From: "Philippe Mathieu-Daudé" <philmd@redhat.com>
To: "Dr. David Alan Gilbert (git)" <dgilbert@redhat.com>,
qemu-devel@nongnu.org, stefanha@redhat.com, vgoyal@redhat.com,
berrange@redhat.com, slp@redhat.com
Cc: m.mizuma@jp.fujitsu.com, misono.tomohiro@jp.fujitsu.com
Subject: Re: [PATCH v2 051/109] virtiofsd: add seccomp whitelist
Date: Tue, 21 Jan 2020 16:54:41 +0100 [thread overview]
Message-ID: <ba916575-1496-8c3d-a568-573ebb07d4ec@redhat.com> (raw)
In-Reply-To: <20200121122433.50803-52-dgilbert@redhat.com>
On 1/21/20 1:23 PM, Dr. David Alan Gilbert (git) wrote:
> From: Stefan Hajnoczi <stefanha@redhat.com>
>
> Only allow system calls that are needed by virtiofsd. All other system
> calls cause SIGSYS to be directed at the thread and the process will
> coredump.
>
> Restricting system calls reduces the kernel attack surface and limits
> what the process can do when compromised.
>
> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
> with additional entries by:
> Signed-off-by: Ganesh Maharaj Mahalingam <ganesh.mahalingam@intel.com>
> Signed-off-by: Masayoshi Mizuma <m.mizuma@jp.fujitsu.com>
> Signed-off-by: Misono Tomohiro <misono.tomohiro@jp.fujitsu.com>
> Signed-off-by: piaojun <piaojun@huawei.com>
> Signed-off-by: Vivek Goyal <vgoyal@redhat.com>
> Signed-off-by: Eric Ren <renzhen@linux.alibaba.com>
> Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
> ---
> Makefile | 2 +-
> tools/virtiofsd/Makefile.objs | 5 +-
> tools/virtiofsd/passthrough_ll.c | 2 +
> tools/virtiofsd/seccomp.c | 150 +++++++++++++++++++++++++++++++
> tools/virtiofsd/seccomp.h | 14 +++
> 5 files changed, 171 insertions(+), 2 deletions(-)
> create mode 100644 tools/virtiofsd/seccomp.c
> create mode 100644 tools/virtiofsd/seccomp.h
>
> diff --git a/Makefile b/Makefile
> index a87e06ad93..967d59c98a 100644
> --- a/Makefile
> +++ b/Makefile
> @@ -327,7 +327,7 @@ HELPERS-y += vhost-user-gpu$(EXESUF)
> vhost-user-json-y += contrib/vhost-user-gpu/50-qemu-gpu.json
> endif
>
> -ifdef CONFIG_LINUX
> +ifeq ($(CONFIG_LINUX)$(CONFIG_SECCOMP),yy)
> HELPERS-y += virtiofsd$(EXESUF)
Something is weird here, because I got:
$ make virtiofsd
...
CC tools/virtiofsd/seccomp.o
tools/virtiofsd/seccomp.c:14:21: fatal error: seccomp.h: No such file or
directory
#include <seccomp.h>
^
Indeed I don't have libseccomp installed, ./configure reported:
...
QGA MSI support no
seccomp support no
coroutine backend ucontext
coroutine pool yes
debug stack usage no
...
