From nobody Mon May 6 13:28:46 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1593102645; cv=none; d=zohomail.com; s=zohoarc; b=QXqubWXvG+dwCc17F/7+CpGLOTDvIPTE/ix1IMOO9k2YcpsNH/j8spGhnfjXR23BazKDExKnNMjV8cYX9snN0cP3jJKwW+e8ClJpcFODCph2kzov+P5v3f2vM2n7RKu/PUBvwEHEMM+P6uCio/IXp8ZHQRxUcH2459XHT/Zoip8= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1593102645; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=T6DlQfx4ERDr8imxa0nlFWolD5gVXxlxA3CSYrP+pEw=; b=LiRw3kHokxChLOHDiXox4up23SLa3pURcoe3z8GxDvcA/Mo6X3y9pD0Q4WJ63pzwNjCqO8HCqeTBjUyaQBtlbg8rjYyRGD/Y5g2eZqS+72unQFsI7ttI/+G6Ovx5RUNDClTZLmOKdt3E2XSTHL5wbMTVr70KhvGd2LLWrMfh+TY= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1593102645559649.0811223784675; Thu, 25 Jun 2020 09:30:45 -0700 (PDT) Received: from localhost ([::1]:39676 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1joUlw-0003fj-6d for importer@patchew.org; Thu, 25 Jun 2020 12:30:44 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:57300) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1joUky-0002dT-2t for qemu-devel@nongnu.org; Thu, 25 Jun 2020 12:29:44 -0400 Received: from us-smtp-2.mimecast.com ([205.139.110.61]:35230 helo=us-smtp-delivery-1.mimecast.com) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.90_1) (envelope-from ) id 1joUkw-0002TK-Hv for qemu-devel@nongnu.org; Thu, 25 Jun 2020 12:29:43 -0400 Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-514-dedZBiT3OQa9MUuDXW83PQ-1; Thu, 25 Jun 2020 12:29:40 -0400 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 5E189464 for ; Thu, 25 Jun 2020 16:29:39 +0000 (UTC) Received: from dgilbert-t580.localhost (ovpn-114-254.ams2.redhat.com [10.36.114.254]) by smtp.corp.redhat.com (Postfix) with ESMTP id 6003DA09BF; Thu, 25 Jun 2020 16:29:38 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1593102581; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=T6DlQfx4ERDr8imxa0nlFWolD5gVXxlxA3CSYrP+pEw=; b=SPshYVGD0lK3P1OPwIPo2ijZZr+GVUnde+YZutw9zW8SZnKlrOUmmiJpIAQNoW3J+nbPyZ 3jvhGs88IvjjElQy8ic0g8rES2SgQKxosFLnpCO/nKKmROb0H/Z8Pk1XkiBsdD/N5idxYP gzEf44UP91XBWc7N9jI9z2aWUjw773E= X-MC-Unique: dedZBiT3OQa9MUuDXW83PQ-1 From: "Dr. David Alan Gilbert (git)" To: qemu-devel@nongnu.org, virtio-fs@redhat.com, stefanha@redhat.com, vgoyal@redhat.com Subject: [PATCH 1/3] virtiofsd: Terminate capability list Date: Thu, 25 Jun 2020 17:29:27 +0100 Message-Id: <20200625162929.46672-2-dgilbert@redhat.com> In-Reply-To: <20200625162929.46672-1-dgilbert@redhat.com> References: <20200625162929.46672-1-dgilbert@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=205.139.110.61; envelope-from=dgilbert@redhat.com; helo=us-smtp-delivery-1.mimecast.com X-detected-operating-system: by eggs.gnu.org: First seen = 2020/06/25 00:45:15 X-ACL-Warn: Detected OS = Linux 2.2.x-3.x [generic] [fuzzy] X-Spam_score_int: -30 X-Spam_score: -3.1 X-Spam_bar: --- X-Spam_report: (-3.