9pfs: local: Do not follow symlink in _nofollow

Message ID	20220427024545.18298-1-akihiko.odaki@gmail.com (mailing list archive)
State	New, archived
Headers	show Return-Path: <qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org> From: Akihiko Odaki <akihiko.odaki@gmail.com> To: Subject: [PATCH] 9pfs: local: Do not follow symlink in _nofollow Date: Wed, 27 Apr 2022 11:45:45 +0900 Message-Id: <20220427024545.18298-1-akihiko.odaki@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Received-SPF: pass client-ip=2607:f8b0:4864:20::102d; envelope-from=akihiko.odaki@gmail.com; helo=mail-pj1-x102d.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action Precedence: list Cc: Christian Schoenebeck <qemu_oss@crudebyte.com>, qemu-devel@nongnu.org, Akihiko Odaki <akihiko.odaki@gmail.com>, Greg Kurz <groug@kaod.org> Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: "Qemu-devel" <qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org>
Series	9pfs: local: Do not follow symlink in _nofollow \| expand 9pfs: local: Do not follow symlink in _nofollow

Message ID

20220427024545.18298-1-akihiko.odaki@gmail.com (mailing list archive)

State

New, archived

Headers

From: Akihiko Odaki <akihiko.odaki@gmail.com>
To: 
Subject: [PATCH] 9pfs: local: Do not follow symlink in _nofollow
Date: Wed, 27 Apr 2022 11:45:45 +0900
Message-Id: <20220427024545.18298-1-akihiko.odaki@gmail.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Received-SPF: pass client-ip=2607:f8b0:4864:20::102d;
 envelope-from=akihiko.odaki@gmail.com; helo=mail-pj1-x102d.google.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001,
 RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001,
 T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Cc: Christian Schoenebeck <qemu_oss@crudebyte.com>, qemu-devel@nongnu.org,
 Akihiko Odaki <akihiko.odaki@gmail.com>, Greg Kurz <groug@kaod.org>
Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org
Sender: "Qemu-devel"
 <qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org>

Series

9pfs: local: Do not follow symlink in _nofollow | expand

Comments

Christian Schoenebeck April 27, 2022, 8:46 a.m. UTC | #1

On Mittwoch, 27. April 2022 04:45:45 CEST Akihiko Odaki wrote:
> Signed-off-by: Akihiko Odaki <akihiko.odaki@gmail.com>
> ---
>  hw/9pfs/9p-local.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/hw/9pfs/9p-local.c b/hw/9pfs/9p-local.c
> index d42ce6d8b82..def8afdb4d6 100644
> --- a/hw/9pfs/9p-local.c
> +++ b/hw/9pfs/9p-local.c
> @@ -365,7 +365,7 @@ static int fchmodat_nofollow(int dirfd, const char
> *name, mode_t mode) if (fd == -1) {
>          /* In case the file is writable-only and isn't a directory. */
>          if (errno == EACCES) {
> -            fd = openat_file(dirfd, name, O_WRONLY, 0);
> +            fd = openat_file(dirfd, name, O_WRONLY | O_NOFOLLOW, 0);

O_NOFOLLOW flag is always added inside openat_file() implementation:

https://github.com/qemu/qemu/blob/master/hw/9pfs/9p-util.h#L60

So this change is not necessary AFAICS.

>          }
>          if (fd == -1 && errno == EISDIR) {
>              errno = EACCES;

Greg Kurz April 27, 2022, 10:21 a.m. UTC | #2

On Wed, 27 Apr 2022 10:46:31 +0200
Christian Schoenebeck <qemu_oss@crudebyte.com> wrote:

> On Mittwoch, 27. April 2022 04:45:45 CEST Akihiko Odaki wrote:
> > Signed-off-by: Akihiko Odaki <akihiko.odaki@gmail.com>
> > ---
> >  hw/9pfs/9p-local.c | 2 +-
> >  1 file changed, 1 insertion(+), 1 deletion(-)
> > 
> > diff --git a/hw/9pfs/9p-local.c b/hw/9pfs/9p-local.c
> > index d42ce6d8b82..def8afdb4d6 100644
> > --- a/hw/9pfs/9p-local.c
> > +++ b/hw/9pfs/9p-local.c
> > @@ -365,7 +365,7 @@ static int fchmodat_nofollow(int dirfd, const char
> > *name, mode_t mode) if (fd == -1) {
> >          /* In case the file is writable-only and isn't a directory. */
> >          if (errno == EACCES) {
> > -            fd = openat_file(dirfd, name, O_WRONLY, 0);
> > +            fd = openat_file(dirfd, name, O_WRONLY | O_NOFOLLOW, 0);
> 
> O_NOFOLLOW flag is always added inside openat_file() implementation:
> 
> https://github.com/qemu/qemu/blob/master/hw/9pfs/9p-util.h#L60
> 
> So this change is not necessary AFAICS.
> 

Right, and with macOS in mind, maybe fchmodat(AT_SYMLINK_NOFOLLOW) just
works unlike with linux ?

> >          }
> >          if (fd == -1 && errno == EISDIR) {
> >              errno = EACCES;
> 
>

Christian Schoenebeck April 27, 2022, 11:18 a.m. UTC | #3

On Mittwoch, 27. April 2022 12:21:51 CEST Greg Kurz wrote:
> On Wed, 27 Apr 2022 10:46:31 +0200
> 
> Christian Schoenebeck <qemu_oss@crudebyte.com> wrote:
> > On Mittwoch, 27. April 2022 04:45:45 CEST Akihiko Odaki wrote:
> > > Signed-off-by: Akihiko Odaki <akihiko.odaki@gmail.com>
> > > ---
> > > 
> > >  hw/9pfs/9p-local.c | 2 +-
> > >  1 file changed, 1 insertion(+), 1 deletion(-)
> > > 
> > > diff --git a/hw/9pfs/9p-local.c b/hw/9pfs/9p-local.c
> > > index d42ce6d8b82..def8afdb4d6 100644
> > > --- a/hw/9pfs/9p-local.c
> > > +++ b/hw/9pfs/9p-local.c
> > > @@ -365,7 +365,7 @@ static int fchmodat_nofollow(int dirfd, const char
> > > *name, mode_t mode) if (fd == -1) {
> > > 
> > >          /* In case the file is writable-only and isn't a directory. */
> > >          if (errno == EACCES) {
> > > 
> > > -            fd = openat_file(dirfd, name, O_WRONLY, 0);
> > > +            fd = openat_file(dirfd, name, O_WRONLY | O_NOFOLLOW, 0);
> > 
> > O_NOFOLLOW flag is always added inside openat_file() implementation:
> > 
> > https://github.com/qemu/qemu/blob/master/hw/9pfs/9p-util.h#L60
> > 
> > So this change is not necessary AFAICS.
> 
> Right, and with macOS in mind, maybe fchmodat(AT_SYMLINK_NOFOLLOW) just
> works unlike with linux ?

Yep, fchmodat(AT_SYMLINK_NOFOLLOW) seems to work on macOS! Like you already 
suggested on the other thread, it would make sense to move current 
implementation of fchmodat_nofollow() to 9p-util-linux.h/.c and let macOS just 
use fchmodat(AT_SYMLINK_NOFOLLOW) instead.

Best regards,
Christian Schoenebeck

diff --git a/hw/9pfs/9p-local.c b/hw/9pfs/9p-local.c
index d42ce6d8b82..def8afdb4d6 100644
--- a/hw/9pfs/9p-local.c
+++ b/hw/9pfs/9p-local.c
@@ -365,7 +365,7 @@  static int fchmodat_nofollow(int dirfd, const char *name, mode_t mode)
     if (fd == -1) {
         /* In case the file is writable-only and isn't a directory. */
         if (errno == EACCES) {
-            fd = openat_file(dirfd, name, O_WRONLY, 0);
+            fd = openat_file(dirfd, name, O_WRONLY | O_NOFOLLOW, 0);
         }
         if (fd == -1 && errno == EISDIR) {
             errno = EACCES;

9pfs: local: Do not follow symlink in _nofollow

Commit Message

Comments

Patch