diff mbox

[v2] device-assignment: chmod the rom file before opening read/write

Message ID 20110104184516.28545.73442.stgit@s20.home (mailing list archive)
State New, archived
Headers show

Commit Message

Alex Williamson Jan. 4, 2011, 6:45 p.m. UTC
None
diff mbox

Patch

diff --git a/hw/device-assignment.c b/hw/device-assignment.c
index 8446cd4..81c77ae 100644
--- a/hw/device-assignment.c
+++ b/hw/device-assignment.c
@@ -1866,16 +1866,18 @@  static void assigned_dev_load_option_rom(AssignedDevice *dev)
         return;
     }
 
-    if (access(rom_file, F_OK)) {
-        fprintf(stderr, "pci-assign: Insufficient privileges for %s\n",
-                rom_file);
+    /* The ROM file is typically mode 0400, ensure that it's at least 0600
+     * for the following fopen to succeed when qemu is de-privileged. */
+    if (chmod(rom_file, (st.st_mode & ALLPERMS) | S_IRUSR | S_IWUSR)) {
+        fprintf(stderr, "pci-assign: Insufficient privileges for %s (%s)\n",
+                rom_file, strerror(errno));
         return;
     }
 
     /* Write "1" to the ROM file to enable it */
     fp = fopen(rom_file, "r+");
     if (fp == NULL) {
-        return;
+        goto restore_rom;
     }
     val = 1;
     if (fwrite(&val, 1, 1, fp) != 1) {
@@ -1895,17 +1897,20 @@  static void assigned_dev_load_option_rom(AssignedDevice *dev)
                 "or load from file with romfile=\n", rom_file);
         qemu_ram_free(dev->dev.rom_offset);
         dev->dev.rom_offset = 0;
-        goto close_rom;
+        goto disable_rom;
     }
 
     pci_register_bar(&dev->dev, PCI_ROM_SLOT,
                      st.st_size, 0, pci_map_option_rom);
-close_rom:
+disable_rom:
     /* Write "0" to disable ROM */
     fseek(fp, 0, SEEK_SET);
     val = 0;
-    if (!fwrite(&val, 1, 1, fp)) {
+    if (fwrite(&val, 1, 1, fp) != 1) {
         DEBUG("%s\n", "Failed to disable pci-sysfs rom file");
     }
+close_rom:
     fclose(fp);
+restore_rom:
+    chmod(rom_file, st.st_mode & ALLPERMS);
 }