Note also:
$ make print-CONFIG_LINUX
CONFIG_LINUX=y
$ make print-CONFIG_SECCOMP
CONFIG_SECCOMP=
$ make print-CONFIG_LIBCAP_NG
CONFIG_LIBCAP_NG=y
$ make print-HELPERS-y
HELPERS-y=qemu-bridge-helper
> vhost-user-json-y += tools/virtiofsd/50-qemu-virtiofsd.json
> endif
> diff --git a/tools/virtiofsd/Makefile.objs b/tools/virtiofsd/Makefile.objs
> index 45a807500d..076f667e46 100644
> --- a/tools/virtiofsd/Makefile.objs
> +++ b/tools/virtiofsd/Makefile.objs
> @@ -5,5 +5,8 @@ virtiofsd-obj-y = buffer.o \
> fuse_signals.o \
> fuse_virtio.o \
> helper.o \
> - passthrough_ll.o
> + passthrough_ll.o \
> + seccomp.o
>
> +seccomp.o-cflags := $(SECCOMP_CFLAGS)
> +seccomp.o-libs := $(SECCOMP_LIBS)
> diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
> index 752beb459a..8748e64f33 100644
> --- a/tools/virtiofsd/passthrough_ll.c
> +++ b/tools/virtiofsd/passthrough_ll.c
> @@ -58,6 +58,7 @@
> #include <unistd.h>
>
> #include "passthrough_helpers.h"
> +#include "seccomp.h"
>
> struct lo_map_elem {
> union {
> @@ -2090,6 +2091,7 @@ static void setup_sandbox(struct lo_data *lo, struct fuse_session *se)
> {
> setup_namespaces(lo, se);
> setup_mounts(lo->source);
> + setup_seccomp();
> }
>
> int main(int argc, char *argv[])
> diff --git a/tools/virtiofsd/seccomp.c b/tools/virtiofsd/seccomp.c
> new file mode 100644
> index 0000000000..2aa4d3cc66
> --- /dev/null
> +++ b/tools/virtiofsd/seccomp.c
> @@ -0,0 +1,150 @@
> +/*
> + * Seccomp sandboxing for virtiofsd
> + *
> + * Copyright (C) 2019 Red Hat, Inc.
> + *
> + * SPDX-License-Identifier: GPL-2.0-or-later
> + */
> +
> +#include "seccomp.h"
> +#include "fuse_i.h"
> +#include "fuse_log.h"
> +#include <errno.h>
> +#include <glib.h>
> +#include <seccomp.h>
> +#include <stdlib.h>
> +
> +/* Bodge for libseccomp 2.4.2 which broke ppoll */
> +#if !defined(__SNR_ppoll) && defined(__SNR_brk)
> +#ifdef __NR_ppoll
> +#define __SNR_ppoll __NR_ppoll
> +#else
> +#define __SNR_ppoll __PNR_ppoll
> +#endif
> +#endif
> +
> +static const int syscall_whitelist[] = {
> + /* TODO ireg sem*() syscalls */
> + SCMP_SYS(brk),
> + SCMP_SYS(capget), /* For CAP_FSETID */
> + SCMP_SYS(capset),
> + SCMP_SYS(clock_gettime),
> + SCMP_SYS(clone),
> +#ifdef __NR_clone3
> + SCMP_SYS(clone3),
> +#endif
> + SCMP_SYS(close),
> + SCMP_SYS(copy_file_range),
> + SCMP_SYS(dup),
> + SCMP_SYS(eventfd2),
> + SCMP_SYS(exit),
> + SCMP_SYS(exit_group),
> + SCMP_SYS(fallocate),
> + SCMP_SYS(fchmodat),
> + SCMP_SYS(fchownat),
> + SCMP_SYS(fcntl),
> + SCMP_SYS(fdatasync),
> + SCMP_SYS(fgetxattr),
> + SCMP_SYS(flistxattr),
> + SCMP_SYS(flock),
> + SCMP_SYS(fremovexattr),
> + SCMP_SYS(fsetxattr),
> + SCMP_SYS(fstat),
> + SCMP_SYS(fstatfs),
> + SCMP_SYS(fsync),
