Commit Graph

106 Commits

Author SHA1 Message Date
Paolo Bonzini
5261dd7b01 coroutine-lock: make qemu_co_enter_next thread-safe
qemu_co_queue_next does not need to release and re-acquire the mutex,
because the queued coroutine does not run immediately.  However, this
does not hold for qemu_co_enter_next.  Now that qemu_co_queue_wait
can synchronize (via QemuLockable) with code that is not running in
coroutine context, it's important that code using qemu_co_enter_next
can easily use a standardized locking idiom.

First of all, qemu_co_enter_next must use aio_co_wake to restart the
coroutine.  Second, the function gains a second argument, a QemuLockable*,
and the comments of qemu_co_queue_next and qemu_co_queue_restart_all
are adjusted to clarify the difference.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20180203153935.8056-5-pbonzini@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Fam Zheng <famz@redhat.com>
2018-02-08 09:22:03 +08:00
Greg Kurz
65603a801e fsdev: improve error handling of backend init
This patch changes some error messages in the backend init code and
convert backends to propagate QEMU Error objects instead of calling
error_report().

One notable improvement is that the local backend now provides a more
detailed error report when it fails to open the shared directory.

Signed-off-by: Greg Kurz <groug@kaod.org>
2018-01-08 11:18:23 +01:00
Greg Kurz
91cda4e8f3 fsdev: improve error handling of backend opts parsing
This patch changes some error messages in the backend opts parsing
code and convert backends to propagate QEMU Error objects instead
of calling error_report().

Signed-off-by: Greg Kurz <groug@kaod.org>
2018-01-08 11:18:23 +01:00
Greg Kurz
1a8d0bb31a fsdev: fix some type definitions
To comply with the QEMU coding style.

Signed-off-by: Greg Kurz <groug@kaod.org>
2018-01-08 11:18:22 +01:00
Greg Kurz
01847522bc 9pfs: fix XattrOperations typedef
To comply with the QEMU coding style.

Signed-off-by: Greg Kurz <groug@kaod.org>
2018-01-08 11:18:22 +01:00
ZhiPeng Lu
3c08f4a433 fsdev: fix memory leak in main()
@rpath and @sock_name are not freed and leaked.

[groug, not really leaked since the program exits just after that. But it
 is always good practice to free allocated memory]

Signed-off-by: Zhipeng Lu <lu.zhipeng@zte.com.cn>
Signed-off-by: Greg Kurz <groug@kaod.org>
2017-09-05 14:01:16 +02:00
Cornelia Huck
5f8c92e1d5 9pfs: fix dependencies
Nothing in fsdev/ or hw/9pfs/ depends on pci; it should rather depend
on CONFIG_VIRTFS and CONFIG_VIRTIO/CONFIG_XEN only.

Acked-by: Greg Kurz <groug@kaod.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Acked-by: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2017-08-30 18:23:25 +02:00
Manos Pitsidianakis
27e4cf1303 block: remove timer canceling in throttle_config()
throttle_config() cancels the timers of the calling BlockBackend. This
doesn't make sense because other BlockBackends in the group remain
untouched. There's no need to cancel the timers in the one specific
BlockBackend so let's not do that. Throttled requests will run as
scheduled and future requests will follow the new configuration. This
also allows a throttle group's configuration to be changed even when it
has no members.

Signed-off-by: Manos Pitsidianakis <el13635@mail.ntua.gr>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2017-07-18 15:14:35 +02:00
Manos Pitsidianakis
dbe824cc57 block: add clock_type field to ThrottleGroup
Clock type in throttling is currently inferred by the ThrottleTimer's
clock type even though it is a per-ThrottleGroup property; it doesn't
make sense to have different clock types in the same group. Moving this
to a field in ThrottleGroup can simplify some of the throttle functions.

Signed-off-by: Manos Pitsidianakis <el13635@mail.ntua.gr>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2017-07-18 15:14:35 +02:00
Tobias Schramm
b96feb2cb9 9pfs: local: Add support for custom fmode/dmode in 9ps mapped security modes
In mapped security modes, files are created with very restrictive
permissions (600 for files and 700 for directories). This makes
file sharing between virtual machines and users on the host rather
complicated. Imagine eg. a group of users that need to access data
produced by processes on a virtual machine. Giving those users access
to the data will be difficult since the group access mode is always 0.

