xref: /openbmc/qemu/hw/9pfs/9p-local.c (revision 0b58dc456191042dc3b84aa2b80619b71f8b1e3d)
1 /*
2  * 9p Posix callback
3  *
4  * Copyright IBM, Corp. 2010
5  *
6  * Authors:
7  *  Anthony Liguori   <aliguori@us.ibm.com>
8  *
9  * This work is licensed under the terms of the GNU GPL, version 2.  See
10  * the COPYING file in the top-level directory.
11  */
12 
13 /*
14  * Not so fast! You might want to read the 9p developer docs first:
15  * https://wiki.qemu.org/Documentation/9p
16  */
17 
18 #include "qemu/osdep.h"
19 #include "9p.h"
20 #include "9p-local.h"
21 #include "9p-xattr.h"
22 #include "9p-util.h"
23 #include "fsdev/qemu-fsdev.h"   /* local_ops */
24 #include <arpa/inet.h>
25 #include <pwd.h>
26 #include <grp.h>
27 #include <sys/socket.h>
28 #include <sys/un.h>
29 #include "qemu/xattr.h"
30 #include "qapi/error.h"
31 #include "qemu/cutils.h"
32 #include "qemu/error-report.h"
33 #include "qemu/option.h"
34 #include <libgen.h>
35 #ifdef CONFIG_LINUX
36 #include <linux/fs.h>
37 #ifdef CONFIG_LINUX_MAGIC_H
38 #include <linux/magic.h>
39 #endif
40 #endif
41 #include <sys/ioctl.h>
42 
43 #ifndef XFS_SUPER_MAGIC
44 #define XFS_SUPER_MAGIC  0x58465342
45 #endif
46 #ifndef EXT2_SUPER_MAGIC
47 #define EXT2_SUPER_MAGIC 0xEF53
48 #endif
49 #ifndef REISERFS_SUPER_MAGIC
50 #define REISERFS_SUPER_MAGIC 0x52654973
51 #endif
52 #ifndef BTRFS_SUPER_MAGIC
53 #define BTRFS_SUPER_MAGIC 0x9123683E
54 #endif
55 
56 typedef struct {
57     int mountfd;
58 } LocalData;
59 
local_open_nofollow(FsContext * fs_ctx,const char * path,int flags,mode_t mode)60 int local_open_nofollow(FsContext *fs_ctx, const char *path, int flags,
61                         mode_t mode)
62 {
63     LocalData *data = fs_ctx->private;
64     int fd = data->mountfd;
65 
66     while (*path && fd != -1) {
67         const char *c;
68         int next_fd;
69         char *head;
70 
71         /* Only relative paths without consecutive slashes */
72         assert(*path != '/');
73 
74         head = g_strdup(path);
75         c = qemu_strchrnul(path, '/');
76         if (*c) {
77             /* Intermediate path element */
78             head[c - path] = 0;
79             path = c + 1;
80             next_fd = openat_dir(fd, head);
81         } else {
82             /* Rightmost path element */
83             next_fd = openat_file(fd, head, flags, mode);
84             path = c;
85         }
86         g_free(head);
87         if (fd != data->mountfd) {
88             close_preserve_errno(fd);
89         }
90         fd = next_fd;
91     }
92 
93     assert(fd != data->mountfd);
94     return fd;
95 }
96 
local_opendir_nofollow(FsContext * fs_ctx,const char * path)97 int local_opendir_nofollow(FsContext *fs_ctx, const char *path)
98 {
99     return local_open_nofollow(fs_ctx, path, O_DIRECTORY | O_RDONLY, 0);
100 }
101 
renameat_preserve_errno(int odirfd,const char * opath,int ndirfd,const char * npath)102 static void renameat_preserve_errno(int odirfd, const char *opath, int ndirfd,
103                                     const char *npath)
104 {
105     int serrno = errno;
106     qemu_renameat(odirfd, opath, ndirfd, npath);
107     errno = serrno;
108 }
109 
unlinkat_preserve_errno(int dirfd,const char * path,int flags)110 static void unlinkat_preserve_errno(int dirfd, const char *path, int flags)
111 {
112     int serrno = errno;
113     qemu_unlinkat(dirfd, path, flags);
114     errno = serrno;
115 }
116 
117 #define VIRTFS_META_DIR ".virtfs_metadata"
118 #define VIRTFS_META_ROOT_FILE VIRTFS_META_DIR "_root"
119 
local_fopenat(int dirfd,const char * name,const char * mode)120 static FILE *local_fopenat(int dirfd, const char *name, const char *mode)
121 {
122     int fd, o_mode = 0;
123     FILE *fp;
124     int flags;
125     /*
126      * only supports two modes
127      */
128     if (mode[0] == 'r') {
129         flags = O_RDONLY;
130     } else if (mode[0] == 'w') {
131         flags = O_WRONLY | O_TRUNC | O_CREAT;
132         o_mode = S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH | S_IWOTH;
133     } else {
134         return NULL;
135     }
136     fd = openat_file(dirfd, name, flags, o_mode);
137     if (fd == -1) {
138         return NULL;
139     }
140     fp = fdopen(fd, mode);
141     if (!fp) {
142         close(fd);
143     }
144     return fp;
145 }
146 
147 #define ATTR_MAX 100
local_mapped_file_attr(int dirfd,const char * name,struct stat * stbuf)148 static void local_mapped_file_attr(int dirfd, const char *name,
149                                    struct stat *stbuf)
150 {
151     FILE *fp;
152     char buf[ATTR_MAX];
153     int map_dirfd;
154 
155     if (strcmp(name, ".")) {
156         map_dirfd = openat_dir(dirfd, VIRTFS_META_DIR);
157         if (map_dirfd == -1) {
158             return;
159         }
160 
161         fp = local_fopenat(map_dirfd, name, "r");
162         close_preserve_errno(map_dirfd);
163     } else {
164         fp = local_fopenat(dirfd, VIRTFS_META_ROOT_FILE, "r");
165     }
166     if (!fp) {
167         return;
168     }
169     memset(buf, 0, ATTR_MAX);
170     while (fgets(buf, ATTR_MAX, fp)) {
171         if (!strncmp(buf, "virtfs.uid", 10)) {
172             stbuf->st_uid = atoi(buf + 11);
173         } else if (!strncmp(buf, "virtfs.gid", 10)) {
174             stbuf->st_gid = atoi(buf + 11);
175         } else if (!strncmp(buf, "virtfs.mode", 11)) {
176             stbuf->st_mode = atoi(buf + 12);
177         } else if (!strncmp(buf, "virtfs.rdev", 11)) {
178             stbuf->st_rdev = atoi(buf + 12);
179         }
180         memset(buf, 0, ATTR_MAX);
181     }
182     fclose(fp);
183 }
184 
local_lstat(FsContext * fs_ctx,V9fsPath * fs_path,struct stat * stbuf)185 static int local_lstat(FsContext *fs_ctx, V9fsPath *fs_path, struct stat *stbuf)
186 {
187     int err = -1;
188     char *dirpath = g_path_get_dirname(fs_path->data);
189     char *name = g_path_get_basename(fs_path->data);
190     int dirfd;
191 
192     dirfd = local_opendir_nofollow(fs_ctx, dirpath);
193     if (dirfd == -1) {
194         goto out;
195     }
196 
197     err = qemu_fstatat(dirfd, name, stbuf, AT_SYMLINK_NOFOLLOW);
