diff options
Diffstat (limited to 'hw/virtio-9p-local.c')
| -rw-r--r-- | hw/virtio-9p-local.c | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/hw/virtio-9p-local.c b/hw/virtio-9p-local.c index 132816e607..57f92433d3 100644 --- a/hw/virtio-9p-local.c +++ b/hw/virtio-9p-local.c @@ -581,6 +581,22 @@ static int local_lsetxattr(FsContext *ctx, const char *path, const char *name, return lsetxattr(rpath(ctx, path), name, value, size, flags); } +static int local_lremovexattr(FsContext *ctx, + const char *path, const char *name) +{ + if ((ctx->fs_sm == SM_MAPPED) && + (strncmp(name, "user.virtfs.", 12) == 0)) { + /* + * Don't allow fetch of user.virtfs namesapce + * in case of mapped security + */ + errno = EACCES; + return -1; + } + return lremovexattr(rpath(ctx, path), name); +} + + FileOperations local_ops = { .lstat = local_lstat, .readlink = local_readlink, @@ -612,4 +628,5 @@ FileOperations local_ops = { .lgetxattr = local_lgetxattr, .llistxattr = local_llistxattr, .lsetxattr = local_lsetxattr, + .lremovexattr = local_lremovexattr, }; |