[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-commits] [qemu/qemu] 2acf4f: virtiofsd: Silence gcc warning
From: |
Peter Maydell |
Subject: |
[Qemu-commits] [qemu/qemu] 2acf4f: virtiofsd: Silence gcc warning |
Date: |
Mon, 12 Oct 2020 08:30:54 -0700 |
Branch: refs/heads/master
Home: https://github.com/qemu/qemu
Commit: 2acf4f8fdd1fb1d7d76fa26e67b39af898df0aed
https://github.com/qemu/qemu/commit/2acf4f8fdd1fb1d7d76fa26e67b39af898df0aed
Author: Dr. David Alan Gilbert <dgilbert@redhat.com>
Date: 2020-10-12 (Mon, 12 Oct 2020)
Changed paths:
M tools/virtiofsd/passthrough_ll.c
Log Message:
-----------
virtiofsd: Silence gcc warning
Gcc worries fd might be used unset, in reality it's always set if
fi is set, and only used if fi is set so it's safe. Initialise it to -1
just to keep gcc happy for now.
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-Id: <20200827153657.111098-2-dgilbert@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Commit: f6698f2b03b0db76aff7298ed4de1f9a0e22cc26
https://github.com/qemu/qemu/commit/f6698f2b03b0db76aff7298ed4de1f9a0e22cc26
Author: Alex Bennée <alex.bennee@linaro.org>
Date: 2020-10-12 (Mon, 12 Oct 2020)
Changed paths:
M docs/tools/virtiofsd.rst
M tools/virtiofsd/fuse_i.h
M tools/virtiofsd/fuse_lowlevel.c
M tools/virtiofsd/fuse_virtio.c
Log Message:
-----------
tools/virtiofsd: add support for --socket-group
If you like running QEMU as a normal user (very common for TCG runs)
but you have to run virtiofsd as a root user you run into connection
problems. Adding support for an optional --socket-group allows the
users to keep using the command line.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-Id: <20200925125147.26943-2-alex.bennee@linaro.org>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
dgilbert: Split long line
Commit: ff3995e2f0e12770dfa73d9e95c0461024840b9a
https://github.com/qemu/qemu/commit/ff3995e2f0e12770dfa73d9e95c0461024840b9a
Author: Dr. David Alan Gilbert <dgilbert@redhat.com>
Date: 2020-10-12 (Mon, 12 Oct 2020)
Changed paths:
M tools/virtiofsd/passthrough_ll.c
Log Message:
-----------
virtiofsd: Call qemu_init_exec_dir
Since fcb4f59c879 qemu_get_local_state_pathname relies on the
init_exec_dir, and virtiofsd asserts because we never set it.
Set it.
Reported-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-Id: <20201002124015.44820-1-dgilbert@redhat.com>
Tested-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Commit: ebf101955ce8f8d72fba103b5151115a4335de2c
https://github.com/qemu/qemu/commit/ebf101955ce8f8d72fba103b5151115a4335de2c
Author: Stefan Hajnoczi <stefanha@redhat.com>
Date: 2020-10-12 (Mon, 12 Oct 2020)
Changed paths:
M tools/virtiofsd/passthrough_ll.c
Log Message:
-----------
virtiofsd: avoid /proc/self/fd tempdir
In order to prevent /proc/self/fd escapes a temporary directory is
created where /proc/self/fd is bind-mounted. This doesn't work on
read-only file systems.
Avoid the temporary directory by bind-mounting /proc/self/fd over /proc.
This does not affect other processes since we remounted / with MS_REC |
MS_SLAVE. /proc must exist and virtiofsd does not use it so it's safe to
do this.
Path traversal can be tested with the following function:
static void test_proc_fd_escape(struct lo_data *lo)
{
int fd;
int level = 0;
ino_t last_ino = 0;
fd = lo->proc_self_fd;
for (;;) {
struct stat st;
if (fstat(fd, &st) != 0) {
perror("fstat");
return;
}
if (last_ino && st.st_ino == last_ino) {
fprintf(stderr, "inode number unchanged, stopping\n");
return;
}
last_ino = st.st_ino;
fprintf(stderr, "Level %d dev %lu ino %lu\n", level,
(unsigned long)st.st_dev,
(unsigned long)last_ino);
fd = openat(fd, "..", O_PATH | O_DIRECTORY | O_NOFOLLOW);
level++;
}
}
Before and after this patch only Level 0 is displayed. Without
/proc/self/fd bind-mount protection it is possible to traverse parent
directories.
