diff options
-rw-r--r-- | hw/file-op-9p.h | 1 | ||||
-rw-r--r-- | hw/virtio-9p-local.c | 17 | ||||
-rw-r--r-- | hw/virtio-9p.c | 25 |
3 files changed, 38 insertions, 5 deletions
diff --git a/hw/file-op-9p.h b/hw/file-op-9p.h index 017183d142..d91b7e7996 100644 --- a/hw/file-op-9p.h +++ b/hw/file-op-9p.h @@ -91,6 +91,7 @@ typedef struct FileOperations ssize_t (*llistxattr)(FsContext *, const char *, void *, size_t); int (*lsetxattr)(FsContext *, const char *, const char *, void *, size_t, int); + int (*lremovexattr)(FsContext *, const char *, const char *); void *opaque; } FileOperations; #endif diff --git a/hw/virtio-9p-local.c b/hw/virtio-9p-local.c index 132816e607..57f92433d3 100644 --- a/hw/virtio-9p-local.c +++ b/hw/virtio-9p-local.c @@ -581,6 +581,22 @@ static int local_lsetxattr(FsContext *ctx, const char *path, const char *name, return lsetxattr(rpath(ctx, path), name, value, size, flags); } +static int local_lremovexattr(FsContext *ctx, + const char *path, const char *name) +{ + if ((ctx->fs_sm == SM_MAPPED) && + (strncmp(name, "user.virtfs.", 12) == 0)) { + /* + * Don't allow fetch of user.virtfs namesapce + * in case of mapped security + */ + errno = EACCES; + return -1; + } + return lremovexattr(rpath(ctx, path), name); +} + + FileOperations local_ops = { .lstat = local_lstat, .readlink = local_readlink, @@ -612,4 +628,5 @@ FileOperations local_ops = { .lgetxattr = local_lgetxattr, .llistxattr = local_llistxattr, .lsetxattr = local_lsetxattr, + .lremovexattr = local_lremovexattr, }; diff --git a/hw/virtio-9p.c b/hw/virtio-9p.c index a53b2225e6..eb7ae01af5 100644 --- a/hw/virtio-9p.c +++ b/hw/virtio-9p.c @@ -286,6 +286,14 @@ static int v9fs_do_lsetxattr(V9fsState *s, V9fsString *path, xattr_name->data, value, size, flags); } +static int v9fs_do_lremovexattr(V9fsState *s, V9fsString *path, + V9fsString *xattr_name) +{ + return s->ops->lremovexattr(&s->ctx, path->data, + xattr_name->data); +} + + static void v9fs_string_init(V9fsString *str) { str->data = NULL; @@ -456,10 +464,14 @@ static int v9fs_xattr_fid_clunk(V9fsState *s, V9fsFidState *fidp) retval = -EINVAL; goto free_out; } - retval = v9fs_do_lsetxattr(s, &fidp->path, &fidp->fs.xattr.name, - fidp->fs.xattr.value, - fidp->fs.xattr.len, - fidp->fs.xattr.flags); + if (fidp->fs.xattr.len) { + retval = v9fs_do_lsetxattr(s, &fidp->path, &fidp->fs.xattr.name, + fidp->fs.xattr.value, + fidp->fs.xattr.len, + fidp->fs.xattr.flags); + } else { + retval = v9fs_do_lremovexattr(s, &fidp->path, &fidp->fs.xattr.name); + } free_out: v9fs_string_free(&fidp->fs.xattr.name); free_value: @@ -3392,7 +3404,10 @@ static void v9fs_xattrcreate(V9fsState *s, V9fsPDU *pdu) vs->xattr_fidp->fs.xattr.flags = flags; v9fs_string_init(&vs->xattr_fidp->fs.xattr.name); v9fs_string_copy(&vs->xattr_fidp->fs.xattr.name, &vs->name); - vs->xattr_fidp->fs.xattr.value = qemu_malloc(vs->size); + if (vs->size) + vs->xattr_fidp->fs.xattr.value = qemu_malloc(vs->size); + else + vs->xattr_fidp->fs.xattr.value = NULL; out: complete_pdu(s, vs->pdu, err); |