]>
Commit | Line | Data |
---|---|---|
17bff52b MK |
1 | /* |
2 | * Helper for QEMU Proxy FS Driver | |
3 | * Copyright IBM, Corp. 2011 | |
4 | * | |
5 | * Authors: | |
6 | * M. Mohan Kumar <mohan@in.ibm.com> | |
7 | * | |
8 | * This work is licensed under the terms of the GNU GPL, version 2. See | |
9 | * the COPYING file in the top-level directory. | |
10 | */ | |
11 | #include <stdio.h> | |
daf0b9ac | 12 | #include <sys/socket.h> |
17bff52b MK |
13 | #include <string.h> |
14 | #include <sys/un.h> | |
15 | #include <limits.h> | |
16 | #include <signal.h> | |
17 | #include <errno.h> | |
18 | #include <stdlib.h> | |
19 | #include <sys/resource.h> | |
20 | #include <sys/stat.h> | |
21 | #include <getopt.h> | |
22 | #include <unistd.h> | |
23 | #include <syslog.h> | |
24 | #include <sys/capability.h> | |
25 | #include <sys/fsuid.h> | |
26 | #include <stdarg.h> | |
27 | #include <stdbool.h> | |
b178adc3 MK |
28 | #include <sys/vfs.h> |
29 | #include <sys/stat.h> | |
d52b09e4 | 30 | #include <attr/xattr.h> |
d090e452 MK |
31 | #include <sys/ioctl.h> |
32 | #include <linux/fs.h> | |
33 | #ifdef CONFIG_LINUX_MAGIC_H | |
34 | #include <linux/magic.h> | |
35 | #endif | |
17bff52b MK |
36 | #include "qemu-common.h" |
37 | #include "virtio-9p-marshal.h" | |
38 | #include "hw/9pfs/virtio-9p-proxy.h" | |
daf0b9ac | 39 | #include "fsdev/virtio-9p-marshal.h" |
17bff52b MK |
40 | |
41 | #define PROGNAME "virtfs-proxy-helper" | |
42 | ||
d090e452 MK |
43 | #ifndef XFS_SUPER_MAGIC |
44 | #define XFS_SUPER_MAGIC 0x58465342 | |
45 | #endif | |
46 | #ifndef EXT2_SUPER_MAGIC | |
47 | #define EXT2_SUPER_MAGIC 0xEF53 | |
48 | #endif | |
49 | #ifndef REISERFS_SUPER_MAGIC | |
50 | #define REISERFS_SUPER_MAGIC 0x52654973 | |
51 | #endif | |
52 | #ifndef BTRFS_SUPER_MAGIC | |
53 | #define BTRFS_SUPER_MAGIC 0x9123683E | |
54 | #endif | |
55 | ||
17bff52b MK |
56 | static struct option helper_opts[] = { |
57 | {"fd", required_argument, NULL, 'f'}, | |
58 | {"path", required_argument, NULL, 'p'}, | |
59 | {"nodaemon", no_argument, NULL, 'n'}, | |
60 | }; | |
61 | ||
62 | static bool is_daemon; | |
d090e452 | 63 | static bool get_version; /* IOC getversion IOCTL supported */ |
17bff52b MK |
64 | |
65 | static void do_log(int loglevel, const char *format, ...) | |
66 | { | |
67 | va_list ap; | |
68 | ||
69 | va_start(ap, format); | |
70 | if (is_daemon) { | |
71 | vsyslog(LOG_CRIT, format, ap); | |
72 | } else { | |
73 | vfprintf(stderr, format, ap); | |
74 | } | |
75 | va_end(ap); | |
76 | } | |
77 | ||
78 | static void do_perror(const char *string) | |
79 | { | |
80 | if (is_daemon) { | |
81 | syslog(LOG_CRIT, "%s:%s", string, strerror(errno)); | |
82 | } else { | |
83 | fprintf(stderr, "%s:%s\n", string, strerror(errno)); | |
84 | } | |
85 | } | |
86 | ||
87 | static int do_cap_set(cap_value_t *cap_value, int size, int reset) | |
88 | { | |
89 | cap_t caps; | |
90 | if (reset) { | |
91 | /* | |
92 | * Start with an empty set and set permitted and effective | |
93 | */ | |
94 | caps = cap_init(); | |
95 | if (caps == NULL) { | |
96 | do_perror("cap_init"); | |
97 | return -1; | |
98 | } | |
99 | if (cap_set_flag(caps, CAP_PERMITTED, size, cap_value, CAP_SET) < 0) { | |
100 | do_perror("cap_set_flag"); | |
101 | goto error; | |
102 | } | |
103 | } else { | |
104 | caps = cap_get_proc(); | |
105 | if (!caps) { | |
106 | do_perror("cap_get_proc"); | |
107 | return -1; | |
108 | } | |
109 | } | |
110 | if (cap_set_flag(caps, CAP_EFFECTIVE, size, cap_value, CAP_SET) < 0) { | |
111 | do_perror("cap_set_flag"); | |
112 | goto error; | |
113 | } | |
114 | if (cap_set_proc(caps) < 0) { | |
115 | do_perror("cap_set_proc"); | |
116 | goto error; | |
117 | } | |
118 | cap_free(caps); | |
119 | return 0; | |
120 | ||
121 | error: | |
122 | cap_free(caps); | |
123 | return -1; | |
124 | } | |
125 | ||
126 | static int init_capabilities(void) | |
127 | { | |
128 | /* helper needs following capbabilities only */ | |
129 | cap_value_t cap_list[] = { | |
130 | CAP_CHOWN, | |
131 | CAP_DAC_OVERRIDE, | |
