[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PULL 2/8] 9pfs: local: Add support for custom fmode/dmode
From: |
Greg Kurz |
Subject: |
[Qemu-devel] [PULL 2/8] 9pfs: local: Add support for custom fmode/dmode in 9ps mapped security modes |
Date: |
Thu, 29 Jun 2017 15:43:45 +0200 |
From: Tobias Schramm <address@hidden>
In mapped security modes, files are created with very restrictive
permissions (600 for files and 700 for directories). This makes
file sharing between virtual machines and users on the host rather
complicated. Imagine eg. a group of users that need to access data
produced by processes on a virtual machine. Giving those users access
to the data will be difficult since the group access mode is always 0.
This patch makes the default mode for both files and directories
configurable. Existing setups that don't know about the new parameters
keep using the current secure behavior.
Signed-off-by: Tobias Schramm <address@hidden>
Signed-off-by: Greg Kurz <address@hidden>
---
fsdev/file-op-9p.h | 4 ++++
fsdev/qemu-fsdev-opts.c | 12 ++++++++++++
hw/9pfs/9p-local.c | 25 +++++++++++++++++++++----
hw/9pfs/9p.c | 3 +++
qemu-options.hx | 20 ++++++++++++++++----
5 files changed, 56 insertions(+), 8 deletions(-)
diff --git a/fsdev/file-op-9p.h b/fsdev/file-op-9p.h
index 0844a403dcd4..474c79d003f6 100644
--- a/fsdev/file-op-9p.h
+++ b/fsdev/file-op-9p.h
@@ -76,6 +76,8 @@ typedef struct FsDriverEntry {
int export_flags;
FileOperations *ops;
FsThrottle fst;
+ mode_t fmode;
+ mode_t dmode;
} FsDriverEntry;
typedef struct FsContext
@@ -88,6 +90,8 @@ typedef struct FsContext
FsThrottle *fst;
/* fs driver specific data */
void *private;
+ mode_t fmode;
+ mode_t dmode;
} FsContext;
typedef struct V9fsPath {
diff --git a/fsdev/qemu-fsdev-opts.c b/fsdev/qemu-fsdev-opts.c
index bf5713008a1b..7c31ffffafb5 100644
--- a/fsdev/qemu-fsdev-opts.c
+++ b/fsdev/qemu-fsdev-opts.c
@@ -38,6 +38,12 @@ static QemuOptsList qemu_fsdev_opts = {
}, {
.name = "sock_fd",
.type = QEMU_OPT_NUMBER,
+ }, {
+ .name = "fmode",
+ .type = QEMU_OPT_NUMBER,
+ }, {
+ .name = "dmode",
+ .type = QEMU_OPT_NUMBER,
},
THROTTLE_OPTS,
@@ -75,6 +81,12 @@ static QemuOptsList qemu_virtfs_opts = {
}, {
.name = "sock_fd",
.type = QEMU_OPT_NUMBER,
+ }, {
+ .name = "fmode",
+ .type = QEMU_OPT_NUMBER,
+ }, {
+ .name = "dmode",
+ .type = QEMU_OPT_NUMBER,
},
{ /*End of list */ }
diff --git a/hw/9pfs/9p-local.c b/hw/9pfs/9p-local.c
index 83952eff0a11..6e478f4765ef 100644
--- a/hw/9pfs/9p-local.c
+++ b/hw/9pfs/9p-local.c
@@ -633,7 +633,7 @@ static int local_mknod(FsContext *fs_ctx, V9fsPath
*dir_path,
if (fs_ctx->export_flags & V9FS_SM_MAPPED ||
fs_ctx->export_flags & V9FS_SM_MAPPED_FILE) {
- err = mknodat(dirfd, name, SM_LOCAL_MODE_BITS | S_IFREG, 0);
+ err = mknodat(dirfd, name, fs_ctx->fmode | S_IFREG, 0);
if (err == -1) {
goto out;
}
@@ -685,7 +685,7 @@ static int local_mkdir(FsContext *fs_ctx, V9fsPath
*dir_path,
if (fs_ctx->export_flags & V9FS_SM_MAPPED ||
fs_ctx->export_flags & V9FS_SM_MAPPED_FILE) {
- err = mkdirat(dirfd, name, SM_LOCAL_DIR_MODE_BITS);
+ err = mkdirat(dirfd, name, fs_ctx->dmode);
if (err == -1) {
goto out;
}
@@ -786,7 +786,7 @@ static int local_open2(FsContext *fs_ctx, V9fsPath