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-1, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=_AUTOLEARN X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" From: "Dr. David Alan Gilbert" capng_updatev is a varargs function that needs a -1 to terminate it, but it was missing. In practice what seems to have been happening is that it's added the capabilities we asked for, then runs into junk on the stack, so if we're unlucky it might be adding some more, but in reality it's failing - but after adding the capabilities we asked for. Fixes: a59feb483b8 ("virtiofsd: only retain file system capabilities") Signed-off-by: Dr. David Alan Gilbert Reviewed-by: Stefan Hajnoczi --- tools/virtiofsd/passthrough_ll.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough= _ll.c index 2ce7c96085..e373e3b36e 100644 --- a/tools/virtiofsd/passthrough_ll.c +++ b/tools/virtiofsd/passthrough_ll.c @@ -2598,7 +2598,9 @@ static void setup_capabilities(void) CAP_SETGID, CAP_SETUID, CAP_MKNOD, - CAP_SETFCAP); + CAP_SETFCAP, + -1); + capng_apply(CAPNG_SELECT_BOTH); =20 cap.saved =3D capng_save_state(); --=20 2.26.2 From nobody Mon May 6 13:28:46 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1593102830; cv=none; d=zohomail.com; s=zohoarc; b=VoKQe3RP2lYla7pHnSEzek9JlEG5ZaHpOR35I1AHH612p+qis61iwRdr+pLSRPt6hclE02PWDdK9d2cJlRnLbZR4Lqu4hMnzkJiQbzWR8cEgtgBOtjBZbfW5FCPmStr/2dQX4DDwKYpHPjjXWOnE2vMtZYBZK9F/n0OtfK5tY38= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1593102830; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=9ayP1mCWFsPpODHDVmnJ8Vsl+6aR2uTSK1foOO3oEjo=; b=S6ptu3F0CR30W/pX2XEOAedi93DVCAU8dgKZM5hoS/0CunaqDmDqC4Cib6JkDQJk9TqglTYL8zo5ubDGvxbZOwnte3sSQ70lmTOZl0gcUQYMGz21x/pLSg8iDDXu84CQv+rihogkq8L244mKErtzH5BBIYy8JEAR5SR4vW1ZOzA= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1593102830231868.0514844158483; Thu, 25 Jun 2020 09:33:50 -0700 (PDT) Received: from localhost ([::1]:48114 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1joUov-0007qo-1h for importer@patchew.org; Thu, 25 Jun 2020 12:33:49 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:57338) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1joUl2-0002kF-8B for qemu-devel@nongnu.org; Thu, 25 Jun 2020 12:29:48 -0400 Received: from us-smtp-delivery-1.mimecast.com ([207.211.31.120]:38085 helo=us-smtp-1.mimecast.com) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.90_1) (envelope-from ) id 1joUl0-0002UA-Mq for qemu-devel@nongnu.org; Thu, 25 Jun 2020 12:29:47 -0400 Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-375-2Us3fmHPOVanKMugvYThCw-1; Thu, 25 Jun 2020 12:29:41 -0400 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id A0674107ACCD for ; Thu, 25 Jun 2020 16:29:40 +0000 (UTC) Received: from dgilbert-t580.localhost (ovpn-114-254.ams2.redhat.com [10.36.114.254]) by smtp.corp.redhat.com (Postfix) with ESMTP id A542BD01E7; Thu, 25 Jun 2020 16:29:39 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1593102586; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=9ayP1mCWFsPpODHDVmnJ8Vsl+6aR2uTSK1foOO3oEjo=; b=EtsMCa1/3qi0ZV4TRuqA53JIU6H6OqEphkAKCObB8es5HpRpSfJYKFYMO9Z8PWCN51JX2P UfIOjPD08IlpXWCts1mru14Zgt12uDnvD09IShefYaaaaTinNY9YsrtqS/fi7i5M5qguxF aSV3+5ZLQ1Jkq4MMczBzOcNOmBRTcEQ= X-MC-Unique: 2Us3fmHPOVanKMugvYThCw-1 From: "Dr. David Alan Gilbert (git)" To: qemu-devel@nongnu.org, virtio-fs@redhat.com, stefanha@redhat.com, vgoyal@redhat.com Subject: [PATCH 2/3] virtiofsd: Check capability calls Date: Thu, 25 Jun 2020 17:29:28 +0100 Message-Id: <20200625162929.46672-3-dgilbert@redhat.com> In-Reply-To: <20200625162929.46672-1-dgilbert@redhat.com> References: <20200625162929.46672-1-dgilbert@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=207.211.31.120; envelope-from=dgilbert@redhat.com; helo=us-smtp-1.mimecast.com X-detected-operating-system: by eggs.gnu.org: First seen = 2020/06/25 01:47:53 X-ACL-Warn: Detected OS = Linux 2.2.x-3.x [generic] [fuzzy] X-Spam_score_int: -30 X-Spam_score: -3.1 X-Spam_bar: --- X-Spam_report: (-3.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-1, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=_AUTOLEARN X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" From: "Dr. David Alan Gilbert" Check the capability calls worked. Signed-off-by: Dr. David Alan Gilbert Reviewed-by: Stefan Hajnoczi --- tools/virtiofsd/passthrough_ll.c | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough= _ll.c index e373e3b36e..99d562046a 100644 --- a/tools/virtiofsd/passthrough_ll.c +++ b/tools/virtiofsd/passthrough_ll.c @@ -2589,7 +2589,7 @@ static void setup_capabilities(void) */ capng_setpid(syscall(SYS_gettid)); capng_clear(CAPNG_SELECT_BOTH); - capng_updatev(CAPNG_ADD, CAPNG_PERMITTED | CAPNG_EFFECTIVE, + if (capng_updatev(CAPNG_ADD, CAPNG_PERMITTED | CAPNG_EFFECTIVE, CAP_CHOWN, CAP_DAC_OVERRIDE, CAP_DAC_READ_SEARCH, @@ -2599,11 +2599,21 @@ static void setup_capabilities(void) CAP_SETUID, CAP_MKNOD, CAP_SETFCAP, - -1); + -1)) { + fuse_log(FUSE_LOG_ERR, "%s: capng_updatev failed\n", __func__); + exit(1); + } =20 - capng_apply(CAPNG_SELECT_BOTH); + if (capng_apply(CAPNG_SELECT_BOTH)) { + fuse_log(FUSE_LOG_ERR, "%s: capng_apply failed\n", __func__); + exit(1); + } =20 cap.saved =3D capng_save_state(); + if (!cap.saved) { + fuse_log(FUSE_LOG_ERR, "%s: capng_save_state failed\n", __func__); + exit(1); + } pthread_mutex_unlock(&cap.mutex); } =20 --=20 2.26.2 From nobody Mon May 6 13:28:46 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1593102749; cv=none; d=zohomail.com; s=zohoarc; b=DezGGACD0uLMKaIPdHg8/JDhh3Z3aj8tZgpf8Wg/vPg0UCyP+ZRF81dgKIaf1bazLLizcVmR/WpAbh7Atdjpg1NFKZZ+DNNTWZNuZKxGt3Wroij6eoZNbv3K8Vlk4geJQGn1AIxquH6TJ0OLYmHI+hoFeg5lDStT+SjcsLTdKGA= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1593102749; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=Q9U7MZpedfnTjTu3sSF+WyTG3/6YQv3VnFsF74dLz3s=; b=l6ya3z9FjMT9MJ8adEe1N4QMTcjo4W9KsnTTIUL0HoPu9YlozQTuZ/k4PNsErpKITnmXXsEOg+qqujP61K3I/Ah8O4loBdWcKdOOrzKb6hGVnahYcN7yuDXQgGuElcSE1SgGzkzkh/s4tFMGqjDvvpZY5XALrZse4Z8Z7wwVg5E= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1593102749200813.5097477041006; Thu, 25 Jun 2020 09:32:29 -0700 (PDT) Received: from localhost ([::1]:43918 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1joUnb-0005Tu-TB for importer@patchew.org; Thu, 25 Jun 2020 12:32:27 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:57336) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1joUl1-0002jL-LM