Commit Graph

147 Commits

Author SHA1 Message Date
Tobias Schramm
b96feb2cb9 9pfs: local: Add support for custom fmode/dmode in 9ps mapped security modes
In mapped security modes, files are created with very restrictive
permissions (600 for files and 700 for directories). This makes
file sharing between virtual machines and users on the host rather
complicated. Imagine eg. a group of users that need to access data
produced by processes on a virtual machine. Giving those users access
to the data will be difficult since the group access mode is always 0.

This patch makes the default mode for both files and directories
configurable. Existing setups that don't know about the new parameters
keep using the current secure behavior.

Signed-off-by: Tobias Schramm <tobleminer@gmail.com>
Signed-off-by: Greg Kurz <groug@kaod.org>
2017-06-29 15:11:50 +02:00
Greg Kurz
24df3371d9 9pfs: assume utimensat() and futimens() are present
The utimensat() and futimens() syscalls have been around for ages (ie,
glibc 2.6 and linux 2.6.22), and the decision was already taken to
switch to utimensat() anyway when fixing CVE-2016-9602 in 2.9.

Signed-off-by: Greg Kurz <groug@kaod.org>
Reviewed-by: Eric Blake <eblake@redhat.com>
2017-05-25 10:30:14 +02:00
Greg Kurz
4be56c1959 fsdev: fix virtfs-proxy-helper cwd
Since chroot() doesn't change the current directory, it is indeed a good
practice to chdir() to the target directory and then then chroot(), or
to chroot() to the target directory and then chdir("/").

The current code does neither of them actually. Let's go for the latter.

This doesn't fix any security issue since all of this takes place before
the helper begins to process requests.

Signed-off-by: Greg Kurz <groug@kaod.org>
Reviewed-by: Eric Blake <eblake@redhat.com>
2017-05-25 10:30:13 +02:00
Greg Kurz
57a0aa6b50 fsdev: don't allow unknown format in marshal/unmarshal
The code only uses well known format strings. An unknown format token is a
bug.

Signed-off-by: Greg Kurz <groug@kaod.org>
Reviewed-by: Stefano Stabellini <sstabellini@kernel.org>
2017-05-25 10:30:13 +02:00
Pradeep Jagadeesh
a2a7862ca9 throttle: factor out duplicate code
This patch removes the redundant throttle code that was present in
block and fsdev device files. Now the common code is moved
to a single file.

Signed-off-by: Pradeep Jagadeesh <pradeep.jagadeesh@huawei.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Alberto Garcia <berto@igalia.com>
(fix indent nit, Greg Kurz)
Signed-off-by: Greg Kurz <groug@kaod.org>
2017-02-28 10:31:46 +01:00
Pradeep Jagadeesh
b8bbdb886e fsdev: add IO throttle support to fsdev devices
This patchset adds the throttle support for the 9p-local driver.
For now this functionality can be enabled only through qemu cli options.
QMP interface and support to other drivers need further extensions.
To make it simple for other 9p drivers, the throttle code has been put in
separate files.

Signed-off-by: Pradeep Jagadeesh <pradeep.jagadeesh@huawei.com>
Reviewed-by: Alberto Garcia <berto@igalia.com>
(pass extra NULL CoMutex * argument to qemu_co_queue_wait(),
 added options to qemu-options.hx, Greg Kurz)
Signed-off-by: Greg Kurz <groug@kaod.org>
2017-02-28 10:31:46 +01:00
Li Qiang
702dbcc274 9pfs: add cleanup operation in FileOperations
Currently, the backend of VirtFS doesn't have a cleanup
function. This will lead resource leak issues if the backed
driver allocates resources. This patch addresses this issue.

Signed-off-by: Li Qiang <liq3ea@gmail.com>
Reviewed-by: Greg Kurz <groug@kaod.org>
Signed-off-by: Greg Kurz <groug@kaod.org>
2016-11-23 13:53:34 +01:00
Greg Kurz
bc70a5925f 9pfs: fsdev: drop useless extern annotation for functions
Signed-off-by: Greg Kurz <groug@kaod.org>
2016-10-17 14:13:58 +02:00
Li Qiang
ba42ebb863 9pfs: allocate space for guest originated empty strings
If a guest sends an empty string paramater to any 9P operation, the current
code unmarshals it into a V9fsString equal to { .size = 0, .data = NULL }.

This is unfortunate because it can cause NULL pointer dereference to happen
at various locations in the 9pfs code. And we don't want to check str->data
everywhere we pass it to strcmp() or any other function which expects a
dereferenceable pointer.

This patch enforces the allocation of genuine C empty strings instead, so
callers don't have to bother.

