On Thu, Mar 31, 2011 at 01:51:27PM +0530, M. Mohan Kumar wrote: > In passthrough security model, following symbolic links in the server > side could result in TOCTTOU vulnerabilities. > > This patchset resolves this issue by creating a dedicated process which > chroots into the share path and all file object access is done in the > chroot environment. > > This patchset implements chroot enviroment, provides necessary functions > that can be used by the passthrough function calls. > > Changes from version V9: > * Error handling in special file object creation in virtio-9p-local.c > * Fix memory leak issue > > Changes from version V8: > * Make chmod and chown also operate under chroot process > * Check for invalid path requests, minor cleanups > > Changes from version V7: > * Add two chroot methods remove and rename > * Minor cleanups like consolidating functions > > Changes from version V6: > * Send only fd/errno in socket operations instead of FdInfo structure > * Minor cleanups > > Changes from version V5: > * Return errno on failure instead of setting errno > * Minor cleanups like updated comments, enable CONFIG_THREAD if > CONFIG_VIRTFS is enabled > > Changes from version V4: > * Avoid using malloc/free inside chroot process > * Seperate chroot server and client functions > > Changes from version V3 > * Return EIO incase of socket read/write fail instead of exiting > * Changed data types as suggested by Blue Swirl > * Chroot process reports error through qemu process > > Changes from version V2 > * Treat socket IO errors as fatal, ie qemu will exit > * Split patchset based on chroot side (server) and qemu side(client) > functionalities > M. Mohan Kumar (13): > Implement qemu_read_full > virtio-9p: Enable CONFIG_THREAD if CONFIG_VIRTFS is enabled > virtio-9p: Provide chroot worker side interfaces > virtio-9p: Add qemu side interfaces for chroot environment > virtio-9p: Add support to open a file in chroot environment > virtio-9p: Create support in chroot environment > virtio-9p: Support for creating special files > virtio-9p: Add support for removing file or directory > virtio-9p: Add support to rename > virtio-9p: Move file post creation changes to none security model > virtio-9p: Add support for chmod > virtio-9p: Add support for chown > virtio-9p: Chroot environment for other functions > > Makefile.objs | 1 + > configure | 1 + > hw/9pfs/virtio-9p-chroot-worker.c | 342 > +++++++++++++++++++++++++++++++++++++ > hw/9pfs/virtio-9p-chroot.c | 105 +++++++++++ > hw/9pfs/virtio-9p-chroot.h | 48 +++++ > hw/9pfs/virtio-9p-local.c | 306 ++++++++++++++++++++++++++-------- > hw/9pfs/virtio-9p.c | 24 +++ > hw/file-op-9p.h | 3 + > osdep.c | 32 ++++ > qemu-common.h | 2 + > 10 files changed, 796 insertions(+), 68 deletions(-) > create mode 100644 hw/9pfs/virtio-9p-chroot-worker.c > create mode 100644 hw/9pfs/virtio-9p-chroot.c > create mode 100644 hw/9pfs/virtio-9p-chroot.h > > --
Reviewed-by: Stefan Hajnoczi <stefa...@linux.vnet.ibm.com>
