In passthrough security model in local fs driver, after a file creation
chown and chmod are done to set the file credentials and mode as requested
by 9p client. But if there was a request to create a file with S_ISGID
bit, doing chown on that file resets the S_ISGID bit. So first call
chown and then invoking chmod with proper mode bit retains the S_ISGID
(if present/requested)
This resulted in LTP mknod02, mknod03, mknod05, open10 test case
failures. This patch fixes this issue.
man 2 chown
When the owner or group of an executable file are changed by an unprivileged
user the S_ISUID and S_ISGID mode bits are cleared. POSIX does not specify
whether this also should happen when root does the chown(); the Linux behavior
depends on the kernel version.
Signed-off-by: M. Mohan Kumar <mohan@in.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
This enable us to do passthrough equivalent security model on NFS directory.
NFS server mostly do root squashing and don't support xattr. Hence we cannot
use 'passthrough' or 'mapped' security model
Also added "mapped-xattr" security to indicate earlier "mapped" security model
Older name is still supported.
POSIX rules regarding ctime update on chmod are not followed by this security model.
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
This remove all conditional code from common code path and
make opt validation a FSDriver callback.
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Fsdriver callback that operate on file descriptor need to
differentiate between directory fd and file fd.
Based on the original patch from Sassan Panahinejad <sassan@sassan.me.uk>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
I guess we can also make sure we don't call local_ioc_getversion at
all.
Reported-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Small requirements on "new" features have percolated to virtio-9p-local.c.
In particular, the utimensat wrapper actually only supports dirfd = AT_FDCWD
and flags = AT_SYMLINK_NOFOLLOW in the fallback code. Remove the arguments
so that virtio-9p-local.c will not use AT_* constants.
At the same time, fail local_ioc_getversion if the ioctl is not supported
by the host.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Modern distributions place xattr.h in /usr/include/sys, and fold
libattr.so into libc. They also don't have an ENOATTR.
Make configure detect this, and add a qemu-xattr.h file that
directs the #include to the right place.
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
To implement synthetic file system in Qemu we may not really
require file descriptor and Dir *. Make generic code use
V9fsFidOpenState instead.
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
This patch use file system specific ioctl for getting i_generation
value. Not all file system support the ioctl. So we add an export
specific extended operation and assign right callback for the
file system that support i_generation ioctl
["M. Mohan Kumar" <mohan@in.ibm.com> we can do ioctl only for
regular files and directories on the server]
Signed-off-by: Harsh Prateek Bora <harsh@linux.vnet.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
writeout=immediate implies the after pwritev we do a sync_file_range.
Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Add a new context flag PATHNAME_FSCONTEXT and indicate whether
the fs driver track fid using path names. Also add a private
pointer that help us to track fs driver specific values in there
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
This enables us to add handles to track fids later. The
V9fsPath added is similar to V9fsString except that the
size include the NULL byte also.
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Current rpath inline function is heavily used in all system calls.
This function has a static buffer making it a non-thread safe function.
This patch introduces new thread-safe routine and makes use of it.
Signed-off-by: Venkateswararao Jujjuri "<jvrao@linux.vnet.ibm.com>
Commit 353ac78d49 moved the files
without fixing the include paths. It used a modified CFLAGS
to add hw to the include search path, but this breaks builds
where the user wants to set special CFLAGS. Long include paths
also increase compilation time.
Therefore this patch removes the special CFLAGS for virtio
and fixes the include statements by using relative include paths.
v2: Remove special CFLAGS.
v3: Update needed for latest QEMU.
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Venkateswararao Jujjuri (JV) <jvrao@linux.vnet.ibm.com>
This patch removes the addition of null char in symlink file
which is being appended to file in case of mapped security model.
Without this patch, the extra null char causes LTP testcase lstat03
to fail and hence this fix is required.
Signed-off-by: Venkateswararao Jujjuri <jvrao@linux.vnet.ibm.com>
Now that we start adding more files related to 9pfs
it make sense to move them to a separate directory
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Signed-off-by: Venkateswararao Jujjuri <jvrao@linux.vnet.ibm.com>