Out of all v9fs_iov_vunmarshal() users, only v9fs_xattrwalk() checks if
the returned string is empty. It now uses v9fs_string_size() since
name.data cannot be NULL anymore.

Signed-off-by: Li Qiang <liqiang6-s@360.cn>
[groug, rewritten title and changelog,
 fix empty string check in v9fs_xattrwalk()]
Signed-off-by: Greg Kurz <groug@kaod.org>
2016-10-17 14:13:58 +02:00
Greg Kurz
abdf008640 9pfs: drop useless v9fs_string_null() function
The v9fs_string_null() function just calls v9fs_string_free(). Also it
only has 4 users, whereas v9fs_string_free() has 87.

This patch converts users to call directly v9fs_string_free() and drops
the useless function.

Signed-off-by: Greg Kurz <groug@kaod.org>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
2016-09-16 08:56:15 +02:00
Peter Maydell
ca3d87d4c8 Clean up #include "..." vs <...> and header guards
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJXhP1vAAoJEDhwtADrkYZTSnsP/050pn1Zeo8tF7+C9Sj/8mu1
 Peuaz7f+QkGzvkteoVu8W2dDNebUnjZI1InsBFcpJab8TCjnk+A2UipalTyWlX2U
 QQbgqgLKTJgewVPMje+7B96D2Eyr4IhnhiaJDP7zBtx5tW+mO9NDqly7j9VJajbO
 cBC9SBFLNEk3wQqiQMv4Ig6qi3a4jfU56Zhazt6ci7lJRKJwPnbhZjEWCKliRjzT
 TjZsV8mlKm5Sp3wmahxGiWuUI+JnbneEnjLLvRBot5mUGZsA9oU4mgmzFBn+/uvp
 rzvae41tfw1Td/S7nRBwTxZqRo8qiRSC5vNc90piBKkj7H1TaKnZUVBskkexZl4x
 ibFOAVPx3yJredtCgjJZun2gc/EBpIQtcV9WNqY9qjwldczjim93ua/lM7BcTrbN
 4rdNP63a81KYOkgL3rSd9zVarGybHIrhd96KUhX8j6SKbc7z4gVn90uMnAPsapk/
 I39HR3smMvgNK3x6gZ4pU3Ghr2hmmWMah+gQ2ErczmoYArAixR8lDqFO+c2eoqfe
 bHfZM6gsZickrJSL1t3/FXB0oXfcNifUzF5g2hDQY9WKDjFee4tb2+UGHcrb7PW8
 Uq3eYqigNitj1COMksjijG0iBAfCqtJNPJDA4M0SLhuYVnH+cSGWYg3UWgETwu8q
 nYZHU/nNqI9p3BNFkILR
 =Zct/
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/armbru/tags/pull-include-2016-07-12' into staging

Clean up #include "..." vs <...> and header guards

# gpg: Signature made Tue 12 Jul 2016 15:23:43 BST
# gpg:                using RSA key 0x3870B400EB918653
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>"
# gpg:                 aka "Markus Armbruster <armbru@pond.sub.org>"
# Primary key fingerprint: 354B C8B3 D7EB 2A6B 6867  4E5F 3870 B400 EB91 8653

* remotes/armbru/tags/pull-include-2016-07-12:
  cris: Fix broken header guard in hw/cris/boot.h
  Clean up decorations and whitespace around header guards
  Clean up ill-advised or unusual header guards
  libdecnumber: Don't error out on decNumberLocal.h re-inclusion
  libdecnumber: Don't fool around with guards to avoid #include
  Clean up header guards that don't match their file name
  Drop Emacs local variables lists redundant with .dir-locals.el
  spapr_pci: Include spapr.h instead of playing games with #error
  tcg: Clean up tcg-target.h header guards
  linux-user: Fix broken header guard in syscall_defs.h
  linux-user: Clean up hostdep.h header guards
  linux-user: Clean up target_structs.h header guards
  linux-user: Clean up target_signal.h header guards
  linux-user: Clean up target_cpu.h header guards
  linux-user: Clean up target_syscall.h header guards
  target-*: Clean up cpu.h header guards
  scripts: New clean-header-guards.pl
  Use #include "..." for our own headers, <...> for others

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-07-12 16:04:36 +01:00
Markus Armbruster
2a6a4076e1 Clean up ill-advised or unusual header guards
Cleaned up with scripts/clean-header-guards.pl.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
2016-07-12 16:20:46 +02:00
Markus Armbruster
121d07125b Clean up header guards that don't match their file name
Header guard symbols should match their file name to make guard
collisions less likely.  Offenders found with
scripts/clean-header-guards.pl -vn.

