[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [V3 PATCH 7/8] virtio-9p: Move file post creation chang
From: |
Stefan Hajnoczi |
Subject: |
Re: [Qemu-devel] [V3 PATCH 7/8] virtio-9p: Move file post creation changes to none security model |
Date: |
Thu, 20 Jan 2011 21:45:50 +0000 |
On Thu, Jan 20, 2011 at 9:15 PM, Venkateswararao Jujjuri (JV)
<address@hidden> wrote:
> On 1/20/2011 12:59 AM, Stefan Hajnoczi wrote:
>> On Tue, Jan 18, 2011 at 01:54:16PM +0530, M. Mohan Kumar wrote:
>>> After creating a file object, its permission and ownership details are
>>> updated
>>> as per client's request for both passthrough and none security model. But
>>> with
>>> chrooted environment its not required for passthrough security model. Move
>>> all
>>> post file creation changes to none security model
>>>
>>> Signed-off-by: M. Mohan Kumar <address@hidden>
>>> ---
>>> hw/9pfs/virtio-9p-local.c | 19 ++++++-------------
>>> 1 files changed, 6 insertions(+), 13 deletions(-)
>>>
>>> diff --git a/hw/9pfs/virtio-9p-local.c b/hw/9pfs/virtio-9p-local.c
>>> index 08fd67f..d2e32e2 100644
>>> --- a/hw/9pfs/virtio-9p-local.c
>>> +++ b/hw/9pfs/virtio-9p-local.c
>>> @@ -208,21 +208,14 @@ static int local_set_xattr(const char *path, FsCred
>>> *credp)
>>> return 0;
>>> }
>>>
>>> -static int local_post_create_passthrough(FsContext *fs_ctx, const char
>>> *path,
>>> +static int local_post_create_none(FsContext *fs_ctx, const char *path,
>>> FsCred *credp)
>>> {
>>> + int retval;
>>> if (chmod(rpath(fs_ctx, path), credp->fc_mode & 07777) < 0) {
>>> return -1;
>>> }
>>> - if (lchown(rpath(fs_ctx, path), credp->fc_uid, credp->fc_gid) < 0) {
>>> - /*
>>> - * If we fail to change ownership and if we are
>>> - * using security model none. Ignore the error
>>> - */
>>> - if (fs_ctx->fs_sm != SM_NONE) {
>>> - return -1;
>>> - }
>>> - }
>>> + retval = lchown(rpath(fs_ctx, path), credp->fc_uid, credp->fc_gid);
>>> return 0;
>>> }
>>
>> retval is unused.
>>
>> Can multiple virtio-9p requests execute at a time? chmod() and lchown()
>> after creation is a race condition if other requests can execute
>> concurrently.
>
> If some level of serialization is needed it will be done at the client/guest
> inode level.
> Are you worried about filesystem semantics? or do you see some corruption if
> they
> get executed in parallel?
My main concern is unreliable results due to the race conditions
between creation and the fixups that are performed afterwards.
Is virtio-9p only useful for single guest exclusive access? I thought
both guest and host could access files at the same time? What about
multiple VMs sharing a directory? These scenarios can only work if
operations are made atomic.
Stefan
- Re: [Qemu-devel] [V3 PATCH 5/8] virtio-9p: Create support in chroot environment, (continued)
- [Qemu-devel] [V3 PATCH 6/8] virtio-9p: Support for creating special files, M. Mohan Kumar, 2011/01/18
- [Qemu-devel] [V3 PATCH 8/8] virtio-9p: Chroot environment for other functions, M. Mohan Kumar, 2011/01/18
- [Qemu-devel] [V3 PATCH 7/8] virtio-9p: Move file post creation changes to none security model, M. Mohan Kumar, 2011/01/18
- Re: [Qemu-devel] [V3 PATCH 7/8] virtio-9p: Move file post creation changes to none security model, Venkateswararao Jujjuri (JV), 2011/01/20
- Re: [Qemu-devel] [V3 PATCH 7/8] virtio-9p: Move file post creation changes to none security model,
Stefan Hajnoczi <=
- Re: [Qemu-devel] [V3 PATCH 7/8] virtio-9p: Move file post creation changes to none security model, Venkateswararao Jujjuri (JV), 2011/01/21