virtio-9p: Security model for create/open2

In the mapped security model, VirtFS server intercepts and maps
the file object create and get/set attribute requests. Files on the fileserver
will be created with VirtFS servers (QEMU) user credentials and the
client-users credentials are stored in extended attributes. On the request
to get attributes, server extracts the client-users credentials
from extended attributes and sends them to the client.

On Host/Fileserver:
-rw-------. 2 virfsuid virtfsgid 0 2010-05-11 09:19 afile

On Guest/Client:
-rw-r--r-- 2 guestuser guestuser 0 2010-05-11 12:19 afile

Signed-off-by: Venkateswararao Jujjuri <jvrao@linux.vnet.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This commit is contained in:
Venkateswararao Jujjuri (JV) 2010-06-14 13:34:45 -07:00 committed by Anthony Liguori
parent 1237ad7607
commit 4750a96f6b
3 changed files with 61 additions and 8 deletions

View File

@ -62,7 +62,7 @@ typedef struct FileOperations
int (*closedir)(FsContext *, DIR *); int (*closedir)(FsContext *, DIR *);
DIR *(*opendir)(FsContext *, const char *); DIR *(*opendir)(FsContext *, const char *);
int (*open)(FsContext *, const char *, int); int (*open)(FsContext *, const char *, int);
int (*open2)(FsContext *, const char *, int, mode_t); int (*open2)(FsContext *, const char *, int, FsCred *);
void (*rewinddir)(FsContext *, DIR *); void (*rewinddir)(FsContext *, DIR *);
off_t (*telldir)(FsContext *, DIR *); off_t (*telldir)(FsContext *, DIR *);
struct dirent *(*readdir)(FsContext *, DIR *); struct dirent *(*readdir)(FsContext *, DIR *);

View File

@ -95,6 +95,18 @@ static int local_set_xattr(const char *path, FsCred *credp)
return 0; return 0;
} }
static int local_post_create_passthrough(FsContext *fs_ctx, const char *path,
FsCred *credp)
{
if (chmod(rpath(fs_ctx, path), credp->fc_mode & 07777) < 0) {
return -1;
}
if (chown(rpath(fs_ctx, path), credp->fc_uid, credp->fc_gid) < 0) {
return -1;
}
return 0;
}
static ssize_t local_readlink(FsContext *ctx, const char *path, static ssize_t local_readlink(FsContext *ctx, const char *path,
char *buf, size_t bufsz) char *buf, size_t bufsz)
{ {
@ -230,9 +242,44 @@ static int local_fstat(FsContext *fs_ctx, int fd, struct stat *stbuf)
return err; return err;
} }
static int local_open2(FsContext *ctx, const char *path, int flags, mode_t mode) static int local_open2(FsContext *fs_ctx, const char *path, int flags,
FsCred *credp)
{ {
return open(rpath(ctx, path), flags, mode); int fd = -1;
int err = -1;
int serrno = 0;
/* Determine the security model */
if (fs_ctx->fs_sm == SM_MAPPED) {
fd = open(rpath(fs_ctx, path), flags, SM_LOCAL_MODE_BITS);
if (fd == -1) {
return fd;
}
credp->fc_mode = credp->fc_mode|S_IFREG;
/* Set cleint credentials in xattr */
err = local_set_xattr(rpath(fs_ctx, path), credp);
if (err == -1) {
serrno = errno;
goto err_end;
}
} else if (fs_ctx->fs_sm == SM_PASSTHROUGH) {
fd = open(rpath(fs_ctx, path), flags, credp->fc_mode);
if (fd == -1) {
return fd;
}
err = local_post_create_passthrough(fs_ctx, path, credp);
if (err == -1) {
serrno = errno;
goto err_end;
}
}
return fd;
err_end:
close(fd);
remove(rpath(fs_ctx, path));
errno = serrno;
return err;
} }

View File

@ -180,9 +180,17 @@ static int v9fs_do_fstat(V9fsState *s, int fd, struct stat *stbuf)
return s->ops->fstat(&s->ctx, fd, stbuf); return s->ops->fstat(&s->ctx, fd, stbuf);
} }
static int v9fs_do_open2(V9fsState *s, V9fsString *path, int flags, mode_t mode) static int v9fs_do_open2(V9fsState *s, V9fsCreateState *vs)
{ {
return s->ops->open2(&s->ctx, path->data, flags, mode); FsCred cred;
int flags;
cred_init(&cred);
cred.fc_uid = vs->fidp->uid;
cred.fc_mode = vs->perm & 0777;
flags = omode_to_uflags(vs->mode) | O_CREAT;
return s->ops->open2(&s->ctx, vs->fullname.data, flags, &cred);
} }
static int v9fs_do_symlink(V9fsState *s, V9fsString *oldpath, static int v9fs_do_symlink(V9fsState *s, V9fsString *oldpath,
@ -1815,9 +1823,7 @@ static void v9fs_create_post_lstat(V9fsState *s, V9fsCreateState *vs, int err)
err = v9fs_do_mksock(s, &vs->fullname); err = v9fs_do_mksock(s, &vs->fullname);
v9fs_create_post_mksock(s, vs, err); v9fs_create_post_mksock(s, vs, err);
} else { } else {
vs->fidp->fd = v9fs_do_open2(s, &vs->fullname, vs->fidp->fd = v9fs_do_open2(s, vs);
omode_to_uflags(vs->mode) | O_CREAT,
vs->perm & 0777);
v9fs_create_post_open2(s, vs, err); v9fs_create_post_open2(s, vs, err);
} }