132 | CAP_FOWNER, | |
133 | CAP_FSETID, | |
134 | CAP_SETGID, | |
135 | CAP_MKNOD, | |
136 | CAP_SETUID, | |
137 | }; | |
138 | return do_cap_set(cap_list, ARRAY_SIZE(cap_list), 1); | |
139 | } | |
140 | ||
141 | static int socket_read(int sockfd, void *buff, ssize_t size) | |
142 | { | |
143 | ssize_t retval, total = 0; | |
144 | ||
145 | while (size) { | |
146 | retval = read(sockfd, buff, size); | |
147 | if (retval == 0) { | |
148 | return -EIO; | |
149 | } | |
150 | if (retval < 0) { | |
151 | if (errno == EINTR) { | |
152 | continue; | |
153 | } | |
154 | return -errno; | |
155 | } | |
156 | size -= retval; | |
157 | buff += retval; | |
158 | total += retval; | |
159 | } | |
160 | return total; | |
161 | } | |
162 | ||
163 | static int socket_write(int sockfd, void *buff, ssize_t size) | |
164 | { | |
165 | ssize_t retval, total = 0; | |
166 | ||
167 | while (size) { | |
168 | retval = write(sockfd, buff, size); | |
169 | if (retval < 0) { | |
170 | if (errno == EINTR) { | |
171 | continue; | |
172 | } | |
173 | return -errno; | |
174 | } | |
175 | size -= retval; | |
176 | buff += retval; | |
177 | total += retval; | |
178 | } | |
179 | return total; | |
180 | } | |
181 | ||
182 | static int read_request(int sockfd, struct iovec *iovec, ProxyHeader *header) | |
183 | { | |
184 | int retval; | |
185 | ||
186 | /* | |
187 | * read the request header. | |
188 | */ | |
189 | iovec->iov_len = 0; | |
190 | retval = socket_read(sockfd, iovec->iov_base, PROXY_HDR_SZ); | |
191 | if (retval < 0) { | |
192 | return retval; | |
193 | } | |
194 | iovec->iov_len = PROXY_HDR_SZ; | |
195 | retval = proxy_unmarshal(iovec, 0, "dd", &header->type, &header->size); | |
196 | if (retval < 0) { | |
197 | return retval; | |
198 | } | |
199 | /* | |
200 | * We can't process message.size > PROXY_MAX_IO_SZ. | |
201 | * Treat it as fatal error | |
202 | */ | |
203 | if (header->size > PROXY_MAX_IO_SZ) { | |
204 | return -ENOBUFS; | |
205 | } | |
206 | retval = socket_read(sockfd, iovec->iov_base + PROXY_HDR_SZ, header->size); | |
207 | if (retval < 0) { | |
208 | return retval; | |
209 | } | |
210 | iovec->iov_len += header->size; | |
211 | return 0; | |
212 | } | |
213 | ||
daf0b9ac MK |
214 | static int send_fd(int sockfd, int fd) |
215 | { | |
216 | struct msghdr msg; | |
217 | struct iovec iov; | |
218 | int retval, data; | |
219 | struct cmsghdr *cmsg; | |
220 | union MsgControl msg_control; | |
221 | ||
222 | iov.iov_base = &data; | |
223 | iov.iov_len = sizeof(data); | |
224 | ||
225 | memset(&msg, 0, sizeof(msg)); | |
226 | msg.msg_iov = &iov; | |
227 | msg.msg_iovlen = 1; | |
228 | /* No ancillary data on error */ | |
229 | if (fd < 0) { | |
230 | /* fd is really negative errno if the request failed */ | |
231 | data = fd; | |
232 | } else { | |
233 | data = V9FS_FD_VALID; | |
234 | msg.msg_control = &msg_control; | |
235 | msg.msg_controllen = sizeof(msg_control); | |
236 | ||
237 | cmsg = &msg_control.cmsg; | |
238 | cmsg->cmsg_len = CMSG_LEN(sizeof(fd)); | |
239 | cmsg->cmsg_level = SOL_SOCKET; | |
240 | cmsg->cmsg_type = SCM_RIGHTS; | |
241 | memcpy(CMSG_DATA(cmsg), &fd, sizeof(fd)); | |
242 | } | |
243 | ||
244 | do { | |
245 | retval = sendmsg(sockfd, &msg, 0); | |
246 | } while (retval < 0 && errno == EINTR); | |
247 | if (fd >= 0) { | |
248 | close(fd); | |
249 | } | |
250 | if (retval < 0) { | |
251 | return retval; | |
252 | } | |
253 | return 0; | |
254 | } | |
255 | ||
39f8c32c MK |
256 | static int send_status(int sockfd, struct iovec *iovec, int status) |
257 | { | |
258 | ProxyHeader header; | |
259 | int retval, msg_size;; | |
260 | ||
261 | if (status < 0) { | |
262 | header.type = T_ERROR; | |
263 | } else { | |
264 | header.type = T_SUCCESS; | |
265 | } | |
266 | header.size = sizeof(status); | |
267 | /* | |
268 | * marshal the return status. We don't check error. | |
269 | * because we are sure we have enough space for the status | |
270 | */ | |
271 | msg_size = proxy_marshal(iovec, 0, "ddd", header.type, | |
272 | header.size, status); | |
