virtio-9p: Add SM_NONE security model

This is equivalent to SM_PASSTHROUGH security model. The only exception is, failure of privilige operation like chown are ignored. This makes a passthrough like security model usable for people who runs kvm as non root Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
author: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com> 2010-09-02 11:09:07 +0530
committer: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com> 2010-09-08 22:56:42 +0530
commit: 12848bfc5d719bad536c5448205a3226be1fda47 (patch)
tree: effc981bb557fd172a70e06eef5596cb17be51e0 /hw/virtio-9p-local.c
parent: 61b6c4994a6e4a8adf3bd0950fc4f6a2d23c0c1f (diff)
download: hqemu-12848bfc5d719bad536c5448205a3226be1fda47.zip
hqemu-12848bfc5d719bad536c5448205a3226be1fda47.tar.gz
1 files changed, 30 insertions, 10 deletions
diff --git a/hw/virtio-9p-local.c b/hw/virtio-9p-local.c
index 3fc1712..58e7647 100644
--- a/hw/virtio-9p-local.c
+++ b/hw/virtio-9p-local.c
@@ -102,7 +102,13 @@ static int local_post_create_passthrough(FsContext *fs_ctx, const char *path,
         return -1;
     }
     if (chown(rpath(fs_ctx, path), credp->fc_uid, credp->fc_gid) < 0) {
-        return -1;
+        /*
+         * If we fail to change ownership and if we are
+         * using security model none. Ignore the error
+         */
+        if (fs_ctx->fs_sm != SM_NONE) {
+            return -1;
+        }
     }
     return 0;
 }
@@ -122,7 +128,8 @@ static ssize_t local_readlink(FsContext *fs_ctx, const char *path,
         } while (tsize == -1 && errno == EINTR);
         close(fd);
         return tsize;
-    } else if (fs_ctx->fs_sm == SM_PASSTHROUGH) {
+    } else if ((fs_ctx->fs_sm == SM_PASSTHROUGH) ||
+               (fs_ctx->fs_sm == SM_NONE)) {
         tsize = readlink(rpath(fs_ctx, path), buf, bufsz);
     }
     return tsize;
@@ -189,7 +196,8 @@ static int local_chmod(FsContext *fs_ctx, const char *path, FsCred *credp)
 {
     if (fs_ctx->fs_sm == SM_MAPPED) {
         return local_set_xattr(rpath(fs_ctx, path), credp);
-    } else if (fs_ctx->fs_sm == SM_PASSTHROUGH) {
+    } else if ((fs_ctx->fs_sm == SM_PASSTHROUGH) ||
+               (fs_ctx->fs_sm == SM_NONE)) {
         return chmod(rpath(fs_ctx, path), credp->fc_mode);
     }
     return -1;
@@ -211,7 +219,8 @@ static int local_mknod(FsContext *fs_ctx, const char *path, FsCred *credp)
             serrno = errno;
             goto err_end;
         }
-    } else if (fs_ctx->fs_sm == SM_PASSTHROUGH) {
+    } else if ((fs_ctx->fs_sm == SM_PASSTHROUGH) ||
+               (fs_ctx->fs_sm == SM_NONE)) {
         err = mknod(rpath(fs_ctx, path), credp->fc_mode, credp->fc_rdev);
         if (err == -1) {
             return err;
@@ -247,7 +256,8 @@ static int local_mkdir(FsContext *fs_ctx, const char *path, FsCred *credp)
             serrno = errno;
             goto err_end;
         }
-    } else if (fs_ctx->fs_sm == SM_PASSTHROUGH) {
+    } else if ((fs_ctx->fs_sm == SM_PASSTHROUGH) ||
+               (fs_ctx->fs_sm == SM_NONE)) {
         err = mkdir(rpath(fs_ctx, path), credp->fc_mode);
         if (err == -1) {
             return err;
@@ -316,7 +326,8 @@ static int local_open2(FsContext *fs_ctx, const char *path, int flags,
             serrno = errno;
             goto err_end;
         }
-    } else if (fs_ctx->fs_sm == SM_PASSTHROUGH) {
+    } else if ((fs_ctx->fs_sm == SM_PASSTHROUGH) ||
+               (fs_ctx->fs_sm == SM_NONE)) {
         fd = open(rpath(fs_ctx, path), flags, credp->fc_mode);
         if (fd == -1) {
             return fd;
@@ -372,15 +383,23 @@ static int local_symlink(FsContext *fs_ctx, const char *oldpath,
             serrno = errno;
             goto err_end;
         }
-    } else if (fs_ctx->fs_sm == SM_PASSTHROUGH) {
+    } else if ((fs_ctx->fs_sm == SM_PASSTHROUGH) ||
+               (fs_ctx->fs_sm == SM_NONE)) {
         err = symlink(oldpath, rpath(fs_ctx, newpath));
         if (err) {
             return err;
         }
         err = lchown(rpath(fs_ctx, newpath), credp->fc_uid, credp->fc_gid);
         if (err == -1) {
-            serrno = errno;
-            goto err_end;
+            /*
+             * If we fail to change ownership and if we are
+             * using security model none. Ignore the error
+             */
+            if (fs_ctx->fs_sm != SM_NONE) {
+                serrno = errno;
+                goto err_end;
+            } else
+                err = 0;
         }
     }
     return err;
@@ -447,7 +466,8 @@ static int local_chown(FsContext *fs_ctx, const char *path, FsCred *credp)
         return lchown(rpath(fs_ctx, path), credp->fc_uid, credp->fc_gid);
     } else if (fs_ctx->fs_sm == SM_MAPPED) {
         return local_set_xattr(rpath(fs_ctx, path), credp);
-    } else if (fs_ctx->fs_sm == SM_PASSTHROUGH) {
+    } else if ((fs_ctx->fs_sm == SM_PASSTHROUGH) ||
+               (fs_ctx->fs_sm == SM_NONE)) {
         return lchown(rpath(fs_ctx, path), credp->fc_uid, credp->fc_gid);
     }
     return -1;
author	Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>	2010-09-02 11:09:07 +0530
committer	Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>	2010-09-08 22:56:42 +0530
commit	12848bfc5d719bad536c5448205a3226be1fda47 (patch)
tree	effc981bb557fd172a70e06eef5596cb17be51e0 /hw/virtio-9p-local.c
parent	61b6c4994a6e4a8adf3bd0950fc4f6a2d23c0c1f (diff)
download	hqemu-12848bfc5d719bad536c5448205a3226be1fda47.zip hqemu-12848bfc5d719bad536c5448205a3226be1fda47.tar.gz