qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed
* [PATCH] virtiofsd: Fix security.capability comparison
@ 2021-04-01 14:58 Dr. David Alan Gilbert (git)
  2021-04-01 15:48 ` [Virtio-fs] " Connor Kuehl
  0 siblings, 1 reply; 3+ messages in thread
From: Dr. David Alan Gilbert (git) @ 2021-04-01 14:58 UTC (permalink / raw)
  To: qemu-devel, stefanha, vgoyal, virtio-fs

From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>

My security fix for the security.capability remap has a silly early
segfault in a simple case where there is an xattrmapping but it doesn't
remap the securty.capability.

Fixes: e586edcb41054 ("virtiofs: drop remapped security.capability xattr as needed")
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
---
 tools/virtiofsd/passthrough_ll.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
index b144320e48..1553d2ef45 100644
--- a/tools/virtiofsd/passthrough_ll.c
+++ b/tools/virtiofsd/passthrough_ll.c
@@ -2636,7 +2636,8 @@ static void parse_xattrmap(struct lo_data *lo)
                 strerror(ret));
         exit(1);
     }
-    if (!strcmp(lo->xattr_security_capability, "security.capability")) {
+    if (!lo->xattr_security_capability ||
+        !strcmp(lo->xattr_security_capability, "security.capability")) {
         /* 1-1 mapping, don't need to do anything */
         free(lo->xattr_security_capability);
         lo->xattr_security_capability = NULL;
-- 
2.31.1



^ permalink raw reply related	[flat|nested] 3+ messages in thread
* Re: [Virtio-fs] [PATCH] virtiofsd: Fix security.capability comparison
  2021-04-01 14:58 [PATCH] virtiofsd: Fix security.capability comparison Dr. David Alan Gilbert (git)
@ 2021-04-01 15:48 ` Connor Kuehl
  2021-04-06 12:16   ` Dr. David Alan Gilbert
  0 siblings, 1 reply; 3+ messages in thread
From: Connor Kuehl @ 2021-04-01 15:48 UTC (permalink / raw)
  To: Dr. David Alan Gilbert (git), qemu-devel, stefanha, vgoyal, virtio-fs

On 4/1/21 9:58 AM, Dr. David Alan Gilbert (git) wrote:
> From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
> 
> My security fix for the security.capability remap has a silly early
> segfault in a simple case where there is an xattrmapping but it doesn't
> remap the securty.capability.

s/securty/security

> 
> Fixes: e586edcb41054 ("virtiofs: drop remapped security.capability xattr as needed")
> Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>

Reviewed-by: Connor Kuehl <ckuehl@redhat.com>

> ---
>   tools/virtiofsd/passthrough_ll.c | 3 ++-
>   1 file changed, 2 insertions(+), 1 deletion(-)
> 
> diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
> index b144320e48..1553d2ef45 100644
> --- a/tools/virtiofsd/passthrough_ll.c
> +++ b/tools/virtiofsd/passthrough_ll.c
> @@ -2636,7 +2636,8 @@ static void parse_xattrmap(struct lo_data *lo)
>                   strerror(ret));
>           exit(1);
>       }
> -    if (!strcmp(lo->xattr_security_capability, "security.capability")) {
> +    if (!lo->xattr_security_capability ||
> +        !strcmp(lo->xattr_security_capability, "security.capability")) {
>           /* 1-1 mapping, don't need to do anything */
>           free(lo->xattr_security_capability);
>           lo->xattr_security_capability = NULL;
> 



^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: [Virtio-fs] [PATCH] virtiofsd: Fix security.capability comparison
  2021-04-01 15:48 ` [Virtio-fs] " Connor Kuehl
@ 2021-04-06 12:16   ` Dr. David Alan Gilbert
  0 siblings, 0 replies; 3+ messages in thread
From: Dr. David Alan Gilbert @ 2021-04-06 12:16 UTC (permalink / raw)
  To: Connor Kuehl; +Cc: virtio-fs, qemu-devel, stefanha, vgoyal

* Connor Kuehl (ckuehl@redhat.com) wrote:
> On 4/1/21 9:58 AM, Dr. David Alan Gilbert (git) wrote:
> > From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
> > 
> > My security fix for the security.capability remap has a silly early
> > segfault in a simple case where there is an xattrmapping but it doesn't
> > remap the securty.capability.
> 
> s/securty/security

Queued, with that typo fixed

> > 
> > Fixes: e586edcb41054 ("virtiofs: drop remapped security.capability xattr as needed")
> > Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
> 
> Reviewed-by: Connor Kuehl <ckuehl@redhat.com>
> 
> > ---
> >   tools/virtiofsd/passthrough_ll.c | 3 ++-
> >   1 file changed, 2 insertions(+), 1 deletion(-)
> > 
> > diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
> > index b144320e48..1553d2ef45 100644
> > --- a/tools/virtiofsd/passthrough_ll.c
> > +++ b/tools/virtiofsd/passthrough_ll.c
> > @@ -2636,7 +2636,8 @@ static void parse_xattrmap(struct lo_data *lo)
> >                   strerror(ret));
> >           exit(1);
> >       }
> > -    if (!strcmp(lo->xattr_security_capability, "security.capability")) {
> > +    if (!lo->xattr_security_capability ||
> > +        !strcmp(lo->xattr_security_capability, "security.capability")) {
> >           /* 1-1 mapping, don't need to do anything */
> >           free(lo->xattr_security_capability);
> >           lo->xattr_security_capability = NULL;
> > 
> 
> 
-- 
Dr. David Alan Gilbert / dgilbert@redhat.com / Manchester, UK



^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2021-04-06 12:18 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-04-01 14:58 [PATCH] virtiofsd: Fix security.capability comparison Dr. David Alan Gilbert (git)
2021-04-01 15:48 ` [Virtio-fs] " Connor Kuehl
2021-04-06 12:16   ` Dr. David Alan Gilbert

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).