata
2017-05-05 14:37 ` [Qemu-devel] [PATCH 5/5] 9pfs: local: forbid client access to metadata Greg Kurz
@ 2017-05-05 17:13 ` Eric Blake
2017-05-09 9:39 ` Greg Kurz
0 siblings, 1 reply; 24+ messages in thread
From: Eric Blake @ 2017-05-05 17:13 UTC (permalink / raw)
To: Greg Kurz, qemu-devel; +Cc: Léo Gaspard
[-- Attachment #1: Type: text/plain, Size: 1263 bytes --]
On 05/05/2017 09:37 AM, Greg Kurz wrote:
> When using the mapped-file security mode, we shouldn't let the client
> mess with the metadata. The current code already hides it but the
> client can still access the metadata through several operations.
>
> This patch fixes the issue by:
> - preventing the creation of fids pointing to the metadata (name_to_path)
> - failing various operations taking a dirpath and a name arguments if
> name is a metadata reserved name
>
> Signed-off-by: Greg Kurz <groug@kaod.org>
> ---
> hw/9pfs/9p-local.c | 41 +++++++++++++++++++++++++++++++++++++++++
> 1 file changed, 41 insertions(+)
>
> diff --git a/hw/9pfs/9p-local.c b/hw/9pfs/9p-local.c
> index b427d2928800..93cadac302c9 100644
> --- a/hw/9pfs/9p-local.c
> +++ b/hw/9pfs/9p-local.c
> @@ -588,6 +588,11 @@ static int local_mknod(FsContext *fs_ctx, V9fsPath *dir_path,
> int err = -1;
> int dirfd;
>
> + if (local_must_skip_metadata(fs_ctx, name)) {
> + errno = EINVAL;
> + return -1;
> + }
> +
I don't know if EINVAL is the best error, but it seems reasonable enough.
--
Eric Blake, Principal Software Engineer
Red Hat, Inc. +1-919-301-3266
Virtualization: qemu.org | libvirt.org
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 604 bytes --]
^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: [Qemu-devel] [PATCH 1/5] 9pfs: check return value of v9fs_co_name_to_path()
2017-05-05 16:55 ` Eric Blake
@ 2017-05-05 17:30 ` Greg Kurz
0 siblings, 0 replies; 24+ messages in thread
From: Greg Kurz @ 2017-05-05 17:30 UTC (permalink / raw)
To: Eric Blake; +Cc: qemu-devel, Léo Gaspard
[-- Attachment #1: Type: text/plain, Size: 1493 bytes --]
On Fri, 5 May 2017 11:55:43 -0500
Eric Blake <eblake@redhat.com> wrote:
> On 05/05/2017 09:37 AM, Greg Kurz wrote:
> > These v9fs_co_name_to_path() call sites have always been around. I guess
> > no care was taken to check the return value because the name_to_path
> > operation could never fail at the time. This is no longer true: the
> > handle and synth backends can already fail this operation, and so will the
> > local backend soon.
> >
> > Signed-off-by: Greg Kurz <groug@kaod.org>
> > ---
> > hw/9pfs/9p.c | 36 +++++++++++++++++++++++++-----------
> > 1 file changed, 25 insertions(+), 11 deletions(-)
> >
>
> > @@ -2588,8 +2591,11 @@ static int coroutine_fn v9fs_complete_rename(V9fsPDU *pdu, V9fsFidState *fidp,
> > new_name = g_malloc0(end - old_name + name->size + 1);
> > strncat(new_name, old_name, end - old_name);
> > strncat(new_name + (end - old_name), name->data, name->size);
>
> Ad long as you're here, you could replace this strncat mess with the
> shorter:
>
> new_name = g_strdup_printf("%.*s%.*s", end - old_name, old_name,
> name->size, name->data);
>
> (or with further simplifications if you have NUL-terminated data). But
> that can be a separate cleanup.
>
Yes you're right, this definitely looks better than the strncat() logic.
I guess I'll do this in a separate patch.
Thanks for the suggestion.
> Reviewed-by: Eric Blake <eblake@redhat.com>
>
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 181 bytes --]
^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: [Qemu-devel] [PATCH 0/5] 9pfs: local: fix metadata of mapped-file security mode
2017-05-05 14:36 [Qemu-devel] [PATCH 0/5] 9pfs: local: fix metadata of mapped-file security mode Greg Kurz
` (5 preceding siblings ...)