Cleaned up with scripts/clean-header-guards.pl, followed by some
renaming of new guard symbols picked by the script to better ones.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
2016-07-12 16:19:16 +02:00
Peter Maydell
b442642da1 fsdev/9p-iov-marshal.c: Don't use cpu_to_*w() functions
Don't use the cpu_to_*w() functions, which we are trying to deprecate.
Instead just use cpu_to_*() to do the byteswap, which brings the
code in the marshal function in line with that in the unmarshal.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-id: 1467908460-27048-2-git-send-email-peter.maydell@linaro.org
2016-07-12 15:08:53 +01:00
Greg Kurz
8d85a22aab 9p: don't include <sys/uio.h>
The <sys/uio.h> system header doesn't exist on all host platforms. Code
should include "qemu/osdep.h" instead to avoid build breaks on plafforms
that don't define CONFIG_IOVEC (like win32, if it is to support 9p one day).

Acked-by: Cédric Le Goater <clg@kaod.org>
Acked-by: Michael Fritscher <michael@fritscher.net>
Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
2016-07-01 14:38:54 +02:00
Peter Maydell
030c98aff1 all: Remove unnecessary glib.h includes
Remove glib.h includes, as it is provided by osdep.h.

This commit was created with scripts/clean-includes.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Eric Blake <eblake@redhat.com>
Tested-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2016-06-07 18:19:24 +03:00
Michael Tokarev
395fe5f241 fsdev: spelling fix
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2016-06-07 18:02:49 +03:00
Greg Kurz
635324e83e 9p: switch back to readdir()
This patch changes the 9p code to use readdir() again instead of
readdir_r(), which is deprecated in glibc 2.24.

All the locking was put in place by a previous patch.

Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
2016-06-06 11:52:34 +02:00
Greg Kurz
af8b38b0d1 9p/fsdev: remove obsolete references to virtio
Most of the 9p code is now virtio agnostic. This patch does a final cleanup:
- drop references to Virtio from the header comments
- fix includes

Also drop a couple of leading empty lines while here.

Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
2016-06-06 11:52:34 +02:00
Eduardo Habkost
34294e2f54 module: Rename machine_init() to opts_init()
The only remaining users of machine_init() only call
qemu_add_opts(). Rename machine_init() to opts_init() and move it
closer to the qemu_add_opts() calls on vl.c.

Cc: "Michael S. Tsirkin" <mst@redhat.com>
Cc: Igor Mammedov <imammedo@redhat.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Marcel Apfelbaum <marcel@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2016-03-16 15:54:23 -03:00
Peter Maydell
30456d5ba3 all: Clean up includes
Clean up includes so that osdep.h is included first and headers
which it implies are not included manually.

This commit was created with scripts/clean-includes.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Eric Blake <eblake@redhat.com>
2016-02-23 12:43:05 +00:00
Christophe Fergeau
b8d8e8fde3 man: virtfs-proxy-helper: Rework awkward sentence
There was a 'capbilities' typo in this man page. This commit
reformulates the sentence the typo was in to make it easier to grasp.
This is based on a suggestion from Eric Blake.

Signed-off-by: Christophe Fergeau <cfergeau@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2016-02-11 15:15:46 +03:00
Peter Maydell
fbc0412709 9pfs: Clean up includes
Clean up includes so that osdep.h is included first and headers
which it implies are not included manually.

This commit was created with scripts/clean-includes.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1453832250-766-18-git-send-email-peter.maydell@linaro.org
2016-01-29 15:07:23 +00:00
Peter Maydell
ba3fb2f023 * chardev support for TLS and leak fix
* NBD fix from Denis
 * condvar fix from Dave
 * kvm_stat and dump-guest-memory almost rewrite
 * mem-prealloc fix from Luiz
 * manpage style improvement
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQEcBAABAgAGBQJWp4mKAAoJEL/70l94x66DersH/iUfwRTL7tmGOiUX73Qm32da
 QseRiC5E5OaTLOGm+Q0Aehjq6Q18zgdiz/+/wSTPjnLmOiSDn6Sr6yB/URSMwhOE
 +JVX3+UOpfHpQ1KHlBesIjS/WBSS1691ND1OPcHbHHa6UYbwEUTEc00hus8nVx6J
 wyeteUoBryZA177rjVNb9sH7ncNFuuiQDfkr5pmC5f5JEsDiSK9hDmlg9sFnTWrO
 XIVqQb0PD+EbOuufR4z3PTLIgbZEXegEgWOsE1FLBTVY/CZAkujynccOENIujFVv
 CEhHJrGWo2NU0yeVJ1UlHREQyK+suIHgsiJlQKvAW8ZyFNqpy3+sWSEo7ZBpB6U=
 =bVe7
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging

* chardev support for TLS and leak fix
* NBD fix from Denis
* condvar fix from Dave
* kvm_stat and dump-guest-memory almost rewrite
* mem-prealloc fix from Luiz
* manpage style improvement

