On Mon, Jan 06, 2020 at 07:08:43PM +0000, Dr. David Alan Gilbert wrote: > * Dr. David Alan Gilbert ([email protected]) wrote: > > * Daniel P. Berrangé ([email protected]) wrote: > > > On Thu, Dec 12, 2019 at 04:37:52PM +0000, Dr. David Alan Gilbert (git) > > > wrote: > > > > From: Vivek Goyal <[email protected]> > > > > > > > > We need to create files in the caller's context. Otherwise after > > > > creating a file, the caller might not be able to do file operations on > > > > that file. > > > > > > > > Changed effective uid/gid to caller's uid/gid, create file and then > > > > switch back to uid/gid 0. > > > > > > > > Use syscall(setresuid, ...) otherwise glibc does some magic to change > > > > EUID > > > > in all threads, which is not what we want. > > > > > > > > Signed-off-by: Vivek Goyal <[email protected]> > > > > Signed-off-by: Miklos Szeredi <[email protected]> > > > > --- > > > > tools/virtiofsd/passthrough_ll.c | 79 ++++++++++++++++++++++++++++++-- > > > > 1 file changed, 74 insertions(+), 5 deletions(-) > > > > > > > > diff --git a/tools/virtiofsd/passthrough_ll.c > > > > b/tools/virtiofsd/passthrough_ll.c > > > > index 68bacb6fc5..0188cd9ad6 100644 > > > > --- a/tools/virtiofsd/passthrough_ll.c > > > > +++ b/tools/virtiofsd/passthrough_ll.c > > > > > > > > > > +static int lo_change_cred(fuse_req_t req, struct lo_cred *old) > > > > +{ > > > > + int res; > > > > + > > > > + old->euid = geteuid(); > > > > + old->egid = getegid(); > > > > + > > > > + res = syscall(SYS_setresgid, -1, fuse_req_ctx(req)->gid, -1); > > > > > > Do we need to be using SYS_setres[u,g]id32 instead... > > > > > > [quote setresgid(2)] > > > The original Linux setresuid() and setresgid() system calls > > > supported only 16-bit user and group IDs. Subsequently, > > > Linux 2.4 added setresuid32() and setresgid32(), supporting > > > 32-bit IDs. The glibc setresuid() and setresgid() wrapper > > > functions transparently deal with the variations across ker‐ > > > nel versions. > > > [/quote] > > > > OK, updated. > > Hmm hang on; this is messy. x86-64 only seems to have setresuid > where as some architectures have both; If I'm reading this right, all > 64 bit machines have setresuid/gid calling the code that takes the > 32bit ID; some have compat entries for 32bit syscalls.
Oh yuk. > I think it's probably more correct to call setresuid here; except > for 32 bit platforms - but how do we tell? Is it possible to just do an #ifdef SYS_setresgid32 check to see if the wider variant exists ? Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