2017-05-05 15:25 ` [Qemu-devel] [PATCH 0/5] 9pfs: local: fix metadata of mapped-file security mode no-reply
@ 2017-05-08 15:33 ` Leo Gaspard
2017-05-09 9:42 ` Greg Kurz
6 siblings, 1 reply; 24+ messages in thread
From: Leo Gaspard @ 2017-05-08 15:33 UTC (permalink / raw)
To: Greg Kurz, qemu-devel
[-- Attachment #1: Type: text/plain, Size: 1534 bytes --]
Greg,
I just tested on 2.9.0 with the 5 patches applied, and it appears to
work on my setup, thanks!
Just a side note: .virtfs_metadata_root is set as u=rwx on the host file
system (the "ret = fchmod(map_fd, 0700);" line in patch 4 I guess),
while u=rw would be more appropriate, I think.
Thank you,
Leo
On 05/05/2017 04:36 PM, Greg Kurz wrote:
> This series fixes two issues in the local backend when using the mapped-file
> security mode:
> - allow chmod and chown to succeed on the virtfs root (patch 4)
> - completely hide the metadata files from the client (patch 5)
>
> Patch 2 resolves '.' and '..' in paths, and patch 3 reworks the way we open
> files accordingly. They could be squashed together in a single patch (this
> was the case in earlier versions actually), but I decided to separate them
> for easier review.
>
> Léo,
>
> I'd appreciate if you could test this series (especially patch 4) on your
> setup.
>
> Cheers.
>
> --
> Greg
>
> ---
>
> Greg Kurz (5):
> 9pfs: check return value of v9fs_co_name_to_path()
> 9pfs: local: resolve special directories in paths
> 9pfs: local: simplify file opening
> 9pfs: local: metadata file for the VirtFS root
> 9pfs: local: forbid client access to metadata
>
>
> hw/9pfs/9p-local.c | 164 ++++++++++++++++++++++++++++++++++++++++------------
> hw/9pfs/9p-util.c | 26 +++-----
> hw/9pfs/9p.c | 36 ++++++++---
> 3 files changed, 160 insertions(+), 66 deletions(-)
>
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 659 bytes --]
^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: [Qemu-devel] [PATCH 2/5] 9pfs: local: resolve special directories in paths
2017-05-05 16:59 ` Eric Blake
@ 2017-05-09 9:12 ` Greg Kurz
2017-05-18 8:41 ` Greg Kurz
0 siblings, 1 reply; 24+ messages in thread
From: Greg Kurz @ 2017-05-09 9:12 UTC (permalink / raw)
To: Eric Blake; +Cc: qemu-devel, Léo Gaspard
[-- Attachment #1: Type: text/plain, Size: 3338 bytes --]
On Fri, 5 May 2017 11:59:15 -0500
Eric Blake <eblake@redhat.com> wrote:
> On 05/05/2017 09:37 AM, Greg Kurz wrote:
> > When using the mapped-file security mode, the creds of a path /foo/bar
> > are stored in the /foo/.virtfs_metadata/bar file. This is okay for all
> > paths unless they end with '.' or '..', because we cannot create the
> > corresponding file in the metadata directory.
> >
> > This patch ensures that '.' and '..' are resolved in all paths.
> >
> > The core code only passes path elements (no '/') to the backend, with
> > the notable exception of the '/' path, which refers to the virtfs root.
> > This patch preserve the current behavior of converting it to '.' so
>
> s/preserve/preserves/
>
I'll fix this.
> > that it can be passed to "*at()" syscalls ('/' would mean the host root).
> >
> > Signed-off-by: Greg Kurz <groug@kaod.org>
> > ---
> > hw/9pfs/9p-local.c | 30 +++++++++++++++++++++++-------
> > 1 file changed, 23 insertions(+), 7 deletions(-)
> >
> > diff --git a/hw/9pfs/9p-local.c b/hw/9pfs/9p-local.c
> > index f3ebca4f7a56..92262f3c3e37 100644
> > --- a/hw/9pfs/9p-local.c
> > +++ b/hw/9pfs/9p-local.c
> > @@ -1097,14 +1097,30 @@ static int local_name_to_path(FsContext *ctx, V9fsPath *dir_path,
> > const char *name, V9fsPath *target)
> > {
> > if (dir_path) {
> > - v9fs_path_sprintf(target, "%s/%s", dir_path->data, name);
> > - } else if (strcmp(name, "/")) {
> > - v9fs_path_sprintf(target, "%s", name);
> > + if (!strcmp(name, ".")) {
> > + /* "." relative to "foo/bar" is "foo/bar" */
> > + v9fs_path_copy(target, dir_path);
> > + } else if (!strcmp(name, "..")) {
> > + if (!strcmp(dir_path->data, ".")) {
> > + /* ".." relative to the root is "." */
> > + v9fs_path_sprintf(target, ".");
> > + } else {
> > + char *tmp = g_path_get_dirname(dir_path->data);
> > + /* ".." relative to "foo/bar" is equivalent to "foo" */
>
> True only if bar is not a symlink to some other directory. What
> guarantees do you have that you are not going to be inadvertently
> skipping a traversal through symlinks and thereby picking the wrong
> location for '..'?
