When using mapped mode in 9pfs, readdir implementation
should not return file type in d_type from the host
readdir, instead, it should use the type stored in
the extended attributes. Since d_type is optional
and reading ext attrs for every readdir is expensive,
it should be sufficient to just set d_type to DT_UNKNOWN,
so guest will know to look it up separately.
This is a -stable material.
Signed-off-by: Bastian Blank <waldi@debian.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
With security_model=mapped-xattr, we encode the uid,gid and other file
attributes as extended attributes of the file. We save them under
user.virtfs.* namespace.
Use little-endian encoding for on-disk values. This enables us to export
the same directory from both little-endian and big-endian hosts.
NOTE: This will break big-endian host that have virtFS exports
using security model mapped-xattr. They will have to use external tools
to convert the xattr to little-endian format.
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
When path is truncated by PATH_MAX limitation, it causes QEMU to access
incorrect file. So use original full path instead of PATH_MAX within
9pfs (need check/process ENOMEM for related memory allocation).
The related test:
- Environments (for qemu-devel):
- Host is under fedora17 desktop with ext4fs:
qemu-system-x86_64 -hda test.img -m 1024 \
-net nic,vlan=4,model=virtio,macaddr=00:16:35:AF:94:04 \
-net tap,vlan=4,ifname=tap4,script=no,downscript=no \
-device virtio-9p-pci,id=fs0,fsdev=fsdev0,mount_tag=hostshare \
-fsdev local,security_model=passthrough,id=fsdev0,\
path=/upstream/vm/data/share/1234567890abcdefghijklmnopqrstuvwxyz\
ABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890acdefghijklmnopqrstuvwxyz\
ABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890/111111111111111111111111111\
1111111111111111111111111111111111111111111111111111222222222222\
2222222222222222222222222222222222222222222222222222222222222222\
2222222222222222222222222222222222233333333333333333333333333333\
3333333333333333333333333333333333
- Guest is ubuntu12 server with 9pfs.
mount -t 9p -o trans=virtio,version=9p2000.L hostshare /share
- Limitations:
full path limitation is PATH_MAX (4096B include nul) under Linux.
file/dir node name maximized length is 256 (include nul) under ext4.
- Special test:
Under host, modify the file: "/upstream/vm/data/share/1234567890abcdefg\
hijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890acdefghijklmno\
pqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890/111111111111111111111\
111111111111111111111111111111111111111111111111111111111122222222222\
222222222222222222222222222222222222222222222222222222222222222222222\
222222222222222222222222222222233333333333333333333333333333333333333\
3333333333333333333333333/4444444444444444444444444444444444444444444\
444444444444444444444444444444444444444444444444444444444444444444444\
444444444444444444444444444444444444444444444444444444444444444444444\
444444444444444444444444444444444444444/55555555555555555555555555555\
555555555555555555555555555555555555555555555555555555555555555555555\
555555555555555555555555555555555555555555555555555555555555555555555\
555555555555555555555555555555555555555555555555555555555555555555555\
55555555/666666666666666666666666666666666666666666666666666666666666\
666666666666666666666666666666666666666666666666666666666666666666666\
666666666666666666666666666666666666666666666666666666666666666666666\
666666666666666666666/77777777777777777777777777777777777777777777777\
777777777777777777777777777777777777777777777777777777777777777777777\
777777777777777777777777777777777777777777777777777777777777777777777\
77777777777777777777777777777777777777777777777777777777777/888888888\
888888888888888888888888888888888888888888888888888888888888888888888\
888888888888888888888888888888888888888888888888888888888888888888888\
888888888888888888888888888888888888888888888888888888888888888888888\
888888888/99999999999999999999999999999999999999999999999999999999999\
999999999999999999999999999999999999999999999999999999999999999999999\
999999999999999999999999999999999999999999999999999999999999999999999\
99999999999999999999999999999999999999999/000000000000000000000000000\
000000000000000000000000000000000000000000000000000000000000000000000\
000000000000000000000000000000000000000000000000000000000000000000000\
000000000000000000000000000000000000000000000000/aaaaaaaaaaaaaaaaaaaa\
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/bbbbbbbbbbbbbbbbbbbbbbb\
bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb\
bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb\
bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb/ccccccccc\
ccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccc\
ccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccc\
ccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccc\
cccccccccc/dddddddddddddddddddddddddddddddddddddddddddddddddddddddddd\
ddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd\
ddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd\
dddddddddddddddddddddd/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee\
eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee\
eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee\
eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee/fffffffffffffff\
fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff\
fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff\
ffffffffffffffffffffffffffffffffffffffffffffffffffffffffff/gggggggggg\
ggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggg\
ggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggg\
ggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggg\
ggggggggggggggggggggggg/iiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiii\
iiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiii\
iiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiii\
iiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiii/jjjjjjjjjjjjj\
jjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjj\
jjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjj/ppppppppppppppppppppp\
ppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp\
ppppppppppppppppppppppppppppppppppppppp/test1234567890file.log"
(need enter dir firstly, then modify file, or can not open it).
Under guest, still allow modify "test1234567890file.log" (will generate
"test123456" file with contents).
After apply this patch, can not open "test1234567890file.log" under guest
(permission denied).
- Common test:
All are still OK after apply this path.
"mkdir -p", "create/open file/dir", "modify file/dir", "rm file/dir".
change various mount point paths under host and/or guest.
Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
'ctx->fs_root' + 'path'/'fullname.data' may be larger than PATH_MAX, so
need use snprintf() instead of sprintf() just like another area have done
in 9pfs. This could possibly result in the truncation of pathname, which we
address in the follow up patch.
Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
When "goto err_out", 'v9fs_string' already was allocated, so still need
free 'v9fs_string' before return.
Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Currently we silently ignore getversion requests for anything except
file or directory. Let's instead return ENOTTY error to indicate that
getversion is not supported. It makes implementation consistent on
all not-supported cases.
Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
v9fs_co_st_gen() expects to see error code in errno, not in return code.
Let's fix this.
Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
9p server should never follow a symlink. So use O_NOFOLLOW with all open
syscall
Tested-by: "M. Mohan Kumar" <mohan@in.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
With mapped security models like mapped-xattr and mapped-file, we save the
symlink target as file contents. Now if we ever expose a normal directory
with mapped security model and find real symlinks in export path, never
follow them and return proper error.
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Many of these should be cleaned up with proper qdev-/QOM-ification.
Right now there are many catch-all headers in include/hw/ARCH depending
on cpu.h, and this makes it necessary to compile these files per-target.
However, fixing this does not belong in these patches.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Note: the allocation in virtio_9p_init() is still leaked. To be fixed
in a followup commit.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
In passthrough security model in local fs driver, after a file creation
chown and chmod are done to set the file credentials and mode as requested
by 9p client. But if there was a request to create a file with S_ISGID
bit, doing chown on that file resets the S_ISGID bit. So first call
chown and then invoking chmod with proper mode bit retains the S_ISGID
(if present/requested)
This resulted in LTP mknod02, mknod03, mknod05, open10 test case
failures. This patch fixes this issue.
man 2 chown
When the owner or group of an executable file are changed by an unprivileged
user the S_ISUID and S_ISGID mode bits are cleared. POSIX does not specify
whether this also should happen when root does the chown(); the Linux behavior
depends on the kernel version.
Signed-off-by: M. Mohan Kumar <mohan@in.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
This enable us to do passthrough equivalent security model on NFS directory.
NFS server mostly do root squashing and don't support xattr. Hence we cannot
use 'passthrough' or 'mapped' security model
Also added "mapped-xattr" security to indicate earlier "mapped" security model
Older name is still supported.
POSIX rules regarding ctime update on chmod are not followed by this security model.
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
This remove all conditional code from common code path and
make opt validation a FSDriver callback.
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Fsdriver callback that operate on file descriptor need to
differentiate between directory fd and file fd.
Based on the original patch from Sassan Panahinejad <sassan@sassan.me.uk>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
I guess we can also make sure we don't call local_ioc_getversion at
all.
Reported-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Small requirements on "new" features have percolated to virtio-9p-local.c.
In particular, the utimensat wrapper actually only supports dirfd = AT_FDCWD
and flags = AT_SYMLINK_NOFOLLOW in the fallback code. Remove the arguments
so that virtio-9p-local.c will not use AT_* constants.
At the same time, fail local_ioc_getversion if the ioctl is not supported
by the host.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Modern distributions place xattr.h in /usr/include/sys, and fold
libattr.so into libc. They also don't have an ENOATTR.
Make configure detect this, and add a qemu-xattr.h file that
directs the #include to the right place.
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
To implement synthetic file system in Qemu we may not really
require file descriptor and Dir *. Make generic code use
V9fsFidOpenState instead.
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
This patch use file system specific ioctl for getting i_generation
value. Not all file system support the ioctl. So we add an export
specific extended operation and assign right callback for the
file system that support i_generation ioctl
["M. Mohan Kumar" <mohan@in.ibm.com> we can do ioctl only for
regular files and directories on the server]
Signed-off-by: Harsh Prateek Bora <harsh@linux.vnet.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
writeout=immediate implies the after pwritev we do a sync_file_range.
Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Add a new context flag PATHNAME_FSCONTEXT and indicate whether
the fs driver track fid using path names. Also add a private
pointer that help us to track fs driver specific values in there
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
This enables us to add handles to track fids later. The
V9fsPath added is similar to V9fsString except that the
size include the NULL byte also.
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Current rpath inline function is heavily used in all system calls.
This function has a static buffer making it a non-thread safe function.
This patch introduces new thread-safe routine and makes use of it.
Signed-off-by: Venkateswararao Jujjuri "<jvrao@linux.vnet.ibm.com>
Commit 353ac78d49 moved the files
without fixing the include paths. It used a modified CFLAGS
to add hw to the include search path, but this breaks builds
where the user wants to set special CFLAGS. Long include paths
also increase compilation time.
Therefore this patch removes the special CFLAGS for virtio
and fixes the include statements by using relative include paths.
v2: Remove special CFLAGS.
v3: Update needed for latest QEMU.
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Venkateswararao Jujjuri (JV) <jvrao@linux.vnet.ibm.com>
This patch removes the addition of null char in symlink file
which is being appended to file in case of mapped security model.
Without this patch, the extra null char causes LTP testcase lstat03
to fail and hence this fix is required.
Signed-off-by: Venkateswararao Jujjuri <jvrao@linux.vnet.ibm.com>
Now that we start adding more files related to 9pfs
it make sense to move them to a separate directory
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Signed-off-by: Venkateswararao Jujjuri <jvrao@linux.vnet.ibm.com>