273 | retval = socket_write(sockfd, iovec->iov_base, msg_size); | |
274 | if (retval < 0) { | |
275 | return retval; | |
276 | } | |
277 | return 0; | |
278 | } | |
279 | ||
daf0b9ac MK |
280 | /* |
281 | * from man 7 capabilities, section | |
282 | * Effect of User ID Changes on Capabilities: | |
283 | * 4. If the file system user ID is changed from 0 to nonzero (see setfsuid(2)) | |
284 | * then the following capabilities are cleared from the effective set: | |
285 | * CAP_CHOWN, CAP_DAC_OVERRIDE, CAP_DAC_READ_SEARCH, CAP_FOWNER, CAP_FSETID, | |
286 | * CAP_LINUX_IMMUTABLE (since Linux 2.2.30), CAP_MAC_OVERRIDE, and CAP_MKNOD | |
287 | * (since Linux 2.2.30). If the file system UID is changed from nonzero to 0, | |
288 | * then any of these capabilities that are enabled in the permitted set | |
289 | * are enabled in the effective set. | |
290 | */ | |
291 | static int setfsugid(int uid, int gid) | |
292 | { | |
293 | /* | |
294 | * We still need DAC_OVERRIDE because we don't change | |
295 | * supplementary group ids, and hence may be subjected DAC rules | |
296 | */ | |
297 | cap_value_t cap_list[] = { | |
298 | CAP_DAC_OVERRIDE, | |
299 | }; | |
300 | ||
301 | setfsgid(gid); | |
302 | setfsuid(uid); | |
303 | ||
304 | if (uid != 0 || gid != 0) { | |
305 | return do_cap_set(cap_list, ARRAY_SIZE(cap_list), 0); | |
306 | } | |
307 | return 0; | |
308 | } | |
309 | ||
b178adc3 MK |
310 | /* |
311 | * send response in two parts | |
312 | * 1) ProxyHeader | |
313 | * 2) Response or error status | |
314 | * This function should be called with marshaled response | |
315 | * send_response constructs header part and error part only. | |
316 | * send response sends {ProxyHeader,Response} if the request was success | |
317 | * otherwise sends {ProxyHeader,error status} | |
318 | */ | |
319 | static int send_response(int sock, struct iovec *iovec, int size) | |
320 | { | |
321 | int retval; | |
322 | ProxyHeader header; | |
323 | ||
324 | /* | |
325 | * If response size exceeds available iovec->iov_len, | |
326 | * we return ENOBUFS | |
327 | */ | |
328 | if (size > PROXY_MAX_IO_SZ) { | |
329 | size = -ENOBUFS; | |
330 | } | |
331 | ||
332 | if (size < 0) { | |
333 | /* | |
334 | * In case of error we would not have got the error encoded | |
335 | * already so encode the error here. | |
336 | */ | |
337 | header.type = T_ERROR; | |
338 | header.size = sizeof(size); | |
339 | proxy_marshal(iovec, PROXY_HDR_SZ, "d", size); | |
340 | } else { | |
341 | header.type = T_SUCCESS; | |
342 | header.size = size; | |
343 | } | |
344 | proxy_marshal(iovec, 0, "dd", header.type, header.size); | |
345 | retval = socket_write(sock, iovec->iov_base, header.size + PROXY_HDR_SZ); | |
346 | if (retval < 0) { | |
347 | return retval;; | |
348 | } | |
349 | return 0; | |
350 | } | |
351 | ||
d090e452 MK |
352 | /* |
353 | * gets generation number | |
354 | * returns -errno on failure and sizeof(generation number) on success | |
355 | */ | |
356 | static int do_getversion(struct iovec *iovec, struct iovec *out_iovec) | |
357 | { | |
358 | uint64_t version; | |
359 | int retval = -ENOTTY; | |
360 | #ifdef FS_IOC_GETVERSION | |
361 | int fd; | |
362 | V9fsString path; | |
363 | #endif | |
364 | ||
365 | ||
366 | /* no need to issue ioctl */ | |
367 | if (!get_version) { | |
368 | version = 0; | |
369 | retval = proxy_marshal(out_iovec, PROXY_HDR_SZ, "q", version); | |
370 | return retval; | |
371 | } | |
372 | #ifdef FS_IOC_GETVERSION | |
373 | retval = proxy_unmarshal(iovec, PROXY_HDR_SZ, "s", &path); | |
374 | if (retval < 0) { | |
375 | return retval; | |
376 | } | |
377 | ||
378 | fd = open(path.data, O_RDONLY); | |
379 | if (fd < 0) { | |
380 | retval = -errno; | |
381 | goto err_out; | |
382 | } | |
383 | if (ioctl(fd, FS_IOC_GETVERSION, &version) < 0) { | |
384 | retval = -errno; | |
385 | } else { | |
386 | retval = proxy_marshal(out_iovec, PROXY_HDR_SZ, "q", version); | |
387 | } | |
388 | close(fd); | |
389 | err_out: | |
390 | v9fs_string_free(&path); | |
391 | #endif | |
392 | return retval; | |