>
My understanding is that symlinks are supposed to be resolved by the client,
and we shouldn't follow them in the server.
> > + v9fs_path_sprintf(target, "%s", tmp);
> > + g_free(tmp);
> > + }
> > + } else {
> > + assert(!strchr(name, '/'));
> > + v9fs_path_sprintf(target, "%s/%s", dir_path->data, name);
> > + }
> > + } else if (!strcmp(name, "/") || !strcmp(name, ".") ||
> > + !strcmp(name, "..")) {
> > + /* This is the root fid */
> > + v9fs_path_sprintf(target, ".");
> > } else {
> > - /* We want the path of the export root to be relative, otherwise
> > - * "*at()" syscalls would treat it as "/" in the host.
> > - */
> > - v9fs_path_sprintf(target, "%s", ".");
> > + assert(!strchr(name, '/'));
> > + v9fs_path_sprintf(target, "./%s", name);
> > }
> > return 0;
> > }
> >
> >
>
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 181 bytes --]
^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: [Qemu-devel] [PATCH 3/5] 9pfs: local: simplify file opening
2017-05-05 17:01 ` Eric Blake
@ 2017-05-09 9:23 ` Greg Kurz
2017-05-18 8:42 ` Greg Kurz
2017-05-18 14:23 ` Eric Blake
0 siblings, 2 replies; 24+ messages in thread
From: Greg Kurz @ 2017-05-09 9:23 UTC (permalink / raw)
To: Eric Blake; +Cc: qemu-devel, Léo Gaspard
[-- Attachment #1: Type: text/plain, Size: 1583 bytes --]
On Fri, 5 May 2017 12:01:55 -0500
Eric Blake <eblake@redhat.com> wrote:
> On 05/05/2017 09:37 AM, Greg Kurz wrote:
> > All paths in the virtfs directory now start with "./" (except the virtfs
> > root itself which is exactly ".").
> >
> > We hence don't need to skip leading '/' characters anymore, nor to handle
> > the empty path case. Also, since virtfs will only ever be supported on
> > linux+glibc hosts, we can use strchrnul() and come up with a much simplier
> > code to walk through the path elements. And we don't need to dup() the
> > passed directory fd.
> >
> > Signed-off-by: Greg Kurz <groug@kaod.org>
> > ---
> > hw/9pfs/9p-local.c | 5 -----
> > hw/9pfs/9p-util.c | 26 ++++++++++----------------
> > 2 files changed, 10 insertions(+), 21 deletions(-)
> >
> > diff --git a/hw/9pfs/9p-local.c b/hw/9pfs/9p-local.c
> > index 92262f3c3e37..bb6e296df317 100644
> > --- a/hw/9pfs/9p-local.c
> > +++ b/hw/9pfs/9p-local.c
> > @@ -54,11 +54,6 @@ int local_open_nofollow(FsContext *fs_ctx, const char *path, int flags,
> > {
> > LocalData *data = fs_ctx->private;
> >
> > - /* All paths are relative to the path data->mountfd points to */
> > - while (*path == '/') {
> > - path++;
> > - }
>
> Is it worth adding any assert()s in place of the deleted code?
>
The assert() added by this patch ensures that we never pass an empty
string to relative_openat_nofollow(), which isn't related to this
hunk of deleted code... so I'm not sure I understand the question :-\
> Otherwise looks okay.
