File 0329-9pfs-rename-virtio-9p-posix-acl.c-t.patch of Package qemu

Overview Repositories Revisions Requests Users Attributes Meta

File 0329-9pfs-rename-virtio-9p-posix-acl.c-t.patch of Package qemu

From d019b4969298c87fb135da51f3c46eb4c0424dd9 Mon Sep 17 00:00:00 2001
From: Wei Liu <wei.liu2@citrix.com>
Date: Wed, 18 Nov 2015 18:10:47 +0000
Subject: [PATCH] 9pfs: rename virtio-9p-posix-acl.c to 9p-posix-acl.c

This file is not virtio specific. Rename it to use generic name.

Fix comment and remove unneeded inclusion of virtio.h.

Signed-off-by: Wei Liu <wei.liu2@citrix.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
(cherry picked from commit d57b78002cd1a32f8382fc818da3940df69ff81a)
[BR: Fix and/or infrastructure for BSC#1020427 CVE-2016-9602]
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
 hw/9pfs/9p-posix-acl.c        | 184 +++++++++++++++++++++++++++++++++
 hw/9pfs/Makefile.objs         |   2 +-
 hw/9pfs/virtio-9p-posix-acl.c | 185 ----------------------------------
 3 files changed, 185 insertions(+), 186 deletions(-)

