| Message ID | ZMkdsWHTeHT2+lF2@p100 (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | linux-user: Fix openat() emulation to correctly detect accesses to /proc | expand |
On Tue, Aug 01, 2023 at 04:58:57PM +0200, Helge Deller wrote: > In qemu we catch accesses to files like /proc/cpuinfo or /proc/net/route > and return to the guest contents which would be visible on a real system > (instead what the host would show). > > This patch fixes a bug, where for example the accesses > cat /proc////cpuinfo > or > cd /proc && cat cpuinfo > will not be recognized by qemu and where qemu will wrongly show > the contents of the host's /proc/cpuinfo file. > > Signed-off-by: Helge Deller <deller@gmx.de> > > diff --git a/linux-user/syscall.c b/linux-user/syscall.c > index 917c388073..bb864c2bb3 100644 > --- a/linux-user/syscall.c > +++ b/linux-user/syscall.c > @@ -8531,9 +8531,11 @@ static int open_cpuinfo(CPUArchState *cpu_env, int fd) > } > #endif > > -int do_guest_openat(CPUArchState *cpu_env, int dirfd, const char *pathname, > +int do_guest_openat(CPUArchState *cpu_env, int dirfd, const char *fname, > int flags, mode_t mode, bool safe) > { > + char proc_name[PATH_MAX]; No PATH_MAX buffers declared on the stack please. > + const char *pathname; > struct fake_open { > const char *filename; > int (*fill)(CPUArchState *cpu_env, int fd); > @@ -8560,6 +8562,13 @@ int do_guest_openat(CPUArchState *cpu_env, int dirfd, const char *pathname, > { NULL, NULL, NULL } > }; > > + /* if this is a file from /proc/ filesystem, expand full name */ > + if (realpath(fname, proc_name) && strncmp(proc_name, "/proc/", 6) == 0) { QEMU relies on the extended semantics of realpath() where passing NULL for 'proc_name' causes it to allocate a buffer of the correct size and return the new buffer. Using that avoids PATH_MAX variables. > + pathname = proc_name; > + } else { > + pathname = fname; > + } With regards, Daniel
diff --git a/linux-user/syscall.c b/linux-user/syscall.c index 917c388073..bb864c2bb3 100644 --- a/linux-user/syscall.c +++ b/linux-user/syscall.c @@ -8531,9 +8531,11 @@ static int open_cpuinfo(CPUArchState *cpu_env, int fd) } #endif -int do_guest_openat(CPUArchState *cpu_env, int dirfd, const char *pathname, +int do_guest_openat(CPUArchState *cpu_env, int dirfd, const char *fname, int flags, mode_t mode, bool safe) { + char proc_name[PATH_MAX]; + const char *pathname; struct fake_open { const char *filename; int (*fill)(CPUArchState *cpu_env, int fd); @@ -8560,6 +8562,13 @@ int do_guest_openat(CPUArchState *cpu_env, int dirfd, const char *pathname, { NULL, NULL, NULL } }; + /* if this is a file from /proc/ filesystem, expand full name */ + if (realpath(fname, proc_name) && strncmp(proc_name, "/proc/", 6) == 0) { + pathname = proc_name; + } else { + pathname = fname; + } + if (is_proc_myself(pathname, "exe")) { if (safe) { return safe_openat(dirfd, exec_path, flags, mode);
In qemu we catch accesses to files like /proc/cpuinfo or /proc/net/route and return to the guest contents which would be visible on a real system (instead what the host would show). This patch fixes a bug, where for example the accesses cat /proc////cpuinfo or cd /proc && cat cpuinfo will not be recognized by qemu and where qemu will wrongly show the contents of the host's /proc/cpuinfo file. Signed-off-by: Helge Deller <deller@gmx.de>