>
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 181 bytes --]
^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: [Qemu-devel] [PATCH 4/5] 9pfs: local: metadata file for the VirtFS root
2017-05-05 17:11 ` Eric Blake
@ 2017-05-09 9:31 ` Greg Kurz
0 siblings, 0 replies; 24+ messages in thread
From: Greg Kurz @ 2017-05-09 9:31 UTC (permalink / raw)
To: Eric Blake; +Cc: qemu-devel, Léo Gaspard
[-- Attachment #1: Type: text/plain, Size: 2369 bytes --]
On Fri, 5 May 2017 12:11:14 -0500
Eric Blake <eblake@redhat.com> wrote:
> On 05/05/2017 09:37 AM, Greg Kurz wrote:
> > When using the mapped-file security, credentials are stored in a metadata
> > directory located in the parent directory. This is okay for all paths with
> > the notable exception of the root path, since we don't want and probably
> > can't create a metadata directory above the virtfs directory on the host.
> >
> > This patch introduces a dedicated metadata file, sitting in the virtfs root
> > for this purpose. It relies on the fact that the "." name necessarily refer
>
> s/refer/refers/
>
I'll fix this.
> > to the virtfs root.
> >
> > As for the metadata directory, we don't want the client to see this file.
> > The current code only cares for readdir() but there are many other places
> > to fix actually. The filtering logic is hence put in a separate function.
> >
> > Before:
> >
> > # ls -ld
> > drwxr-xr-x. 3 greg greg 4096 May 5 12:49 .
> > # chown root.root .
> > chown: changing ownership of '.': Is a directory
> > # ls -ld
> > drwxr-xr-x. 3 greg greg 4096 May 5 12:49 .
> >
> > After:
> >
> > # ls -ld
> > drwxr-xr-x. 3 greg greg 4096 May 5 12:49 .
> > # chown bin.bin .
> > # ls -ld
> > drwxr-xr-x. 3 root root 4096 May 5 12:50 .
>
> Huh? How does chown bin.bin result in root.root? Copy-and-paste error?
>
Oops, I had first tested with bin.bin, then I decided that root.root would
make more sense but I fumbled when updating the changelog... :-\
> >
> > and from the host:
> >
> > ls -al .virtfs_metadata_root
> > -rwx------. 1 greg greg 26 May 5 12:50 .virtfs_metadata_root
> > $ cat .virtfs_metadata_root
> > virtfs.uid=0
> > virtfs.gid=0
>
> So what happens if the guest tries to manipulate
> ./.virtfs_metadata_root? I know you are filtering it so that readdir()
> and such can't see it, but do you have sane errors for the guest's
> attempt to circumvent those hidden names?
>
This is addressed by patch 5.
> >
> > Reported-by: Léo Gaspard <leo@gaspard.io>
> > Signed-off-by: Greg Kurz <groug@kaod.org>
> > ---
> > hw/9pfs/9p-local.c | 88 ++++++++++++++++++++++++++++++++++++----------------
> > 1 file changed, 61 insertions(+), 27 deletions(-)
> >
> > diff --git a/hw/9pfs/9p-local.c b/hw/9pfs/9p-local.c
>
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 181 bytes --]
^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: [Qemu-devel] [PATCH 5/5] 9pfs: local: forbid client access to metadata
2017-05-05 17:13 ` Eric Blake
@ 2017-05-09 9:39 ` Greg Kurz
0 siblings, 0 replies; 24+ messages in thread
From: Greg Kurz @ 2017-05-09 9:39 UTC (permalink / raw)
To: Eric Blake; +Cc: qemu-devel, Léo Gaspard
[-- Attachment #1: Type: text/plain, Size: 1445 bytes --]
On Fri, 5 May 2017 12:13:52 -0500
Eric Blake <eblake@redhat.com> wrote:
> On 05/05/2017 09:37 AM, Greg Kurz wrote:
> > When using the mapped-file security mode, we shouldn't let the client
> > mess with the metadata. The current code already hides it but the
> > client can still access the metadata through several operations.
> >
> > This patch fixes the issue by:
> > - preventing the creation of fids pointing to the metadata (name_to_path)
> > - failing various operations taking a dirpath and a name arguments if
> > name is a metadata reserved name
> >
> > Signed-off-by: Greg Kurz <groug@kaod.org>
> > ---
> > hw/9pfs/9p-local.c | 41 +++++++++++++++++++++++++++++++++++++++++
> > 1 file changed, 41 insertions(+)
> >
> > diff --git a/hw/9pfs/9p-local.c b/hw/9pfs/9p-local.c
> > index b427d2928800..93cadac302c9 100644
> > --- a/hw/9pfs/9p-local.c
> > +++ b/hw/9pfs/9p-local.c
> > @@ -588,6 +588,11 @@ static int local_mknod(FsContext *fs_ctx, V9fsPath *dir_path,
> > int err = -1;
> > int dirfd;
> >
> > + if (local_must_skip_metadata(fs_ctx, name)) {
> > + errno = EINVAL;
> > + return -1;
> > + }
> > +
>
> I don't know if EINVAL is the best error, but it seems reasonable enough.