198     if (err) {
199         goto err_out;
200     }
201     if (fs_ctx->export_flags & V9FS_SM_MAPPED) {
202         /* Actual credentials are part of extended attrs */
203         uid_t tmp_uid;
204         gid_t tmp_gid;
205         mode_t tmp_mode;
206         dev_t tmp_dev;
207 
208         if (fgetxattrat_nofollow(dirfd, name, "user.virtfs.uid", &tmp_uid,
209                                  sizeof(uid_t)) > 0) {
210             stbuf->st_uid = le32_to_cpu(tmp_uid);
211         }
212         if (fgetxattrat_nofollow(dirfd, name, "user.virtfs.gid", &tmp_gid,
213                                  sizeof(gid_t)) > 0) {
214             stbuf->st_gid = le32_to_cpu(tmp_gid);
215         }
216         if (fgetxattrat_nofollow(dirfd, name, "user.virtfs.mode", &tmp_mode,
217                                  sizeof(mode_t)) > 0) {
218             stbuf->st_mode = le32_to_cpu(tmp_mode);
219         }
220         if (fgetxattrat_nofollow(dirfd, name, "user.virtfs.rdev", &tmp_dev,
221                                  sizeof(dev_t)) > 0) {
222             stbuf->st_rdev = le64_to_cpu(tmp_dev);
223         }
224     } else if (fs_ctx->export_flags & V9FS_SM_MAPPED_FILE) {
225         local_mapped_file_attr(dirfd, name, stbuf);
226     }
227 
228 err_out:
229     close_preserve_errno(dirfd);
230 out:
231     g_free(name);
232     g_free(dirpath);
233     return err;
234 }
235 
local_set_mapped_file_attrat(int dirfd,const char * name,FsCred * credp)236 static int local_set_mapped_file_attrat(int dirfd, const char *name,
237                                         FsCred *credp)
238 {
239     FILE *fp;
240     int ret;
241     char buf[ATTR_MAX];
242     int uid = -1, gid = -1, mode = -1, rdev = -1;
243     int map_dirfd = -1, map_fd;
244     bool is_root = !strcmp(name, ".");
245 
246     if (is_root) {
247         fp = local_fopenat(dirfd, VIRTFS_META_ROOT_FILE, "r");
248         if (!fp) {
249             if (errno == ENOENT) {
250                 goto update_map_file;
251             } else {
252                 return -1;
253             }
254         }
255     } else {
256         ret = qemu_mkdirat(dirfd, VIRTFS_META_DIR, 0700);
257         if (ret < 0 && errno != EEXIST) {
258             return -1;
259         }
260 
261         map_dirfd = openat_dir(dirfd, VIRTFS_META_DIR);
262         if (map_dirfd == -1) {
263             return -1;
264         }
265 
266         fp = local_fopenat(map_dirfd, name, "r");
267         if (!fp) {
268             if (errno == ENOENT) {
269                 goto update_map_file;
270             } else {
271                 close_preserve_errno(map_dirfd);
272                 return -1;
273             }
274         }
275     }
276     memset(buf, 0, ATTR_MAX);
277     while (fgets(buf, ATTR_MAX, fp)) {
278         if (!strncmp(buf, "virtfs.uid", 10)) {
279             uid = atoi(buf + 11);
280         } else if (!strncmp(buf, "virtfs.gid", 10)) {
281             gid = atoi(buf + 11);
282         } else if (!strncmp(buf, "virtfs.mode", 11)) {
283             mode = atoi(buf + 12);
284         } else if (!strncmp(buf, "virtfs.rdev", 11)) {
285             rdev = atoi(buf + 12);
286         }
287         memset(buf, 0, ATTR_MAX);
288     }
289     fclose(fp);
290 
291 update_map_file:
292     if (is_root) {
293         fp = local_fopenat(dirfd, VIRTFS_META_ROOT_FILE, "w");
294     } else {
295         fp = local_fopenat(map_dirfd, name, "w");
296         /* We can't go this far with map_dirfd not being a valid file descriptor
297          * but some versions of gcc aren't smart enough to see it.
298          */
299         if (map_dirfd != -1) {
300             close_preserve_errno(map_dirfd);
301         }
302     }
303     if (!fp) {
304         return -1;
305     }
306 
307     map_fd = fileno(fp);
308     assert(map_fd != -1);
309     ret = fchmod(map_fd, 0600);
310     assert(ret == 0);
311 
312     if (credp->fc_uid != -1) {
313         uid = credp->fc_uid;
314     }
315     if (credp->fc_gid != -1) {
316         gid = credp->fc_gid;
317     }
318     if (credp->fc_mode != (mode_t)-1) {
319         mode = credp->fc_mode;
320     }
321     if (credp->fc_rdev != -1) {
322         rdev = credp->fc_rdev;
323     }
324 
325     if (uid != -1) {
326         fprintf(fp, "virtfs.uid=%d\n", uid);
327     }
328     if (gid != -1) {
329         fprintf(fp, "virtfs.gid=%d\n", gid);
330     }
331     if (mode != -1) {
332         fprintf(fp, "virtfs.mode=%d\n", mode);
333     }
334     if (rdev != -1) {
335         fprintf(fp, "virtfs.rdev=%d\n", rdev);
336     }
337     fclose(fp);
338 
339     return 0;
340 }
341 
fchmodat_nofollow(int dirfd,const char * name,mode_t mode)342 static int fchmodat_nofollow(int dirfd, const char *name, mode_t mode)
343 {
344     struct stat stbuf;
345     int fd, ret;
346 
347     /* FIXME: this should be handled with fchmodat(AT_SYMLINK_NOFOLLOW).
348      * Unfortunately, the linux kernel doesn't implement it yet.
349      */
350 
351      /* First, we clear non-racing symlinks out of the way. */
352     if (qemu_fstatat(dirfd, name, &stbuf, AT_SYMLINK_NOFOLLOW)) {
353         return -1;
354     }
355     if (S_ISLNK(stbuf.st_mode)) {
356         errno = ELOOP;
357         return -1;
358     }
359 
360     fd = openat_file(dirfd, name, O_RDONLY | O_PATH_9P_UTIL | O_NOFOLLOW, 0);
361 #if O_PATH_9P_UTIL == 0
362     /* Fallback for systems that don't support O_PATH: we depend on the file
363      * being readable or writable.
364      */
365     if (fd == -1) {
366         /* In case the file is writable-only and isn't a directory. */
367         if (errno == EACCES) {
368             fd = openat_file(dirfd, name, O_WRONLY, 0);
369         }
370         if (fd == -1 && errno == EISDIR) {
371             errno = EACCES;
372         }
373     }
374     if (fd == -1) {
375         return -1;
376     }
377     ret = fchmod(fd, mode);
378 #else
379     /* Access modes are ignored when O_PATH is supported. If name is a symbolic
380      * link, O_PATH | O_NOFOLLOW causes openat(2) to return a file descriptor
381      * referring to the symbolic link.
