In qemu we catch accesses to files like /proc/cpuinfo or /proc/net/route
and return to the guest contents which would be visible on a real system
(instead what the host would show).
This patch fixes a bug, where for example the accesses
cat /proc////cpuinfo
or
cd /proc && cat cpuinfo
will not be recognized by qemu and where qemu will wrongly show
the contents of the host's /proc/cpuinfo file.
Signed-off-by: Helge Deller <deller@gmx.de>
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 917c388073..bb864c2bb3 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -8531,9 +8531,11 @@ static int open_cpuinfo(CPUArchState *cpu_env, int fd)
}
#endif
-int do_guest_openat(CPUArchState *cpu_env, int dirfd, const char *pathname,
+int do_guest_openat(CPUArchState *cpu_env, int dirfd, const char *fname,
int flags, mode_t mode, bool safe)
{
+ char proc_name[PATH_MAX];
+ const char *pathname;
struct fake_open {
const char *filename;
int (*fill)(CPUArchState *cpu_env, int fd);
@@ -8560,6 +8562,13 @@ int do_guest_openat(CPUArchState *cpu_env, int dirfd, const char *pathname,
{ NULL, NULL, NULL }
};
+ /* if this is a file from /proc/ filesystem, expand full name */
+ if (realpath(fname, proc_name) && strncmp(proc_name, "/proc/", 6) == 0) {
+ pathname = proc_name;
+ } else {
+ pathname = fname;
+ }
+
if (is_proc_myself(pathname, "exe")) {
if (safe) {
return safe_openat(dirfd, exec_path, flags, mode);
On Tue, Aug 01, 2023 at 04:58:57PM +0200, Helge Deller wrote: > In qemu we catch accesses to files like /proc/cpuinfo or /proc/net/route > and return to the guest contents which would be visible on a real system > (instead what the host would show). > > This patch fixes a bug, where for example the accesses > cat /proc////cpuinfo > or > cd /proc && cat cpuinfo > will not be recognized by qemu and where qemu will wrongly show > the contents of the host's /proc/cpuinfo file. > > Signed-off-by: Helge Deller <deller@gmx.de> > > diff --git a/linux-user/syscall.c b/linux-user/syscall.c > index 917c388073..bb864c2bb3 100644 > --- a/linux-user/syscall.c > +++ b/linux-user/syscall.c > @@ -8531,9 +8531,11 @@ static int open_cpuinfo(CPUArchState *cpu_env, int fd) > } > #endif > > -int do_guest_openat(CPUArchState *cpu_env, int dirfd, const char *pathname, > +int do_guest_openat(CPUArchState *cpu_env, int dirfd, const char *fname, > int flags, mode_t mode, bool safe) > { > + char proc_name[PATH_MAX]; No PATH_MAX buffers declared on the stack please. > + const char *pathname; > struct fake_open { > const char *filename; > int (*fill)(CPUArchState *cpu_env, int fd); > @@ -8560,6 +8562,13 @@ int do_guest_openat(CPUArchState *cpu_env, int dirfd, const char *pathname, > { NULL, NULL, NULL } > }; > > + /* if this is a file from /proc/ filesystem, expand full name */ > + if (realpath(fname, proc_name) && strncmp(proc_name, "/proc/", 6) == 0) { QEMU relies on the extended semantics of realpath() where passing NULL for 'proc_name' causes it to allocate a buffer of the correct size and return the new buffer. Using that avoids PATH_MAX variables. > + pathname = proc_name; > + } else { > + pathname = fname; > + } With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
© 2016 - 2024 Red Hat, Inc.