*dir_path, const char *name,
/* Determine the security model */
if (fs_ctx->export_flags & V9FS_SM_MAPPED ||
fs_ctx->export_flags & V9FS_SM_MAPPED_FILE) {
- fd = openat_file(dirfd, name, flags, SM_LOCAL_MODE_BITS);
+ fd = openat_file(dirfd, name, flags, fs_ctx->fmode);
if (fd == -1) {
goto out;
}
@@ -849,7 +849,7 @@ static int local_symlink(FsContext *fs_ctx, const char
*oldpath,
ssize_t oldpath_size, write_size;
fd = openat_file(dirfd, name, O_CREAT | O_EXCL | O_RDWR,
- SM_LOCAL_MODE_BITS);
+ fs_ctx->fmode);
if (fd == -1) {
goto out;
}
@@ -1467,6 +1467,23 @@ static int local_parse_opts(QemuOpts *opts, struct
FsDriverEntry *fse)
return -1;
}
+ if (fse->export_flags & V9FS_SM_MAPPED ||
+ fse->export_flags & V9FS_SM_MAPPED_FILE) {
+ fse->fmode =
+ qemu_opt_get_number(opts, "fmode", SM_LOCAL_MODE_BITS) & 0777;
+ fse->dmode =
+ qemu_opt_get_number(opts, "dmode", SM_LOCAL_DIR_MODE_BITS) & 0777;
+ } else {
+ if (qemu_opt_find(opts, "fmode")) {
+ error_report("fmode is only valid for mapped 9p modes");
+ return -1;
+ }
+ if (qemu_opt_find(opts, "dmode")) {
+ error_report("dmode is only valid for mapped 9p modes");
+ return -1;
+ }
+ }
+
fse->path = g_strdup(path);
return 0;
diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c
index 96d268334865..a0ae98f7ca6f 100644
--- a/hw/9pfs/9p.c
+++ b/hw/9pfs/9p.c
@@ -3533,6 +3533,9 @@ int v9fs_device_realize_common(V9fsState *s, Error **errp)
s->ops = fse->ops;
+ s->ctx.fmode = fse->fmode;
+ s->ctx.dmode = fse->dmode;
+
s->fid_list = NULL;
qemu_co_rwlock_init(&s->rename_lock);
diff --git a/qemu-options.hx b/qemu-options.hx
index 896ff177c311..297bd8aca430 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx
@@ -1010,7 +1010,7 @@ ETEXI
DEF("fsdev", HAS_ARG, QEMU_OPTION_fsdev,
"-fsdev
fsdriver,id=id[,path=path,][security_model={mapped-xattr|mapped-file|passthrough|none}]\n"
- " [,writeout=immediate][,readonly][,socket=socket|sock_fd=sock_fd]\n"
+ "
[,writeout=immediate][,readonly][,socket=socket|sock_fd=sock_fd][,fmode=fmode][,dmode=dmode]\n"
"
[[,throttling.bps-total=b]|[[,throttling.bps-read=r][,throttling.bps-write=w]]]\n"
"
[[,throttling.iops-total=i]|[[,throttling.iops-read=r][,throttling.iops-write=w]]]\n"
"
[[,throttling.bps-total-max=bm]|[[,throttling.bps-read-max=rm][,throttling.bps-write-max=wm]]]\n"
@@ -1020,7 +1020,7 @@ DEF("fsdev", HAS_ARG, QEMU_OPTION_fsdev,
STEXI
address@hidden -fsdev
@var{fsdriver},address@hidden,address@hidden,address@hidden,address@hidden,readonly][,address@hidden|address@hidden
address@hidden -fsdev
@var{fsdriver},address@hidden,address@hidden,address@hidden,address@hidden,readonly][,address@hidden|address@hidden,address@hidden,address@hidden
@findex -fsdev
Define a new file system device. Valid options are:
@table @option
@@ -1061,6 +1061,12 @@ with virtfs-proxy-helper
Enables proxy filesystem driver to use passed socket descriptor for
communicating with virtfs-proxy-helper. Usually a helper like libvirt
will create socketpair and pass one of the fds as sock_fd
address@hidden address@hidden
+Specifies the default mode for newly created files on the host. Works only
+with security models "mapped-xattr" and "mapped-file".
