qemu/hw/9pfs
Greg Kurz 81ffbf5ab1 9pfs: local: metadata file for the VirtFS root
When using the mapped-file security, credentials are stored in a metadata
directory located in the parent directory. This is okay for all paths with
the notable exception of the root path, since we don't want and probably
can't create a metadata directory above the virtfs directory on the host.

This patch introduces a dedicated metadata file, sitting in the virtfs root
for this purpose. It relies on the fact that the "." name necessarily refers
to the virtfs root.

As for the metadata directory, we don't want the client to see this file.
The current code only cares for readdir() but there are many other places
to fix actually. The filtering logic is hence put in a separate function.

Before:

# ls -ld
drwxr-xr-x. 3 greg greg 4096 May  5 12:49 .
# chown root.root .
chown: changing ownership of '.': Is a directory
# ls -ld
drwxr-xr-x. 3 greg greg 4096 May  5 12:49 .

After:

# ls -ld
drwxr-xr-x. 3 greg greg 4096 May  5 12:49 .
# chown root.root .
# ls -ld
drwxr-xr-x. 3 root root 4096 May  5 12:50 .

and from the host:

ls -al .virtfs_metadata_root
-rwx------. 1 greg greg 26 May  5 12:50 .virtfs_metadata_root
$ cat .virtfs_metadata_root
virtfs.uid=0
virtfs.gid=0

Reported-by: Leo Gaspard <leo@gaspard.io>
Signed-off-by: Greg Kurz <groug@kaod.org>
Reviewed-by: Eric Blake <eblake@redhat.com>
Tested-by: Leo Gaspard <leo@gaspard.io>
[groug: work around a patchew false positive in
        local_set_mapped_file_attrat()]
2017-05-25 10:30:14 +02:00
..
9p-handle.c 9pfs: assume utimensat() and futimens() are present 2017-05-25 10:30:14 +02:00
9p-local.c 9pfs: local: metadata file for the VirtFS root 2017-05-25 10:30:14 +02:00
9p-local.h 9pfs: local: open/opendir: don't follow symlinks 2017-02-28 11:21:15 +01:00
9p-posix-acl.c 9pfs: local: lremovexattr: don't follow symlinks 2017-02-28 11:21:15 +01:00
9p-proxy.c 9pfs: proxy: assert if unmarshal fails 2017-03-21 09:12:47 +01:00
9p-proxy.h Clean up ill-advised or unusual header guards 2016-07-12 16:20:46 +02:00
9p-synth.c 9p: synth: drop v9fs_ prefix 2016-07-01 14:38:54 +02:00
9p-synth.h 9pfs: fsdev: drop useless extern annotation for functions 2016-10-17 14:13:58 +02:00
9p-util.c 9pfs: local: simplify file opening 2017-05-25 10:30:14 +02:00
9p-util.h 9pfs: local: simplify file opening 2017-05-25 10:30:14 +02:00
9p-xattr-user.c 9pfs: local: lremovexattr: don't follow symlinks 2017-02-28 11:21:15 +01:00
9p-xattr.c 9pfs: xattr: fix memory leak in v9fs_list_xattr 2017-04-10 09:38:05 +02:00
9p-xattr.h 9pfs: local: lremovexattr: don't follow symlinks 2017-02-28 11:21:15 +01:00
9p.c 9pfs: check return value of v9fs_co_name_to_path() 2017-05-25 10:30:14 +02:00
9p.h virtio-9p/xen-9p: move 9p specific bits to core 9p code 2017-05-25 10:30:13 +02:00
Makefile.objs xen/9pfs: build and register Xen 9pfs backend 2017-04-25 11:04:33 -07:00
codir.c 9pfs: use coroutine_fn annotation in hw/9pfs/co*.[ch] 2016-10-17 14:13:58 +02:00
cofile.c fsdev: add IO throttle support to fsdev devices 2017-02-28 10:31:46 +01:00
cofs.c 9pfs: use coroutine_fn annotation in hw/9pfs/co*.[ch] 2016-10-17 14:13:58 +02:00
coth.c coroutine: move entry argument to qemu_coroutine_create 2016-07-13 13:26:02 +02:00
coth.h 9pfs: use coroutine_fn annotation in hw/9pfs/co*.[ch] 2016-10-17 14:13:58 +02:00
coxattr.c 9pfs: use coroutine_fn annotation in hw/9pfs/co*.[ch] 2016-10-17 14:13:58 +02:00
trace-events 9pfs: limit xattr size in xattrcreate 2016-11-01 12:03:02 +01:00
virtio-9p-device.c virtio-9p/xen-9p: move 9p specific bits to core 9p code 2017-05-25 10:30:13 +02:00
virtio-9p.h 9pfs: introduce transport specific callbacks 2017-01-03 17:28:44 +01:00
xen-9p-backend.c virtio-9p/xen-9p: move 9p specific bits to core 9p code 2017-05-25 10:30:13 +02:00
xen-9pfs.h xen/9pfs: introduce Xen 9pfs backend 2017-04-25 11:04:28 -07:00