This patch makes the default mode for both files and directories
configurable. Existing setups that don't know about the new parameters
keep using the current secure behavior.

Signed-off-by: Tobias Schramm <tobleminer@gmail.com>
Signed-off-by: Greg Kurz <groug@kaod.org>
2017-06-29 15:11:50 +02:00
Greg Kurz
24df3371d9 9pfs: assume utimensat() and futimens() are present
The utimensat() and futimens() syscalls have been around for ages (ie,
glibc 2.6 and linux 2.6.22), and the decision was already taken to
switch to utimensat() anyway when fixing CVE-2016-9602 in 2.9.

Signed-off-by: Greg Kurz <groug@kaod.org>
Reviewed-by: Eric Blake <eblake@redhat.com>
2017-05-25 10:30:14 +02:00
Greg Kurz
4be56c1959 fsdev: fix virtfs-proxy-helper cwd
Since chroot() doesn't change the current directory, it is indeed a good
practice to chdir() to the target directory and then then chroot(), or
to chroot() to the target directory and then chdir("/").

The current code does neither of them actually. Let's go for the latter.

This doesn't fix any security issue since all of this takes place before
the helper begins to process requests.

Signed-off-by: Greg Kurz <groug@kaod.org>
Reviewed-by: Eric Blake <eblake@redhat.com>
2017-05-25 10:30:13 +02:00
Greg Kurz
57a0aa6b50 fsdev: don't allow unknown format in marshal/unmarshal
The code only uses well known format strings. An unknown format token is a
bug.

Signed-off-by: Greg Kurz <groug@kaod.org>
Reviewed-by: Stefano Stabellini <sstabellini@kernel.org>
2017-05-25 10:30:13 +02:00
Pradeep Jagadeesh
a2a7862ca9 throttle: factor out duplicate code
This patch removes the redundant throttle code that was present in
block and fsdev device files. Now the common code is moved
to a single file.

Signed-off-by: Pradeep Jagadeesh <pradeep.jagadeesh@huawei.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Alberto Garcia <berto@igalia.com>
(fix indent nit, Greg Kurz)
Signed-off-by: Greg Kurz <groug@kaod.org>
2017-02-28 10:31:46 +01:00
Pradeep Jagadeesh
b8bbdb886e fsdev: add IO throttle support to fsdev devices
This patchset adds the throttle support for the 9p-local driver.
For now this functionality can be enabled only through qemu cli options.
QMP interface and support to other drivers need further extensions.
To make it simple for other 9p drivers, the throttle code has been put in
separate files.

Signed-off-by: Pradeep Jagadeesh <pradeep.jagadeesh@huawei.com>
Reviewed-by: Alberto Garcia <berto@igalia.com>
(pass extra NULL CoMutex * argument to qemu_co_queue_wait(),
 added options to qemu-options.hx, Greg Kurz)
Signed-off-by: Greg Kurz <groug@kaod.org>
2017-02-28 10:31:46 +01:00
Li Qiang
702dbcc274 9pfs: add cleanup operation in FileOperations
Currently, the backend of VirtFS doesn't have a cleanup
function. This will lead resource leak issues if the backed
driver allocates resources. This patch addresses this issue.

Signed-off-by: Li Qiang <liq3ea@gmail.com>
Reviewed-by: Greg Kurz <groug@kaod.org>
Signed-off-by: Greg Kurz <groug@kaod.org>
2016-11-23 13:53:34 +01:00
Greg Kurz
bc70a5925f 9pfs: fsdev: drop useless extern annotation for functions
Signed-off-by: Greg Kurz <groug@kaod.org>
2016-10-17 14:13:58 +02:00
Li Qiang
ba42ebb863 9pfs: allocate space for guest originated empty strings
If a guest sends an empty string paramater to any 9P operation, the current
code unmarshals it into a V9fsString equal to { .size = 0, .data = NULL }.

This is unfortunate because it can cause NULL pointer dereference to happen
at various locations in the 9pfs code. And we don't want to check str->data
everywhere we pass it to strcmp() or any other function which expects a
dereferenceable pointer.

