virtio-9p: Security model for create/open2
In the mapped security model, VirtFS server intercepts and maps the file object create and get/set attribute requests. Files on the fileserver will be created with VirtFS servers (QEMU) user credentials and the client-users credentials are stored in extended attributes. On the request to get attributes, server extracts the client-users credentials from extended attributes and sends them to the client. On Host/Fileserver: -rw-------. 2 virfsuid virtfsgid 0 2010-05-11 09:19 afile On Guest/Client: -rw-r--r-- 2 guestuser guestuser 0 2010-05-11 12:19 afile Signed-off-by: Venkateswararao Jujjuri <jvrao@linux.vnet.ibm.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This commit is contained in:
parent
1237ad7607
commit
4750a96f6b
@ -62,7 +62,7 @@ typedef struct FileOperations
|
|||||||
int (*closedir)(FsContext *, DIR *);
|
int (*closedir)(FsContext *, DIR *);
|
||||||
DIR *(*opendir)(FsContext *, const char *);
|
DIR *(*opendir)(FsContext *, const char *);
|
||||||
int (*open)(FsContext *, const char *, int);
|
int (*open)(FsContext *, const char *, int);
|
||||||
int (*open2)(FsContext *, const char *, int, mode_t);
|
int (*open2)(FsContext *, const char *, int, FsCred *);
|
||||||
void (*rewinddir)(FsContext *, DIR *);
|
void (*rewinddir)(FsContext *, DIR *);
|
||||||
off_t (*telldir)(FsContext *, DIR *);
|
off_t (*telldir)(FsContext *, DIR *);
|
||||||
struct dirent *(*readdir)(FsContext *, DIR *);
|
struct dirent *(*readdir)(FsContext *, DIR *);
|
||||||
|
@ -95,6 +95,18 @@ static int local_set_xattr(const char *path, FsCred *credp)
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static int local_post_create_passthrough(FsContext *fs_ctx, const char *path,
|
||||||
|
FsCred *credp)
|
||||||
|
{
|
||||||
|
if (chmod(rpath(fs_ctx, path), credp->fc_mode & 07777) < 0) {
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
if (chown(rpath(fs_ctx, path), credp->fc_uid, credp->fc_gid) < 0) {
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
static ssize_t local_readlink(FsContext *ctx, const char *path,
|
static ssize_t local_readlink(FsContext *ctx, const char *path,
|
||||||
char *buf, size_t bufsz)
|
char *buf, size_t bufsz)
|
||||||
{
|
{
|
||||||
@ -230,9 +242,44 @@ static int local_fstat(FsContext *fs_ctx, int fd, struct stat *stbuf)
|
|||||||
return err;
|
return err;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int local_open2(FsContext *ctx, const char *path, int flags, mode_t mode)
|
static int local_open2(FsContext *fs_ctx, const char *path, int flags,
|
||||||
|
FsCred *credp)
|
||||||
{
|
{
|
||||||
return open(rpath(ctx, path), flags, mode);
|
int fd = -1;
|
||||||
|
int err = -1;
|
||||||
|
int serrno = 0;
|
||||||
|
|
||||||
|
/* Determine the security model */
|
||||||
|
if (fs_ctx->fs_sm == SM_MAPPED) {
|
||||||
|
fd = open(rpath(fs_ctx, path), flags, SM_LOCAL_MODE_BITS);
|
||||||
|
if (fd == -1) {
|
||||||
|
return fd;
|
||||||
|
}
|
||||||
|
credp->fc_mode = credp->fc_mode|S_IFREG;
|
||||||
|
/* Set cleint credentials in xattr */
|
||||||
|
err = local_set_xattr(rpath(fs_ctx, path), credp);
|
||||||
|
if (err == -1) {
|
||||||
|
serrno = errno;
|
||||||
|
goto err_end;
|
||||||
|
}
|
||||||
|
} else if (fs_ctx->fs_sm == SM_PASSTHROUGH) {
|
||||||
|
fd = open(rpath(fs_ctx, path), flags, credp->fc_mode);
|
||||||
|
if (fd == -1) {
|
||||||
|
return fd;
|
||||||
|
}
|
||||||
|
err = local_post_create_passthrough(fs_ctx, path, credp);
|
||||||
|
if (err == -1) {
|
||||||
|
serrno = errno;
|
||||||
|
goto err_end;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return fd;
|
||||||
|
|
||||||
|
err_end:
|
||||||
|
close(fd);
|
||||||
|
remove(rpath(fs_ctx, path));
|
||||||
|
errno = serrno;
|
||||||
|
return err;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -180,9 +180,17 @@ static int v9fs_do_fstat(V9fsState *s, int fd, struct stat *stbuf)
|
|||||||
return s->ops->fstat(&s->ctx, fd, stbuf);
|
return s->ops->fstat(&s->ctx, fd, stbuf);
|
||||||
}
|
}
|
||||||
|
|
||||||
static int v9fs_do_open2(V9fsState *s, V9fsString *path, int flags, mode_t mode)
|
static int v9fs_do_open2(V9fsState *s, V9fsCreateState *vs)
|
||||||
{
|
{
|
||||||
return s->ops->open2(&s->ctx, path->data, flags, mode);
|
FsCred cred;
|
||||||
|
int flags;
|
||||||
|
|
||||||
|
cred_init(&cred);
|
||||||
|
cred.fc_uid = vs->fidp->uid;
|
||||||
|
cred.fc_mode = vs->perm & 0777;
|
||||||
|
flags = omode_to_uflags(vs->mode) | O_CREAT;
|
||||||
|
|
||||||
|
return s->ops->open2(&s->ctx, vs->fullname.data, flags, &cred);
|
||||||
}
|
}
|
||||||
|
|
||||||
static int v9fs_do_symlink(V9fsState *s, V9fsString *oldpath,
|
static int v9fs_do_symlink(V9fsState *s, V9fsString *oldpath,
|
||||||
@ -1815,9 +1823,7 @@ static void v9fs_create_post_lstat(V9fsState *s, V9fsCreateState *vs, int err)
|
|||||||
err = v9fs_do_mksock(s, &vs->fullname);
|
err = v9fs_do_mksock(s, &vs->fullname);
|
||||||
v9fs_create_post_mksock(s, vs, err);
|
v9fs_create_post_mksock(s, vs, err);
|
||||||
} else {
|
} else {
|
||||||
vs->fidp->fd = v9fs_do_open2(s, &vs->fullname,
|
vs->fidp->fd = v9fs_do_open2(s, vs);
|
||||||
omode_to_uflags(vs->mode) | O_CREAT,
|
|
||||||
vs->perm & 0777);
|
|
||||||
v9fs_create_post_open2(s, vs, err);
|
v9fs_create_post_open2(s, vs, err);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user