>
I admit that I'm not really a big fan of returning EINVAL, but there's
nothing like "this file name is illegal" on Linux and I couldn't come
up with a better error...
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 181 bytes --]
^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: [Qemu-devel] [PATCH 0/5] 9pfs: local: fix metadata of mapped-file security mode
2017-05-08 15:33 ` Leo Gaspard
@ 2017-05-09 9:42 ` Greg Kurz
0 siblings, 0 replies; 24+ messages in thread
From: Greg Kurz @ 2017-05-09 9:42 UTC (permalink / raw)
To: Leo Gaspard; +Cc: qemu-devel, Eric Blake
[-- Attachment #1: Type: text/plain, Size: 1749 bytes --]
On Mon, 8 May 2017 17:33:43 +0200
Leo Gaspard <leo@gaspard.io> wrote:
> Greg,
>
> I just tested on 2.9.0 with the 5 patches applied, and it appears to
> work on my setup, thanks!
>
> Just a side note: .virtfs_metadata_root is set as u=rwx on the host file
> system (the "ret = fchmod(map_fd, 0700);" line in patch 4 I guess),
> while u=rw would be more appropriate, I think.
>
You're right. I'll change that.
> Thank you,
> Leo
>
>
> On 05/05/2017 04:36 PM, Greg Kurz wrote:
> > This series fixes two issues in the local backend when using the mapped-file
> > security mode:
> > - allow chmod and chown to succeed on the virtfs root (patch 4)
> > - completely hide the metadata files from the client (patch 5)
> >
> > Patch 2 resolves '.' and '..' in paths, and patch 3 reworks the way we open
> > files accordingly. They could be squashed together in a single patch (this
> > was the case in earlier versions actually), but I decided to separate them
> > for easier review.
> >
> > Léo,
> >
> > I'd appreciate if you could test this series (especially patch 4) on your
> > setup.
> >
> > Cheers.
> >
> > --
> > Greg
> >
> > ---
> >
> > Greg Kurz (5):
> > 9pfs: check return value of v9fs_co_name_to_path()
> > 9pfs: local: resolve special directories in paths
> > 9pfs: local: simplify file opening
> > 9pfs: local: metadata file for the VirtFS root
> > 9pfs: local: forbid client access to metadata
> >
> >
> > hw/9pfs/9p-local.c | 164 ++++++++++++++++++++++++++++++++++++++++------------
> > hw/9pfs/9p-util.c | 26 +++-----
> > hw/9pfs/9p.c | 36 ++++++++---
> > 3 files changed, 160 insertions(+), 66 deletions(-)
> >
>
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 181 bytes --]
^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: [Qemu-devel] [PATCH 2/5] 9pfs: local: resolve special directories in paths
2017-05-09 9:12 ` Greg Kurz
@ 2017-05-18 8:41 ` Greg Kurz
2017-05-18 14:19 ` Eric Blake
0 siblings, 1 reply; 24+ messages in thread
From: Greg Kurz @ 2017-05-18 8:41 UTC (permalink / raw)
To: Eric Blake; +Cc: Léo Gaspard, qemu-devel
[-- Attachment #1: Type: text/plain, Size: 1722 bytes --]
On Tue, 9 May 2017 11:12:58 +0200
Greg Kurz <groug@kaod.org> wrote:
> On Fri, 5 May 2017 11:59:15 -0500
> Eric Blake <eblake@redhat.com> wrote:
>
> > On 05/05/2017 09:37 AM, Greg Kurz wrote:
> > > When using the mapped-file security mode, the creds of a path /foo/bar
> > > are stored in the /foo/.virtfs_metadata/bar file. This is okay for all
> > > paths unless they end with '.' or '..', because we cannot create the
> > > corresponding file in the metadata directory.
> > >
> > > This patch ensures that '.' and '..' are resolved in all paths.
> > >
> > > The core code only passes path elements (no '/') to the backend, with
> > > the notable exception of the '/' path, which refers to the virtfs root.
> > > This patch preserve the current behavior of converting it to '.' so
[...]