# gpg: Signature made Tue 26 Jan 2016 14:58:18 GMT using RSA key ID 78C7AE83
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>"
# gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>"

* remotes/bonzini/tags/for-upstream: (49 commits)
  scripts/dump-guest-memory.py: Fix module docstring
  scripts/dump-guest-memory.py: Introduce multi-arch support
  scripts/dump-guest-memory.py: Cleanup functions
  scripts/dump-guest-memory.py: Improve python 3 compatibility
  scripts/dump-guest-memory.py: Make methods functions
  scripts/dump-guest-memory.py: Move constants to the top
  nbd: add missed aio_context_acquire in nbd_export_new
  memory: exit when hugepage allocation fails if mem-prealloc
  cpus: use broadcast on qemu_pause_cond
  scripts/kvm/kvm_stat: Add optparse description
  scripts/kvm/kvm_stat: Add interactive filtering
  scripts/kvm/kvm_stat: Fixup filtering
  scripts/kvm/kvm_stat: Fix rlimit for unprivileged users
  scripts/kvm/kvm_stat: Read event values as u64
  scripts/kvm/kvm_stat: Cleanup and pre-init perf_event_attr
  scripts/kvm/kvm_stat: Fix output formatting
  scripts/kvm/kvm_stat: Make tui function a class
  scripts/kvm/kvm_stat: Remove unneeded X86_EXIT_REASONS
  scripts/kvm/kvm_stat: Group arch specific data
  scripts/kvm/kvm_stat: Cleanup of Event class
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-01-26 15:09:13 +00:00
Sitsofe Wheeler
8485140fa0 docs: Style the command and its options in the synopsis
Signed-off-by: Sitsofe Wheeler <sitsofe@yahoo.com>
Message-Id: <1452718226-25001-1-git-send-email-sitsofe@yahoo.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-01-26 15:58:11 +01:00
Greg Kurz
ea753f3219 fsdev: use error_report() instead of fprintf(stderr)
Only fix the code that gets built into QEMU.

Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
2016-01-22 15:12:18 +01:00
Wei Liu
0e2082d9e5 9pfs: make pdu_{,un}marshal proper functions
Factor out v9fs_iov_v{,un}marshal. Implement pdu_{,un}marshal with those
functions.

Signed-off-by: Wei Liu <wei.liu2@citrix.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2016-01-08 14:53:39 +05:30
Wei Liu
2209bd050a fsdev: rename virtio-9p-marshal.{c,h} to 9p-iov-marshal.{c,h}
And rename v9fs_marshal to v9fs_iov_marshal, v9fs_unmarshal to
v9fs_iov_unmarshal.

The rationale behind this change is that, this marshalling interface is
used both by virtio and proxy helper. Renaming files and functions to
reflect the true nature of this interface.

Xen transport is going to have its own marshalling interface.

Signed-off-by: Wei Liu <wei.liu2@citrix.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2016-01-08 14:35:06 +05:30
Wei Liu
829dd2861a fsdev: break out 9p-marshal.{c,h} from virtio-9p-marshal.{c,h}
Break out some generic functions for marshaling 9p state. Pure code
motion plus minor fixes for build system.

Signed-off-by: Wei Liu <wei.liu2@citrix.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2016-01-08 12:57:25 +05:30
Wei Liu
494a8ebe71 9pfs: rename virtio-9p-proxy.{c,h} to 9p-proxy.{c,h}
Those two files are not virtio specific. Rename them to use generic
names.

Fix includes in various C files. Change define guards and comments
in header files.

Signed-off-by: Wei Liu <wei.liu2@citrix.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2016-01-08 12:38:15 +05:30
Paolo Bonzini
49f817caaf fsdev-proxy-helper: avoid TOC/TOU race
There is a minor time of check/time of use race between statfs and chroot.
It can be fixed easily by stat-ing the root after it has been changed.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
2015-11-30 12:31:53 +01:00
Daniel P. Berrange
d7646f241c maint: remove unused include for dirent.h
A number of files were including dirent.h but not using any
of the functions it provides

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-09-11 10:21:38 +03:00
Stefan Hajnoczi
f8d30a4f96 virtfs-proxy-helper: fail gracefully if socket path is too long
Replace the assertion check with graceful failure when the socket path
is too long.  Programs should not crash on invalid input.  Print an
error message and exit properly.

Cc: Shannon Zhao <zhaoshenglong@huawei.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2015-06-16 20:32:29 +05:30
Stefan Hajnoczi
bf6667d63e virtfs-proxy-helper: add missing long option terminator
The getopt_long(3) long options array must have a zeroed terminator.