> + SCMP_SYS(ftruncate),
> + SCMP_SYS(futex),
> + SCMP_SYS(getdents),
> + SCMP_SYS(getdents64),
> + SCMP_SYS(getegid),
> + SCMP_SYS(geteuid),
> + SCMP_SYS(getpid),
> + SCMP_SYS(gettid),
> + SCMP_SYS(gettimeofday),
> + SCMP_SYS(linkat),
> + SCMP_SYS(lseek),
> + SCMP_SYS(madvise),
> + SCMP_SYS(mkdirat),
> + SCMP_SYS(mknodat),
> + SCMP_SYS(mmap),
> + SCMP_SYS(mprotect),
> + SCMP_SYS(mremap),
> + SCMP_SYS(munmap),
> + SCMP_SYS(newfstatat),
> + SCMP_SYS(open),
> + SCMP_SYS(openat),
> + SCMP_SYS(ppoll),
> + SCMP_SYS(prctl), /* TODO restrict to just PR_SET_NAME? */
> + SCMP_SYS(preadv),
> + SCMP_SYS(pread64),
> + SCMP_SYS(pwritev),
> + SCMP_SYS(pwrite64),
> + SCMP_SYS(read),
> + SCMP_SYS(readlinkat),
> + SCMP_SYS(recvmsg),
> + SCMP_SYS(renameat),
> + SCMP_SYS(renameat2),
> + SCMP_SYS(rt_sigaction),
> + SCMP_SYS(rt_sigprocmask),
> + SCMP_SYS(rt_sigreturn),
> + SCMP_SYS(sendmsg),
> + SCMP_SYS(setresgid),
> + SCMP_SYS(setresuid),
> +#ifdef __NR_setresgid32
> + SCMP_SYS(setresgid32),
> +#endif
> +#ifdef __NR_setresuid32
> + SCMP_SYS(setresuid32),
> +#endif
> + SCMP_SYS(set_robust_list),
> + SCMP_SYS(symlinkat),
> + SCMP_SYS(time), /* Rarely needed, except on static builds */
> + SCMP_SYS(tgkill),
> + SCMP_SYS(unlinkat),
> + SCMP_SYS(utimensat),
> + SCMP_SYS(write),
> + SCMP_SYS(writev),
> +};
> +
> +void setup_seccomp(void)
> +{
> + scmp_filter_ctx ctx;
> + size_t i;
> +
> +#ifdef SCMP_ACT_KILL_PROCESS
> + ctx = seccomp_init(SCMP_ACT_KILL_PROCESS);
> + /* Handle a newer libseccomp but an older kernel */
> + if (!ctx && errno == EOPNOTSUPP) {
> + ctx = seccomp_init(SCMP_ACT_TRAP);
> + }
> +#else
> + ctx = seccomp_init(SCMP_ACT_TRAP);
> +#endif
> + if (!ctx) {
> + fuse_log(FUSE_LOG_ERR, "seccomp_init() failed\n");
> + exit(1);
> + }
> +
> + for (i = 0; i < G_N_ELEMENTS(syscall_whitelist); i++) {
> + if (seccomp_rule_add(ctx, SCMP_ACT_ALLOW,
> + syscall_whitelist[i], 0) != 0) {
> + fuse_log(FUSE_LOG_ERR, "seccomp_rule_add syscall %d",
> + syscall_whitelist[i]);
> + exit(1);
> + }
> + }
> +
> + /* libvhost-user calls this for post-copy migration, we don't need it */
> + if (seccomp_rule_add(ctx, SCMP_ACT_ERRNO(ENOSYS),
> + SCMP_SYS(userfaultfd), 0) != 0) {
> + fuse_log(FUSE_LOG_ERR, "seccomp_rule_add userfaultfd failed\n");
> + exit(1);
> + }
> +
> + if (seccomp_load(ctx) < 0) {
> + fuse_log(FUSE_LOG_ERR, "seccomp_load() failed\n");
> + exit(1);
> + }
> +
> + seccomp_release(ctx);
> +}
> diff --git a/tools/virtiofsd/seccomp.h b/tools/virtiofsd/seccomp.h
> new file mode 100644
> index 0000000000..86bce72652
> --- /dev/null
> +++ b/tools/virtiofsd/seccomp.h
> @@ -0,0 +1,14 @@
> +/*
> + * Seccomp sandboxing for virtiofsd
> + *
> + * Copyright (C) 2019 Red Hat, Inc.