382      */
383     if (fd == -1) {
384         return -1;
385     }
386 
387     /* Now we handle racing symlinks. */
388     ret = fstat(fd, &stbuf);
389     if (!ret) {
390         if (S_ISLNK(stbuf.st_mode)) {
391             errno = ELOOP;
392             ret = -1;
393         } else {
394             char *proc_path = g_strdup_printf("/proc/self/fd/%d", fd);
395             ret = chmod(proc_path, mode);
396             g_free(proc_path);
397         }
398     }
399 #endif
400     close_preserve_errno(fd);
401     return ret;
402 }
403 
local_set_xattrat(int dirfd,const char * path,FsCred * credp)404 static int local_set_xattrat(int dirfd, const char *path, FsCred *credp)
405 {
406     int err;
407 
408     if (credp->fc_uid != -1) {
409         uint32_t tmp_uid = cpu_to_le32(credp->fc_uid);
410         err = fsetxattrat_nofollow(dirfd, path, "user.virtfs.uid", &tmp_uid,
411                                    sizeof(uid_t), 0);
412         if (err) {
413             return err;
414         }
415     }
416     if (credp->fc_gid != -1) {
417         uint32_t tmp_gid = cpu_to_le32(credp->fc_gid);
418         err = fsetxattrat_nofollow(dirfd, path, "user.virtfs.gid", &tmp_gid,
419                                    sizeof(gid_t), 0);
420         if (err) {
421             return err;
422         }
423     }
424     if (credp->fc_mode != (mode_t)-1) {
425         uint32_t tmp_mode = cpu_to_le32(credp->fc_mode);
426         err = fsetxattrat_nofollow(dirfd, path, "user.virtfs.mode", &tmp_mode,
427                                    sizeof(mode_t), 0);
428         if (err) {
429             return err;
430         }
431     }
432     if (credp->fc_rdev != -1) {
433         uint64_t tmp_rdev = cpu_to_le64(credp->fc_rdev);
434         err = fsetxattrat_nofollow(dirfd, path, "user.virtfs.rdev", &tmp_rdev,
435                                    sizeof(dev_t), 0);
436         if (err) {
437             return err;
438         }
439     }
440     return 0;
441 }
442 
local_set_cred_passthrough(FsContext * fs_ctx,int dirfd,const char * name,FsCred * credp)443 static int local_set_cred_passthrough(FsContext *fs_ctx, int dirfd,
444                                       const char *name, FsCred *credp)
445 {
446     if (fchownat(dirfd, name, credp->fc_uid, credp->fc_gid,
447                  AT_SYMLINK_NOFOLLOW) < 0) {
448         /*
449          * If we fail to change ownership and if we are
450          * using security model none. Ignore the error
451          */
452         if ((fs_ctx->export_flags & V9FS_SEC_MASK) != V9FS_SM_NONE) {
453             return -1;
454         }
455     }
456 
457     return fchmodat_nofollow(dirfd, name, credp->fc_mode & 07777);
458 }
459 
local_readlink(FsContext * fs_ctx,V9fsPath * fs_path,char * buf,size_t bufsz)460 static ssize_t local_readlink(FsContext *fs_ctx, V9fsPath *fs_path,
461                               char *buf, size_t bufsz)
462 {
463     ssize_t tsize = -1;
464 
465     if ((fs_ctx->export_flags & V9FS_SM_MAPPED) ||
466         (fs_ctx->export_flags & V9FS_SM_MAPPED_FILE)) {
467         int fd;
468 
469         fd = local_open_nofollow(fs_ctx, fs_path->data, O_RDONLY, 0);
470         if (fd == -1) {
471             return -1;
472         }
473         tsize = RETRY_ON_EINTR(read(fd, (void *)buf, bufsz));
474         close_preserve_errno(fd);
475     } else if ((fs_ctx->export_flags & V9FS_SM_PASSTHROUGH) ||
476                (fs_ctx->export_flags & V9FS_SM_NONE)) {
477         char *dirpath = g_path_get_dirname(fs_path->data);
478         char *name = g_path_get_basename(fs_path->data);
479         int dirfd;
480 
481         dirfd = local_opendir_nofollow(fs_ctx, dirpath);
482         if (dirfd == -1) {
483             goto out;
484         }
485 
486         tsize = readlinkat(dirfd, name, buf, bufsz);
487         close_preserve_errno(dirfd);
488     out:
489         g_free(name);
490         g_free(dirpath);
491     }
492     return tsize;
493 }
494 
local_close(FsContext * ctx,V9fsFidOpenState * fs)495 static int local_close(FsContext *ctx, V9fsFidOpenState *fs)
496 {
497     return close(fs->fd);
498 }
499 
local_closedir(FsContext * ctx,V9fsFidOpenState * fs)500 static int local_closedir(FsContext *ctx, V9fsFidOpenState *fs)
501 {
502     return closedir(fs->dir.stream);
503 }
504 
local_open(FsContext * ctx,V9fsPath * fs_path,int flags,V9fsFidOpenState * fs)505 static int local_open(FsContext *ctx, V9fsPath *fs_path,
506                       int flags, V9fsFidOpenState *fs)
507 {
508     int fd;
509 
510     fd = local_open_nofollow(ctx, fs_path->data, flags, 0);
511     if (fd == -1) {
512         return -1;
513     }
514     fs->fd = fd;
515     return fs->fd;
516 }
517 
local_opendir(FsContext * ctx,V9fsPath * fs_path,V9fsFidOpenState * fs)518 static int local_opendir(FsContext *ctx,
519                          V9fsPath *fs_path, V9fsFidOpenState *fs)
520 {
521     int dirfd;
522     DIR *stream;
523 
524     dirfd = local_opendir_nofollow(ctx, fs_path->data);
525     if (dirfd == -1) {
526         return -1;
527     }
528 
529     stream = fdopendir(dirfd);
530     if (!stream) {
531         close(dirfd);
532         return -1;
533     }
534     fs->dir.stream = stream;
535     return 0;
536 }
537 
local_rewinddir(FsContext * ctx,V9fsFidOpenState * fs)538 static void local_rewinddir(FsContext *ctx, V9fsFidOpenState *fs)
539 {
540     rewinddir(fs->dir.stream);
541 }
542 
local_telldir(FsContext * ctx,V9fsFidOpenState * fs)543 static off_t local_telldir(FsContext *ctx, V9fsFidOpenState *fs)
544 {
545     return telldir(fs->dir.stream);
546 }
547 
local_is_mapped_file_metadata(FsContext * fs_ctx,const char * name)548 static bool local_is_mapped_file_metadata(FsContext *fs_ctx, const char *name)
549 {
550     return
551         !strcmp(name, VIRTFS_META_DIR) || !strcmp(name, VIRTFS_META_ROOT_FILE);
552 }
553 
local_readdir(FsContext * ctx,V9fsFidOpenState * fs)554 static struct dirent *local_readdir(FsContext *ctx, V9fsFidOpenState *fs)
555 {
556     struct dirent *entry;
557 
558 again:
559     entry = readdir(fs->dir.stream);
560     if (!entry) {
561         return NULL;
562     }
563 #ifdef CONFIG_DARWIN
564     int off;
565     off = telldir(fs->dir.stream);
566     /* If telldir fails, fail the entire readdir call */
567     if (off < 0) {
568         return NULL;
569     }
570     entry->d_seekoff = off;
571 #endif
572 
573     if (ctx->export_flags & V9FS_SM_MAPPED) {
574         entry->d_type = DT_UNKNOWN;
575     } else if (ctx->export_flags & V9FS_SM_MAPPED_FILE) {
576         if (local_is_mapped_file_metadata(ctx, entry->d_name)) {
577             /* skip the meta data */
578             goto again;
579         }
580         entry->d_type = DT_UNKNOWN;
581     }
582 
583     return entry;
584 }
585 
local_seekdir(FsContext * ctx,V9fsFidOpenState * fs,off_t off)586 static void local_seekdir(FsContext *ctx, V9fsFidOpenState *fs, off_t off)
587 {
588     seekdir(fs->dir.stream, off);
589 }
590 
local_preadv(FsContext * ctx,V9fsFidOpenState * fs,const struct iovec * iov,int iovcnt,off_t offset)591 static ssize_t local_preadv(FsContext *ctx, V9fsFidOpenState *fs,
592                             const struct iovec *iov,
593                             int iovcnt, off_t offset)
594 {
595 #ifdef CONFIG_PREADV
596     return preadv(fs->fd, iov, iovcnt, offset);
597 #else
598     int err = lseek(fs->fd, offset, SEEK_SET);
599     if (err == -1) {
600         return err;
601     } else {
602         return readv(fs->fd, iov, iovcnt);
603     }
604 #endif
605 }
606 
local_pwritev(FsContext * ctx,V9fsFidOpenState * fs,const struct iovec * iov,int iovcnt,off_t offset)607 static ssize_t local_pwritev(FsContext *ctx, V9fsFidOpenState *fs,
608                              const struct iovec *iov,
609                              int iovcnt, off_t offset)
610 {
611     ssize_t ret;
612 #ifdef CONFIG_PREADV
613     ret = pwritev(fs->fd, iov, iovcnt, offset);
614 #else
615     int err = lseek(fs->fd, offset, SEEK_SET);
616     if (err == -1) {
617         return err;
618     } else {
619         ret = writev(fs->fd, iov, iovcnt);
620     }
621 #endif
622 #ifdef CONFIG_SYNC_FILE_RANGE
623     if (ret > 0 && ctx->export_flags & V9FS_IMMEDIATE_WRITEOUT) {
624         /*
625          * Initiate a writeback. This is not a data integrity sync.