Fixes: 397ae982f4df4 ("virtiofsd: jail lo->proc_self_fd")
Cc: Miklos Szeredi <mszeredi@redhat.com>
Cc: Jens Freimann <jfreimann@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-Id: <20201006095826.59813-1-stefanha@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Tested-by: Jens Freimann <jfreimann@redhat.com>
Reviewed-by: Jens Freimann <jfreimann@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Commit: aa84b506f75db0bdab2ef0d68a4c5e266eab05e6
https://github.com/qemu/qemu/commit/aa84b506f75db0bdab2ef0d68a4c5e266eab05e6
Author: Chuan Zheng <zhengchuan@huawei.com>
Date: 2020-10-12 (Mon, 12 Oct 2020)
Changed paths:
M migration/dirtyrate.c
Log Message:
-----------
migration/dirtyrate: record start_time and calc_time while at the measuring
state
Querying could include both the start-time and the calc-time while at the
measuring
state, allowing a caller to determine when they should expect to come back
looking
for a result.
Signed-off-by: Chuan Zheng <zhengchuan@huawei.com>
Message-Id: <1601350938-128320-2-git-send-email-zhengchuan@huawei.com>
Reviewed-by: David Edmondson <david.edmondson@oracle.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Commit: b1a859cfb04db1d2b80dd9979ce6081cb9c00d75
https://github.com/qemu/qemu/commit/b1a859cfb04db1d2b80dd9979ce6081cb9c00d75
Author: Chuan Zheng <zhengchuan@huawei.com>
Date: 2020-10-12 (Mon, 12 Oct 2020)
Changed paths:
M migration/dirtyrate.c
M qapi/migration.json
Log Message:
-----------
migration/dirtyrate: present dirty rate only when querying the rate has
completed
Make dirty_rate field optional, present dirty rate only when querying
the rate has completed.
The qmp results is shown as follow:
@unstarted:
{"return":{"status":"unstarted","start-time":0,"calc-time":0},"id":"libvirt-12"}
@measuring:
{"return":{"status":"measuring","start-time":102931,"calc-time":1},"id":"libvirt-85"}
@measured:
{"return":{"status":"measured","dirty-rate":4,"start-time":150146,"calc-time":1},"id":"libvirt-15"}
Signed-off-by: Chuan Zheng <zhengchuan@huawei.com>
Reviewed-by: David Edmondson <david.edmondson@oracle.com>
Message-Id: <1601350938-128320-3-git-send-email-zhengchuan@huawei.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Commit: a0bdf866873467271eff9a92f179ab0f77d735cb
https://github.com/qemu/qemu/commit/a0bdf866873467271eff9a92f179ab0f77d735cb
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2020-10-12 (Mon, 12 Oct 2020)
Changed paths:
M docs/tools/virtiofsd.rst
M migration/dirtyrate.c
M qapi/migration.json
M tools/virtiofsd/fuse_i.h
M tools/virtiofsd/fuse_lowlevel.c
M tools/virtiofsd/fuse_virtio.c
M tools/virtiofsd/passthrough_ll.c
Log Message:
-----------
Merge remote-tracking branch 'remotes/dgilbert/tags/pull-migration-20201012a'
into staging
v3 Migration+ virtiofsd pull 2020-10-12
V3
Remove the postcopy recovery changes
Migration:
Dirtyrate measurement API cleanup
Virtiofsd:
Missing qemu_init_exec_dir call
Support for setting the group on socket creation
Stop a gcc warning
Avoid tempdir in sandboxing
# gpg: Signature made Mon 12 Oct 2020 12:43:30 BST
# gpg: using RSA key 45F5C71B4A0CB7FB977A9FA90516331EBC5BFDE7
# gpg: Good signature from "Dr. David Alan Gilbert (RH2) <dgilbert@redhat.com>"
[full]
# Primary key fingerprint: 45F5 C71B 4A0C B7FB 977A 9FA9 0516 331E BC5B FDE7
* remotes/dgilbert/tags/pull-migration-20201012a:
migration/dirtyrate: present dirty rate only when querying the rate has
completed
migration/dirtyrate: record start_time and calc_time while at the measuring
state
virtiofsd: avoid /proc/self/fd tempdir
virtiofsd: Call qemu_init_exec_dir
tools/virtiofsd: add support for --socket-group
virtiofsd: Silence gcc warning
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Compare: https://github.com/qemu/qemu/compare/2387df497b4b...a0bdf8668734
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Qemu-commits] [qemu/qemu] 2acf4f: virtiofsd: Silence gcc warning,
Peter Maydell <=