> + *
> + * SPDX-License-Identifier: GPL-2.0-or-later
> + */
> +
> +#ifndef VIRTIOFSD_SECCOMP_H
> +#define VIRTIOFSD_SECCOMP_H
> +
> +void setup_seccomp(void);
> +
> +#endif /* VIRTIOFSD_SECCOMP_H */
>
next prev parent reply other threads:[~2020-01-21 15:55 UTC|newest]
Thread overview: 141+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-01-21 12:22 [PATCH v2 000/109] virtiofs daemon [all] Dr. David Alan Gilbert (git)
2020-01-21 12:22 ` [PATCH v2 001/109] virtiofsd: Pull in upstream headers Dr. David Alan Gilbert (git)
2020-01-21 12:22 ` [PATCH v2 002/109] virtiofsd: Pull in kernel's fuse.h Dr. David Alan Gilbert (git)
2020-01-21 12:22 ` [PATCH v2 003/109] virtiofsd: Add auxiliary .c's Dr. David Alan Gilbert (git)
2020-01-21 12:22 ` [PATCH v2 004/109] virtiofsd: Add fuse_lowlevel.c Dr. David Alan Gilbert (git)
2020-01-21 12:22 ` [PATCH v2 005/109] virtiofsd: Add passthrough_ll Dr. David Alan Gilbert (git)
2020-01-21 12:22 ` [PATCH v2 006/109] virtiofsd: Trim down imported files Dr. David Alan Gilbert (git)
2020-01-22 2:48 ` Xiao Yang
2020-01-22 10:41 ` Dr. David Alan Gilbert
2020-01-21 12:22 ` [PATCH v2 007/109] virtiofsd: Format imported files to qemu style Dr. David Alan Gilbert (git)
2020-01-21 12:22 ` [PATCH v2 008/109] virtiofsd: remove mountpoint dummy argument Dr. David Alan Gilbert (git)
2020-01-21 12:22 ` [PATCH v2 009/109] virtiofsd: remove unused notify reply support Dr. David Alan Gilbert (git)
2020-01-21 12:22 ` [PATCH v2 010/109] virtiofsd: Fix fuse_daemonize ignored return values Dr. David Alan Gilbert (git)
2020-01-21 15:24 ` Philippe Mathieu-Daudé
2020-01-21 12:22 ` [PATCH v2 011/109] virtiofsd: Fix common header and define for QEMU builds Dr. David Alan Gilbert (git)
2020-01-21 15:24 ` Philippe Mathieu-Daudé
2020-01-22 15:32 ` Philippe Mathieu-Daudé
2020-01-22 16:52 ` Dr. David Alan Gilbert
2020-01-21 12:22 ` [PATCH v2 012/109] virtiofsd: Trim out compatibility code Dr. David Alan Gilbert (git)
2020-01-21 12:22 ` [PATCH v2 013/109] vitriofsd/passthrough_ll: fix fallocate() ifdefs Dr. David Alan Gilbert (git)
2020-01-21 12:22 ` [PATCH v2 014/109] virtiofsd: Make fsync work even if only inode is passed in Dr. David Alan Gilbert (git)
2020-01-21 12:22 ` [PATCH v2 015/109] virtiofsd: Add options for virtio Dr. David Alan Gilbert (git)
2020-01-22 6:53 ` Misono Tomohiro
2020-01-21 12:23 ` [PATCH v2 016/109] virtiofsd: add -o source=PATH to help output Dr. David Alan Gilbert (git)
2020-01-21 12:23 ` [PATCH v2 017/109] virtiofsd: Open vhost connection instead of mounting Dr. David Alan Gilbert (git)
2020-01-21 12:23 ` [PATCH v2 018/109] virtiofsd: Start wiring up vhost-user Dr. David Alan Gilbert (git)
2020-01-21 12:23 ` [PATCH v2 019/109] virtiofsd: Add main virtio loop Dr. David Alan Gilbert (git)
2020-01-21 12:23 ` [PATCH v2 020/109] virtiofsd: get/set features callbacks Dr. David Alan Gilbert (git)