> > > + } else if (!strcmp(name, "..")) {
> > > + if (!strcmp(dir_path->data, ".")) {
> > > + /* ".." relative to the root is "." */
> > > + v9fs_path_sprintf(target, ".");
> > > + } else {
> > > + char *tmp = g_path_get_dirname(dir_path->data);
> > > + /* ".." relative to "foo/bar" is equivalent to "foo" */
> >
> > True only if bar is not a symlink to some other directory. What
> > guarantees do you have that you are not going to be inadvertently
> > skipping a traversal through symlinks and thereby picking the wrong
> > location for '..'?
> >
>
> My understanding is that symlinks are supposed to be resolved by the client,
> and we shouldn't follow them in the server.
>
Eric,
Do you have any comment further comment or can I go on with this change ?
Cheers,
--
Greg
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 181 bytes --]
^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: [Qemu-devel] [PATCH 3/5] 9pfs: local: simplify file opening
2017-05-09 9:23 ` Greg Kurz
@ 2017-05-18 8:42 ` Greg Kurz
2017-05-18 14:23 ` Eric Blake
1 sibling, 0 replies; 24+ messages in thread
From: Greg Kurz @ 2017-05-18 8:42 UTC (permalink / raw)
To: Eric Blake; +Cc: Léo Gaspard, qemu-devel
[-- Attachment #1: Type: text/plain, Size: 1761 bytes --]
On Tue, 9 May 2017 11:23:05 +0200
Greg Kurz <groug@kaod.org> wrote:
> On Fri, 5 May 2017 12:01:55 -0500
> Eric Blake <eblake@redhat.com> wrote:
>
> > On 05/05/2017 09:37 AM, Greg Kurz wrote:
> > > All paths in the virtfs directory now start with "./" (except the virtfs
> > > root itself which is exactly ".").
> > >
> > > We hence don't need to skip leading '/' characters anymore, nor to handle
> > > the empty path case. Also, since virtfs will only ever be supported on
> > > linux+glibc hosts, we can use strchrnul() and come up with a much simplier
> > > code to walk through the path elements. And we don't need to dup() the
> > > passed directory fd.
> > >
> > > Signed-off-by: Greg Kurz <groug@kaod.org>
> > > ---
> > > hw/9pfs/9p-local.c | 5 -----
> > > hw/9pfs/9p-util.c | 26 ++++++++++----------------
> > > 2 files changed, 10 insertions(+), 21 deletions(-)
> > >
> > > diff --git a/hw/9pfs/9p-local.c b/hw/9pfs/9p-local.c
> > > index 92262f3c3e37..bb6e296df317 100644
> > > --- a/hw/9pfs/9p-local.c
> > > +++ b/hw/9pfs/9p-local.c
> > > @@ -54,11 +54,6 @@ int local_open_nofollow(FsContext *fs_ctx, const char *path, int flags,
> > > {
> > > LocalData *data = fs_ctx->private;
> > >
> > > - /* All paths are relative to the path data->mountfd points to */
> > > - while (*path == '/') {
> > > - path++;
> > > - }
> >
> > Is it worth adding any assert()s in place of the deleted code?
> >
>
> The assert() added by this patch ensures that we never pass an empty
> string to relative_openat_nofollow(), which isn't related to this
> hunk of deleted code... so I'm not sure I understand the question :-\
>
Ping ?
> > Otherwise looks okay.
> >
>
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 181 bytes --]
^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: [Qemu-devel] [PATCH 2/5] 9pfs: local: resolve special directories in paths
2017-05-18 8:41 ` Greg Kurz
@ 2017-05-18 14:19 ` Eric Blake
0 siblings, 0 replies; 24+ messages in thread
From: Eric Blake @ 2017-05-18 14:19 UTC (permalink / raw)
To: Greg Kurz; +Cc: Léo Gaspard, qemu-devel
[-- Attachment #1: Type: text/plain, Size: 1250 bytes --]
On 05/18/2017 03:41 AM, Greg Kurz wrote:
> [...]
>>>> + } else if (!strcmp(name, "..")) {
>>>> + if (!strcmp(dir_path->data, ".")) {
>>>> + /* ".." relative to the root is "." */
>>>> + v9fs_path_sprintf(target, ".");
>>>> + } else {
>>>> + char *tmp = g_path_get_dirname(dir_path->data);
>>>> + /* ".." relative to "foo/bar" is equivalent to "foo" */
>>>
>>> True only if bar is not a symlink to some other directory. What
>>> guarantees do you have that you are not going to be inadvertently
>>> skipping a traversal through symlinks and thereby picking the wrong
>>> location for '..'?
>>>
>>
>> My understanding is that symlinks are supposed to be resolved by the client,
>> and we shouldn't follow them in the server.