393 | } | |
394 | ||
d52b09e4 MK |
395 | static int do_getxattr(int type, struct iovec *iovec, struct iovec *out_iovec) |
396 | { | |
397 | int size = 0, offset, retval; | |
398 | V9fsString path, name, xattr; | |
399 | ||
400 | v9fs_string_init(&xattr); | |
401 | v9fs_string_init(&path); | |
402 | retval = proxy_unmarshal(iovec, PROXY_HDR_SZ, "ds", &size, &path); | |
403 | if (retval < 0) { | |
404 | return retval; | |
405 | } | |
406 | offset = PROXY_HDR_SZ + retval; | |
407 | ||
408 | if (size) { | |
409 | xattr.data = g_malloc(size); | |
410 | xattr.size = size; | |
411 | } | |
412 | switch (type) { | |
413 | case T_LGETXATTR: | |
414 | v9fs_string_init(&name); | |
415 | retval = proxy_unmarshal(iovec, offset, "s", &name); | |
416 | if (retval > 0) { | |
417 | retval = lgetxattr(path.data, name.data, xattr.data, size); | |
418 | if (retval < 0) { | |
419 | retval = -errno; | |
420 | } else { | |
421 | xattr.size = retval; | |
422 | } | |
423 | } | |
424 | v9fs_string_free(&name); | |
425 | break; | |
426 | case T_LLISTXATTR: | |
427 | retval = llistxattr(path.data, xattr.data, size); | |
428 | if (retval < 0) { | |
429 | retval = -errno; | |
430 | } else { | |
431 | xattr.size = retval; | |
432 | } | |
433 | break; | |
434 | } | |
435 | if (retval < 0) { | |
436 | goto err_out; | |
437 | } | |
438 | ||
439 | if (!size) { | |
440 | proxy_marshal(out_iovec, PROXY_HDR_SZ, "d", retval); | |
441 | retval = sizeof(retval); | |
442 | } else { | |
443 | retval = proxy_marshal(out_iovec, PROXY_HDR_SZ, "s", &xattr); | |
444 | } | |
445 | err_out: | |
446 | v9fs_string_free(&xattr); | |
447 | v9fs_string_free(&path); | |
448 | return retval; | |
449 | } | |
450 | ||
b178adc3 MK |
451 | static void stat_to_prstat(ProxyStat *pr_stat, struct stat *stat) |
452 | { | |
453 | memset(pr_stat, 0, sizeof(*pr_stat)); | |
454 | pr_stat->st_dev = stat->st_dev; | |
455 | pr_stat->st_ino = stat->st_ino; | |
456 | pr_stat->st_nlink = stat->st_nlink; | |
457 | pr_stat->st_mode = stat->st_mode; | |
458 | pr_stat->st_uid = stat->st_uid; | |
459 | pr_stat->st_gid = stat->st_gid; | |
460 | pr_stat->st_rdev = stat->st_rdev; | |
461 | pr_stat->st_size = stat->st_size; | |
462 | pr_stat->st_blksize = stat->st_blksize; | |
463 | pr_stat->st_blocks = stat->st_blocks; | |
464 | pr_stat->st_atim_sec = stat->st_atim.tv_sec; | |
465 | pr_stat->st_atim_nsec = stat->st_atim.tv_nsec; | |
466 | pr_stat->st_mtim_sec = stat->st_mtim.tv_sec; | |
467 | pr_stat->st_mtim_nsec = stat->st_mtim.tv_nsec; | |
468 | pr_stat->st_ctim_sec = stat->st_ctim.tv_sec; | |
469 | pr_stat->st_ctim_nsec = stat->st_ctim.tv_nsec; | |
470 | } | |
471 | ||
472 | static void statfs_to_prstatfs(ProxyStatFS *pr_stfs, struct statfs *stfs) | |
473 | { | |
474 | memset(pr_stfs, 0, sizeof(*pr_stfs)); | |
475 | pr_stfs->f_type = stfs->f_type; | |
476 | pr_stfs->f_bsize = stfs->f_bsize; | |
477 | pr_stfs->f_blocks = stfs->f_blocks; | |
478 | pr_stfs->f_bfree = stfs->f_bfree; | |
479 | pr_stfs->f_bavail = stfs->f_bavail; | |
480 | pr_stfs->f_files = stfs->f_files; | |
481 | pr_stfs->f_ffree = stfs->f_ffree; | |
482 | pr_stfs->f_fsid[0] = stfs->f_fsid.__val[0]; | |
483 | pr_stfs->f_fsid[1] = stfs->f_fsid.__val[1]; | |
484 | pr_stfs->f_namelen = stfs->f_namelen; | |
485 | pr_stfs->f_frsize = stfs->f_frsize; | |
486 | } | |
487 | ||
488 | /* | |
489 | * Gets stat/statfs information and packs in out_iovec structure | |
490 | * on success returns number of bytes packed in out_iovec struture | |
491 | * otherwise returns -errno | |
492 | */ | |
493 | static int do_stat(int type, struct iovec *iovec, struct iovec *out_iovec) | |
494 | { | |
495 | int retval; | |
496 | V9fsString path; | |
497 | ProxyStat pr_stat; | |
498 | ProxyStatFS pr_stfs; | |
499 | struct stat st_buf; | |
500 | struct statfs stfs_buf; | |
501 | ||
502 | v9fs_string_init(&path); | |
503 | retval = proxy_unmarshal(iovec, PROXY_HDR_SZ, "s", &path); | |
504 | if (retval < 0) { | |
505 | return retval; | |
506 | } | |
507 | ||
508 | switch (type) { | |
509 | case T_LSTAT: | |