This patch solves a segmentation fault when an unknown command-line
option is encountered:

  $ fsdev/virtfs-proxy-helper --help
  Segmentation fault (core dumped)

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2015-06-16 20:32:29 +05:30
Viswesh
de7ad4ce1f Fix typos in comments
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Viswesh <visweshn92@gmail.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-03-19 11:30:37 +03:00
Shannon Zhao
25ee9a7fa3 virtfs-proxy: Fix possible overflow
It's detected by coverity. The socket name specified
should fit in the sockadd_un.sun_path. If not abort.

Signed-off-by: Shannon Zhao <zhaoshenglong@huawei.com>
Signed-off-by: Shannon Zhao <shannon.zhao@linaro.org>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2015-03-16 13:29:12 +05:30
Shannon Zhao
821c447675 fsdev/virtfs-proxy-helper: Fix improper use of negative value
It's detected by coverity. Check the return value of proxy_marshal.

Signed-off-by: Shannon Zhao <zhaoshenglong@huawei.com>
Signed-off-by: Shannon Zhao <shannon.zhao@linaro.org>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2015-03-16 11:50:07 +05:30
Gonglei
88ea8ed74c virtfs-proxy-helper: Fix possible socket leak.
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-02-10 09:27:20 +03:00
Tim Comer
b0f9300ca3 virtfs-proxy-helper: fix call to accept
The current code calls accept() without initializing the size parameter
which means the accept call might write too much to the stack.

URL: https://bugs.gentoo.org/486714
Signed-off-by: Tim Comer <comer0@gmail.com>
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2014-04-28 08:55:32 +04:00
Aneesh Kumar K.V
993c91a0e9 hw/9pfs: Include virtio-9p-device.o in build
After commit ba1183da9a we are including
hw/Makefile.objs directly from Makefile.target. Make sure hw/Makefile.objs
rules doesn't depend on variable defined in Makefile.objs

Tested-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2014-03-04 09:20:49 +05:30
Markus Armbruster
d77f7779b4 fsdev: Fix overrun after readlink() fills buffer completely
readlink() returns the number of bytes written to the buffer, and it
doesn't write a terminating null byte.  do_readlink() writes it
itself.  Overruns the buffer when readlink() filled it completely.

Fix by reserving space for the null byte when calling readlink(), like
we do elsewhere.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2014-02-26 12:24:07 +05:30
Stefan Weil
b58c86e1e4 fsdev: Fix potential memory leak
This leak was reported by cppcheck.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: M. Mohan Kumar <mohan@in.ibm.com>
Message-id: 1371376960-18192-1-git-send-email-sw@weilnetz.de
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-07-09 13:38:56 -05:00
Dong Xu Wang
c7e775e4dd remove double semicolons
Signed-off-by: Dong Xu Wang <wdongxu@linux.vnet.ibm.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2013-05-12 13:25:55 +04:00
Markus Armbruster
606017de2f virtfs-proxy-helper: Fix unchecked strdup() by conv. to g_strdup()
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-01-30 11:14:46 +01:00
Paolo Bonzini
82cb6b041c build: remove extra-obj-y
extra-obj-y is somewhat complicated to understand.  Replace it with a
special CONFIG_ALL symbol that is defined only at toplevel.
This limits the case of directories defining more than one
*-obj-y target.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2013-01-26 13:15:37 +00:00
Paolo Bonzini
4d4545743f qemu-option: move standard option definitions out of qemu-config.c
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-01-12 17:17:53 +01:00
Paolo Bonzini
1de7afc984 misc: move include files to include/qemu/
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-12-19 08:32:39 +01:00
Paolo Bonzini
9fd2ecdc8c virtfs-proxy-helper: use setresuid and setresgid
The setfsuid and setfsgid system calls are obscure and they complicate
the error checking (that glibc's warn_unused_result "feature" forces
us to do).  Switch to the standard setresuid and setresgid functions.

Signed-off-by: Paolo Bonzini <pbonini@redhat.com
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2012-12-05 21:55:54 +05:30
Eduardo Habkost
017cf5b1d2 qemu-fsdev-dummy.c: Include module.h
module.h is where machine_init() is defined, but qemu-fsdev-dummy.c
doesn't include it.

The header is probably being included by accident because some other
headers are including qemu-common.h, but those headers should eventually
stop including qemu-common.h.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2012-11-15 02:21:03 +01:00
Paolo Bonzini
ee20477d24 build: move fsdev/ objects to nested Makefile.objs
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-06-07 09:21:13 +02:00
Stefan Weil
071c939458 Replace Qemu by QEMU in user visible documentation
The official spelling is QEMU.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-04-07 13:58:06 +00:00
M. Mohan Kumar
5fc6dbae74 fsdev: Fix parameter parsing for proxy helper
This fixes a crash when using sockfd with proxy FsDriver

Signed-off-by: M. Mohan Kumar <mohan@in.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2012-01-30 10:54:16 +05:30
Aneesh Kumar K.V
2c30dd744a hw/9pfs: Add new security model mapped-file.
This enable us to do passthrough equivalent security model on NFS directory.
NFS server mostly do root squashing and don't support xattr. Hence we cannot
use 'passthrough' or 'mapped' security model

Also added "mapped-xattr" security to indicate earlier "mapped" security model
Older name is still supported.