>>
>
> Eric,
>
> Do you have any comment further comment or can I go on with this change ?
I'd update the comment to mention that the equivalency between
"foo/bar/.." and "foo" is _because_ the client has already resolved
symlinks, and then I think you're good to go.
--
Eric Blake, Principal Software Engineer
Red Hat, Inc. +1-919-301-3266
Virtualization: qemu.org | libvirt.org
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 604 bytes --]
^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: [Qemu-devel] [PATCH 3/5] 9pfs: local: simplify file opening
2017-05-09 9:23 ` Greg Kurz
2017-05-18 8:42 ` Greg Kurz
@ 2017-05-18 14:23 ` Eric Blake
2017-05-18 15:51 ` Greg Kurz
1 sibling, 1 reply; 24+ messages in thread
From: Eric Blake @ 2017-05-18 14:23 UTC (permalink / raw)
To: Greg Kurz; +Cc: qemu-devel, Léo Gaspard
[-- Attachment #1: Type: text/plain, Size: 2013 bytes --]
On 05/09/2017 04:23 AM, Greg Kurz wrote:
> On Fri, 5 May 2017 12:01:55 -0500
> Eric Blake <eblake@redhat.com> wrote:
>
>> On 05/05/2017 09:37 AM, Greg Kurz wrote:
>>> All paths in the virtfs directory now start with "./" (except the virtfs
>>> root itself which is exactly ".").
>>>
>>> We hence don't need to skip leading '/' characters anymore, nor to handle
>>> the empty path case. Also, since virtfs will only ever be supported on
>>> linux+glibc hosts, we can use strchrnul() and come up with a much simplier
>>> code to walk through the path elements. And we don't need to dup() the
>>> passed directory fd.
>>>
>>> Signed-off-by: Greg Kurz <groug@kaod.org>
>>> ---
>>> hw/9pfs/9p-local.c | 5 -----
>>> hw/9pfs/9p-util.c | 26 ++++++++++----------------
>>> 2 files changed, 10 insertions(+), 21 deletions(-)
>>>
>>> diff --git a/hw/9pfs/9p-local.c b/hw/9pfs/9p-local.c
>>> index 92262f3c3e37..bb6e296df317 100644
>>> --- a/hw/9pfs/9p-local.c
>>> +++ b/hw/9pfs/9p-local.c
>>> @@ -54,11 +54,6 @@ int local_open_nofollow(FsContext *fs_ctx, const char *path, int flags,
>>> {
>>> LocalData *data = fs_ctx->private;
>>>
>>> - /* All paths are relative to the path data->mountfd points to */
>>> - while (*path == '/') {
>>> - path++;
>>> - }
>>
>> Is it worth adding any assert()s in place of the deleted code?
>>
>
> The assert() added by this patch ensures that we never pass an empty
> string to relative_openat_nofollow(), which isn't related to this
> hunk of deleted code... so I'm not sure I understand the question :-\
I was thinking if it is worth replacing the deleted while() loop with an
assert(*path != '/');
to prove that we have already taken care of ensuring a relative path.
You're right that you added another assert(*path) elsewhere in the
patch, and that one looked fine.
--
Eric Blake, Principal Software Engineer
Red Hat, Inc. +1-919-301-3266
Virtualization: qemu.org | libvirt.org
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 604 bytes --]
^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: [Qemu-devel] [PATCH 3/5] 9pfs: local: simplify file opening
2017-05-18 14:23 ` Eric Blake
@ 2017-05-18 15:51 ` Greg Kurz
0 siblings, 0 replies; 24+ messages in thread
From: Greg Kurz @ 2017-05-18 15:51 UTC (permalink / raw)
To: Eric Blake; +Cc: qemu-devel, Léo Gaspard
[-- Attachment #1: Type: text/plain, Size: 2905 bytes --]
On Thu, 18 May 2017 09:23:07 -0500
Eric Blake <eblake@redhat.com> wrote:
> On 05/09/2017 04:23 AM, Greg Kurz wrote:
> > On Fri, 5 May 2017 12:01:55 -0500
> > Eric Blake <eblake@redhat.com> wrote:
> >
> >> On 05/05/2017 09:37 AM, Greg Kurz wrote:
> >>> All paths in the virtfs directory now start with "./" (except the virtfs
> >>> root itself which is exactly ".").