626          * We want to ensure that we don't leave dirty pages in the cache
627          * after write when writeout=immediate is specified.
628          */
629         sync_file_range(fs->fd, offset, ret,
630                         SYNC_FILE_RANGE_WAIT_BEFORE | SYNC_FILE_RANGE_WRITE);
631     }
632 #endif
633     return ret;
634 }
635 
local_chmod(FsContext * fs_ctx,V9fsPath * fs_path,FsCred * credp)636 static int local_chmod(FsContext *fs_ctx, V9fsPath *fs_path, FsCred *credp)
637 {
638     char *dirpath = g_path_get_dirname(fs_path->data);
639     char *name = g_path_get_basename(fs_path->data);
640     int ret = -1;
641     int dirfd;
642 
643     dirfd = local_opendir_nofollow(fs_ctx, dirpath);
644     if (dirfd == -1) {
645         goto out;
646     }
647 
648     if (fs_ctx->export_flags & V9FS_SM_MAPPED) {
649         ret = local_set_xattrat(dirfd, name, credp);
650     } else if (fs_ctx->export_flags & V9FS_SM_MAPPED_FILE) {
651         ret = local_set_mapped_file_attrat(dirfd, name, credp);
652     } else if (fs_ctx->export_flags & V9FS_SM_PASSTHROUGH ||
653                fs_ctx->export_flags & V9FS_SM_NONE) {
654         ret = fchmodat_nofollow(dirfd, name, credp->fc_mode);
655     }
656     close_preserve_errno(dirfd);
657 
658 out:
659     g_free(dirpath);
660     g_free(name);
661     return ret;
662 }
663 
local_mknod(FsContext * fs_ctx,V9fsPath * dir_path,const char * name,FsCred * credp)664 static int local_mknod(FsContext *fs_ctx, V9fsPath *dir_path,
665                        const char *name, FsCred *credp)
666 {
667     int err = -1;
668     int dirfd;
669 
670     if (fs_ctx->export_flags & V9FS_SM_MAPPED_FILE &&
671         local_is_mapped_file_metadata(fs_ctx, name)) {
672         errno = EINVAL;
673         return -1;
674     }
675 
676     dirfd = local_opendir_nofollow(fs_ctx, dir_path->data);
677     if (dirfd == -1) {
678         return -1;
679     }
680 
681     if (fs_ctx->export_flags & V9FS_SM_MAPPED ||
682         fs_ctx->export_flags & V9FS_SM_MAPPED_FILE) {
683         err = qemu_mknodat(dirfd, name, fs_ctx->fmode | S_IFREG, 0);
684         if (err == -1) {
685             goto out;
686         }
687 
688         if (fs_ctx->export_flags & V9FS_SM_MAPPED) {
689             err = local_set_xattrat(dirfd, name, credp);
690         } else {
691             err = local_set_mapped_file_attrat(dirfd, name, credp);
692         }
693         if (err == -1) {
694             goto err_end;
695         }
696     } else if (fs_ctx->export_flags & V9FS_SM_PASSTHROUGH ||
697                fs_ctx->export_flags & V9FS_SM_NONE) {
698         err = qemu_mknodat(dirfd, name, credp->fc_mode, credp->fc_rdev);
699         if (err == -1) {
700             goto out;
701         }
702         err = local_set_cred_passthrough(fs_ctx, dirfd, name, credp);
703         if (err == -1) {
704             goto err_end;
705         }
706     }
707     goto out;
708 
709 err_end:
710     unlinkat_preserve_errno(dirfd, name, 0);
711 out:
712     close_preserve_errno(dirfd);
713     return err;
714 }
715 
local_mkdir(FsContext * fs_ctx,V9fsPath * dir_path,const char * name,FsCred * credp)716 static int local_mkdir(FsContext *fs_ctx, V9fsPath *dir_path,
717                        const char *name, FsCred *credp)
718 {
719     int err = -1;
720     int dirfd;
721 
722     if (fs_ctx->export_flags & V9FS_SM_MAPPED_FILE &&
723         local_is_mapped_file_metadata(fs_ctx, name)) {
724         errno = EINVAL;
725         return -1;
726     }
727 
728     dirfd = local_opendir_nofollow(fs_ctx, dir_path->data);
729     if (dirfd == -1) {
730         return -1;
731     }
732 
733     if (fs_ctx->export_flags & V9FS_SM_MAPPED ||
734         fs_ctx->export_flags & V9FS_SM_MAPPED_FILE) {
735         err = qemu_mkdirat(dirfd, name, fs_ctx->dmode);
736         if (err == -1) {
737             goto out;
738         }
739         credp->fc_mode = credp->fc_mode | S_IFDIR;
740 
741         if (fs_ctx->export_flags & V9FS_SM_MAPPED) {
742             err = local_set_xattrat(dirfd, name, credp);
743         } else {
744             err = local_set_mapped_file_attrat(dirfd, name, credp);
745         }
746         if (err == -1) {
747             goto err_end;
748         }
749     } else if (fs_ctx->export_flags & V9FS_SM_PASSTHROUGH ||
750                fs_ctx->export_flags & V9FS_SM_NONE) {
751         err = qemu_mkdirat(dirfd, name, credp->fc_mode);
752         if (err == -1) {
753             goto out;
754         }
755         err = local_set_cred_passthrough(fs_ctx, dirfd, name, credp);
756         if (err == -1) {
757             goto err_end;
758         }
759     }
760     goto out;
761 
762 err_end:
763     unlinkat_preserve_errno(dirfd, name, AT_REMOVEDIR);
764 out:
765     close_preserve_errno(dirfd);
766     return err;
767 }
768 
local_fstat(FsContext * fs_ctx,int fid_type,V9fsFidOpenState * fs,struct stat * stbuf)769 static int local_fstat(FsContext *fs_ctx, int fid_type,
770                        V9fsFidOpenState *fs, struct stat *stbuf)
771 {
772     int err, fd;
773 
774     if (fid_type == P9_FID_DIR) {
775         fd = dirfd(fs->dir.stream);
776     } else {
777         fd = fs->fd;
778     }
779 
780     err = fstat(fd, stbuf);
781     if (err) {
782         return err;
783     }
784     if (fs_ctx->export_flags & V9FS_SM_MAPPED) {
785         /* Actual credentials are part of extended attrs */
786         uid_t tmp_uid;
787         gid_t tmp_gid;
788         mode_t tmp_mode;
789         dev_t tmp_dev;
790 
791         if (qemu_fgetxattr(fd, "user.virtfs.uid",
792                            &tmp_uid, sizeof(uid_t)) > 0) {
793             stbuf->st_uid = le32_to_cpu(tmp_uid);
794         }
795         if (qemu_fgetxattr(fd, "user.virtfs.gid",
796                            &tmp_gid, sizeof(gid_t)) > 0) {
797             stbuf->st_gid = le32_to_cpu(tmp_gid);
798         }
799         if (qemu_fgetxattr(fd, "user.virtfs.mode",
800                            &tmp_mode, sizeof(mode_t)) > 0) {
801             stbuf->st_mode = le32_to_cpu(tmp_mode);
802         }
803         if (qemu_fgetxattr(fd, "user.virtfs.rdev",
804                            &tmp_dev, sizeof(dev_t)) > 0) {
805             stbuf->st_rdev = le64_to_cpu(tmp_dev);
806         }
807     } else if (fs_ctx->export_flags & V9FS_SM_MAPPED_FILE) {
808         errno = EOPNOTSUPP;
809         return -1;
810     }
811     return err;
