aboutsummaryrefslogtreecommitdiff
path: root/hw/9pfs/9p-xattr.c
AgeCommit message (Collapse)Author
2017-04-109pfs: xattr: fix memory leak in v9fs_list_xattrLi Qiang
Free 'orig_value' in error path. Signed-off-by: Li Qiang <liqiang6-s@360.cn> Signed-off-by: Greg Kurz <groug@kaod.org>
2017-02-289pfs: local: lremovexattr: don't follow symlinksGreg Kurz
The local_lremovexattr() callback is vulnerable to symlink attacks because it calls lremovexattr() which follows symbolic links in all path elements but the rightmost one. This patch introduces a helper to emulate the non-existing fremovexattrat() function: it is implemented with /proc/self/fd which provides a trusted path that can be safely passed to lremovexattr(). local_lremovexattr() is converted to use this helper and opendir_nofollow(). This partly fixes CVE-2016-9602. Signed-off-by: Greg Kurz <groug@kaod.org> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
2017-02-289pfs: local: lsetxattr: don't follow symlinksGreg Kurz
The local_lsetxattr() callback is vulnerable to symlink attacks because it calls lsetxattr() which follows symbolic links in all path elements but the rightmost one. This patch introduces a helper to emulate the non-existing fsetxattrat() function: it is implemented with /proc/self/fd which provides a trusted path that can be safely passed to lsetxattr(). local_lsetxattr() is converted to use this helper and opendir_nofollow(). This partly fixes CVE-2016-9602. Signed-off-by: Greg Kurz <groug@kaod.org> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
2017-02-289pfs: local: llistxattr: don't follow symlinksGreg Kurz
The local_llistxattr() callback is vulnerable to symlink attacks because it calls llistxattr() which follows symbolic links in all path elements but the rightmost one. This patch introduces a helper to emulate the non-existing flistxattrat() function: it is implemented with /proc/self/fd which provides a trusted path that can be safely passed to llistxattr(). local_llistxattr() is converted to use this helper and opendir_nofollow(). This partly fixes CVE-2016-9602. Signed-off-by: Greg Kurz <groug@kaod.org> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
2017-02-289pfs: local: lgetxattr: don't follow symlinksGreg Kurz
The local_lgetxattr() callback is vulnerable to symlink attacks because it calls lgetxattr() which follows symbolic links in all path elements but the rightmost one. This patch introduces a helper to emulate the non-existing fgetxattrat() function: it is implemented with /proc/self/fd which provides a trusted path that can be safely passed to lgetxattr(). local_lgetxattr() is converted to use this helper and opendir_nofollow(). This partly fixes CVE-2016-9602. Signed-off-by: Greg Kurz <groug@kaod.org> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
2017-02-289pfs: local: move xattr security ops to 9p-xattr.cGreg Kurz
These functions are always called indirectly. It really doesn't make sense for them to sit in a header file. Signed-off-by: Greg Kurz <groug@kaod.org> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-01-299pfs: Clean up includesPeter Maydell
Clean up includes so that osdep.h is included first and headers which it implies are not included manually. This commit was created with scripts/clean-includes. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1453832250-766-18-git-send-email-peter.maydell@linaro.org
2016-01-089pfs: break out 9p.h from virtio-9p.hWei Liu
Move out generic definitions from virtio-9p.h to 9p.h. Fix header inclusions. Signed-off-by: Wei Liu <wei.liu2@citrix.com> Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
2016-01-089pfs: rename virtio-9p-xattr{,-user}.{c,h} to 9p-xattr{,-user}.{c,h}Wei Liu
These three files are not virtio specific. Rename them to generic names. Fix comments and header inclusion in various files. Signed-off-by: Wei Liu <wei.liu2@citrix.com> Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>