This patch enforces the allocation of genuine C empty strings instead, so
callers don't have to bother.

Out of all v9fs_iov_vunmarshal() users, only v9fs_xattrwalk() checks if
the returned string is empty. It now uses v9fs_string_size() since
name.data cannot be NULL anymore.

Signed-off-by: Li Qiang <liqiang6-s@360.cn>
[groug, rewritten title and changelog,
 fix empty string check in v9fs_xattrwalk()]
Signed-off-by: Greg Kurz <groug@kaod.org>
2016-10-17 14:13:58 +02:00
Greg Kurz
abdf008640 9pfs: drop useless v9fs_string_null() function
The v9fs_string_null() function just calls v9fs_string_free(). Also it
only has 4 users, whereas v9fs_string_free() has 87.

This patch converts users to call directly v9fs_string_free() and drops
the useless function.

Signed-off-by: Greg Kurz <groug@kaod.org>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
2016-09-16 08:56:15 +02:00
Peter Maydell
ca3d87d4c8 Clean up #include "..." vs <...> and header guards
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJXhP1vAAoJEDhwtADrkYZTSnsP/050pn1Zeo8tF7+C9Sj/8mu1
 Peuaz7f+QkGzvkteoVu8W2dDNebUnjZI1InsBFcpJab8TCjnk+A2UipalTyWlX2U
 QQbgqgLKTJgewVPMje+7B96D2Eyr4IhnhiaJDP7zBtx5tW+mO9NDqly7j9VJajbO
 cBC9SBFLNEk3wQqiQMv4Ig6qi3a4jfU56Zhazt6ci7lJRKJwPnbhZjEWCKliRjzT
 TjZsV8mlKm5Sp3wmahxGiWuUI+JnbneEnjLLvRBot5mUGZsA9oU4mgmzFBn+/uvp
 rzvae41tfw1Td/S7nRBwTxZqRo8qiRSC5vNc90piBKkj7H1TaKnZUVBskkexZl4x
 ibFOAVPx3yJredtCgjJZun2gc/EBpIQtcV9WNqY9qjwldczjim93ua/lM7BcTrbN
 4rdNP63a81KYOkgL3rSd9zVarGybHIrhd96KUhX8j6SKbc7z4gVn90uMnAPsapk/
 I39HR3smMvgNK3x6gZ4pU3Ghr2hmmWMah+gQ2ErczmoYArAixR8lDqFO+c2eoqfe
 bHfZM6gsZickrJSL1t3/FXB0oXfcNifUzF5g2hDQY9WKDjFee4tb2+UGHcrb7PW8
 Uq3eYqigNitj1COMksjijG0iBAfCqtJNPJDA4M0SLhuYVnH+cSGWYg3UWgETwu8q
 nYZHU/nNqI9p3BNFkILR
 =Zct/
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/armbru/tags/pull-include-2016-07-12' into staging

Clean up #include "..." vs <...> and header guards

# gpg: Signature made Tue 12 Jul 2016 15:23:43 BST
# gpg:                using RSA key 0x3870B400EB918653
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>"
# gpg:                 aka "Markus Armbruster <armbru@pond.sub.org>"
# Primary key fingerprint: 354B C8B3 D7EB 2A6B 6867  4E5F 3870 B400 EB91 8653

* remotes/armbru/tags/pull-include-2016-07-12:
  cris: Fix broken header guard in hw/cris/boot.h
  Clean up decorations and whitespace around header guards
  Clean up ill-advised or unusual header guards
  libdecnumber: Don't error out on decNumberLocal.h re-inclusion
  libdecnumber: Don't fool around with guards to avoid #include
  Clean up header guards that don't match their file name
  Drop Emacs local variables lists redundant with .dir-locals.el
  spapr_pci: Include spapr.h instead of playing games with #error
  tcg: Clean up tcg-target.h header guards
  linux-user: Fix broken header guard in syscall_defs.h
  linux-user: Clean up hostdep.h header guards
  linux-user: Clean up target_structs.h header guards
  linux-user: Clean up target_signal.h header guards
  linux-user: Clean up target_cpu.h header guards
  linux-user: Clean up target_syscall.h header guards
  target-*: Clean up cpu.h header guards
  scripts: New clean-header-guards.pl
  Use #include "..." for our own headers, <...> for others

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-07-12 16:04:36 +01:00
Markus Armbruster
2a6a4076e1 Clean up ill-advised or unusual header guards
Cleaned up with scripts/clean-header-guards.pl.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
2016-07-12 16:20:46 +02:00
Markus Armbruster
121d07125b Clean up header guards that don't match their file name
Header guard symbols should match their file name to make guard
collisions less likely.  Offenders found with
scripts/clean-header-guards.pl -vn.