812 }
813 
local_open2(FsContext * fs_ctx,V9fsPath * dir_path,const char * name,int flags,FsCred * credp,V9fsFidOpenState * fs)814 static int local_open2(FsContext *fs_ctx, V9fsPath *dir_path, const char *name,
815                        int flags, FsCred *credp, V9fsFidOpenState *fs)
816 {
817     int fd = -1;
818     int err = -1;
819     int dirfd;
820 
821     if (fs_ctx->export_flags & V9FS_SM_MAPPED_FILE &&
822         local_is_mapped_file_metadata(fs_ctx, name)) {
823         errno = EINVAL;
824         return -1;
825     }
826 
827     /*
828      * Mark all the open to not follow symlinks
829      */
830     flags |= O_NOFOLLOW;
831 
832     dirfd = local_opendir_nofollow(fs_ctx, dir_path->data);
833     if (dirfd == -1) {
834         return -1;
835     }
836 
837     /* Determine the security model */
838     if (fs_ctx->export_flags & V9FS_SM_MAPPED ||
839         fs_ctx->export_flags & V9FS_SM_MAPPED_FILE) {
840         fd = openat_file(dirfd, name, flags, fs_ctx->fmode);
841         if (fd == -1) {
842             goto out;
843         }
844         credp->fc_mode = credp->fc_mode | S_IFREG;
845         if (fs_ctx->export_flags & V9FS_SM_MAPPED) {
846             /* Set client credentials in xattr */
847             err = local_set_xattrat(dirfd, name, credp);
848         } else {
849             err = local_set_mapped_file_attrat(dirfd, name, credp);
850         }
851         if (err == -1) {
852             goto err_end;
853         }
854     } else if ((fs_ctx->export_flags & V9FS_SM_PASSTHROUGH) ||
855                (fs_ctx->export_flags & V9FS_SM_NONE)) {
856         fd = openat_file(dirfd, name, flags, credp->fc_mode);
857         if (fd == -1) {
858             goto out;
859         }
860         err = local_set_cred_passthrough(fs_ctx, dirfd, name, credp);
861         if (err == -1) {
862             goto err_end;
863         }
864     }
865     err = fd;
866     fs->fd = fd;
867     goto out;
868 
869 err_end:
870     unlinkat_preserve_errno(dirfd, name,
871                             flags & O_DIRECTORY ? AT_REMOVEDIR : 0);
872     close_preserve_errno(fd);
873 out:
874     close_preserve_errno(dirfd);
875     return err;
876 }
877 
878 
local_symlink(FsContext * fs_ctx,const char * oldpath,V9fsPath * dir_path,const char * name,FsCred * credp)879 static int local_symlink(FsContext *fs_ctx, const char *oldpath,
880                          V9fsPath *dir_path, const char *name, FsCred *credp)
881 {
882     int err = -1;
883     int dirfd;
884 
885     if (fs_ctx->export_flags & V9FS_SM_MAPPED_FILE &&
886         local_is_mapped_file_metadata(fs_ctx, name)) {
887         errno = EINVAL;
888         return -1;
889     }
890 
891     dirfd = local_opendir_nofollow(fs_ctx, dir_path->data);
892     if (dirfd == -1) {
893         return -1;
894     }
895 
896     /* Determine the security model */
897     if (fs_ctx->export_flags & V9FS_SM_MAPPED ||
898         fs_ctx->export_flags & V9FS_SM_MAPPED_FILE) {
899         int fd;
900         ssize_t oldpath_size, write_size;
901 
902         fd = openat_file(dirfd, name, O_CREAT | O_EXCL | O_RDWR,
903                          fs_ctx->fmode);
904         if (fd == -1) {
905             goto out;
906         }
907         /* Write the oldpath (target) to the file. */
908         oldpath_size = strlen(oldpath);
909         write_size = RETRY_ON_EINTR(write(fd, (void *)oldpath, oldpath_size));
910         close_preserve_errno(fd);
911 
912         if (write_size != oldpath_size) {
913             goto err_end;
914         }
915         /* Set client credentials in symlink's xattr */
916         credp->fc_mode = credp->fc_mode | S_IFLNK;
917 
918         if (fs_ctx->export_flags & V9FS_SM_MAPPED) {
919             err = local_set_xattrat(dirfd, name, credp);
920         } else {
921             err = local_set_mapped_file_attrat(dirfd, name, credp);
922         }
923         if (err == -1) {
924             goto err_end;
925         }
926     } else if (fs_ctx->export_flags & V9FS_SM_PASSTHROUGH ||
927                fs_ctx->export_flags & V9FS_SM_NONE) {
928         err = symlinkat(oldpath, dirfd, name);
929         if (err) {
930             goto out;
931         }
932         err = fchownat(dirfd, name, credp->fc_uid, credp->fc_gid,
933                        AT_SYMLINK_NOFOLLOW);
934         if (err == -1) {
935             /*
936              * If we fail to change ownership and if we are
937              * using security model none. Ignore the error
938              */
939             if ((fs_ctx->export_flags & V9FS_SEC_MASK) != V9FS_SM_NONE) {
940                 goto err_end;
941             } else {
942                 err = 0;
943             }
944         }
945     }
946     goto out;
947 
948 err_end:
949     unlinkat_preserve_errno(dirfd, name, 0);
950 out:
951     close_preserve_errno(dirfd);
952     return err;
953 }
954 
local_link(FsContext * ctx,V9fsPath * oldpath,V9fsPath * dirpath,const char * name)955 static int local_link(FsContext *ctx, V9fsPath *oldpath,
956                       V9fsPath *dirpath, const char *name)
957 {
958     char *odirpath = g_path_get_dirname(oldpath->data);
959     char *oname = g_path_get_basename(oldpath->data);
960     int ret = -1;
961     int odirfd, ndirfd;
962 
963     if (ctx->export_flags & V9FS_SM_MAPPED_FILE &&
964         local_is_mapped_file_metadata(ctx, name)) {
965         errno = EINVAL;
966         goto out;
967     }
968 
969     odirfd = local_opendir_nofollow(ctx, odirpath);
970     if (odirfd == -1) {
971         goto out;
972     }
973 
974     ndirfd = local_opendir_nofollow(ctx, dirpath->data);
975     if (ndirfd == -1) {
976         close_preserve_errno(odirfd);
977         goto out;
978     }
979 
980     ret = linkat(odirfd, oname, ndirfd, name, 0);
981     if (ret < 0) {
982         goto out_close;
983     }
984 
985     /* now link the virtfs_metadata files */
986     if (ctx->export_flags & V9FS_SM_MAPPED_FILE) {
987         int omap_dirfd, nmap_dirfd;
988 
989         ret = qemu_mkdirat(ndirfd, VIRTFS_META_DIR, 0700);
990         if (ret < 0 && errno != EEXIST) {
991             goto err_undo_link;
992         }
993 
994         omap_dirfd = openat_dir(odirfd, VIRTFS_META_DIR);
995         if (omap_dirfd == -1) {
996             goto err;
997         }
998 
999         nmap_dirfd = openat_dir(ndirfd, VIRTFS_META_DIR);
1000         if (nmap_dirfd == -1) {