2020-01-21 12:23 ` [PATCH v2 021/109] virtiofsd: Start queue threads Dr. David Alan Gilbert (git)
2020-01-21 12:23 ` [PATCH v2 022/109] virtiofsd: Poll kick_fd for queue Dr. David Alan Gilbert (git)
2020-01-21 12:23 ` [PATCH v2 023/109] virtiofsd: Start reading commands from queue Dr. David Alan Gilbert (git)
2020-01-21 12:23 ` [PATCH v2 024/109] virtiofsd: Send replies to messages Dr. David Alan Gilbert (git)
2020-01-21 12:23 ` [PATCH v2 025/109] virtiofsd: Keep track of replies Dr. David Alan Gilbert (git)
2020-01-21 12:23 ` [PATCH v2 026/109] virtiofsd: Add Makefile wiring for virtiofsd contrib Dr. David Alan Gilbert (git)
2020-01-21 12:23 ` [PATCH v2 027/109] virtiofsd: Fast path for virtio read Dr. David Alan Gilbert (git)
2020-01-21 12:23 ` [PATCH v2 028/109] virtiofsd: add --fd=FDNUM fd passing option Dr. David Alan Gilbert (git)
2020-01-21 12:23 ` [PATCH v2 029/109] virtiofsd: make -f (foreground) the default Dr. David Alan Gilbert (git)
2020-01-21 12:23 ` [PATCH v2 030/109] virtiofsd: add vhost-user.json file Dr. David Alan Gilbert (git)
2020-01-21 12:23 ` [PATCH v2 031/109] virtiofsd: add --print-capabilities option Dr. David Alan Gilbert (git)
2020-01-21 12:23 ` [PATCH v2 032/109] virtiofs: Add maintainers entry Dr. David Alan Gilbert (git)
2020-01-21 12:23 ` [PATCH v2 033/109] virtiofsd: passthrough_ll: create new files in caller's context Dr. David Alan Gilbert (git)
2020-01-21 12:23 ` [PATCH v2 034/109] virtiofsd: passthrough_ll: add lo_map for ino/fh indirection Dr. David Alan Gilbert (git)
2020-01-21 12:23 ` [PATCH v2 035/109] virtiofsd: passthrough_ll: add ino_map to hide lo_inode pointers Dr. David Alan Gilbert (git)
2020-01-21 12:23 ` [PATCH v2 036/109] virtiofsd: passthrough_ll: add dirp_map to hide lo_dirp pointers Dr. David Alan Gilbert (git)
2020-01-21 12:23 ` [PATCH v2 037/109] virtiofsd: passthrough_ll: add fd_map to hide file descriptors Dr. David Alan Gilbert (git)
2020-01-21 12:23 ` [PATCH v2 038/109] virtiofsd: passthrough_ll: add fallback for racy ops Dr. David Alan Gilbert (git)
2020-01-21 12:23 ` [PATCH v2 039/109] virtiofsd: validate path components Dr. David Alan Gilbert (git)
2020-01-21 12:23 ` [PATCH v2 040/109] virtiofsd: Plumb fuse_bufvec through to do_write_buf Dr. David Alan Gilbert (git)
2020-01-21 12:23 ` [PATCH v2 041/109] virtiofsd: Pass write iov's all the way through Dr. David Alan Gilbert (git)
2020-01-21 12:23 ` [PATCH v2 042/109] virtiofsd: add fuse_mbuf_iter API Dr. David Alan Gilbert (git)
2020-01-21 12:23 ` [PATCH v2 043/109] virtiofsd: validate input buffer sizes in do_write_buf() Dr. David Alan Gilbert (git)
2020-01-21 12:23 ` [PATCH v2 044/109] virtiofsd: check input buffer size in fuse_lowlevel.c ops Dr. David Alan Gilbert (git)
2020-01-21 12:23 ` [PATCH v2 045/109] virtiofsd: prevent ".." escape in lo_do_lookup() Dr. David Alan Gilbert (git)
2020-01-21 12:23 ` [PATCH v2 046/109] virtiofsd: prevent ".." escape in lo_do_readdir() Dr. David Alan Gilbert (git)