Cleaned up with scripts/clean-header-guards.pl, followed by some
renaming of new guard symbols picked by the script to better ones.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
2016-07-12 16:19:16 +02:00
Peter Maydell
b442642da1 fsdev/9p-iov-marshal.c: Don't use cpu_to_*w() functions
Don't use the cpu_to_*w() functions, which we are trying to deprecate.
Instead just use cpu_to_*() to do the byteswap, which brings the
code in the marshal function in line with that in the unmarshal.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-id: 1467908460-27048-2-git-send-email-peter.maydell@linaro.org
2016-07-12 15:08:53 +01:00
Greg Kurz
8d85a22aab 9p: don't include <sys/uio.h>
The <sys/uio.h> system header doesn't exist on all host platforms. Code
should include "qemu/osdep.h" instead to avoid build breaks on plafforms
that don't define CONFIG_IOVEC (like win32, if it is to support 9p one day).

Acked-by: Cédric Le Goater <clg@kaod.org>
Acked-by: Michael Fritscher <michael@fritscher.net>
Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
2016-07-01 14:38:54 +02:00
Peter Maydell
030c98aff1 all: Remove unnecessary glib.h includes
Remove glib.h includes, as it is provided by osdep.h.

This commit was created with scripts/clean-includes.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Eric Blake <eblake@redhat.com>
Tested-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2016-06-07 18:19:24 +03:00
Michael Tokarev
395fe5f241 fsdev: spelling fix
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2016-06-07 18:02:49 +03:00
Greg Kurz
635324e83e 9p: switch back to readdir()
This patch changes the 9p code to use readdir() again instead of
readdir_r(), which is deprecated in glibc 2.24.

All the locking was put in place by a previous patch.

Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
2016-06-06 11:52:34 +02:00
Greg Kurz
af8b38b0d1 9p/fsdev: remove obsolete references to virtio
Most of the 9p code is now virtio agnostic. This patch does a final cleanup:
- drop references to Virtio from the header comments
- fix includes

Also drop a couple of leading empty lines while here.

Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
2016-06-06 11:52:34 +02:00
Eduardo Habkost
34294e2f54 module: Rename machine_init() to opts_init()
The only remaining users of machine_init() only call
qemu_add_opts(). Rename machine_init() to opts_init() and move it
closer to the qemu_add_opts() calls on vl.c.

Cc: "Michael S. Tsirkin" <mst@redhat.com>
Cc: Igor Mammedov <imammedo@redhat.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Marcel Apfelbaum <marcel@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2016-03-16 15:54:23 -03:00
Peter Maydell
30456d5ba3 all: Clean up includes
Clean up includes so that osdep.h is included first and headers
which it implies are not included manually.

This commit was created with scripts/clean-includes.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Eric Blake <eblake@redhat.com>
2016-02-23 12:43:05 +00:00
Christophe Fergeau
b8d8e8fde3 man: virtfs-proxy-helper: Rework awkward sentence
There was a 'capbilities' typo in this man page. This commit
reformulates the sentence the typo was in to make it easier to grasp.
This is based on a suggestion from Eric Blake.

Signed-off-by: Christophe Fergeau <cfergeau@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2016-02-11 15:15:46 +03:00
Peter Maydell
fbc0412709 9pfs: Clean up includes
Clean up includes so that osdep.h is included first and headers
which it implies are not included manually.