1001             close_preserve_errno(omap_dirfd);
1002             goto err;
1003         }
1004 
1005         ret = linkat(omap_dirfd, oname, nmap_dirfd, name, 0);
1006         close_preserve_errno(nmap_dirfd);
1007         close_preserve_errno(omap_dirfd);
1008         if (ret < 0 && errno != ENOENT) {
1009             goto err_undo_link;
1010         }
1011 
1012         ret = 0;
1013     }
1014     goto out_close;
1015 
1016 err:
1017     ret = -1;
1018 err_undo_link:
1019     unlinkat_preserve_errno(ndirfd, name, 0);
1020 out_close:
1021     close_preserve_errno(ndirfd);
1022     close_preserve_errno(odirfd);
1023 out:
1024     g_free(oname);
1025     g_free(odirpath);
1026     return ret;
1027 }
1028 
local_truncate(FsContext * ctx,V9fsPath * fs_path,off_t size)1029 static int local_truncate(FsContext *ctx, V9fsPath *fs_path, off_t size)
1030 {
1031     int fd, ret;
1032 
1033     fd = local_open_nofollow(ctx, fs_path->data, O_WRONLY, 0);
1034     if (fd == -1) {
1035         return -1;
1036     }
1037     ret = ftruncate(fd, size);
1038     close_preserve_errno(fd);
1039     return ret;
1040 }
1041 
local_chown(FsContext * fs_ctx,V9fsPath * fs_path,FsCred * credp)1042 static int local_chown(FsContext *fs_ctx, V9fsPath *fs_path, FsCred *credp)
1043 {
1044     char *dirpath = g_path_get_dirname(fs_path->data);
1045     char *name = g_path_get_basename(fs_path->data);
1046     int ret = -1;
1047     int dirfd;
1048 
1049     dirfd = local_opendir_nofollow(fs_ctx, dirpath);
1050     if (dirfd == -1) {
1051         goto out;
1052     }
1053 
1054     if ((credp->fc_uid == -1 && credp->fc_gid == -1) ||
1055         (fs_ctx->export_flags & V9FS_SM_PASSTHROUGH) ||
1056         (fs_ctx->export_flags & V9FS_SM_NONE)) {
1057         ret = fchownat(dirfd, name, credp->fc_uid, credp->fc_gid,
1058                        AT_SYMLINK_NOFOLLOW);
1059     } else if (fs_ctx->export_flags & V9FS_SM_MAPPED) {
1060         ret = local_set_xattrat(dirfd, name, credp);
1061     } else if (fs_ctx->export_flags & V9FS_SM_MAPPED_FILE) {
1062         ret = local_set_mapped_file_attrat(dirfd, name, credp);
1063     }
1064 
1065     close_preserve_errno(dirfd);
1066 out:
1067     g_free(name);
1068     g_free(dirpath);
1069     return ret;
1070 }
1071 
local_utimensat(FsContext * s,V9fsPath * fs_path,const struct timespec * buf)1072 static int local_utimensat(FsContext *s, V9fsPath *fs_path,
1073                            const struct timespec *buf)
1074 {
1075     char *dirpath = g_path_get_dirname(fs_path->data);
1076     char *name = g_path_get_basename(fs_path->data);
1077     int dirfd, ret = -1;
1078 
1079     dirfd = local_opendir_nofollow(s, dirpath);
1080     if (dirfd == -1) {
1081         goto out;
1082     }
1083 
1084     ret = qemu_utimensat(dirfd, name, buf, AT_SYMLINK_NOFOLLOW);
1085     close_preserve_errno(dirfd);
1086 out:
1087     g_free(dirpath);
1088     g_free(name);
1089     return ret;
1090 }
1091 
local_unlinkat_common(FsContext * ctx,int dirfd,const char * name,int flags)1092 static int local_unlinkat_common(FsContext *ctx, int dirfd, const char *name,
1093                                  int flags)
1094 {
1095     int ret;
1096 
1097     if (ctx->export_flags & V9FS_SM_MAPPED_FILE) {
1098         int map_dirfd;
1099 
1100         /* We need to remove the metadata as well:
1101          * - the metadata directory if we're removing a directory
1102          * - the metadata file in the parent's metadata directory
1103          *
1104          * If any of these are missing (ie, ENOENT) then we're probably
1105          * trying to remove something that wasn't created in mapped-file
1106          * mode. We just ignore the error.
1107          */
1108         if (flags == AT_REMOVEDIR) {
1109             int fd;
1110 
1111             fd = openat_dir(dirfd, name);
1112             if (fd == -1) {
1113                 return -1;
1114             }
1115             ret = qemu_unlinkat(fd, VIRTFS_META_DIR, AT_REMOVEDIR);
1116             close_preserve_errno(fd);
1117             if (ret < 0 && errno != ENOENT) {
1118                 return -1;
1119             }
1120         }
1121         map_dirfd = openat_dir(dirfd, VIRTFS_META_DIR);
1122         if (map_dirfd != -1) {
1123             ret = qemu_unlinkat(map_dirfd, name, 0);
1124             close_preserve_errno(map_dirfd);
1125             if (ret < 0 && errno != ENOENT) {
1126                 return -1;
1127             }
1128         } else if (errno != ENOENT) {
1129             return -1;
1130         }
1131     }
1132 
1133     return qemu_unlinkat(dirfd, name, flags);
1134 }
1135 
local_remove(FsContext * ctx,const char * path)1136 static int local_remove(FsContext *ctx, const char *path)
1137 {
1138     struct stat stbuf;
1139     char *dirpath = g_path_get_dirname(path);
1140     char *name = g_path_get_basename(path);
1141     int flags = 0;
1142     int dirfd;
1143     int err = -1;
1144 
1145     dirfd = local_opendir_nofollow(ctx, dirpath);
1146     if (dirfd == -1) {
1147         goto out;
1148     }
1149 
1150     if (qemu_fstatat(dirfd, name, &stbuf, AT_SYMLINK_NOFOLLOW) < 0) {
1151         goto err_out;
1152     }
1153 
1154     if (S_ISDIR(stbuf.st_mode)) {
1155         flags |= AT_REMOVEDIR;
1156     }
1157 
1158     err = local_unlinkat_common(ctx, dirfd, name, flags);
1159 err_out:
1160     close_preserve_errno(dirfd);
1161 out:
1162     g_free(name);
1163     g_free(dirpath);
1164     return err;
1165 }
1166 
local_fsync(FsContext * ctx,int fid_type,V9fsFidOpenState * fs,int datasync)1167 static int local_fsync(FsContext *ctx, int fid_type,
1168                        V9fsFidOpenState *fs, int datasync)
1169 {
1170     int fd;
1171 
1172     if (fid_type == P9_FID_DIR) {
1173         fd = dirfd(fs->dir.stream);
1174     } else {
1175         fd = fs->fd;
1176     }
1177 
1178     if (datasync) {
1179         return qemu_fdatasync(fd);
1180     } else {
1181         return fsync(fd);
1182     }
1183 }
1184 
local_statfs(FsContext * s,V9fsPath * fs_path,struct statfs * stbuf)1185 static int local_statfs(FsContext *s, V9fsPath *fs_path, struct statfs *stbuf)
1186 {
1187     int fd, ret;
1188 
1189     fd = local_open_nofollow(s, fs_path->data, O_RDONLY, 0);
1190     if (fd == -1) {
1191         return -1;
1192     }
1193     ret = fstatfs(fd, stbuf);
1194     close_preserve_errno(fd);
1195     return ret;