2020-01-21 12:23 ` [PATCH v2 047/109] virtiofsd: use /proc/self/fd/ O_PATH file descriptor Dr. David Alan Gilbert (git)
2020-01-21 12:23 ` [PATCH v2 048/109] virtiofsd: sandbox mount namespace Dr. David Alan Gilbert (git)
2020-01-21 12:23 ` [PATCH v2 049/109] virtiofsd: move to an empty network namespace Dr. David Alan Gilbert (git)
2020-01-21 12:23 ` [PATCH v2 050/109] virtiofsd: move to a new pid namespace Dr. David Alan Gilbert (git)
2020-01-21 12:23 ` [PATCH v2 051/109] virtiofsd: add seccomp whitelist Dr. David Alan Gilbert (git)
2020-01-21 15:54 ` Philippe Mathieu-Daudé [this message]
2020-01-21 19:49 ` Dr. David Alan Gilbert
2020-01-21 20:53 ` Philippe Mathieu-Daudé
2020-01-24 9:46 ` Florian Weimer
2020-01-24 9:51 ` Dr. David Alan Gilbert
2020-01-24 9:57 ` Dr. David Alan Gilbert
2020-01-24 10:06 ` Florian Weimer
2020-01-21 12:23 ` [PATCH v2 052/109] virtiofsd: Parse flag FUSE_WRITE_KILL_PRIV Dr. David Alan Gilbert (git)
2020-01-21 12:23 ` [PATCH v2 053/109] virtiofsd: cap-ng helpers Dr. David Alan Gilbert (git)
2020-01-21 12:23 ` [PATCH v2 054/109] virtiofsd: Drop CAP_FSETID if client asked for it Dr. David Alan Gilbert (git)
2020-01-21 12:23 ` [PATCH v2 055/109] virtiofsd: set maximum RLIMIT_NOFILE limit Dr. David Alan Gilbert (git)
2020-01-21 12:23 ` [PATCH v2 056/109] virtiofsd: fix libfuse information leaks Dr. David Alan Gilbert (git)
2020-01-21 12:23 ` [PATCH v2 057/109] docs: Add docs/tools Dr. David Alan Gilbert (git)
2020-01-22 15:19 ` Philippe Mathieu-Daudé
2020-01-21 12:23 ` [PATCH v2 058/109] virtiofsd: add security guide document Dr. David Alan Gilbert (git)
2020-01-21 12:23 ` [PATCH v2 059/109] virtiofsd: add --syslog command-line option Dr. David Alan Gilbert (git)
2020-01-21 12:23 ` [PATCH v2 060/109] virtiofsd: print log only when priority is high enough Dr. David Alan Gilbert (git)
2020-01-21 12:23 ` [PATCH v2 061/109] virtiofsd: Add ID to the log with FUSE_LOG_DEBUG level Dr. David Alan Gilbert (git)
2020-01-22 15:27 ` Philippe Mathieu-Daudé
2020-01-21 12:23 ` [PATCH v2 062/109] virtiofsd: Add timestamp " Dr. David Alan Gilbert (git)
2020-01-22 15:36 ` Philippe Mathieu-Daudé
2020-01-22 15:57 ` Dr. David Alan Gilbert
2020-01-21 12:23 ` [PATCH v2 063/109] virtiofsd: Handle reinit Dr. David Alan Gilbert (git)
2020-01-21 12:23 ` [PATCH v2 064/109] virtiofsd: Handle hard reboot Dr. David Alan Gilbert (git)
2020-01-21 12:23 ` [PATCH v2 065/109] virtiofsd: Kill threads when queues are stopped Dr. David Alan Gilbert (git)
2020-01-21 12:23 ` [PATCH v2 066/109] vhost-user: Print unexpected slave message types Dr. David Alan Gilbert (git)
2020-01-22 15:41 ` Philippe Mathieu-Daudé
2020-01-22 16:00 ` Dr. David Alan Gilbert
2020-01-21 12:23 ` [PATCH v2 067/109] contrib/libvhost-user: Protect slave fd with mutex Dr. David Alan Gilbert (git)