diff --git a/hw/9pfs/9p-posix-acl.c b/hw/9pfs/9p-posix-acl.c
new file mode 100644
index 0000000000..517b5fc50d
--- /dev/null
+++ b/hw/9pfs/9p-posix-acl.c
@@ -0,0 +1,184 @@
+/*
+ * 9p system.posix* xattr callback
+ *
+ * Copyright IBM, Corp. 2010
+ *
+ * Authors:
+ * Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2.  See
+ * the COPYING file in the top-level directory.
+ *
+ */
+
+#include <sys/types.h>
+#include "qemu/xattr.h"
+#include "virtio-9p.h"
+#include "fsdev/file-op-9p.h"
+#include "virtio-9p-xattr.h"
+
+#define MAP_ACL_ACCESS "user.virtfs.system.posix_acl_access"
+#define MAP_ACL_DEFAULT "user.virtfs.system.posix_acl_default"
+#define ACL_ACCESS "system.posix_acl_access"
+#define ACL_DEFAULT "system.posix_acl_default"
+
+static ssize_t mp_pacl_getxattr(FsContext *ctx, const char *path,
+                                const char *name, void *value, size_t size)
+{
+    char *buffer;
+    ssize_t ret;
+
+    buffer = rpath(ctx, path);
+    ret = lgetxattr(buffer, MAP_ACL_ACCESS, value, size);
+    g_free(buffer);
+    return ret;
+}
+
+static ssize_t mp_pacl_listxattr(FsContext *ctx, const char *path,
+                                 char *name, void *value, size_t osize)
+{
+    ssize_t len = sizeof(ACL_ACCESS);
+
+    if (!value) {
+        return len;
+    }
+
+    if (osize < len) {
+        errno = ERANGE;
+        return -1;
+    }
+
+    /* len includes the trailing NUL */
+    memcpy(value, ACL_ACCESS, len);
+    return 0;
+}
+
+static int mp_pacl_setxattr(FsContext *ctx, const char *path, const char *name,
+                            void *value, size_t size, int flags)
+{
+    char *buffer;
+    int ret;
+
+    buffer = rpath(ctx, path);
+    ret = lsetxattr(buffer, MAP_ACL_ACCESS, value, size, flags);
+    g_free(buffer);
+    return ret;
+}
+
+static int mp_pacl_removexattr(FsContext *ctx,
+                               const char *path, const char *name)
+{
+    int ret;
+    char *buffer;
+
+    buffer = rpath(ctx, path);
+    ret  = lremovexattr(buffer, MAP_ACL_ACCESS);
+    if (ret == -1 && errno == ENODATA) {
+        /*
+         * We don't get ENODATA error when trying to remove a
+         * posix acl that is not present. So don't throw the error
+         * even in case of mapped security model
+         */
+        errno = 0;
+        ret = 0;
+    }
+    g_free(buffer);
+    return ret;
+}
+
+static ssize_t mp_dacl_getxattr(FsContext *ctx, const char *path,
+                                const char *name, void *value, size_t size)
+{
+    char *buffer;
+    ssize_t ret;
+
+    buffer = rpath(ctx, path);
+    ret = lgetxattr(buffer, MAP_ACL_DEFAULT, value, size);
+    g_free(buffer);
+    return ret;
+}
+
+static ssize_t mp_dacl_listxattr(FsContext *ctx, const char *path,
+                                 char *name, void *value, size_t osize)
+{
+    ssize_t len = sizeof(ACL_DEFAULT);
+
+    if (!value) {
+        return len;
+    }
+
+    if (osize < len) {
+        errno = ERANGE;
+        return -1;
+    }
+
+    /* len includes the trailing NUL */
+    memcpy(value, ACL_ACCESS, len);
+    return 0;
+}
+
+static int mp_dacl_setxattr(FsContext *ctx, const char *path, const char *name,
+                            void *value, size_t size, int flags)
+{
+    char *buffer;
+    int ret;
+
+    buffer = rpath(ctx, path);
+    ret = lsetxattr(buffer, MAP_ACL_DEFAULT, value, size, flags);
+    g_free(buffer);
+    return ret;
+}
+
+static int mp_dacl_removexattr(FsContext *ctx,
+                               const char *path, const char *name)
+{
+    int ret;
+    char *buffer;
+
+    buffer = rpath(ctx, path);
+    ret  = lremovexattr(buffer, MAP_ACL_DEFAULT);
+    if (ret == -1 && errno == ENODATA) {
+        /*
+         * We don't get ENODATA error when trying to remove a
+         * posix acl that is not present. So don't throw the error
+         * even in case of mapped security model
+         */
+        errno = 0;
+        ret = 0;
+    }
+    g_free(buffer);
+    return ret;
+}
+
+
+XattrOperations mapped_pacl_xattr = {
+    .name = "system.posix_acl_access",
+    .getxattr = mp_pacl_getxattr,
+    .setxattr = mp_pacl_setxattr,
+    .listxattr = mp_pacl_listxattr,
+    .removexattr = mp_pacl_removexattr,
+};
+
+XattrOperations mapped_dacl_xattr = {
+    .name = "system.posix_acl_default",
+    .getxattr = mp_dacl_getxattr,
+    .setxattr = mp_dacl_setxattr,
+    .listxattr = mp_dacl_listxattr,
+    .removexattr = mp_dacl_removexattr,
+};
+
+XattrOperations passthrough_acl_xattr = {
+    .name = "system.posix_acl_",
+    .getxattr = pt_getxattr,
+    .setxattr = pt_setxattr,
+    .listxattr = pt_listxattr,
+    .removexattr = pt_removexattr,
+};
+
+XattrOperations none_acl_xattr = {
+    .name = "system.posix_acl_",
+    .getxattr = notsup_getxattr,
+    .setxattr = notsup_setxattr,
+    .listxattr = notsup_listxattr,
+    .removexattr = notsup_removexattr,
+};
diff --git a/hw/9pfs/Makefile.objs b/hw/9pfs/Makefile.objs
index 7342c76341..a147e88469 100644
--- a/hw/9pfs/Makefile.objs
+++ b/hw/9pfs/Makefile.objs
@@ -1,6 +1,6 @@
 common-obj-y  = virtio-9p.o
 common-obj-y += 9p-local.o virtio-9p-xattr.o
-common-obj-y += virtio-9p-xattr-user.o virtio-9p-posix-acl.o
+common-obj-y += virtio-9p-xattr-user.o 9p-posix-acl.o
