From: Vivek Goyal <vgo...@redhat.com>
We need to create files in callers context. Otherwise afer creating file,
caller himself might not be able to do file operations on that file.
Changed effective uid/gid to caller's uid/gid, create file and then
switch backto uid/gid 0.
Use syscall(setresuid, ...) otherwise glibc does some magic to change EUID
in all threads, which is not what we want.
Signed-off-by: Vivek Goyal <vgo...@redhat.com>
Signed-off-by: Miklos Szeredi <mszer...@redhat.com>
---
contrib/virtiofsd/passthrough_ll.c | 75 ++++++++++++++++++++++++++++--
1 file changed, 71 insertions(+), 4 deletions(-)
diff --git a/contrib/virtiofsd/passthrough_ll.c
b/contrib/virtiofsd/passthrough_ll.c
index 2a1a880224..2de35d4d3d 100644
--- a/contrib/virtiofsd/passthrough_ll.c
+++ b/contrib/virtiofsd/passthrough_ll.c
@@ -49,6 +49,7 @@
#include <inttypes.h>
#include <pthread.h>
#include <sys/file.h>
+#include <sys/syscall.h>
#include <sys/xattr.h>
#include "passthrough_helpers.h"
@@ -78,6 +79,11 @@ struct lo_inode {
uint64_t refcount; /* protected by lo->mutex */
};
+struct lo_cred {
+ uid_t euid;
+ gid_t egid;
+};
+
enum {
CACHE_NEVER,
CACHE_NORMAL,
@@ -376,6 +382,51 @@ static void lo_lookup(fuse_req_t req, fuse_ino_t parent,
const char *name)
fuse_reply_entry(req, &e);
}
+/*
+ * Change to uid/gid of caller so that file is created with
+ * ownership of caller.
+ * TODO: What about selinux context?
+ */
+static int lo_change_cred(fuse_req_t req, struct lo_cred *old)
+{
+ int res;
+
+ old->euid = geteuid();
+ old->egid = getegid();
+
+ res = syscall(SYS_setresgid, -1,fuse_req_ctx(req)->gid, -1);
+ if (res == -1)
+ return errno;
+
+ res = syscall(SYS_setresuid, -1, fuse_req_ctx(req)->uid, -1);
+ if (res == -1) {
+ int errno_save = errno;
+
+ syscall(SYS_setresgid, -1, old->egid, -1);
+ return errno_save;
+ }
+
+ return 0;
+}
+
+/* Regain Privileges */
+static void lo_restore_cred(struct lo_cred *old)
+{
+ int res;
+
+ res = syscall(SYS_setresuid, -1, old->euid, -1);
+ if (res == -1) {
+ fuse_log(FUSE_LOG_ERR, "seteuid(%u): %m\n", old->euid);
+ exit(1);
+ }
+
+ res = syscall(SYS_setresgid, -1, old->egid, -1);
+ if (res == -1) {
+ fuse_log(FUSE_LOG_ERR, "setegid(%u): %m\n", old->egid);
+ exit(1);
+ }
+}
+
static void lo_mknod_symlink(fuse_req_t req, fuse_ino_t parent,
const char *name, mode_t mode, dev_t rdev,
const char *link)
@@ -384,12 +435,20 @@ static void lo_mknod_symlink(fuse_req_t req, fuse_ino_t
parent,
int saverr;
struct lo_inode *dir = lo_inode(req, parent);
struct fuse_entry_param e;
+ struct lo_cred old = {};
saverr = ENOMEM;
+ saverr = lo_change_cred(req, &old);
+ if (saverr)
+ goto out;
+
res = mknod_wrapper(dir->fd, name, link, mode, rdev);
saverr = errno;
+
+ lo_restore_cred(&old);
+
if (res == -1)
goto out;
@@ -768,23 +827,31 @@ static void lo_create(fuse_req_t req, fuse_ino_t parent,
const char *name,
struct lo_data *lo = lo_data(req);
struct fuse_entry_param e;
int err;
+ struct lo_cred old = {};
if (lo_debug(req))
fuse_log(FUSE_LOG_DEBUG, "lo_create(parent=%" PRIu64 ",
name=%s)\n",
parent, name);
+ err = lo_change_cred(req, &old);
+ if (err)
+ goto out;
+
fd = openat(lo_fd(req, parent), name,
(fi->flags | O_CREAT) & ~O_NOFOLLOW, mode);
- if (fd == -1)
- return (void) fuse_reply_err(req, errno);
+ err = fd == -1 ? errno : 0;
+ lo_restore_cred(&old);
- fi->fh = fd;
+ if (!err) {
+ fi->fh = fd;
+ err = lo_do_lookup(req, parent, name, &e);
+ }
if (lo->cache == CACHE_NEVER)
fi->direct_io = 1;
else if (lo->cache == CACHE_ALWAYS)
fi->keep_cache = 1;
- err = lo_do_lookup(req, parent, name, &e);
+out:
if (err)
fuse_reply_err(req, err);
else
--
2.23.0
