From: "Dr. David Alan Gilbert (git)" <dgilbert@redhat.com>
To: qemu-devel@nongnu.org, vgoyal@redhat.com, stefanha@redhat.com,
groug@kaod.org
Cc: virtio-fs@redhat.com
Subject: [PATCH v3 24/26] vhost-user-fs: Extend VhostUserFSSlaveMsg to pass additional info
Date: Wed, 28 Apr 2021 12:00:58 +0100 [thread overview]
Message-ID: <20210428110100.27757-25-dgilbert@redhat.com> (raw)
In-Reply-To: <20210428110100.27757-1-dgilbert@redhat.com>
From: Vivek Goyal <vgoyal@redhat.com>
Extend VhostUserFSSlaveMsg so that slave can ask it to drop CAP_FSETID
before doing I/O on fd.
In some cases, virtiofsd takes the onus of clearing setuid bit on a file
when WRITE happens. Generally virtiofsd does the WRITE to fd (from guest
memory which is mapped in virtiofsd as well), but if this memory is
unmappable in virtiofsd (like cache window), then virtiofsd asks qemu
to do the I/O instead.
To retain the capability to drop suid bit on write, qemu needs to
drop the CAP_FSETID as well before write to fd. Extend VhostUserFSSlaveMsg
so that virtiofsd can specify in message if CAP_FSETID needs to be
dropped.
Signed-off-by: Vivek Goyal <vgoyal@redhat.com>
---
hw/virtio/vhost-user-fs.c | 5 +++++
include/hw/virtio/vhost-user-fs.h | 6 ++++++
subprojects/libvhost-user/libvhost-user.h | 6 ++++++
3 files changed, 17 insertions(+)
diff --git a/hw/virtio/vhost-user-fs.c b/hw/virtio/vhost-user-fs.c
index ee600ce968..036ca17767 100644
--- a/hw/virtio/vhost-user-fs.c
+++ b/hw/virtio/vhost-user-fs.c
@@ -244,6 +244,11 @@ uint64_t vhost_user_fs_slave_io(struct vhost_dev *dev, int message_size,
return (uint64_t)-1;
}
+ if (sm->flags & VHOST_USER_FS_GENFLAG_DROP_FSETID) {
+ error_report("Dropping CAP_FSETID is not supported");
+ return (uint64_t)-ENOTSUP;
+ }
+
for (i = 0; i < sm->count && !res; i++) {
VhostUserFSSlaveMsgEntry *e = &sm->entries[i];
if (e->len == 0) {
diff --git a/include/hw/virtio/vhost-user-fs.h b/include/hw/virtio/vhost-user-fs.h
index 2931164e23..bcd797c0cc 100644
--- a/include/hw/virtio/vhost-user-fs.h
+++ b/include/hw/virtio/vhost-user-fs.h
@@ -30,6 +30,10 @@ OBJECT_DECLARE_SIMPLE_TYPE(VHostUserFS, VHOST_USER_FS)
#define VHOST_USER_FS_FLAG_MAP_R (1u << 0)
#define VHOST_USER_FS_FLAG_MAP_W (1u << 1)
+/* Generic flags for the overall message and not individual ranges */
+/* Drop capability CAP_FSETID during the operation */
+#define VHOST_USER_FS_GENFLAG_DROP_FSETID (1u << 0)
+
typedef struct {
/* Offsets within the file being mapped */
uint64_t fd_offset;
@@ -42,6 +46,8 @@ typedef struct {
} VhostUserFSSlaveMsgEntry;
typedef struct {
+ /* Generic flags for the overall message */
+ uint32_t flags;
/* Number of entries */
uint16_t count;
/* Spare */
diff --git a/subprojects/libvhost-user/libvhost-user.h b/subprojects/libvhost-user/libvhost-user.h
index 42b0833c4b..4dba4321f4 100644
--- a/subprojects/libvhost-user/libvhost-user.h
+++ b/subprojects/libvhost-user/libvhost-user.h
@@ -132,6 +132,10 @@ typedef enum VhostUserSlaveRequest {
#define VHOST_USER_FS_FLAG_MAP_R (1u << 0)
#define VHOST_USER_FS_FLAG_MAP_W (1u << 1)
+/* Generic flags for the overall message and not individual ranges */
+/* Drop capability CAP_FSETID during the operation */
+#define VHOST_USER_FS_GENFLAG_DROP_FSETID (1u << 0)
+
typedef struct {
/* Offsets within the file being mapped */
uint64_t fd_offset;
@@ -144,6 +148,8 @@ typedef struct {
} VhostUserFSSlaveMsgEntry;
typedef struct {
+ /* Generic flags for the overall message */
+ uint32_t flags;
/* Number of entries */
uint16_t count;
/* Spare */
--
2.31.1
WARNING: multiple messages have this Message-ID (diff)
From: "Dr. David Alan Gilbert (git)" <dgilbert@redhat.com>
To: qemu-devel@nongnu.org, vgoyal@redhat.com, stefanha@redhat.com,
groug@kaod.org
Cc: virtio-fs@redhat.com
Subject: [Virtio-fs] [PATCH v3 24/26] vhost-user-fs: Extend VhostUserFSSlaveMsg to pass additional info
Date: Wed, 28 Apr 2021 12:00:58 +0100 [thread overview]
Message-ID: <20210428110100.27757-25-dgilbert@redhat.com> (raw)
In-Reply-To: <20210428110100.27757-1-dgilbert@redhat.com>
From: Vivek Goyal <vgoyal@redhat.com>
Extend VhostUserFSSlaveMsg so that slave can ask it to drop CAP_FSETID
before doing I/O on fd.