for qemu-devel@nongnu.org; Thu, 25 Jun 2020 12:29:47 -0400 Received: from us-smtp-delivery-1.mimecast.com ([207.211.31.120]:55551 helo=us-smtp-1.mimecast.com) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.90_1) (envelope-from ) id 1joUkz-0002Tz-Pg for qemu-devel@nongnu.org; Thu, 25 Jun 2020 12:29:47 -0400 Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-159-O0udD3FNO3-Bc5L49pYJlw-1; Thu, 25 Jun 2020 12:29:42 -0400 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id E47DF107ACCA for ; Thu, 25 Jun 2020 16:29:41 +0000 (UTC) Received: from dgilbert-t580.localhost (ovpn-114-254.ams2.redhat.com [10.36.114.254]) by smtp.corp.redhat.com (Postfix) with ESMTP id E9E0CA09BF; Thu, 25 Jun 2020 16:29:40 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1593102584; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Q9U7MZpedfnTjTu3sSF+WyTG3/6YQv3VnFsF74dLz3s=; b=aZApb+5R1fhSIfT+HnWIH7sokPj//Q36HzOHw8vQJAqOIyfXZlUrrZdtZN4THKollMd3QE 1a1BkliyveUX7HcnXFNvfXlydflFwoZvxp1M4K2N4slRXprhUQykmd8Sgg8ycXZYCn1xPZ lO4h114pa4yvzJy/SjkuRU96rLaJHP8= X-MC-Unique: O0udD3FNO3-Bc5L49pYJlw-1 From: "Dr. David Alan Gilbert (git)" To: qemu-devel@nongnu.org, virtio-fs@redhat.com, stefanha@redhat.com, vgoyal@redhat.com Subject: [PATCH 3/3] virtiofsd: Allow addition or removal of capabilities Date: Thu, 25 Jun 2020 17:29:29 +0100 Message-Id: <20200625162929.46672-4-dgilbert@redhat.com> In-Reply-To: <20200625162929.46672-1-dgilbert@redhat.com> References: <20200625162929.46672-1-dgilbert@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=207.211.31.120; envelope-from=dgilbert@redhat.com; helo=us-smtp-1.mimecast.com X-detected-operating-system: by eggs.gnu.org: First seen = 2020/06/25 01:47:53 X-ACL-Warn: Detected OS = Linux 2.2.x-3.x [generic] [fuzzy] X-Spam_score_int: -30 X-Spam_score: -3.1 X-Spam_bar: --- X-Spam_report: (-3.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-1, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=_AUTOLEARN X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" From: "Dr. David Alan Gilbert" Allow capabilities to be added or removed from the allowed set for the daemon; e.g. default: CapPrm: 00000000880000df CapEff: 00000000880000df -o modcaps=3D+sys_admin CapPrm: 00000000882000df CapEff: 00000000882000df -o modcaps=3D+sys_admin:-chown CapPrm: 00000000882000de CapEff: 00000000882000de Signed-off-by: Dr. David Alan Gilbert --- docs/tools/virtiofsd.rst | 5 ++++ tools/virtiofsd/helper.c | 2 ++ tools/virtiofsd/passthrough_ll.c | 50 ++++++++++++++++++++++++++++++-- 3 files changed, 55 insertions(+), 2 deletions(-) diff --git a/docs/tools/virtiofsd.rst b/docs/tools/virtiofsd.rst index 378594c422..824e713491 100644 --- a/docs/tools/virtiofsd.rst +++ b/docs/tools/virtiofsd.rst @@ -54,6 +54,11 @@ Options * flock|no_flock - Enable/disable flock. The default is ``no_flock``. =20 + * modcaps=3DCAPLIST + Modify the list of capabilities allowed; CAPLIST is a colon separated + list of capabilities, each preceded by either + or -, e.g. + ''+sys_admin:-chown''. + * log_level=3DLEVEL - Print only log messages matching LEVEL or more severe. LEVEL is one