POSIX rules regarding ctime update on chmod are not followed by this security model.

Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2012-01-19 12:21:11 +05:30
Stefan Weil
c5c7d3f0a7 virtfs-proxy-helper: Add missing printf format attribute
Every function with printf like arguments must have it
(see file HACKING), so add it.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-01-13 10:37:00 +00:00
Stefan Weil
e7e4a6ccae virtfs-proxy-helper: Clean include files
The common standard include files are already included via qemu-common.h,
and for the socket related include files there is qemu_socket.h, so the
code can be reduced by some lines.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-01-13 10:37:00 +00:00
Stefan Weil
822b635d90 virtfs-proxy-helper: Fix compilation on newer systems
Include file attr/xattr.h is not available on "newer" systems
(for example Fedora 12 or Debian Squeeze).

See comments in qemu-xattr.h for more information.
This file handles the system dependencies automatically.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-01-13 10:37:00 +00:00
M. Mohan Kumar
84a87cc4cc hw/9pfs: Add support to use named socket for proxy FS
Add option to use named socket for communicating between proxy helper
and qemu proxy FS. Access to socket can be given by using command line
options -u and -g.

Signed-off-by: M. Mohan Kumar <mohan@in.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2012-01-04 21:23:55 +05:30
M. Mohan Kumar
a2d8f1beb1 hw/9pfs: man page for proxy helper
Signed-off-by: M. Mohan Kumar <mohan@in.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2012-01-04 21:23:53 +05:30
M. Mohan Kumar
d090e452d4 hw/9pfs: Proxy getversion
Add proxy getversion to get generation number

Signed-off-by: M. Mohan Kumar <mohan@in.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2012-01-04 20:20:55 +05:30
M. Mohan Kumar
d52b09e475 hw/9pfs: xattr interfaces in proxy filesystem driver
Add xattr support for proxy FS

Signed-off-by: M. Mohan Kumar <mohan@in.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2012-01-04 20:20:46 +05:30
M. Mohan Kumar
ea75fc4ec5 hw/9pfs: File ownership and others
Add file ownership interfaces like chmod/chown, utime update, rename,
remove and truncating files for proxy FS

Signed-off-by: M. Mohan Kumar <mohan@in.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2012-01-04 20:19:48 +05:30
M. Mohan Kumar
b178adc3e7 hw/9pfs: Add stat/readlink/statfs for proxy FS
Signed-off-by: M. Mohan Kumar <mohan@in.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2012-01-04 20:19:39 +05:30
M. Mohan Kumar
39f8c32c3f hw/9pfs: Create other filesystem objects
Add interfaces to create filesystem objects like directory,
device nodes, symbolic links, links for proxy filesytem driver

Signed-off-by: M. Mohan Kumar <mohan@in.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2012-01-04 20:18:09 +05:30
M. Mohan Kumar
daf0b9aca9 hw/9pfs: Open and create files
Add interfaces to open and create files for proxy file system driver.

Signed-off-by: M. Mohan Kumar <mohan@in.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2012-01-04 20:14:28 +05:30
M. Mohan Kumar
17bff52b62 hw/9pfs: File system helper process for qemu 9p proxy FS
Provide root privilege access to QEMU 9p proxy filesystem using socket
communication.

Proxy helper is started by root user as:
~ # virtfs-proxy-helper -f|--fd <socket descriptor> -p|--path <path-to-share>

Signed-off-by: M. Mohan Kumar <mohan@in.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2012-01-04 20:14:02 +05:30
M. Mohan Kumar
4c793dda22 hw/9pfs: Add new proxy filesystem driver
Add new proxy filesystem driver to add root privilege to qemu process.
It needs a helper process to be started by root user.

Following command line can be used to utilize proxy filesystem driver
-virtfs proxy,id=<id>,mount_tag=<tag>,socket_fd=<socket-fd>

Signed-off-by: M. Mohan Kumar <mohan@in.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2012-01-04 20:13:39 +05:30
M. Mohan Kumar
ddca7f86ac hw/9pfs: Add validation to {un}marshal code
Signed-off-by: M. Mohan Kumar <mohan@in.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2012-01-04 19:53:22 +05:30
M. Mohan Kumar
10925bf089 hw/9pfs: Move pdu_marshal/unmarshal code to a seperate file
Move p9 marshaling/unmarshaling code to a separate file so that
proxy filesytem driver can use these calls. Also made marshaling
code generic to accept "struct iovec" instead of V9fsPDU.