 common-obj-y += virtio-9p-coth.o cofs.o codir.o cofile.o
 common-obj-y += coxattr.o virtio-9p-synth.o
 common-obj-$(CONFIG_OPEN_BY_HANDLE) +=  9p-handle.o
diff --git a/hw/9pfs/virtio-9p-posix-acl.c b/hw/9pfs/virtio-9p-posix-acl.c
deleted file mode 100644
index 803d9d94f3..0000000000
--- a/hw/9pfs/virtio-9p-posix-acl.c
+++ /dev/null
@@ -1,185 +0,0 @@
-/*
- * Virtio 9p system.posix* xattr callback
- *
- * Copyright IBM, Corp. 2010
- *
- * Authors:
- * Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
- *
- * This work is licensed under the terms of the GNU GPL, version 2.  See
- * the COPYING file in the top-level directory.
- *
- */
-
-#include <sys/types.h>
-#include "qemu/xattr.h"
-#include "hw/virtio/virtio.h"
-#include "virtio-9p.h"
-#include "fsdev/file-op-9p.h"
-#include "virtio-9p-xattr.h"
-
-#define MAP_ACL_ACCESS "user.virtfs.system.posix_acl_access"
-#define MAP_ACL_DEFAULT "user.virtfs.system.posix_acl_default"
-#define ACL_ACCESS "system.posix_acl_access"
-#define ACL_DEFAULT "system.posix_acl_default"
-
-static ssize_t mp_pacl_getxattr(FsContext *ctx, const char *path,
-                                const char *name, void *value, size_t size)
-{
-    char *buffer;
-    ssize_t ret;
-
-    buffer = rpath(ctx, path);
-    ret = lgetxattr(buffer, MAP_ACL_ACCESS, value, size);
-    g_free(buffer);
-    return ret;
-}
-
-static ssize_t mp_pacl_listxattr(FsContext *ctx, const char *path,
-                                 char *name, void *value, size_t osize)
-{
-    ssize_t len = sizeof(ACL_ACCESS);
-
-    if (!value) {
-        return len;
-    }
-
-    if (osize < len) {
-        errno = ERANGE;
-        return -1;
-    }
-
-    /* len includes the trailing NUL */
-    memcpy(value, ACL_ACCESS, len);
-    return 0;
-}
-
-static int mp_pacl_setxattr(FsContext *ctx, const char *path, const char *name,
-                            void *value, size_t size, int flags)
-{
-    char *buffer;
-    int ret;
-
-    buffer = rpath(ctx, path);
-    ret = lsetxattr(buffer, MAP_ACL_ACCESS, value, size, flags);
-    g_free(buffer);
-    return ret;
-}
-
-static int mp_pacl_removexattr(FsContext *ctx,
-                               const char *path, const char *name)
-{
-    int ret;
-    char *buffer;
-
-    buffer = rpath(ctx, path);
-    ret  = lremovexattr(buffer, MAP_ACL_ACCESS);
-    if (ret == -1 && errno == ENODATA) {
-        /*
-         * We don't get ENODATA error when trying to remove a
-         * posix acl that is not present. So don't throw the error
-         * even in case of mapped security model
-         */
-        errno = 0;
-        ret = 0;
-    }
-    g_free(buffer);
-    return ret;
-}
-
-static ssize_t mp_dacl_getxattr(FsContext *ctx, const char *path,
-                                const char *name, void *value, size_t size)
-{
-    char *buffer;
-    ssize_t ret;
-
-    buffer = rpath(ctx, path);
-    ret = lgetxattr(buffer, MAP_ACL_DEFAULT, value, size);
-    g_free(buffer);
-    return ret;
-}
-
-static ssize_t mp_dacl_listxattr(FsContext *ctx, const char *path,
-                                 char *name, void *value, size_t osize)
-{
-    ssize_t len = sizeof(ACL_DEFAULT);
-
-    if (!value) {
-        return len;
-    }
-
-    if (osize < len) {
-        errno = ERANGE;
-        return -1;
-    }
-
-    /* len includes the trailing NUL */
-    memcpy(value, ACL_ACCESS, len);
-    return 0;
-}
-
-static int mp_dacl_setxattr(FsContext *ctx, const char *path, const char *name,
-                            void *value, size_t size, int flags)
-{
-    char *buffer;
-    int ret;
-
-    buffer = rpath(ctx, path);
-    ret = lsetxattr(buffer, MAP_ACL_DEFAULT, value, size, flags);
-    g_free(buffer);
-    return ret;
-}
-
-static int mp_dacl_removexattr(FsContext *ctx,
-                               const char *path, const char *name)
-{
-    int ret;
-    char *buffer;
-
-    buffer = rpath(ctx, path);
-    ret  = lremovexattr(buffer, MAP_ACL_DEFAULT);
-    if (ret == -1 && errno == ENODATA) {
-        /*
-         * We don't get ENODATA error when trying to remove a
-         * posix acl that is not present. So don't throw the error
-         * even in case of mapped security model
-         */
-        errno = 0;
-        ret = 0;
-    }
-    g_free(buffer);
-    return ret;
-}
-
-
-XattrOperations mapped_pacl_xattr = {
-    .name = "system.posix_acl_access",
-    .getxattr = mp_pacl_getxattr,
-    .setxattr = mp_pacl_setxattr,
-    .listxattr = mp_pacl_listxattr,
-    .removexattr = mp_pacl_removexattr,
-};
-
-XattrOperations mapped_dacl_xattr = {
-    .name = "system.posix_acl_default",
-    .getxattr = mp_dacl_getxattr,
-    .setxattr = mp_dacl_setxattr,
-    .listxattr = mp_dacl_listxattr,
-    .removexattr = mp_dacl_removexattr,
-};
-
-XattrOperations passthrough_acl_xattr = {
-    .name = "system.posix_acl_",
-    .getxattr = pt_getxattr,
-    .setxattr = pt_setxattr,
-    .listxattr = pt_listxattr,
-    .removexattr = pt_removexattr,
-};
-
-XattrOperations none_acl_xattr = {
-    .name = "system.posix_acl_",
-    .getxattr = notsup_getxattr,
-    .setxattr = notsup_setxattr,
-    .listxattr = notsup_listxattr,
-    .removexattr = notsup_removexattr,
-};

Places

File 0329-9pfs-rename-virtio-9p-posix-acl.c-t.patch of Package qemu

Places