510 | retval = lstat(path.data, &st_buf); | |
511 | if (retval < 0) { | |
512 | retval = -errno; | |
513 | } else { | |
514 | stat_to_prstat(&pr_stat, &st_buf); | |
515 | retval = proxy_marshal(out_iovec, PROXY_HDR_SZ, | |
516 | "qqqdddqqqqqqqqqq", pr_stat.st_dev, | |
517 | pr_stat.st_ino, pr_stat.st_nlink, | |
518 | pr_stat.st_mode, pr_stat.st_uid, | |
519 | pr_stat.st_gid, pr_stat.st_rdev, | |
520 | pr_stat.st_size, pr_stat.st_blksize, | |
521 | pr_stat.st_blocks, | |
522 | pr_stat.st_atim_sec, pr_stat.st_atim_nsec, | |
523 | pr_stat.st_mtim_sec, pr_stat.st_mtim_nsec, | |
524 | pr_stat.st_ctim_sec, pr_stat.st_ctim_nsec); | |
525 | } | |
526 | break; | |
527 | case T_STATFS: | |
528 | retval = statfs(path.data, &stfs_buf); | |
529 | if (retval < 0) { | |
530 | retval = -errno; | |
531 | } else { | |
532 | statfs_to_prstatfs(&pr_stfs, &stfs_buf); | |
533 | retval = proxy_marshal(out_iovec, PROXY_HDR_SZ, | |
534 | "qqqqqqqqqqq", pr_stfs.f_type, | |
535 | pr_stfs.f_bsize, pr_stfs.f_blocks, | |
536 | pr_stfs.f_bfree, pr_stfs.f_bavail, | |
537 | pr_stfs.f_files, pr_stfs.f_ffree, | |
538 | pr_stfs.f_fsid[0], pr_stfs.f_fsid[1], | |
539 | pr_stfs.f_namelen, pr_stfs.f_frsize); | |
540 | } | |
541 | break; | |
542 | } | |
543 | v9fs_string_free(&path); | |
544 | return retval; | |
545 | } | |
546 | ||
547 | static int do_readlink(struct iovec *iovec, struct iovec *out_iovec) | |
548 | { | |
549 | char *buffer; | |
550 | int size, retval; | |
551 | V9fsString target, path; | |
552 | ||
553 | v9fs_string_init(&path); | |
554 | retval = proxy_unmarshal(iovec, PROXY_HDR_SZ, "sd", &path, &size); | |
555 | if (retval < 0) { | |
556 | v9fs_string_free(&path); | |
557 | return retval; | |
558 | } | |
559 | buffer = g_malloc(size); | |
560 | v9fs_string_init(&target); | |
561 | retval = readlink(path.data, buffer, size); | |
562 | if (retval > 0) { | |
563 | buffer[retval] = '\0'; | |
564 | v9fs_string_sprintf(&target, "%s", buffer); | |
565 | retval = proxy_marshal(out_iovec, PROXY_HDR_SZ, "s", &target); | |
566 | } else { | |
567 | retval = -errno; | |
568 | } | |
569 | g_free(buffer); | |
570 | v9fs_string_free(&target); | |
571 | v9fs_string_free(&path); | |
572 | return retval; | |
573 | } | |
574 | ||
39f8c32c MK |
575 | /* |
576 | * create other filesystem objects and send 0 on success | |
577 | * return -errno on error | |
578 | */ | |
579 | static int do_create_others(int type, struct iovec *iovec) | |
580 | { | |
581 | dev_t rdev; | |
582 | int retval = 0; | |
583 | int offset = PROXY_HDR_SZ; | |
584 | V9fsString oldpath, path; | |
585 | int mode, uid, gid, cur_uid, cur_gid; | |
586 | ||
587 | v9fs_string_init(&path); | |
588 | v9fs_string_init(&oldpath); | |
589 | cur_uid = geteuid(); | |
590 | cur_gid = getegid(); | |
591 | ||
592 | retval = proxy_unmarshal(iovec, offset, "dd", &uid, &gid); | |
593 | if (retval < 0) { | |
594 | return retval; | |
595 | } | |
596 | offset += retval; | |
597 | retval = setfsugid(uid, gid); | |
598 | if (retval < 0) { | |
599 | retval = -errno; | |
600 | goto err_out; | |
601 | } | |
602 | switch (type) { | |
603 | case T_MKNOD: | |
604 | retval = proxy_unmarshal(iovec, offset, "sdq", &path, &mode, &rdev); | |
605 | if (retval < 0) { | |
606 | goto err_out; | |
607 | } | |
608 | retval = mknod(path.data, mode, rdev); | |
609 | break; | |
610 | case T_MKDIR: | |
611 | retval = proxy_unmarshal(iovec, offset, "sd", &path, &mode); | |
612 | if (retval < 0) { | |
613 | goto err_out; | |
614 | } | |
615 | retval = mkdir(path.data, mode); | |
616 | break; | |
617 | case T_SYMLINK: | |
618 | retval = proxy_unmarshal(iovec, offset, "ss", &oldpath, &path); | |
619 | if (retval < 0) { | |
620 | goto err_out; | |
621 | } | |
622 | retval = symlink(oldpath.data, path.data); | |
623 | break; | |
624 | } | |
625 | if (retval < 0) { | |
626 | retval = -errno; | |
627 | } | |
628 | ||
629 | err_out: | |
630 | v9fs_string_free(&path); | |
631 | v9fs_string_free(&oldpath); | |
632 | setfsugid(cur_uid, cur_gid); | |
633 | return retval; | |
634 | } | |
635 | ||
