Patchwork [-V3,7/7] virtio-9p: Implemented security model for chown and chgrp.

login
register
mail settings
Submitter jvrao
Date May 21, 2010, 9:26 p.m.
Message ID <1274477170-7658-8-git-send-email-jvrao@linux.vnet.ibm.com>
Download mbox | patch
Permalink /patch/53207/
State New
Headers show

Comments

jvrao - May 21, 2010, 9:26 p.m.
Signed-off-by: Venkateswararao Jujjuri <jvrao@linux.vnet.ibm.com>
---
 hw/file-op-9p.h      |    4 ++--
 hw/virtio-9p-local.c |   18 ++++++++++++++----
 hw/virtio-9p.c       |   15 ++++++++++++---
 3 files changed, 28 insertions(+), 9 deletions(-)

Patch

diff --git a/hw/file-op-9p.h b/hw/file-op-9p.h
index 0a9c10a..b3a320c 100644
--- a/hw/file-op-9p.h
+++ b/hw/file-op-9p.h
@@ -49,8 +49,8 @@  typedef struct FileOperations
 {
     int (*lstat)(FsContext *, const char *, struct stat *);
     ssize_t (*readlink)(FsContext *, const char *, char *, size_t);
-    int (*chmod)(FsContext *, const char *, mode_t);
-    int (*chown)(FsContext *, const char *, uid_t, gid_t);
+    int (*chmod)(FsContext *, const char *, FsCred *);
+    int (*chown)(FsContext *, const char *, FsCred *);
     int (*mknod)(FsContext *, const char *, FsCred *);
     int (*utime)(FsContext *, const char *, const struct utimbuf *);
     int (*remove)(FsContext *, const char *);
diff --git a/hw/virtio-9p-local.c b/hw/virtio-9p-local.c
index 283ed5d..c5678ae 100644
--- a/hw/virtio-9p-local.c
+++ b/hw/virtio-9p-local.c
@@ -173,9 +173,14 @@  static ssize_t local_writev(FsContext *ctx, int fd, const struct iovec *iov,
     return writev(fd, iov, iovcnt);
 }
 
-static int local_chmod(FsContext *ctx, const char *path, mode_t mode)
+static int local_chmod(FsContext *fs_ctx, const char *path, FsCred *credp)
 {
-    return chmod(rpath(ctx, path), mode);
+    if (fs_ctx->fs_sm == sm_mapped) {
+        return local_set_xattr(rpath(fs_ctx, path), credp);
+    } else if (fs_ctx->fs_sm == sm_passthrough) {
+        return chmod(rpath(fs_ctx, path), credp->fc_mode);
+    }
+    return -1;
 }
 
 static int local_mknod(FsContext *fs_ctx, const char *path, FsCred *credp)
@@ -415,9 +420,14 @@  static int local_rename(FsContext *ctx, const char *oldpath,
 
 }
 
-static int local_chown(FsContext *ctx, const char *path, uid_t uid, gid_t gid)
+static int local_chown(FsContext *fs_ctx, const char *path, FsCred *credp)
 {
-    return chown(rpath(ctx, path), uid, gid);
+    if (fs_ctx->fs_sm == sm_mapped) {
+        return local_set_xattr(rpath(fs_ctx, path), credp);
+    } else if (fs_ctx->fs_sm == sm_passthrough) {
+        return chown(rpath(fs_ctx, path), credp->fc_uid, credp->fc_gid);
+    }
+    return -1;
 }
 
 static int local_utime(FsContext *ctx, const char *path,
diff --git a/hw/virtio-9p.c b/hw/virtio-9p.c
index fbc846b..a9dfc0d 100644
--- a/hw/virtio-9p.c
+++ b/hw/virtio-9p.c
@@ -154,7 +154,11 @@  static int v9fs_do_writev(V9fsState *s, int fd, const struct iovec *iov,
 
 static int v9fs_do_chmod(V9fsState *s, V9fsString *path, mode_t mode)
 {
-    return s->ops->chmod(&s->ctx, path->data, mode);
+    FsCred cred;
+    cred_init(&cred);
+    cred.fc_mode = mode;
+
+    return s->ops->chmod(&s->ctx, path->data, &cred);
 }
 
 static int v9fs_do_mknod(V9fsState *s, V9fsCreateState *vs, mode_t mode,
@@ -231,7 +235,12 @@  static int v9fs_do_rename(V9fsState *s, V9fsString *oldpath,
 
 static int v9fs_do_chown(V9fsState *s, V9fsString *path, uid_t uid, gid_t gid)
 {
-    return s->ops->chown(&s->ctx, path->data, uid, gid);
+    FsCred cred;
+    cred_init(&cred);
+    cred.fc_uid = uid;
+    cred.fc_gid = gid;
+
+    return s->ops->chown(&s->ctx, path->data, &cred);
 }
 
 static int v9fs_do_utime(V9fsState *s, V9fsString *path,
@@ -2038,7 +2047,7 @@  static void v9fs_wstat_post_utime(V9fsState *s, V9fsWstatState *vs, int err)
         goto out;
     }
 
-    if (vs->v9stat.n_gid != -1) {
+    if (vs->v9stat.n_gid != -1 || vs->v9stat.n_uid != -1) {
         if (v9fs_do_chown(s, &vs->fidp->path, vs->v9stat.n_uid,
                     vs->v9stat.n_gid)) {
             err = -errno;