of ``err``, ``warn``, ``info``, or ``debug``. The default is ``info``. diff --git a/tools/virtiofsd/helper.c b/tools/virtiofsd/helper.c index 00a1ef666a..3105b6c23a 100644 --- a/tools/virtiofsd/helper.c +++ b/tools/virtiofsd/helper.c @@ -174,6 +174,8 @@ void fuse_cmdline_help(void) " default: no_writeback\n" " -o xattr|no_xattr enable/disable xattr\n" " default: no_xattr\n" + " -o modcaps=3DCAPLIST Modify the list of capabiliti= es\n" + " e.g. -o modcaps=3D+sys_admin:-c= hown\n" " --rlimit-nofile=3D set maximum number of file de= scriptors\n" " (0 leaves rlimit unchanged)\n" " default: min(1000000, fs.file-m= ax - 16384)\n" diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough= _ll.c index 99d562046a..9d2cbc70ca 100644 --- a/tools/virtiofsd/passthrough_ll.c +++ b/tools/virtiofsd/passthrough_ll.c @@ -145,6 +145,7 @@ struct lo_data { int posix_lock; int xattr; char *source; + char *modcaps; double timeout; int cache; int timeout_set; @@ -170,6 +171,7 @@ static const struct fuse_opt lo_opts[] =3D { { "no_posix_lock", offsetof(struct lo_data, posix_lock), 0 }, { "xattr", offsetof(struct lo_data, xattr), 1 }, { "no_xattr", offsetof(struct lo_data, xattr), 0 }, + { "modcaps=3D%s", offsetof(struct lo_data, modcaps), 0 }, { "timeout=3D%lf", offsetof(struct lo_data, timeout), 0 }, { "timeout=3D", offsetof(struct lo_data, timeout_set), 1 }, { "cache=3Dnone", offsetof(struct lo_data, cache), CACHE_NONE }, @@ -2571,7 +2573,7 @@ static void setup_mounts(const char *source) /* * Only keep whitelisted capabilities that are needed for file system oper= ation */ -static void setup_capabilities(void) +static void setup_capabilities(struct lo_data *lo) { pthread_mutex_lock(&cap.mutex); capng_restore_state(&cap.saved); @@ -2604,6 +2606,50 @@ static void setup_capabilities(void) exit(1); } =20 + /* + * The modcaps option is a colon separated list of caps, + * each preceded by either + or -. + */ + while (lo->modcaps) { + capng_act_t action; + int cap; + + char *next =3D strchr(lo->modcaps, ':'); + if (next) { + *next =3D '\0'; + next++; + } + + switch (lo->modcaps[0]) { + case '+': + action =3D CAPNG_ADD; + break; + + case '-': + action =3D CAPNG_DROP; + break; + + default: + fuse_log(FUSE_LOG_ERR, + "%s: Expecting '+'/'-' in modcaps but found '%c'\n", + __func__, lo->modcaps[0]); + exit(1); + } + cap =3D capng_name_to_capability(lo->modcaps + 1); + if (cap < 0) { + fuse_log(FUSE_LOG_ERR, "%s: Unknown capability '%s'\n", __func= __, + lo->modcaps); + exit(1); + } + if (capng_update(action, CAPNG_PERMITTED | CAPNG_EFFECTIVE, cap)) { + fuse_log(FUSE_LOG_ERR, "%s: capng_update failed for '%s'\n", + __func__, lo->modcaps); + exit(1); + } + + lo->modcaps =3D next; + } + if (capng_apply(CAPNG_SELECT_BOTH)) { fuse_log(FUSE_LOG_ERR, "%s: capng_apply failed\n", __func__); exit(1); @@ -2627,7 +2673,7 @@ static void setup_sandbox(struct lo_data *lo, struct = fuse_session *se, setup_namespaces(lo, se); setup_mounts(lo->source); setup_seccomp(enable_syslog); - setup_capabilities(); + setup_capabilities(lo); } =20 /* Set the maximum number of open file descriptors */ --=20 2.26.2