Signed-off-by: M. Mohan Kumar <mohan@in.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2012-01-04 19:51:28 +05:30
Aneesh Kumar K.V
99519f0a77 hw/9pfs: Move opt validation to FsDriver callback
This remove all conditional code from common code path and
make opt validation a FSDriver callback.

Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2012-01-04 19:51:28 +05:30
Aneesh Kumar K.V
2f008a8c97 hw/9pfs: Use the correct signed type for different variables
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2011-12-21 12:37:23 +05:30
Aneesh Kumar K.V
8b88827222 hw/9pfs: Use the correct file descriptor in Fsdriver Callback
Fsdriver callback that operate on file descriptor need to
differentiate between directory fd and file fd.

Based on the original patch from Sassan Panahinejad <sassan@sassan.me.uk>

Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2011-12-04 22:35:28 +05:30
Aneesh Kumar K.V
77eec1b3f1 hw/9pfs: Improve portability to older systems
handle fs driver require a set of newly added syscalls. Don't
Compile handle FS driver if those syscalls are not available.
Instead of adding #ifdef for all those syscalls we check for
open by handle syscall. If that is available then rest of the
syscalls used by the driver should be available.

Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2011-12-04 22:35:27 +05:30
Aneesh Kumar K.V
9db221ae73 hw/9pfs: Add synthetic file system support using 9p
This patch create a synthetic file system with mount tag
v_synth when -virtfs_synth command line option is specified
in qemu. The synthetic file system can be mounted in guest
using 9p using the below command line

mount -t 9p -oversion=9p2000.L,trans=virtio v_synth  <mountpint>

Synthetic file system enabled different qemu subsystem to register
callbacks for read and write events from guest. The subsystem
can create directories and files in the synthetic file system as show
in ex below

    qemu_v9fs_synth_mkdir(NULL, 0777, "test2", &node);
    qemu_v9fs_synth_add_file(node, 0777, "testfile",
                             my_test_read, NULL, NULL);

Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2011-10-31 12:34:18 +05:30
Aneesh Kumar K.V
cc720ddb54 hw/9pfs: Abstract open state of fid to V9fsFidOpenState
To implement synthetic file system in Qemu we may not really
require file descriptor and Dir *. Make generic code use
V9fsFidOpenState instead.

Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2011-10-31 12:34:17 +05:30
M. Mohan Kumar
2c74c2cb4b hw/9pfs: Read-only support for 9p export
A new fsdev parameter "readonly" is introduced to control accessing 9p export.
"readonly" can be used to specify the access type. By default "rw" access
is given to 9p export.

Signed-off-by: M. Mohan Kumar <mohan@in.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2011-10-31 12:34:17 +05:30
M. Mohan Kumar
d9b36a6e56 hw/9pfs: Handle Security model parsing
Except local fs driver all other fs drivers (handle, synth) don't need
security model. Update fsdev parameter parsing accordingly.

Signed-off-by: M. Mohan Kumar <mohan@in.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2011-10-15 15:30:27 +05:30
Aneesh Kumar K.V
b97400caef hw/9pfs: Use export flag for indicating security model
This helps to remove some of the structure members

Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2011-10-15 15:30:27 +05:30
Aneesh Kumar K.V
fbcbf101aa hw/9pfs: Rename fstype to fsdriver to make it consistent across VirtFS code
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2011-10-15 15:30:27 +05:30
Aneesh Kumar K.V
c98f1d4a8b hw/9pfs: Use export_flag for indicating whether fs driver use path names.
This allows us to remove another member from the struct

Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2011-10-15 15:30:27 +05:30
Harsh Prateek Bora
e06a765efb hw/9pfs: Add st_gen support in getattr reply
This patch use file system specific ioctl for getting i_generation
value. Not all file system support the ioctl. So we add an export
specific extended operation and assign right callback for the
file system that support i_generation ioctl

["M. Mohan Kumar" <mohan@in.ibm.com> we can do ioctl only for
regular files and directories on the server]

Signed-off-by: Harsh Prateek Bora <harsh@linux.vnet.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2011-10-15 15:30:27 +05:30
Aneesh Kumar K.V
d3ab98e691 hw/9pfs: Add new virtfs option writeout=immediate skip host page cache
writeout=immediate implies the after pwritev we do a sync_file_range.

Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2011-10-12 19:11:23 +05:30
Aneesh Kumar K.V
5f5422258e hw/9pfs: Add handle based fs driver
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2011-09-22 21:38:53 +05:30
Aneesh Kumar K.V
532decb715 hw/9pfs: Add fs driver specific details to fscontext
Add a new context flag PATHNAME_FSCONTEXT and indicate whether
the fs driver track fid using path names. Also add a private
pointer that help us to track fs driver specific values in there

Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2011-09-22 21:38:52 +05:30
Aneesh Kumar K.V
0174fe73e6 hw/9pfs: Add init callback to fs driver
This call back can be used to do fs driver specific initialization.

Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2011-09-22 21:38:52 +05:30
Aneesh Kumar K.V
2289be19ae hw/9pfs: Move fid pathname tracking to seperate data type.
This enables us to add handles to track fids later. The
V9fsPath added is similar to V9fsString except that the
size include the NULL byte also.

Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2011-09-22 21:38:52 +05:30
Harsh Prateek Bora
5f524c1ebc use readdir_r instead of readdir for reentrancy
Signed-off-by: Harsh Prateek Bora <harsh@linux.vnet.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2011-08-22 09:44:52 +05:30
Anthony Liguori
7267c0947d Use glib memory allocation and free functions
qemu_malloc/qemu_free no longer exist after this commit.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-08-20 23:01:08 -05:00
Edgar E. Iglesias
1c532d92ab fsdev: Fix archs that dont use fsdev
Fix provided by: "Aneesh Kumar K.V" <aneesh.kumar@linux.vnet.ibm.com>

Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2011-06-10 15:29:11 +02:00
Venkateswararao Jujjuri (JV)
faa44e3d3e [virtio-9p] Make rpath thread safe
Current rpath inline function is heavily used in all system calls.
This function has a static buffer making it a non-thread safe function.
This patch introduces new thread-safe routine and makes use of it.

Signed-off-by: Venkateswararao Jujjuri "<jvrao@linux.vnet.ibm.com>
2011-06-01 10:25:17 -07:00
Aneesh Kumar K.V
1c88c71564 virtio-9p: Don't link to 9p if virtio is not enabled
If virtio is not enabled then we should not pull in
virtfs files

Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Signed-off-by: Venkateswararao Jujjuri (JV) <jvrao@linux.vnet.ibm.com>
2011-06-01 10:23:46 -07:00
Aneesh Kumar K.V
353ac78d49 virtio-9p: move 9p files around
Now that we start adding more files related to 9pfs
it make sense to move them to a separate directory

Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Signed-off-by: Venkateswararao Jujjuri <jvrao@linux.vnet.ibm.com>
2011-04-27 08:24:37 -07:00
Blue Swirl
64b85a8f23 Delete useless 'extern' qualifiers for functions
'extern' qualifier is useless for function declarations. Delete
them.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2011-01-23 16:21:20 +00:00
Harsh Prateek Bora
9f506893a4 [virtio-9p] Qemu 9p commandline options validity checks
Signed-off-by: Harsh Prateek Bora <harsh@linux.vnet.ibm.com>
Signed-off-by: Venkateswararao Jujjuri <jvrao@linux.vnet.ibm.com>
2010-10-20 12:10:58 -05:00
Gerd Hoffmann
526c523781 Use machine_init() to register virtfs config options. 2010-09-21 18:35:30 +02:00
Venkateswararao Jujjuri (JV)
9ce56db6f0 virtio-9p: Introduces an option to specify the security model.
The new option is:

-fsdev fstype,id=myid,path=/share_path/,security_model=[mapped|passthrough]
-virtfs fstype,path=/share_path/,security_model=[mapped|passthrough],mnt_tag=tag

In the case of mapped security model, files are created with QEMU user
credentials and the client-user's credentials are saved in extended attributes.
Whereas in the case of passthrough security model, files on the
filesystem are directly created with client-user's credentials.

Signed-off-by: Venkateswararao Jujjuri <jvrao@linux.vnet.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-06-22 15:15:30 -05:00
Anthony Liguori
9f10751365 virtio-9p: Add a virtio 9p device to qemu
This patch doesn't implement the 9p protocol handling
code. It adds a simple device which dump the protocol data.

[jvrao@linux.vnet.ibm.com: Little-Endian to host format conversion]
[aneesh.kumar@linux.vnet.ibm.com: Multiple-mounts support]

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-05-03 12:17:37 -05:00
Gautham R Shenoy
74db920c32 virtio-9p: Create a commandline option -fsdev
This patch creates a new command line option named -fsdev to hold any file
system specific information.

The option will currently hold the following attributes:
-fsdev fstype id=id,path=path_to_share
where
fstype: Type of the file system.
id:     Identifier used to refer to this fsdev
path:   The path on the host that is identified by this fsdev.

[aneesh.kumar@linux.vnet.ibm.com: Abstraction using FsContext]
Signed-off-by: Gautham R Shenoy <ego@in.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-05-03 12:17:37 -05:00