From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9A01BC47089 for ; Thu, 27 May 2021 17:59:47 +0000 (UTC) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 5E5BE6135F for ; Thu, 27 May 2021 17:59:47 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 5E5BE6135F Authentication-Results: mail.kernel.org; dmarc=fail (p=quarantine dis=none) header.from=crudebyte.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Received: from localhost ([::1]:40440 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1lmKIL-0006lN-Hl for qemu-devel@archiver.kernel.org; Thu, 27 May 2021 13:59:45 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:33330) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lmKHQ-0005PQ-Rs for qemu-devel@nongnu.org; Thu, 27 May 2021 13:58:50 -0400 Received: from lizzy.crudebyte.com ([91.194.90.13]:48801) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lmKHP-00041N-9x for qemu-devel@nongnu.org; Thu, 27 May 2021 13:58:48 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=crudebyte.com; s=lizzy; h=Cc:To:Subject:Date:From:References:In-Reply-To: Message-Id:Content-Type:Content-Transfer-Encoding:MIME-Version:Content-ID: Content-Description; bh=PPl6xgA7/vNQepFNtsupFT4wcQ/Kz0LGNru6apqgWaE=; b=JLqd8 BIqdTj65/DoljdYG3npHhpBUQk/n16LT1GyGJPR5d9OXj1sQcvIOuYeXG5HxIrMt4R0cGC2bYczRW aXXUCDS2TwO4dxut7VgBwsAJwMAV93qlD6d0yoT3b/RCgzlepejLIDUqoMffloopQX7LI1rHSuG/c 5q2RgOIkt1V2rpAf/hhqAy2tces/V659vV0zkkQVW3IJ1do01kx1UBcnuMLYX/2aagExfz30aMcqj Bo98KL9xzKc1keE/GZ2yT++LVzOcpaKpTb1wFIIiHihjY3aspfGglG7M0e8g0J3m7eVCvfg3YM4tH wAmoQIk+Qb2SlXCDDkCHOffeS9zBg==; Message-Id: In-Reply-To: References: From: Christian Schoenebeck Date: Thu, 27 May 2021 19:04:11 +0200 Subject: [PATCH 2/3] 9pfs: capture root stat To: qemu-devel@nongnu.org Cc: Greg Kurz Received-SPF: none client-ip=91.194.90.13; envelope-from=e6a33f077cf0675f51bff979e976f8472cfe027d@lizzy.crudebyte.com; helo=lizzy.crudebyte.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_NONE=0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: "Qemu-devel" We already capture the QID of the exported 9p root path, i.e. to prevent client access outside the defined, exported filesystem's tree. This is currently checked by comparing the root QID with another FID's QID. The problem with the latter is that resolving a QID of any given 9p path can only be done on 9p server's main thread, that's because it might mutate the server's state if inode remapping is enabled. For that reason also capture the POSIX stat info of the root path for being able to identify on any (e.g. worker) thread whether an arbitrary given path is identical to the export root. Signed-off-by: Christian Schoenebeck --- hw/9pfs/9p.c | 10 +++++++++- hw/9pfs/9p.h | 1 + 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c index 89aa07db78..825de1561d 100644 --- a/hw/9pfs/9p.c +++ b/hw/9pfs/9p.c @@ -1400,6 +1400,7 @@ static void coroutine_fn v9fs_attach(void *opaque) size_t offset = 7; V9fsQID qid; ssize_t err; + struct stat stbuf; v9fs_string_init(&uname); v9fs_string_init(&aname); @@ -1422,7 +1423,13 @@ static void coroutine_fn v9fs_attach(void *opaque) clunk_fid(s, fid); goto out; } - err = fid_to_qid(pdu, fidp, &qid); + err = v9fs_co_lstat(pdu, &fidp->path, &stbuf); + if (err < 0) { + err = -EINVAL; + clunk_fid(s, fid); + goto out; + } + err = stat_to_qid(pdu, &stbuf, &qid); if (err < 0) { err = -EINVAL; clunk_fid(s, fid); @@ -1455,6 +1462,7 @@ static void coroutine_fn v9fs_attach(void *opaque) err += offset; memcpy(&s->root_qid, &qid, sizeof(qid)); + memcpy(&s->root_st, &stbuf, sizeof(struct stat)); trace_v9fs_attach_return(pdu->tag, pdu->id, qid.type, qid.version, qid.path); out: diff --git a/hw/9pfs/9p.h b/hw/9pfs/9p.h index 00381591ff..6f0b4c78c0 100644 --- a/hw/9pfs/9p.h +++ b/hw/9pfs/9p.h @@ -356,6 +356,7 @@ struct V9fsState { Error *migration_blocker; V9fsConf fsconf; V9fsQID root_qid; + struct stat root_st; dev_t dev_id; struct qht qpd_table; struct qht qpp_table; -- 2.20.1