1196 }
1197 
local_lgetxattr(FsContext * ctx,V9fsPath * fs_path,const char * name,void * value,size_t size)1198 static ssize_t local_lgetxattr(FsContext *ctx, V9fsPath *fs_path,
1199                                const char *name, void *value, size_t size)
1200 {
1201     char *path = fs_path->data;
1202 
1203     return v9fs_get_xattr(ctx, path, name, value, size);
1204 }
1205 
local_llistxattr(FsContext * ctx,V9fsPath * fs_path,void * value,size_t size)1206 static ssize_t local_llistxattr(FsContext *ctx, V9fsPath *fs_path,
1207                                 void *value, size_t size)
1208 {
1209     char *path = fs_path->data;
1210 
1211     return v9fs_list_xattr(ctx, path, value, size);
1212 }
1213 
local_lsetxattr(FsContext * ctx,V9fsPath * fs_path,const char * name,void * value,size_t size,int flags)1214 static int local_lsetxattr(FsContext *ctx, V9fsPath *fs_path, const char *name,
1215                            void *value, size_t size, int flags)
1216 {
1217     char *path = fs_path->data;
1218 
1219     return v9fs_set_xattr(ctx, path, name, value, size, flags);
1220 }
1221 
local_lremovexattr(FsContext * ctx,V9fsPath * fs_path,const char * name)1222 static int local_lremovexattr(FsContext *ctx, V9fsPath *fs_path,
1223                               const char *name)
1224 {
1225     char *path = fs_path->data;
1226 
1227     return v9fs_remove_xattr(ctx, path, name);
1228 }
1229 
local_name_to_path(FsContext * ctx,V9fsPath * dir_path,const char * name,V9fsPath * target)1230 static int local_name_to_path(FsContext *ctx, V9fsPath *dir_path,
1231                               const char *name, V9fsPath *target)
1232 {
1233     if (ctx->export_flags & V9FS_SM_MAPPED_FILE &&
1234         local_is_mapped_file_metadata(ctx, name)) {
1235         errno = EINVAL;
1236         return -1;
1237     }
1238 
1239     if (dir_path) {
1240         if (!strcmp(name, ".")) {
1241             /* "." relative to "foo/bar" is "foo/bar" */
1242             v9fs_path_copy(target, dir_path);
1243         } else if (!strcmp(name, "..")) {
1244             if (!strcmp(dir_path->data, ".")) {
1245                 /* ".." relative to the root is "." */
1246                 v9fs_path_sprintf(target, ".");
1247             } else {
1248                 char *tmp = g_path_get_dirname(dir_path->data);
1249                 /* Symbolic links are resolved by the client. We can assume
1250                  * that ".." relative to "foo/bar" is equivalent to "foo"
1251                  */
1252                 v9fs_path_sprintf(target, "%s", tmp);
1253                 g_free(tmp);
1254             }
1255         } else {
1256             assert(!strchr(name, '/'));
1257             v9fs_path_sprintf(target, "%s/%s", dir_path->data, name);
1258         }
1259     } else if (!strcmp(name, "/") || !strcmp(name, ".") ||
1260                !strcmp(name, "..")) {
1261             /* This is the root fid */
1262         v9fs_path_sprintf(target, ".");
1263     } else {
1264         assert(!strchr(name, '/'));
1265         v9fs_path_sprintf(target, "./%s", name);
1266     }
1267     return 0;
1268 }
1269 
local_renameat(FsContext * ctx,V9fsPath * olddir,const char * old_name,V9fsPath * newdir,const char * new_name)1270 static int local_renameat(FsContext *ctx, V9fsPath *olddir,
1271                           const char *old_name, V9fsPath *newdir,
1272                           const char *new_name)
1273 {
1274     int ret;
1275     int odirfd, ndirfd;
1276 
1277     if (ctx->export_flags & V9FS_SM_MAPPED_FILE &&
1278         (local_is_mapped_file_metadata(ctx, old_name) ||
1279          local_is_mapped_file_metadata(ctx, new_name))) {
1280         errno = EINVAL;
1281         return -1;
1282     }
1283 
1284     odirfd = local_opendir_nofollow(ctx, olddir->data);
1285     if (odirfd == -1) {
1286         return -1;
1287     }
1288 
1289     ndirfd = local_opendir_nofollow(ctx, newdir->data);
1290     if (ndirfd == -1) {
1291         close_preserve_errno(odirfd);
1292         return -1;
1293     }
1294 
1295     ret = qemu_renameat(odirfd, old_name, ndirfd, new_name);
1296     if (ret < 0) {
1297         goto out;
1298     }
1299 
1300     if (ctx->export_flags & V9FS_SM_MAPPED_FILE) {
1301         int omap_dirfd, nmap_dirfd;
1302 
1303         ret = qemu_mkdirat(ndirfd, VIRTFS_META_DIR, 0700);
1304         if (ret < 0 && errno != EEXIST) {
1305             goto err_undo_rename;
1306         }
1307 
1308         omap_dirfd = openat_dir(odirfd, VIRTFS_META_DIR);
1309         if (omap_dirfd == -1) {
1310             goto err;
1311         }
1312 
1313         nmap_dirfd = openat_dir(ndirfd, VIRTFS_META_DIR);
1314         if (nmap_dirfd == -1) {
1315             close_preserve_errno(omap_dirfd);
1316             goto err;
1317         }
1318 
1319         /* rename the .virtfs_metadata files */
1320         ret = qemu_renameat(omap_dirfd, old_name, nmap_dirfd, new_name);
1321         close_preserve_errno(nmap_dirfd);
1322         close_preserve_errno(omap_dirfd);
1323         if (ret < 0 && errno != ENOENT) {
1324             goto err_undo_rename;
1325         }
1326 
1327         ret = 0;
1328     }
1329     goto out;
1330 
1331 err:
1332     ret = -1;
1333 err_undo_rename:
1334     renameat_preserve_errno(ndirfd, new_name, odirfd, old_name);
1335 out:
1336     close_preserve_errno(ndirfd);
1337     close_preserve_errno(odirfd);
1338     return ret;
1339 }
1340 
v9fs_path_init_dirname(V9fsPath * path,const char * str)1341 static void v9fs_path_init_dirname(V9fsPath *path, const char *str)
1342 {
1343     path->data = g_path_get_dirname(str);
1344     path->size = strlen(path->data) + 1;
1345 }
1346 
local_rename(FsContext * ctx,const char * oldpath,const char * newpath)1347 static int local_rename(FsContext *ctx, const char *oldpath,
1348                         const char *newpath)
1349 {
1350     int err;
1351     char *oname = g_path_get_basename(oldpath);
1352     char *nname = g_path_get_basename(newpath);
1353     V9fsPath olddir, newdir;
1354 
1355     v9fs_path_init_dirname(&olddir, oldpath);
1356     v9fs_path_init_dirname(&newdir, newpath);
1357 
1358     err = local_renameat(ctx, &olddir, oname, &newdir, nname);
1359 
1360     v9fs_path_free(&newdir);
1361     v9fs_path_free(&olddir);
1362     g_free(nname);
1363     g_free(oname);
1364 
1365     return err;
1366 }
1367 