address@hidden address@hidden
+Specifies the default mode for newly created directories on the host. Works
+only with security models "mapped-xattr" and "mapped-file".
@end table
-fsdev option is used along with -device driver "virtio-9p-pci".
@@ -1077,12 +1083,12 @@ ETEXI
DEF("virtfs", HAS_ARG, QEMU_OPTION_virtfs,
"-virtfs
local,path=path,mount_tag=tag,security_model=[mapped-xattr|mapped-file|passthrough|none]\n"
- "
[,id=id][,writeout=immediate][,readonly][,socket=socket|sock_fd=sock_fd]\n",
+ "
[,id=id][,writeout=immediate][,readonly][,socket=socket|sock_fd=sock_fd][,fmode=fmode][,dmode=dmode]\n",
QEMU_ARCH_ALL)
STEXI
address@hidden -virtfs
@var{fsdriver}[,address@hidden,address@hidden,address@hidden,address@hidden,readonly][,address@hidden|address@hidden
address@hidden -virtfs
@var{fsdriver}[,address@hidden,address@hidden,address@hidden,address@hidden,readonly][,address@hidden|address@hidden,address@hidden,address@hidden
@findex -virtfs
The general form of a Virtual File system pass-through options are:
@@ -1124,6 +1130,12 @@ will create socketpair and pass one of the fds as sock_fd
@item sock_fd
Enables proxy filesystem driver to use passed 'sock_fd' as the socket
descriptor for interfacing with virtfs-proxy-helper
address@hidden address@hidden
+Specifies the default mode for newly created files on the host. Works only
+with security models "mapped-xattr" and "mapped-file".
address@hidden address@hidden
+Specifies the default mode for newly created directories on the host. Works
+only with security models "mapped-xattr" and "mapped-file".
@end table
ETEXI
--
2.7.5
- [Qemu-devel] [PULL 0/8] 9pfs patches for 2.10 20170629, Greg Kurz, 2017/06/29
- [Qemu-devel] [PULL 1/8] 9pfs: local: remove: use correct path component, Greg Kurz, 2017/06/29
- [Qemu-devel] [PULL 2/8] 9pfs: local: Add support for custom fmode/dmode in 9ps mapped security modes,
Greg Kurz <=
- [Qemu-devel] [PULL 4/8] virtio-9p: record element after sanity checks, Greg Kurz, 2017/06/29
- [Qemu-devel] [PULL 3/8] 9pfs: replace g_malloc()+memcpy() with g_memdup(), Greg Kurz, 2017/06/29
- [Qemu-devel] [PULL 6/8] virtio-9p: break device if buffers are misconfigured, Greg Kurz, 2017/06/29
- [Qemu-devel] [PULL 5/8] virtio-9p: message header is 7-byte long, Greg Kurz, 2017/06/29
- [Qemu-devel] [PULL 7/8] xen-9pfs: disconnect if buffers are misconfigured, Greg Kurz, 2017/06/29
- [Qemu-devel] [PULL 8/8] 9pfs: handle transport errors in pdu_complete(), Greg Kurz, 2017/06/29
- Re: [Qemu-devel] [PULL 0/8] 9pfs patches for 2.10 20170629, Peter Maydell, 2017/06/29