> >>>
> >>> We hence don't need to skip leading '/' characters anymore, nor to handle
> >>> the empty path case. Also, since virtfs will only ever be supported on
> >>> linux+glibc hosts, we can use strchrnul() and come up with a much simplier
> >>> code to walk through the path elements. And we don't need to dup() the
> >>> passed directory fd.
> >>>
> >>> Signed-off-by: Greg Kurz <groug@kaod.org>
> >>> ---
> >>> hw/9pfs/9p-local.c | 5 -----
> >>> hw/9pfs/9p-util.c | 26 ++++++++++----------------
> >>> 2 files changed, 10 insertions(+), 21 deletions(-)
> >>>
> >>> diff --git a/hw/9pfs/9p-local.c b/hw/9pfs/9p-local.c
> >>> index 92262f3c3e37..bb6e296df317 100644
> >>> --- a/hw/9pfs/9p-local.c
> >>> +++ b/hw/9pfs/9p-local.c
> >>> @@ -54,11 +54,6 @@ int local_open_nofollow(FsContext *fs_ctx, const char *path, int flags,
> >>> {
> >>> LocalData *data = fs_ctx->private;
> >>>
> >>> - /* All paths are relative to the path data->mountfd points to */
> >>> - while (*path == '/') {
> >>> - path++;
> >>> - }
> >>
> >> Is it worth adding any assert()s in place of the deleted code?
> >>
> >
> > The assert() added by this patch ensures that we never pass an empty
> > string to relative_openat_nofollow(), which isn't related to this
> > hunk of deleted code... so I'm not sure I understand the question :-\
>
> I was thinking if it is worth replacing the deleted while() loop with an
>
> assert(*path != '/');
>
> to prove that we have already taken care of ensuring a relative path.
If you're talking about this one in relative_openat_nofollow():
assert(path[0] != '/');
well, it was there before and it was supposed to handle two things that
should never happen:
1) passing an absolute path, which would cause openat() to ignore dirfd
and access the absolute path in the host
2) having consecutive slashes in the path, which would cause "" to
be passed to openat() and get ENOENT
Maybe it would make more sense to handle 1) by moving the assert() to
local_open_nofollow(), in place of the deleted loop.
2) is more a question of laziness... since all the paths that ever
get there come from the backend code, I just assume that it is up
to the backend to provide paths without consecutive slahes. But I
guess, it shouldn't be hard to change the logic to deal with that
gracefully.
> You're right that you added another assert(*path) elsewhere in the
> patch, and that one looked fine.
>
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 181 bytes --]
^ permalink raw reply [flat|nested] 24+ messages in thread
end of thread, other threads:[~2017-05-18 15:52 UTC | newest]
Thread overview: 24+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-05-05 14:36 [Qemu-devel] [PATCH 0/5] 9pfs: local: fix metadata of mapped-file security mode Greg Kurz
2017-05-05 14:37 ` [Qemu-devel] [PATCH 1/5] 9pfs: check return value of v9fs_co_name_to_path() Greg Kurz
2017-05-05 16:55 ` Eric Blake
2017-05-05 17:30 ` Greg Kurz
2017-05-05 14:37 ` [Qemu-devel] [PATCH 2/5] 9pfs: local: resolve special directories in paths Greg Kurz
2017-05-05 16:59 ` Eric Blake
2017-05-09 9:12 ` Greg Kurz
2017-05-18 8:41 ` Greg Kurz
2017-05-18 14:19 ` Eric Blake
2017-05-05 14:37 ` [Qemu-devel] [PATCH 3/5] 9pfs: local: simplify file opening Greg Kurz
2017-05-05 17:01 ` Eric Blake
2017-05-09 9:23 ` Greg Kurz
2017-05-18 8:42 ` Greg Kurz
2017-05-18 14:23 ` Eric Blake
2017-05-18 15:51 ` Greg Kurz
2017-05-05 14:37 ` [Qemu-devel] [PATCH 4/5] 9pfs: local: metadata file for the VirtFS root Greg Kurz
2017-05-05 17:11 ` Eric Blake
2017-05-09 9:31 ` Greg Kurz
2017-05-05 14:37 ` [Qemu-devel] [PATCH 5/5] 9pfs: local: forbid client access to metadata Greg Kurz
2017-05-05 17:13 ` Eric Blake
2017-05-09 9:39 ` Greg Kurz
2017-05-05 15:25 ` [Qemu-devel] [PATCH 0/5] 9pfs: local: fix metadata of mapped-file security mode no-reply
2017-05-08 15:33 ` Leo Gaspard
2017-05-09 9:42 ` Greg Kurz
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.