In some cases, virtiofsd takes the onus of clearing setuid bit on a file
when WRITE happens. Generally virtiofsd does the WRITE to fd (from guest
memory which is mapped in virtiofsd as well), but if this memory is
unmappable in virtiofsd (like cache window), then virtiofsd asks qemu
to do the I/O instead.
To retain the capability to drop suid bit on write, qemu needs to
drop the CAP_FSETID as well before write to fd. Extend VhostUserFSSlaveMsg
so that virtiofsd can specify in message if CAP_FSETID needs to be
dropped.
Signed-off-by: Vivek Goyal <vgoyal@redhat.com>
---
hw/virtio/vhost-user-fs.c | 5 +++++
include/hw/virtio/vhost-user-fs.h | 6 ++++++
subprojects/libvhost-user/libvhost-user.h | 6 ++++++
3 files changed, 17 insertions(+)
diff --git a/hw/virtio/vhost-user-fs.c b/hw/virtio/vhost-user-fs.c
index ee600ce968..036ca17767 100644
--- a/hw/virtio/vhost-user-fs.c
+++ b/hw/virtio/vhost-user-fs.c
@@ -244,6 +244,11 @@ uint64_t vhost_user_fs_slave_io(struct vhost_dev *dev, int message_size,
return (uint64_t)-1;
}
+ if (sm->flags & VHOST_USER_FS_GENFLAG_DROP_FSETID) {
+ error_report("Dropping CAP_FSETID is not supported");
+ return (uint64_t)-ENOTSUP;
+ }
+
for (i = 0; i < sm->count && !res; i++) {
VhostUserFSSlaveMsgEntry *e = &sm->entries[i];
if (e->len == 0) {
diff --git a/include/hw/virtio/vhost-user-fs.h b/include/hw/virtio/vhost-user-fs.h
index 2931164e23..bcd797c0cc 100644
--- a/include/hw/virtio/vhost-user-fs.h
+++ b/include/hw/virtio/vhost-user-fs.h
@@ -30,6 +30,10 @@ OBJECT_DECLARE_SIMPLE_TYPE(VHostUserFS, VHOST_USER_FS)
#define VHOST_USER_FS_FLAG_MAP_R (1u << 0)
#define VHOST_USER_FS_FLAG_MAP_W (1u << 1)
+/* Generic flags for the overall message and not individual ranges */
+/* Drop capability CAP_FSETID during the operation */
+#define VHOST_USER_FS_GENFLAG_DROP_FSETID (1u << 0)
+
typedef struct {
/* Offsets within the file being mapped */
uint64_t fd_offset;
@@ -42,6 +46,8 @@ typedef struct {
} VhostUserFSSlaveMsgEntry;
typedef struct {
+ /* Generic flags for the overall message */
+ uint32_t flags;
/* Number of entries */
uint16_t count;
/* Spare */
diff --git a/subprojects/libvhost-user/libvhost-user.h b/subprojects/libvhost-user/libvhost-user.h
index 42b0833c4b..4dba4321f4 100644
--- a/subprojects/libvhost-user/libvhost-user.h
+++ b/subprojects/libvhost-user/libvhost-user.h
@@ -132,6 +132,10 @@ typedef enum VhostUserSlaveRequest {
#define VHOST_USER_FS_FLAG_MAP_R (1u << 0)
#define VHOST_USER_FS_FLAG_MAP_W (1u << 1)
+/* Generic flags for the overall message and not individual ranges */
+/* Drop capability CAP_FSETID during the operation */
+#define VHOST_USER_FS_GENFLAG_DROP_FSETID (1u << 0)
+
typedef struct {
/* Offsets within the file being mapped */
uint64_t fd_offset;
@@ -144,6 +148,8 @@ typedef struct {
} VhostUserFSSlaveMsgEntry;
typedef struct {
+ /* Generic flags for the overall message */
+ uint32_t flags;
/* Number of entries */