2020-01-21 12:23 ` [PATCH v2 068/109] virtiofsd: passthrough_ll: add renameat2 support Dr. David Alan Gilbert (git)
2020-01-21 12:23 ` [PATCH v2 069/109] virtiofsd: passthrough_ll: disable readdirplus on cache=never Dr. David Alan Gilbert (git)
2020-01-21 12:23 ` [PATCH v2 070/109] virtiofsd: passthrough_ll: control readdirplus Dr. David Alan Gilbert (git)
2020-01-22 3:11 ` Misono Tomohiro
2020-01-22 17:42 ` Dr. David Alan Gilbert
2020-01-21 12:23 ` [PATCH v2 071/109] virtiofsd: rename unref_inode() to unref_inode_lolocked() Dr. David Alan Gilbert (git)
2020-01-21 12:23 ` [PATCH v2 072/109] virtiofsd: fail when parent inode isn't known in lo_do_lookup() Dr. David Alan Gilbert (git)
2020-01-21 12:23 ` [PATCH v2 073/109] virtiofsd: extract root inode init into setup_root() Dr. David Alan Gilbert (git)
2020-01-22 1:31 ` Misono Tomohiro
2020-01-21 12:23 ` [PATCH v2 074/109] virtiofsd: passthrough_ll: clean up cache related options Dr. David Alan Gilbert (git)
2020-01-21 12:23 ` [PATCH v2 075/109] virtiofsd: passthrough_ll: use hashtable Dr. David Alan Gilbert (git)
2020-01-21 12:24 ` [PATCH v2 076/109] virtiofsd: Clean up inodes on destroy Dr. David Alan Gilbert (git)
2020-01-21 12:24 ` [PATCH v2 077/109] virtiofsd: support nanosecond resolution for file timestamp Dr. David Alan Gilbert (git)
2020-01-21 12:24 ` [PATCH v2 078/109] virtiofsd: fix error handling in main() Dr. David Alan Gilbert (git)
2020-01-21 12:24 ` [PATCH v2 079/109] virtiofsd: cleanup allocated resource in se Dr. David Alan Gilbert (git)
2020-01-21 12:24 ` [PATCH v2 080/109] virtiofsd: fix memory leak on lo.source Dr. David Alan Gilbert (git)
2020-01-22 1:54 ` Misono Tomohiro
2020-01-21 12:24 ` [PATCH v2 081/109] virtiofsd: add helper for lo_data cleanup Dr. David Alan Gilbert (git)
2020-01-21 12:24 ` [PATCH v2 082/109] virtiofsd: Prevent multiply running with same vhost_user_socket Dr. David Alan Gilbert (git)
2020-01-21 12:24 ` [PATCH v2 083/109] virtiofsd: enable PARALLEL_DIROPS during INIT Dr. David Alan Gilbert (git)
2020-01-21 12:24 ` [PATCH v2 084/109] virtiofsd: fix incorrect error handling in lo_do_lookup Dr. David Alan Gilbert (git)
2020-01-21 12:24 ` [PATCH v2 085/109] Virtiofsd: fix memory leak on fuse queueinfo Dr. David Alan Gilbert (git)
2020-01-21 12:24 ` [PATCH v2 086/109] virtiofsd: Support remote posix locks Dr. David Alan Gilbert (git)
2020-01-21 12:24 ` [PATCH v2 087/109] virtiofsd: use fuse_lowlevel_is_virtio() in fuse_session_destroy() Dr. David Alan Gilbert (git)
2020-01-21 12:24 ` [PATCH v2 088/109] virtiofsd: prevent fv_queue_thread() vs virtio_loop() races Dr. David Alan Gilbert (git)
2020-01-21 12:24 ` [PATCH v2 089/109] virtiofsd: make lo_release() atomic Dr. David Alan Gilbert (git)
2020-01-21 12:24 ` [PATCH v2 090/109] virtiofsd: prevent races with lo_dirp_put() Dr. David Alan Gilbert (git)
2020-01-21 12:24 ` [PATCH v2 091/109] virtiofsd: rename inode->refcount to inode->nlookup Dr. David Alan Gilbert (git)