daf0b9ac MK |
636 | /* |
637 | * create a file and send fd on success | |
638 | * return -errno on error | |
639 | */ | |
640 | static int do_create(struct iovec *iovec) | |
641 | { | |
642 | int ret; | |
643 | V9fsString path; | |
644 | int flags, mode, uid, gid, cur_uid, cur_gid; | |
645 | ||
646 | v9fs_string_init(&path); | |
647 | ret = proxy_unmarshal(iovec, PROXY_HDR_SZ, "sdddd", | |
648 | &path, &flags, &mode, &uid, &gid); | |
649 | if (ret < 0) { | |
650 | goto unmarshal_err_out; | |
651 | } | |
652 | cur_uid = geteuid(); | |
653 | cur_gid = getegid(); | |
654 | ret = setfsugid(uid, gid); | |
655 | if (ret < 0) { | |
656 | /* | |
657 | * On failure reset back to the | |
658 | * old uid/gid | |
659 | */ | |
660 | ret = -errno; | |
661 | goto err_out; | |
662 | } | |
663 | ret = open(path.data, flags, mode); | |
664 | if (ret < 0) { | |
665 | ret = -errno; | |
666 | } | |
667 | ||
668 | err_out: | |
669 | setfsugid(cur_uid, cur_gid); | |
670 | unmarshal_err_out: | |
671 | v9fs_string_free(&path); | |
672 | return ret; | |
673 | } | |
674 | ||
675 | /* | |
676 | * open a file and send fd on success | |
677 | * return -errno on error | |
678 | */ | |
679 | static int do_open(struct iovec *iovec) | |
680 | { | |
681 | int flags, ret; | |
682 | V9fsString path; | |
683 | ||
684 | v9fs_string_init(&path); | |
685 | ret = proxy_unmarshal(iovec, PROXY_HDR_SZ, "sd", &path, &flags); | |
686 | if (ret < 0) { | |
687 | goto err_out; | |
688 | } | |
689 | ret = open(path.data, flags); | |
690 | if (ret < 0) { | |
691 | ret = -errno; | |
692 | } | |
693 | err_out: | |
694 | v9fs_string_free(&path); | |
695 | return ret; | |
696 | } | |
697 | ||
17bff52b MK |
698 | static void usage(char *prog) |
699 | { | |
700 | fprintf(stderr, "usage: %s\n" | |
701 | " -p|--path <path> 9p path to export\n" | |
702 | " {-f|--fd <socket-descriptor>} socket file descriptor to be used\n" | |
703 | " [-n|--nodaemon] Run as a normal program\n", | |
704 | basename(prog)); | |
705 | } | |
706 | ||
39f8c32c MK |
707 | static int process_reply(int sock, int type, |
708 | struct iovec *out_iovec, int retval) | |
daf0b9ac MK |
709 | { |
710 | switch (type) { | |
711 | case T_OPEN: | |
712 | case T_CREATE: | |
713 | if (send_fd(sock, retval) < 0) { | |
714 | return -1; | |
715 | } | |
716 | break; | |
39f8c32c MK |
717 | case T_MKNOD: |
718 | case T_MKDIR: | |
719 | case T_SYMLINK: | |
720 | case T_LINK: | |
ea75fc4e MK |
721 | case T_CHMOD: |
722 | case T_CHOWN: | |
723 | case T_TRUNCATE: | |
724 | case T_UTIME: | |
725 | case T_RENAME: | |
726 | case T_REMOVE: | |
d52b09e4 MK |
727 | case T_LSETXATTR: |
728 | case T_LREMOVEXATTR: | |
39f8c32c MK |
729 | if (send_status(sock, out_iovec, retval) < 0) { |
730 | return -1; | |
731 | } | |
732 | break; | |
b178adc3 MK |
733 | case T_LSTAT: |
734 | case T_STATFS: | |
735 | case T_READLINK: | |
d52b09e4 MK |
736 | case T_LGETXATTR: |
737 | case T_LLISTXATTR: | |
d090e452 | 738 | case T_GETVERSION: |
b178adc3 MK |
739 | if (send_response(sock, out_iovec, retval) < 0) { |
740 | return -1; | |
741 | } | |
742 | break; | |
daf0b9ac MK |
743 | default: |
744 | return -1; | |
745 | break; | |
746 | } | |
747 | return 0; | |
748 | } | |
749 | ||
17bff52b MK |
750 | static int process_requests(int sock) |
751 | { | |
d52b09e4 MK |
752 | int flags; |
753 | int size = 0; | |
daf0b9ac | 754 | int retval = 0; |
ea75fc4e | 755 | uint64_t offset; |
17bff52b | 756 | ProxyHeader header; |
ea75fc4e | 757 | int mode, uid, gid; |
d52b09e4 | 758 | V9fsString name, value; |
ea75fc4e | 759 | struct timespec spec[2]; |
39f8c32c MK |
760 | V9fsString oldpath, path; |
761 | struct iovec in_iovec, out_iovec; | |
762 | ||
763 | in_iovec.iov_base = g_malloc(PROXY_MAX_IO_SZ + PROXY_HDR_SZ); | |
764 | in_iovec.iov_len = PROXY_MAX_IO_SZ + PROXY_HDR_SZ; | |
765 | out_iovec.iov_base = g_malloc(PROXY_MAX_IO_SZ + PROXY_HDR_SZ); | |
766 | out_iovec.iov_len = PROXY_MAX_IO_SZ + PROXY_HDR_SZ; | |
17bff52b | 767 | |
17bff52b | 768 | while (1) { |
daf0b9ac MK |
769 | /* |