uint16_t count;
/* Spare */
--
2.31.1
next prev parent reply other threads:[~2021-04-28 11:21 UTC|newest]
Thread overview: 132+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-04-28 11:00 [PATCH v3 00/26] virtiofs dax patches Dr. David Alan Gilbert (git)
2021-04-28 11:00 ` [Virtio-fs] " Dr. David Alan Gilbert (git)
2021-04-28 11:00 ` [PATCH v3 01/26] virtiofs: Fixup printf args Dr. David Alan Gilbert (git)
2021-04-28 11:00 ` [Virtio-fs] " Dr. David Alan Gilbert (git)
2021-05-04 14:54 ` Stefan Hajnoczi
2021-05-04 14:54 ` [Virtio-fs] " Stefan Hajnoczi
2021-05-05 11:06 ` Dr. David Alan Gilbert
2021-05-05 11:06 ` [Virtio-fs] " Dr. David Alan Gilbert
2021-05-06 15:56 ` Dr. David Alan Gilbert
2021-05-06 15:56 ` [Virtio-fs] " Dr. David Alan Gilbert
2021-04-28 11:00 ` [PATCH v3 02/26] virtiofsd: Don't assume header layout Dr. David Alan Gilbert (git)
2021-04-28 11:00 ` [Virtio-fs] " Dr. David Alan Gilbert (git)
2021-05-04 15:12 ` Stefan Hajnoczi
2021-05-04 15:12 ` [Virtio-fs] " Stefan Hajnoczi
2021-05-06 15:56 ` Dr. David Alan Gilbert
2021-05-06 15:56 ` [Virtio-fs] " Dr. David Alan Gilbert
2021-04-28 11:00 ` [PATCH v3 03/26] DAX: vhost-user: Rework slave return values Dr. David Alan Gilbert (git)
2021-04-28 11:00 ` [Virtio-fs] " Dr. David Alan Gilbert (git)
2021-05-04 15:23 ` Stefan Hajnoczi
2021-05-04 15:23 ` [Virtio-fs] " Stefan Hajnoczi
2021-05-27 15:59 ` Dr. David Alan Gilbert
2021-05-27 15:59 ` [Virtio-fs] " Dr. David Alan Gilbert
2021-04-28 11:00 ` [PATCH v3 04/26] DAX: libvhost-user: Route slave message payload Dr. David Alan Gilbert (git)
2021-04-28 11:00 ` [Virtio-fs] " Dr. David Alan Gilbert (git)
2021-05-04 15:26 ` Stefan Hajnoczi
2021-05-04 15:26 ` [Virtio-fs] " Stefan Hajnoczi
2021-04-28 11:00 ` [PATCH v3 05/26] DAX: libvhost-user: Allow popping a queue element with bad pointers Dr. David Alan Gilbert (git)
2021-04-28 11:00 ` [Virtio-fs] " Dr. David Alan Gilbert (git)
2021-04-28 11:00 ` [PATCH v3 06/26] DAX subprojects/libvhost-user: Add virtio-fs slave types Dr. David Alan Gilbert (git)
2021-04-28 11:00 ` [Virtio-fs] " Dr. David Alan Gilbert (git)
2021-04-29 15:48 ` Dr. David Alan Gilbert
2021-04-29 15:48 ` [Virtio-fs] " Dr. David Alan Gilbert
2021-04-28 11:00 ` [PATCH v3 07/26] DAX: virtio: Add shared memory capability Dr. David Alan Gilbert (git)
2021-04-28 11:00 ` [Virtio-fs] " Dr. David Alan Gilbert (git)
2021-04-28 11:00 ` [PATCH v3 08/26] DAX: virtio-fs: Add cache BAR Dr. David Alan Gilbert (git)
2021-04-28 11:00 ` [Virtio-fs] " Dr. David Alan Gilbert (git)
2021-05-05 12:12 ` Stefan Hajnoczi
2021-05-05 12:12 ` [Virtio-fs] " Stefan Hajnoczi
2021-05-05 18:59 ` Dr. David Alan Gilbert
2021-05-05 18:59 ` [Virtio-fs] " Dr. David Alan Gilbert
2021-04-28 11:00 ` [PATCH v3 09/26] DAX: virtio-fs: Add vhost-user slave commands for mapping Dr. David Alan Gilbert (git)
2021-04-28 11:00 ` [Virtio-fs] " Dr. David Alan Gilbert (git)
2021-05-05 14:15 ` Stefan Hajnoczi