This commit was created with scripts/clean-includes.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1453832250-766-18-git-send-email-peter.maydell@linaro.org
2016-01-29 15:07:23 +00:00
Peter Maydell
ba3fb2f023 * chardev support for TLS and leak fix
* NBD fix from Denis
 * condvar fix from Dave
 * kvm_stat and dump-guest-memory almost rewrite
 * mem-prealloc fix from Luiz
 * manpage style improvement
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQEcBAABAgAGBQJWp4mKAAoJEL/70l94x66DersH/iUfwRTL7tmGOiUX73Qm32da
 QseRiC5E5OaTLOGm+Q0Aehjq6Q18zgdiz/+/wSTPjnLmOiSDn6Sr6yB/URSMwhOE
 +JVX3+UOpfHpQ1KHlBesIjS/WBSS1691ND1OPcHbHHa6UYbwEUTEc00hus8nVx6J
 wyeteUoBryZA177rjVNb9sH7ncNFuuiQDfkr5pmC5f5JEsDiSK9hDmlg9sFnTWrO
 XIVqQb0PD+EbOuufR4z3PTLIgbZEXegEgWOsE1FLBTVY/CZAkujynccOENIujFVv
 CEhHJrGWo2NU0yeVJ1UlHREQyK+suIHgsiJlQKvAW8ZyFNqpy3+sWSEo7ZBpB6U=
 =bVe7
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging

* chardev support for TLS and leak fix
* NBD fix from Denis
* condvar fix from Dave
* kvm_stat and dump-guest-memory almost rewrite
* mem-prealloc fix from Luiz
* manpage style improvement

# gpg: Signature made Tue 26 Jan 2016 14:58:18 GMT using RSA key ID 78C7AE83
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>"
# gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>"

* remotes/bonzini/tags/for-upstream: (49 commits)
  scripts/dump-guest-memory.py: Fix module docstring
  scripts/dump-guest-memory.py: Introduce multi-arch support
  scripts/dump-guest-memory.py: Cleanup functions
  scripts/dump-guest-memory.py: Improve python 3 compatibility
  scripts/dump-guest-memory.py: Make methods functions
  scripts/dump-guest-memory.py: Move constants to the top
  nbd: add missed aio_context_acquire in nbd_export_new
  memory: exit when hugepage allocation fails if mem-prealloc
  cpus: use broadcast on qemu_pause_cond
  scripts/kvm/kvm_stat: Add optparse description
  scripts/kvm/kvm_stat: Add interactive filtering
  scripts/kvm/kvm_stat: Fixup filtering
  scripts/kvm/kvm_stat: Fix rlimit for unprivileged users
  scripts/kvm/kvm_stat: Read event values as u64
  scripts/kvm/kvm_stat: Cleanup and pre-init perf_event_attr
  scripts/kvm/kvm_stat: Fix output formatting
  scripts/kvm/kvm_stat: Make tui function a class
  scripts/kvm/kvm_stat: Remove unneeded X86_EXIT_REASONS
  scripts/kvm/kvm_stat: Group arch specific data
  scripts/kvm/kvm_stat: Cleanup of Event class
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-01-26 15:09:13 +00:00
Sitsofe Wheeler
8485140fa0 docs: Style the command and its options in the synopsis
Signed-off-by: Sitsofe Wheeler <sitsofe@yahoo.com>
Message-Id: <1452718226-25001-1-git-send-email-sitsofe@yahoo.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-01-26 15:58:11 +01:00
Greg Kurz
ea753f3219 fsdev: use error_report() instead of fprintf(stderr)
Only fix the code that gets built into QEMU.

Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
2016-01-22 15:12:18 +01:00
Wei Liu
0e2082d9e5 9pfs: make pdu_{,un}marshal proper functions
Factor out v9fs_iov_v{,un}marshal. Implement pdu_{,un}marshal with those
functions.

Signed-off-by: Wei Liu <wei.liu2@citrix.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2016-01-08 14:53:39 +05:30
Wei Liu
2209bd050a fsdev: rename virtio-9p-marshal.{c,h} to 9p-iov-marshal.{c,h}
And rename v9fs_marshal to v9fs_iov_marshal, v9fs_unmarshal to
v9fs_iov_unmarshal.

The rationale behind this change is that, this marshalling interface is
used both by virtio and proxy helper. Renaming files and functions to
reflect the true nature of this interface.