770 | * initialize the header type, so that we send | |
771 | * response to proper request type. | |
772 | */ | |
773 | header.type = 0; | |
17bff52b MK |
774 | retval = read_request(sock, &in_iovec, &header); |
775 | if (retval < 0) { | |
daf0b9ac MK |
776 | goto err_out; |
777 | } | |
778 | ||
779 | switch (header.type) { | |
780 | case T_OPEN: | |
781 | retval = do_open(&in_iovec); | |
782 | break; | |
783 | case T_CREATE: | |
784 | retval = do_create(&in_iovec); | |
785 | break; | |
39f8c32c MK |
786 | case T_MKNOD: |
787 | case T_MKDIR: | |
788 | case T_SYMLINK: | |
789 | retval = do_create_others(header.type, &in_iovec); | |
790 | break; | |
791 | case T_LINK: | |
792 | v9fs_string_init(&path); | |
793 | v9fs_string_init(&oldpath); | |
794 | retval = proxy_unmarshal(&in_iovec, PROXY_HDR_SZ, | |
795 | "ss", &oldpath, &path); | |
796 | if (retval > 0) { | |
797 | retval = link(oldpath.data, path.data); | |
798 | if (retval < 0) { | |
799 | retval = -errno; | |
800 | } | |
801 | } | |
802 | v9fs_string_free(&oldpath); | |
803 | v9fs_string_free(&path); | |
804 | break; | |
b178adc3 MK |
805 | case T_LSTAT: |
806 | case T_STATFS: | |
807 | retval = do_stat(header.type, &in_iovec, &out_iovec); | |
808 | break; | |
809 | case T_READLINK: | |
810 | retval = do_readlink(&in_iovec, &out_iovec); | |
811 | break; | |
ea75fc4e MK |
812 | case T_CHMOD: |
813 | v9fs_string_init(&path); | |
814 | retval = proxy_unmarshal(&in_iovec, PROXY_HDR_SZ, | |
815 | "sd", &path, &mode); | |
816 | if (retval > 0) { | |
817 | retval = chmod(path.data, mode); | |
818 | if (retval < 0) { | |
819 | retval = -errno; | |
820 | } | |
821 | } | |
822 | v9fs_string_free(&path); | |
823 | break; | |
824 | case T_CHOWN: | |
825 | v9fs_string_init(&path); | |
826 | retval = proxy_unmarshal(&in_iovec, PROXY_HDR_SZ, "sdd", &path, | |
827 | &uid, &gid); | |
828 | if (retval > 0) { | |
829 | retval = lchown(path.data, uid, gid); | |
830 | if (retval < 0) { | |
831 | retval = -errno; | |
832 | } | |
833 | } | |
834 | v9fs_string_free(&path); | |
835 | break; | |
836 | case T_TRUNCATE: | |
837 | v9fs_string_init(&path); | |
838 | retval = proxy_unmarshal(&in_iovec, PROXY_HDR_SZ, "sq", | |
839 | &path, &offset); | |
840 | if (retval > 0) { | |
841 | retval = truncate(path.data, offset); | |
842 | if (retval < 0) { | |
843 | retval = -errno; | |
844 | } | |
845 | } | |
846 | v9fs_string_free(&path); | |
847 | break; | |
848 | case T_UTIME: | |
849 | v9fs_string_init(&path); | |
850 | retval = proxy_unmarshal(&in_iovec, PROXY_HDR_SZ, "sqqqq", &path, | |
851 | &spec[0].tv_sec, &spec[0].tv_nsec, | |
852 | &spec[1].tv_sec, &spec[1].tv_nsec); | |
853 | if (retval > 0) { | |
854 | retval = qemu_utimens(path.data, spec); | |
855 | if (retval < 0) { | |
856 | retval = -errno; | |
857 | } | |
858 | } | |
859 | v9fs_string_free(&path); | |
860 | break; | |
861 | case T_RENAME: | |
862 | v9fs_string_init(&path); | |
863 | v9fs_string_init(&oldpath); | |
864 | retval = proxy_unmarshal(&in_iovec, PROXY_HDR_SZ, | |
865 | "ss", &oldpath, &path); | |
866 | if (retval > 0) { | |
867 | retval = rename(oldpath.data, path.data); | |
868 | if (retval < 0) { | |
869 | retval = -errno; | |
870 | } | |
871 | } | |
872 | v9fs_string_free(&oldpath); | |
873 | v9fs_string_free(&path); | |
874 | break; | |
875 | case T_REMOVE: | |
876 | v9fs_string_init(&path); | |
877 | retval = proxy_unmarshal(&in_iovec, PROXY_HDR_SZ, "s", &path); | |
878 | if (retval > 0) { | |
879 | retval = remove(path.data); | |
880 | if (retval < 0) { | |
881 | retval = -errno; | |
882 | } | |
883 | } | |
884 | v9fs_string_free(&path); | |
885 | break; | |
d52b09e4 MK |
886 | case T_LGETXATTR: |
887 | case T_LLISTXATTR: | |
888 | retval = do_getxattr(header.type, &in_iovec, &out_iovec); | |
889 | break; | |
890 | case T_LSETXATTR: | |
891 | v9fs_string_init(&path); | |
892 | v9fs_string_init(&name); | |
893 | v9fs_string_init(&value); | |
894 | retval = proxy_unmarshal(&in_iovec, PROXY_HDR_SZ, "sssdd", &path, | |
895 | &name, &value, &size, &flags); | |
896 | if (retval > 0) { | |
