Re: [Qemu-devel] Bug#864718: fsdev emulation security

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] Bug#864718: fsdev emulation security_model=none not han

From:	Michael Tokarev
Subject:	Re: [Qemu-devel] Bug#864718: fsdev emulation security_model=none not handling mode 000
Date:	Tue, 8 Aug 2017 10:58:29 +0300
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.2.1

I'm forwarding this upstream.
It looks like the same issue is present in 2.10-tobe.

13.06.2017 16:01, Sjoerd Simons wrote:
> Package: qemu-system
> Version: 1:2.8+dfsg-6
> Severity: normal
> 
> Hey,
> 
> For $reasons i'm exposing /boot over a filesystem share with the host system,
> fsdev is setup as followed on the qemu command line:
>   -fsdev 
> local,security_model=none,id=fsdev-fs0,path=/srv/mp30-ar1-cbg-0-armhf-0-boot
> 
> Unfortunately trying to install a kernel shows dpkg getting unhappy:
> 
> [pid 26686] open("/boot/System.map-4.9.0-3-armmp-lpae.dpkg-new",
>   O_WRONLY|O_CREAT|O_EXCL|O_LARGEFILE, 000) = -1 EACCES (Permission denied)
> 
> I suspect mode 000 is confusing everything here. A similarish issue can be 
> seen
> when changing a file to mode 000 by hand:
> 
> # touch badger
> # ls -l badger
> -rw-r--r-- 1 64055 64055 0 Jun 13 13:58 badger
> # chmod 600 badger
> # chmod 700 badger
> # chmod 000 badger
> # chmod 700 badger
> chmod: changing permissions of 'badger': Permission denied
> 
> Iotw as soon as the mode is 000 any later permission changes fail.
> 
> -- System Information:
> Debian Release: 9.0
>   APT prefers unstable-debug
>   APT policy: (500, 'unstable-debug'), (500, 'unstable'), (500, 'testing'), 
> (500, 'stable'), (1, 'experimental')
> Architecture: amd64 (x86_64)
> Foreign Architectures: i386, armhf, arm64
> 
> Kernel: Linux 4.9.0-3-amd64 (SMP w/4 CPU cores)
> Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
> LANGUAGE=en_US:en (charmap=UTF-8)
> Shell: /bin/sh linked to /usr/bin/dash
> Init: systemd (via /run/systemd/system)
> 
> Versions of packages qemu-system depends on:
> ii  qemu-system-arm    1:2.8+dfsg-6
> ii  qemu-system-mips   1:2.8+dfsg-6
> ii  qemu-system-misc   1:2.8+dfsg-6
> ii  qemu-system-ppc    1:2.8+dfsg-6
> ii  qemu-system-sparc  1:2.8+dfsg-6
> ii  qemu-system-x86    1:2.8+dfsg-6
> 
> qemu-system recommends no packages.
> 
> qemu-system suggests no packages.
> 
> -- no debconf information
>

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Qemu-devel] Bug#864718: fsdev emulation security_model=none not handling mode 000, Michael Tokarev <=

Prev by Date: Re: [Qemu-devel] [PATCH for-2.11] rcu: init globals only once
Next by Date: Re: [Qemu-devel] [PATCH 0/3] build configuration query tool and conditional (qemu-io)test skip
Previous by thread: [Qemu-devel] [Bug 1318746] Re: qemu Windows 7 BSOD when using hv-time
Next by thread: Re: [Qemu-devel] [PATCH 0/3] build configuration query tool and conditional (qemu-io)test skip
Index(es):
- Date
- Thread