Xen transport is going to have its own marshalling interface.

Signed-off-by: Wei Liu <wei.liu2@citrix.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2016-01-08 14:35:06 +05:30
Wei Liu
829dd2861a fsdev: break out 9p-marshal.{c,h} from virtio-9p-marshal.{c,h}
Break out some generic functions for marshaling 9p state. Pure code
motion plus minor fixes for build system.

Signed-off-by: Wei Liu <wei.liu2@citrix.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2016-01-08 12:57:25 +05:30
Wei Liu
494a8ebe71 9pfs: rename virtio-9p-proxy.{c,h} to 9p-proxy.{c,h}
Those two files are not virtio specific. Rename them to use generic
names.

Fix includes in various C files. Change define guards and comments
in header files.

Signed-off-by: Wei Liu <wei.liu2@citrix.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2016-01-08 12:38:15 +05:30
Paolo Bonzini
49f817caaf fsdev-proxy-helper: avoid TOC/TOU race
There is a minor time of check/time of use race between statfs and chroot.
It can be fixed easily by stat-ing the root after it has been changed.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
2015-11-30 12:31:53 +01:00
Daniel P. Berrange
d7646f241c maint: remove unused include for dirent.h
A number of files were including dirent.h but not using any
of the functions it provides

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-09-11 10:21:38 +03:00
Stefan Hajnoczi
f8d30a4f96 virtfs-proxy-helper: fail gracefully if socket path is too long
Replace the assertion check with graceful failure when the socket path
is too long.  Programs should not crash on invalid input.  Print an
error message and exit properly.

Cc: Shannon Zhao <zhaoshenglong@huawei.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2015-06-16 20:32:29 +05:30
Stefan Hajnoczi
bf6667d63e virtfs-proxy-helper: add missing long option terminator
The getopt_long(3) long options array must have a zeroed terminator.

This patch solves a segmentation fault when an unknown command-line
option is encountered:

  $ fsdev/virtfs-proxy-helper --help
  Segmentation fault (core dumped)

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2015-06-16 20:32:29 +05:30
Viswesh
de7ad4ce1f Fix typos in comments
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Viswesh <visweshn92@gmail.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-03-19 11:30:37 +03:00
Shannon Zhao
25ee9a7fa3 virtfs-proxy: Fix possible overflow
It's detected by coverity. The socket name specified
should fit in the sockadd_un.sun_path. If not abort.

Signed-off-by: Shannon Zhao <zhaoshenglong@huawei.com>
Signed-off-by: Shannon Zhao <shannon.zhao@linaro.org>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2015-03-16 13:29:12 +05:30
Shannon Zhao
821c447675 fsdev/virtfs-proxy-helper: Fix improper use of negative value
It's detected by coverity. Check the return value of proxy_marshal.

Signed-off-by: Shannon Zhao <zhaoshenglong@huawei.com>
Signed-off-by: Shannon Zhao <shannon.zhao@linaro.org>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2015-03-16 11:50:07 +05:30
Gonglei
88ea8ed74c virtfs-proxy-helper: Fix possible socket leak.
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-02-10 09:27:20 +03:00
Tim Comer
b0f9300ca3 virtfs-proxy-helper: fix call to accept
The current code calls accept() without initializing the size parameter
which means the accept call might write too much to the stack.

URL: https://bugs.gentoo.org/486714
Signed-off-by: Tim Comer <comer0@gmail.com>
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2014-04-28 08:55:32 +04:00
Aneesh Kumar K.V
993c91a0e9 hw/9pfs: Include virtio-9p-device.o in build
After commit ba1183da9a we are including
hw/Makefile.objs directly from Makefile.target. Make sure hw/Makefile.objs
rules doesn't depend on variable defined in Makefile.objs

Tested-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2014-03-04 09:20:49 +05:30
Markus Armbruster
d77f7779b4 fsdev: Fix overrun after readlink() fills buffer completely
readlink() returns the number of bytes written to the buffer, and it
doesn't write a terminating null byte.  do_readlink() writes it
itself.  Overruns the buffer when readlink() filled it completely.

Fix by reserving space for the null byte when calling readlink(), like
we do elsewhere.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2014-02-26 12:24:07 +05:30