Re: [PATCH v4 3/3] virtiofsd: prevent opening of special files (CVE-2020-35517)

2021-02-04 Thread Stefan Hajnoczi
On Wed, Feb 03, 2021 at 04:14:41PM -0500, Vivek Goyal wrote: > On Wed, Feb 03, 2021 at 05:05:14PM +, Stefan Hajnoczi wrote: > > On Wed, Feb 03, 2021 at 11:08:58AM -0500, Vivek Goyal wrote: > > > On Wed, Feb 03, 2021 at 05:02:37PM +0100, Greg Kurz wrote: > > > > On Wed, 3 Feb 2021 10:28:50 -0500

Re: [PATCH v4 3/3] virtiofsd: prevent opening of special files (CVE-2020-35517)

2021-02-03 Thread Vivek Goyal
On Wed, Feb 03, 2021 at 05:05:14PM +, Stefan Hajnoczi wrote: > On Wed, Feb 03, 2021 at 11:08:58AM -0500, Vivek Goyal wrote: > > On Wed, Feb 03, 2021 at 05:02:37PM +0100, Greg Kurz wrote: > > > On Wed, 3 Feb 2021 10:28:50 -0500 > > > Vivek Goyal wrote: > > > > > > > On Wed, Feb 03, 2021 at 11:

Re: [PATCH v4 3/3] virtiofsd: prevent opening of special files (CVE-2020-35517)

2021-02-03 Thread Dr. David Alan Gilbert
* Stefan Hajnoczi (stefa...@redhat.com) wrote: > On Wed, Feb 03, 2021 at 11:08:58AM -0500, Vivek Goyal wrote: > > On Wed, Feb 03, 2021 at 05:02:37PM +0100, Greg Kurz wrote: > > > On Wed, 3 Feb 2021 10:28:50 -0500 > > > Vivek Goyal wrote: > > > > > > > On Wed, Feb 03, 2021 at 11:37:19AM +, Ste

Re: [PATCH v4 3/3] virtiofsd: prevent opening of special files (CVE-2020-35517)

2021-02-03 Thread Stefan Hajnoczi
On Wed, Feb 03, 2021 at 04:57:59PM +0100, Greg Kurz wrote: > On Wed, 3 Feb 2021 11:37:19 + > Stefan Hajnoczi wrote: > > static int lo_do_open(struct lo_data *lo, struct lo_inode *inode, > > - struct fuse_file_info *fi) > > + int existing_fd, struct f

Re: [PATCH v4 3/3] virtiofsd: prevent opening of special files (CVE-2020-35517)

2021-02-03 Thread Stefan Hajnoczi
On Wed, Feb 03, 2021 at 11:08:58AM -0500, Vivek Goyal wrote: > On Wed, Feb 03, 2021 at 05:02:37PM +0100, Greg Kurz wrote: > > On Wed, 3 Feb 2021 10:28:50 -0500 > > Vivek Goyal wrote: > > > > > On Wed, Feb 03, 2021 at 11:37:19AM +, Stefan Hajnoczi wrote: > > > > > > [..] > > > > @@ -1727,36 +

Re: [PATCH v4 3/3] virtiofsd: prevent opening of special files (CVE-2020-35517)

2021-02-03 Thread Vivek Goyal
On Wed, Feb 03, 2021 at 05:02:37PM +0100, Greg Kurz wrote: > On Wed, 3 Feb 2021 10:28:50 -0500 > Vivek Goyal wrote: > > > On Wed, Feb 03, 2021 at 11:37:19AM +, Stefan Hajnoczi wrote: > > > > [..] > > > @@ -1727,36 +1764,38 @@ static void lo_create(fuse_req_t req, fuse_ino_t > > > parent, co

Re: [PATCH v4 3/3] virtiofsd: prevent opening of special files (CVE-2020-35517)

2021-02-03 Thread Greg Kurz
On Wed, 3 Feb 2021 10:28:50 -0500 Vivek Goyal wrote: > On Wed, Feb 03, 2021 at 11:37:19AM +, Stefan Hajnoczi wrote: > > [..] > > @@ -1727,36 +1764,38 @@ static void lo_create(fuse_req_t req, fuse_ino_t > > parent, const char *name, > > > > update_open_flags(lo->writeback, lo->allow_d

Re: [PATCH v4 3/3] virtiofsd: prevent opening of special files (CVE-2020-35517)

2021-02-03 Thread Greg Kurz
On Wed, 3 Feb 2021 11:37:19 + Stefan Hajnoczi wrote: > A well-behaved FUSE client does not attempt to open special files with > FUSE_OPEN because they are handled on the client side (e.g. device nodes > are handled by client-side device drivers). > > The check to prevent virtiofsd from open

Re: [PATCH v4 3/3] virtiofsd: prevent opening of special files (CVE-2020-35517)

2021-02-03 Thread Vivek Goyal
On Wed, Feb 03, 2021 at 11:37:19AM +, Stefan Hajnoczi wrote: [..] > @@ -1727,36 +1764,38 @@ static void lo_create(fuse_req_t req, fuse_ino_t > parent, const char *name, > > update_open_flags(lo->writeback, lo->allow_direct_io, fi); > > -fd = openat(parent_inode->fd, name, (fi->fl

[PATCH v4 3/3] virtiofsd: prevent opening of special files (CVE-2020-35517)

2021-02-03 Thread Stefan Hajnoczi
A well-behaved FUSE client does not attempt to open special files with FUSE_OPEN because they are handled on the client side (e.g. device nodes are handled by client-side device drivers). The check to prevent virtiofsd from opening special files is missing in a few cases, most notably FUSE_OPEN. A