2020-01-21 12:24 ` [PATCH v2 092/109] libvhost-user: Fix some memtable remap cases Dr. David Alan Gilbert (git)
2020-01-21 12:24 ` [PATCH v2 093/109] virtiofsd: add man page Dr. David Alan Gilbert (git)
2020-01-21 15:20 ` Philippe Mathieu-Daudé
2020-01-21 12:24 ` [PATCH v2 094/109] virtiofsd: passthrough_ll: fix refcounting on remove/rename Dr. David Alan Gilbert (git)
2020-01-21 12:24 ` [PATCH v2 095/109] virtiofsd: introduce inode refcount to prevent use-after-free Dr. David Alan Gilbert (git)
2020-01-21 12:24 ` [PATCH v2 096/109] virtiofsd: do not always set FUSE_FLOCK_LOCKS Dr. David Alan Gilbert (git)
2020-01-21 12:24 ` [PATCH v2 097/109] virtiofsd: convert more fprintf and perror to use fuse log infra Dr. David Alan Gilbert (git)
2020-01-22 15:44 ` Philippe Mathieu-Daudé
2020-01-21 12:24 ` [PATCH v2 098/109] virtiofsd: Reset O_DIRECT flag during file open Dr. David Alan Gilbert (git)
2020-01-21 12:24 ` [PATCH v2 099/109] virtiofsd: Fix data corruption with O_APPEND write in writeback mode Dr. David Alan Gilbert (git)
2020-01-21 12:24 ` [PATCH v2 100/109] virtiofsd: add definition of fuse_buf_writev() Dr. David Alan Gilbert (git)
2020-01-21 12:24 ` [PATCH v2 101/109] virtiofsd: use fuse_buf_writev to replace fuse_buf_write for better performance Dr. David Alan Gilbert (git)
2020-01-21 12:24 ` [PATCH v2 102/109] virtiofsd: process requests in a thread pool Dr. David Alan Gilbert (git)
2020-01-21 12:24 ` [PATCH v2 103/109] virtiofsd: prevent FUSE_INIT/FUSE_DESTROY races Dr. David Alan Gilbert (git)
2020-01-21 12:24 ` [PATCH v2 104/109] virtiofsd: fix lo_destroy() resource leaks Dr. David Alan Gilbert (git)
2020-01-21 12:24 ` [PATCH v2 105/109] virtiofsd: add --thread-pool-size=NUM option Dr. David Alan Gilbert (git)
2020-01-21 12:24 ` [PATCH v2 106/109] virtiofsd: Convert lo_destroy to take the lo->mutex lock itself Dr. David Alan Gilbert (git)
2020-01-21 12:24 ` [PATCH v2 107/109] virtiofsd/passthrough_ll: Pass errno to fuse_reply_err() Dr. David Alan Gilbert (git)
2020-01-21 12:24 ` [PATCH v2 108/109] virtiofsd: stop all queue threads on exit in virtio_loop() Dr. David Alan Gilbert (git)
2020-01-21 12:24 ` [PATCH v2 109/109] virtiofsd: add some options to the help message Dr. David Alan Gilbert (git)
2020-01-22 6:35 ` Misono Tomohiro
2020-01-22 18:11 ` Dr. David Alan Gilbert
2020-01-21 14:56 ` [PATCH v2 000/109] virtiofs daemon [all] no-reply
2020-01-21 15:41 ` Philippe Mathieu-Daudé
2020-01-21 17:01 ` Dr. David Alan Gilbert
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ba916575-1496-8c3d-a568-573ebb07d4ec@redhat.com \
--to=philmd@redhat.com \
--cc=berrange@redhat.com \
--cc=dgilbert@redhat.com \
--cc=m.mizuma@jp.fujitsu.com \
--cc=misono.tomohiro@jp.fujitsu.com \
--cc=qemu-devel@nongnu.org \
--cc=slp@redhat.com \
--cc=stefanha@redhat.com \
--cc=vgoyal@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).