2021-05-05 14:15 ` [Virtio-fs] " Stefan Hajnoczi
2021-05-27 16:57 ` Dr. David Alan Gilbert
2021-05-27 16:57 ` [Virtio-fs] " Dr. David Alan Gilbert
2021-04-28 11:00 ` [PATCH v3 10/26] DAX: virtio-fs: Fill in " Dr. David Alan Gilbert (git)
2021-04-28 11:00 ` [Virtio-fs] " Dr. David Alan Gilbert (git)
2021-05-05 16:43 ` Stefan Hajnoczi
2021-05-05 16:43 ` [Virtio-fs] " Stefan Hajnoczi
2021-04-28 11:00 ` [PATCH v3 11/26] DAX: virtiofsd Add cache accessor functions Dr. David Alan Gilbert (git)
2021-04-28 11:00 ` [Virtio-fs] " Dr. David Alan Gilbert (git)
2021-04-28 11:00 ` [PATCH v3 12/26] DAX: virtiofsd: Add setup/remove mappings fuse commands Dr. David Alan Gilbert (git)
2021-04-28 11:00 ` [Virtio-fs] " Dr. David Alan Gilbert (git)
2021-05-06 15:02 ` Stefan Hajnoczi
2021-05-06 15:02 ` [Virtio-fs] " Stefan Hajnoczi
2021-04-28 11:00 ` [PATCH v3 13/26] DAX: virtiofsd: Add setup/remove mapping handlers to passthrough_ll Dr. David Alan Gilbert (git)
2021-04-28 11:00 ` [Virtio-fs] " Dr. David Alan Gilbert (git)
2021-04-28 11:00 ` [PATCH v3 14/26] DAX: virtiofsd: Wire up passthrough_ll's lo_setupmapping Dr. David Alan Gilbert (git)
2021-04-28 11:00 ` [Virtio-fs] " Dr. David Alan Gilbert (git)
2021-04-28 11:00 ` [PATCH v3 15/26] DAX: virtiofsd: Make lo_removemapping() work Dr. David Alan Gilbert (git)
2021-04-28 11:00 ` [Virtio-fs] " Dr. David Alan Gilbert (git)
2021-04-28 11:00 ` [PATCH v3 16/26] DAX: virtiofsd: route se down to destroy method Dr. David Alan Gilbert (git)
2021-04-28 11:00 ` [Virtio-fs] " Dr. David Alan Gilbert (git)
2021-04-28 11:00 ` [PATCH v3 17/26] DAX: virtiofsd: Perform an unmap on destroy Dr. David Alan Gilbert (git)
2021-04-28 11:00 ` [Virtio-fs] " Dr. David Alan Gilbert (git)
2021-04-28 11:00 ` [PATCH v3 18/26] DAX/unmap: virtiofsd: Add VHOST_USER_SLAVE_FS_IO Dr. David Alan Gilbert (git)
2021-04-28 11:00 ` [Virtio-fs] " Dr. David Alan Gilbert (git)
2021-05-06 15:12 ` Stefan Hajnoczi
2021-05-06 15:12 ` [Virtio-fs] " Stefan Hajnoczi
2021-05-27 17:44 ` Dr. David Alan Gilbert
2021-05-27 17:44 ` [Virtio-fs] " Dr. David Alan Gilbert
2021-05-06 15:16 ` Stefan Hajnoczi
2021-05-06 15:16 ` [Virtio-fs] " Stefan Hajnoczi
2021-05-27 17:31 ` Dr. David Alan Gilbert
2021-05-27 17:31 ` [Virtio-fs] " Dr. David Alan Gilbert
2021-04-28 11:00 ` [PATCH v3 19/26] DAX/unmap virtiofsd: Add wrappers for VHOST_USER_SLAVE_FS_IO Dr. David Alan Gilbert (git)
2021-04-28 11:00 ` [Virtio-fs] " Dr. David Alan Gilbert (git)
2021-04-28 12:53 ` Dr. David Alan Gilbert
2021-04-28 12:53 ` [Virtio-fs] " Dr. David Alan Gilbert
2021-04-28 11:00 ` [PATCH v3 20/26] DAX/unmap virtiofsd: Parse unmappable elements Dr. David Alan Gilbert (git)
2021-04-28 11:00 ` [Virtio-fs] " Dr. David Alan Gilbert (git)
2021-05-06 15:23 ` Stefan Hajnoczi
2021-05-06 15:23 ` [Virtio-fs] " Stefan Hajnoczi
2021-05-27 17:56 ` Dr. David Alan Gilbert
2021-05-27 17:56 ` [Virtio-fs] " Dr. David Alan Gilbert
