[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH 032/104] virtiofsd: passthrough_ll: create new files in calle
From: |
Daniel P . Berrangé |
Subject: |
Re: [PATCH 032/104] virtiofsd: passthrough_ll: create new files in caller's context |
Date: |
Tue, 7 Jan 2020 09:22:31 +0000 |
User-agent: |
Mutt/1.12.1 (2019-06-15) |
On Mon, Jan 06, 2020 at 07:08:43PM +0000, Dr. David Alan Gilbert wrote:
> * Dr. David Alan Gilbert (address@hidden) wrote:
> > * Daniel P. Berrangé (address@hidden) wrote:
> > > On Thu, Dec 12, 2019 at 04:37:52PM +0000, Dr. David Alan Gilbert (git)
> > > wrote:
> > > > From: Vivek Goyal <address@hidden>
> > > >
> > > > We need to create files in the caller's context. Otherwise after
> > > > creating a file, the caller might not be able to do file operations on
> > > > that file.
> > > >
> > > > Changed effective uid/gid to caller's uid/gid, create file and then
> > > > switch back to uid/gid 0.
> > > >
> > > > Use syscall(setresuid, ...) otherwise glibc does some magic to change
> > > > EUID
> > > > in all threads, which is not what we want.
> > > >
> > > > Signed-off-by: Vivek Goyal <address@hidden>
> > > > Signed-off-by: Miklos Szeredi <address@hidden>
> > > > ---
> > > > tools/virtiofsd/passthrough_ll.c | 79 ++++++++++++++++++++++++++++++--
> > > > 1 file changed, 74 insertions(+), 5 deletions(-)
> > > >
> > > > diff --git a/tools/virtiofsd/passthrough_ll.c
> > > > b/tools/virtiofsd/passthrough_ll.c
> > > > index 68bacb6fc5..0188cd9ad6 100644
> > > > --- a/tools/virtiofsd/passthrough_ll.c
> > > > +++ b/tools/virtiofsd/passthrough_ll.c
> > >
> > >
> > > > +static int lo_change_cred(fuse_req_t req, struct lo_cred *old)
> > > > +{
> > > > + int res;
> > > > +
> > > > + old->euid = geteuid();
> > > > + old->egid = getegid();
> > > > +
> > > > + res = syscall(SYS_setresgid, -1, fuse_req_ctx(req)->gid, -1);
> > >
> > > Do we need to be using SYS_setres[u,g]id32 instead...
> > >
> > > [quote setresgid(2)]
> > > The original Linux setresuid() and setresgid() system calls
> > > supported only 16-bit user and group IDs. Subsequently,
> > > Linux 2.4 added setresuid32() and setresgid32(), supporting
> > > 32-bit IDs. The glibc setresuid() and setresgid() wrapper
> > > functions transparently deal with the variations across ker‐
> > > nel versions.
> > > [/quote]
> >
> > OK, updated.
>
> Hmm hang on; this is messy. x86-64 only seems to have setresuid
> where as some architectures have both; If I'm reading this right, all
> 64 bit machines have setresuid/gid calling the code that takes the
> 32bit ID; some have compat entries for 32bit syscalls.
Oh yuk.
> I think it's probably more correct to call setresuid here; except
> for 32 bit platforms - but how do we tell?
Is it possible to just do an #ifdef SYS_setresgid32 check to see
if the wider variant exists ?
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|