[PULL 13/17] vfio/iommufd: Remove the use of stat() to check file existe

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PULL 13/17] vfio/iommufd: Remove the use of stat() to check file existe

From:	Cédric Le Goater
Subject:	[PULL 13/17] vfio/iommufd: Remove the use of stat() to check file existence
Date:	Mon, 8 Jan 2024 08:32:28 +0100

Using stat() before opening a file or a directory can lead to a
time-of-check to time-of-use (TOCTOU) filesystem race, which is
reported by coverity as a Security best practices violations. The
sequence could be replaced by open and fdopendir but it doesn't add
much in this case. Simply use opendir to avoid the race.

Fixes: CID 1531551
Signed-off-by: Cédric Le Goater <clg@redhat.com>
Reviewed-by: Zhenzhong Duan <Zhenzhong.duan@intel.com>
---
 hw/vfio/iommufd.c | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/hw/vfio/iommufd.c b/hw/vfio/iommufd.c
index 
d4c586e842def8f04d3a914843f5eece2c75ea30..9bfddc1360895413176a9f170e29e89027384a66
 100644
--- a/hw/vfio/iommufd.c
+++ b/hw/vfio/iommufd.c
@@ -121,17 +121,11 @@ static int iommufd_cdev_getfd(const char *sysfs_path, 
Error **errp)
     DIR *dir = NULL;
     struct dirent *dent;
     gchar *contents;
-    struct stat st;
     gsize length;
     int major, minor;
     dev_t vfio_devt;
 
     path = g_strdup_printf("%s/vfio-dev", sysfs_path);
-    if (stat(path, &st) < 0) {
-        error_setg_errno(errp, errno, "no such host device");
-        goto out_free_path;
-    }
-
     dir = opendir(path);
     if (!dir) {
         error_setg_errno(errp, errno, "couldn't open directory %s", path);
-- 
2.43.0

[Prev in Thread]

Current Thread

[Next in Thread]

[PULL 06/17] vfio/container: Intoduce a new VFIOIOMMUClass::setup handler, (continued)
- [PULL 06/17] vfio/container: Intoduce a new VFIOIOMMUClass::setup handler, Cédric Le Goater, 2024/01/08
- [PULL 07/17] vfio/spapr: Introduce a sPAPR VFIOIOMMU QOM interface, Cédric Le Goater, 2024/01/08
- [PULL 03/17] vfio/container: Initialize VFIOIOMMUOps under vfio_init_container(), Cédric Le Goater, 2024/01/08
- [PULL 01/17] vfio/spapr: Extend VFIOIOMMUOps with a release handler, Cédric Le Goater, 2024/01/08
- [PULL 05/17] vfio/container: Introduce a VFIOIOMMU legacy QOM interface, Cédric Le Goater, 2024/01/08
- [PULL 08/17] vfio/iommufd: Introduce a VFIOIOMMU iommufd QOM interface, Cédric Le Goater, 2024/01/08
- [PULL 09/17] vfio/spapr: Only compile sPAPR IOMMU support when needed, Cédric Le Goater, 2024/01/08
- [PULL 11/17] vfio/container: Replace basename with g_path_get_basename, Cédric Le Goater, 2024/01/08
- [PULL 10/17] vfio/iommufd: Remove CONFIG_IOMMUFD usage, Cédric Le Goater, 2024/01/08
- [PULL 12/17] hw/vfio: fix iteration over global VFIODevice list, Cédric Le Goater, 2024/01/08
- [PULL 13/17] vfio/iommufd: Remove the use of stat() to check file existence, Cédric Le Goater <=
- [PULL 14/17] vfio/container: Rename vfio_init_container to vfio_set_iommu, Cédric Le Goater, 2024/01/08
- [PULL 15/17] vfio/migration: Add helper function to set state or reset device, Cédric Le Goater, 2024/01/08
- [PULL 16/17] backends/iommufd: Remove check on number of backend users, Cédric Le Goater, 2024/01/08
- [PULL 17/17] backends/iommufd: Remove mutex, Cédric Le Goater, 2024/01/08
- Re: [PULL 00/17] vfio queue, Peter Maydell, 2024/01/08

Prev by Date: [PULL 12/17] hw/vfio: fix iteration over global VFIODevice list
Next by Date: [PULL 14/17] vfio/container: Rename vfio_init_container to vfio_set_iommu
Previous by thread: [PULL 12/17] hw/vfio: fix iteration over global VFIODevice list
Next by thread: [PULL 14/17] vfio/container: Rename vfio_init_container to vfio_set_iommu
Index(es):
- Date
- Thread