2021-04-28 11:00 ` [PATCH v3 21/26] DAX/unmap virtiofsd: Route unmappable reads Dr. David Alan Gilbert (git)
2021-04-28 11:00 ` [Virtio-fs] " Dr. David Alan Gilbert (git)
2021-05-06 15:27 ` Stefan Hajnoczi
2021-05-06 15:27 ` [Virtio-fs] " Stefan Hajnoczi
2021-04-28 11:00 ` [PATCH v3 22/26] DAX/unmap virtiofsd: route unmappable write to slave command Dr. David Alan Gilbert (git)
2021-04-28 11:00 ` [Virtio-fs] " Dr. David Alan Gilbert (git)
2021-05-06 15:28 ` Stefan Hajnoczi
2021-05-06 15:28 ` [Virtio-fs] " Stefan Hajnoczi
2021-04-28 11:00 ` [PATCH v3 23/26] DAX:virtiofsd: implement FUSE_INIT map_alignment field Dr. David Alan Gilbert (git)
2021-04-28 11:00 ` [Virtio-fs] " Dr. David Alan Gilbert (git)
2021-04-28 11:00 ` Dr. David Alan Gilbert (git) [this message]
2021-04-28 11:00 ` [Virtio-fs] [PATCH v3 24/26] vhost-user-fs: Extend VhostUserFSSlaveMsg to pass additional info Dr. David Alan Gilbert (git)
2021-05-06 15:31 ` Stefan Hajnoczi
2021-05-06 15:31 ` [Virtio-fs] " Stefan Hajnoczi
2021-05-06 15:32 ` Stefan Hajnoczi
2021-05-06 15:32 ` [Virtio-fs] " Stefan Hajnoczi
2021-04-28 11:00 ` [PATCH v3 25/26] vhost-user-fs: Implement drop CAP_FSETID functionality Dr. David Alan Gilbert (git)
2021-04-28 11:00 ` [Virtio-fs] " Dr. David Alan Gilbert (git)
2021-04-28 11:01 ` [PATCH v3 26/26] virtiofsd: Ask qemu to drop CAP_FSETID if client asked for it Dr. David Alan Gilbert (git)
2021-04-28 11:01 ` [Virtio-fs] " Dr. David Alan Gilbert (git)
2021-05-06 15:37 ` Stefan Hajnoczi
2021-05-06 15:37 ` [Virtio-fs] " Stefan Hajnoczi
2021-05-06 16:02 ` Vivek Goyal
2021-05-06 16:02 ` [Virtio-fs] " Vivek Goyal
2021-05-10 9:05 ` Stefan Hajnoczi
2021-05-10 9:05 ` [Virtio-fs] " Stefan Hajnoczi
2021-05-10 15:23 ` Vivek Goyal
2021-05-10 15:23 ` [Virtio-fs] " Vivek Goyal
2021-05-10 15:32 ` Stefan Hajnoczi
2021-05-10 15:32 ` [Virtio-fs] " Stefan Hajnoczi
2021-05-27 19:09 ` Dr. David Alan Gilbert
2021-05-27 19:09 ` [Virtio-fs] " Dr. David Alan Gilbert
2021-06-10 15:29 ` Dr. David Alan Gilbert
2021-06-10 15:29 ` [Virtio-fs] " Dr. David Alan Gilbert
2021-06-10 16:23 ` Stefan Hajnoczi
2021-06-10 16:23 ` [Virtio-fs] " Stefan Hajnoczi
2021-06-16 12:36 ` Dr. David Alan Gilbert
2021-06-16 12:36 ` [Virtio-fs] " Dr. David Alan Gilbert
2021-06-16 15:29 ` Stefan Hajnoczi
2021-06-16 15:29 ` [Virtio-fs] " Stefan Hajnoczi
2021-06-16 18:35 ` Dr. David Alan Gilbert
2021-06-16 18:35 ` [Virtio-fs] " Dr. David Alan Gilbert
2021-04-28 11:27 ` [PATCH v3 00/26] virtiofs dax patches no-reply
2021-04-28 11:27 ` [Virtio-fs] " no-reply
2021-05-06 15:37 ` Stefan Hajnoczi
2021-05-06 15:37 ` [Virtio-fs] " Stefan Hajnoczi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210428110100.27757-25-dgilbert@redhat.com \
--to=dgilbert@redhat.com \
--cc=groug@kaod.org \
--cc=qemu-devel@nongnu.org \
--cc=stefanha@redhat.com \
--cc=vgoyal@redhat.com \
--cc=virtio-fs@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.