897 | retval = lsetxattr(path.data, | |
898 | name.data, value.data, size, flags); | |
899 | if (retval < 0) { | |
900 | retval = -errno; | |
901 | } | |
902 | } | |
903 | v9fs_string_free(&path); | |
904 | v9fs_string_free(&name); | |
905 | v9fs_string_free(&value); | |
906 | break; | |
907 | case T_LREMOVEXATTR: | |
908 | v9fs_string_init(&path); | |
909 | v9fs_string_init(&name); | |
910 | retval = proxy_unmarshal(&in_iovec, | |
911 | PROXY_HDR_SZ, "ss", &path, &name); | |
912 | if (retval > 0) { | |
913 | retval = lremovexattr(path.data, name.data); | |
914 | if (retval < 0) { | |
915 | retval = -errno; | |
916 | } | |
917 | } | |
918 | v9fs_string_free(&path); | |
919 | v9fs_string_free(&name); | |
920 | break; | |
d090e452 MK |
921 | case T_GETVERSION: |
922 | retval = do_getversion(&in_iovec, &out_iovec); | |
923 | break; | |
daf0b9ac MK |
924 | default: |
925 | goto err_out; | |
926 | break; | |
927 | } | |
928 | ||
39f8c32c | 929 | if (process_reply(sock, header.type, &out_iovec, retval) < 0) { |
daf0b9ac | 930 | goto err_out; |
17bff52b MK |
931 | } |
932 | } | |
daf0b9ac | 933 | err_out: |
17bff52b | 934 | g_free(in_iovec.iov_base); |
39f8c32c | 935 | g_free(out_iovec.iov_base); |
17bff52b MK |
936 | return -1; |
937 | } | |
938 | ||
939 | int main(int argc, char **argv) | |
940 | { | |
941 | int sock; | |
942 | char *rpath = NULL; | |
943 | struct stat stbuf; | |
944 | int c, option_index; | |
d090e452 MK |
945 | #ifdef FS_IOC_GETVERSION |
946 | int retval; | |
947 | struct statfs st_fs; | |
948 | #endif | |
17bff52b MK |
949 | |
950 | is_daemon = true; | |
951 | sock = -1; | |
952 | while (1) { | |
953 | option_index = 0; | |
954 | c = getopt_long(argc, argv, "p:nh?f:", helper_opts, | |
955 | &option_index); | |
956 | if (c == -1) { | |
957 | break; | |
958 | } | |
959 | switch (c) { | |
960 | case 'p': | |
961 | rpath = strdup(optarg); | |
962 | break; | |
963 | case 'n': | |
964 | is_daemon = false; | |
965 | break; | |
966 | case 'f': | |
967 | sock = atoi(optarg); | |
968 | break; | |
969 | case '?': | |
970 | case 'h': | |
971 | default: | |
972 | usage(argv[0]); | |
973 | exit(EXIT_FAILURE); | |
974 | } | |
975 | } | |
976 | ||
977 | /* Parameter validation */ | |
978 | if (sock == -1 || rpath == NULL) { | |
979 | fprintf(stderr, "socket descriptor or path not specified\n"); | |
980 | usage(argv[0]); | |
981 | exit(EXIT_FAILURE); | |
982 | } | |
983 | ||
984 | if (lstat(rpath, &stbuf) < 0) { | |
985 | fprintf(stderr, "invalid path \"%s\" specified, %s\n", | |
986 | rpath, strerror(errno)); | |
987 | exit(EXIT_FAILURE); | |
988 | } | |
989 | ||
990 | if (!S_ISDIR(stbuf.st_mode)) { | |
991 | fprintf(stderr, "specified path \"%s\" is not directory\n", rpath); | |
992 | exit(EXIT_FAILURE); | |
993 | } | |
994 | ||
995 | if (is_daemon) { | |
996 | if (daemon(0, 0) < 0) { | |
997 | fprintf(stderr, "daemon call failed\n"); | |
998 | exit(EXIT_FAILURE); | |
999 | } | |
1000 | openlog(PROGNAME, LOG_PID, LOG_DAEMON); | |
1001 | } | |
1002 | ||
1003 | do_log(LOG_INFO, "Started\n"); | |
1004 | ||
d090e452 MK |
1005 | get_version = false; |
1006 | #ifdef FS_IOC_GETVERSION | |
1007 | /* check whether underlying FS support IOC_GETVERSION */ | |
1008 | retval = statfs(rpath, &st_fs); | |
1009 | if (!retval) { | |
1010 | switch (st_fs.f_type) { | |
1011 | case EXT2_SUPER_MAGIC: | |
1012 | case BTRFS_SUPER_MAGIC: | |
1013 | case REISERFS_SUPER_MAGIC: | |
1014 | case XFS_SUPER_MAGIC: | |
1015 | get_version = true; | |
1016 | break; | |
1017 | } | |
1018 | } | |
1019 | #endif | |
1020 | ||
17bff52b MK |
1021 | if (chdir("/") < 0) { |
1022 | do_perror("chdir"); | |
1023 | goto error; | |
1024 | } | |
1025 | if (chroot(rpath) < 0) { | |
1026 | do_perror("chroot"); | |
1027 | goto error; | |
1028 | } | |
1029 | umask(0); | |
1030 | ||
1031 | if (init_capabilities() < 0) { | |
1032 | goto error; | |
1033 | } | |
1034 | ||
1035 | process_requests(sock); | |
1036 | error: | |
1037 | do_log(LOG_INFO, "Done\n"); | |
1038 | closelog(); | |
1039 | return 0; | |
1040 | } |