local_unlinkat(FsContext * ctx,V9fsPath * dir,const char * name,int flags)1368 static int local_unlinkat(FsContext *ctx, V9fsPath *dir,
1369                           const char *name, int flags)
1370 {
1371     int ret;
1372     int dirfd;
1373 
1374     if (ctx->export_flags & V9FS_SM_MAPPED_FILE &&
1375         local_is_mapped_file_metadata(ctx, name)) {
1376         errno = EINVAL;
1377         return -1;
1378     }
1379 
1380     dirfd = local_opendir_nofollow(ctx, dir->data);
1381     if (dirfd == -1) {
1382         return -1;
1383     }
1384 
1385     ret = local_unlinkat_common(ctx, dirfd, name, flags);
1386     close_preserve_errno(dirfd);
1387     return ret;
1388 }
1389 
1390 #ifdef FS_IOC_GETVERSION
local_ioc_getversion(FsContext * ctx,V9fsPath * path,mode_t st_mode,uint64_t * st_gen)1391 static int local_ioc_getversion(FsContext *ctx, V9fsPath *path,
1392                                 mode_t st_mode, uint64_t *st_gen)
1393 {
1394     int err;
1395     V9fsFidOpenState fid_open;
1396 
1397     /*
1398      * Do not try to open special files like device nodes, fifos etc
1399      * We can get fd for regular files and directories only
1400      */
1401     if (!S_ISREG(st_mode) && !S_ISDIR(st_mode)) {
1402         errno = ENOTTY;
1403         return -1;
1404     }
1405     err = local_open(ctx, path, O_RDONLY, &fid_open);
1406     if (err < 0) {
1407         return err;
1408     }
1409     err = ioctl(fid_open.fd, FS_IOC_GETVERSION, st_gen);
1410     local_close(ctx, &fid_open);
1411     return err;
1412 }
1413 #endif
1414 
local_ioc_getversion_init(FsContext * ctx,LocalData * data,Error ** errp)1415 static int local_ioc_getversion_init(FsContext *ctx, LocalData *data, Error **errp)
1416 {
1417 #ifdef FS_IOC_GETVERSION
1418     struct statfs stbuf;
1419 
1420     /*
1421      * use ioc_getversion only if the ioctl is defined
1422      */
1423     if (fstatfs(data->mountfd, &stbuf) < 0) {
1424         error_setg_errno(errp, errno,
1425                          "failed to stat file system at '%s'", ctx->fs_root);
1426         return -1;
1427     }
1428     switch (stbuf.f_type) {
1429     case EXT2_SUPER_MAGIC:
1430     case BTRFS_SUPER_MAGIC:
1431     case REISERFS_SUPER_MAGIC:
1432     case XFS_SUPER_MAGIC:
1433         ctx->exops.get_st_gen = local_ioc_getversion;
1434         break;
1435     }
1436 #endif
1437     return 0;
1438 }
1439 
local_init(FsContext * ctx,Error ** errp)1440 static int local_init(FsContext *ctx, Error **errp)
1441 {
1442     LocalData *data = g_malloc(sizeof(*data));
1443 
1444     data->mountfd = open(ctx->fs_root, O_DIRECTORY | O_RDONLY);
1445     if (data->mountfd == -1) {
1446         error_setg_errno(errp, errno, "failed to open '%s'", ctx->fs_root);
1447         goto err;
1448     }
1449 
1450     if (local_ioc_getversion_init(ctx, data, errp) < 0) {
1451         close(data->mountfd);
1452         goto err;
1453     }
1454 
1455     if (ctx->export_flags & V9FS_SM_PASSTHROUGH) {
1456         ctx->xops = passthrough_xattr_ops;
1457     } else if (ctx->export_flags & V9FS_SM_MAPPED) {
1458         ctx->xops = mapped_xattr_ops;
1459     } else if (ctx->export_flags & V9FS_SM_NONE) {
1460         ctx->xops = none_xattr_ops;
1461     } else if (ctx->export_flags & V9FS_SM_MAPPED_FILE) {
1462         /*
1463          * xattr operation for mapped-file and passthrough
1464          * remain same.
1465          */
1466         ctx->xops = passthrough_xattr_ops;
1467     }
1468     ctx->export_flags |= V9FS_PATHNAME_FSCONTEXT;
1469 
1470     ctx->private = data;
1471     return 0;
1472 
1473 err:
1474     g_free(data);
1475     return -1;
1476 }
1477 
local_cleanup(FsContext * ctx)1478 static void local_cleanup(FsContext *ctx)
1479 {
1480     LocalData *data = ctx->private;
1481 
1482     if (!data) {
1483         return;
1484     }
1485 
1486     close(data->mountfd);
1487     g_free(data);
1488 }
1489 
error_append_security_model_hint(Error * const * errp)1490 static void error_append_security_model_hint(Error *const *errp)
1491 {
1492     error_append_hint(errp, "Valid options are: security_model="
1493                       "[passthrough|mapped-xattr|mapped-file|none]\n");
1494 }
1495 
local_parse_opts(QemuOpts * opts,FsDriverEntry * fse,Error ** errp)1496 static int local_parse_opts(QemuOpts *opts, FsDriverEntry *fse, Error **errp)
1497 {
1498     ERRP_GUARD();
1499     const char *sec_model = qemu_opt_get(opts, "security_model");
1500     const char *path = qemu_opt_get(opts, "path");
1501     const char *multidevs = qemu_opt_get(opts, "multidevs");
1502 
1503     if (!sec_model) {
1504         error_setg(errp, "security_model property not set");
1505         error_append_security_model_hint(errp);
1506         return -1;
1507     }
1508 
1509     if (!strcmp(sec_model, "passthrough")) {
1510         fse->export_flags |= V9FS_SM_PASSTHROUGH;
1511     } else if (!strcmp(sec_model, "mapped") ||
1512                !strcmp(sec_model, "mapped-xattr")) {
1513         fse->export_flags |= V9FS_SM_MAPPED;
1514     } else if (!strcmp(sec_model, "none")) {
1515         fse->export_flags |= V9FS_SM_NONE;
1516     } else if (!strcmp(sec_model, "mapped-file")) {
1517         fse->export_flags |= V9FS_SM_MAPPED_FILE;
1518     } else {
1519         error_setg(errp, "invalid security_model property '%s'", sec_model);
1520         error_append_security_model_hint(errp);
1521         return -1;
1522     }
1523 
1524     if (multidevs) {
1525         if (!strcmp(multidevs, "remap")) {
1526             fse->export_flags &= ~V9FS_FORBID_MULTIDEVS;
1527             fse->export_flags |= V9FS_REMAP_INODES;
1528         } else if (!strcmp(multidevs, "forbid")) {
1529             fse->export_flags &= ~V9FS_REMAP_INODES;
1530             fse->export_flags |= V9FS_FORBID_MULTIDEVS;
1531         } else if (!strcmp(multidevs, "warn")) {
1532             fse->export_flags &= ~V9FS_FORBID_MULTIDEVS;
1533             fse->export_flags &= ~V9FS_REMAP_INODES;
1534         } else {
1535             error_setg(errp, "invalid multidevs property '%s'",
1536                        multidevs);
1537             error_append_hint(errp, "Valid options are: multidevs="
1538                               "[remap|forbid|warn]\n");
1539             return -1;
1540         }
1541     }
1542 
1543     if (!path) {
1544         error_setg(errp, "path property not set");
1545         return -1;
1546     }
1547 
1548     if (fsdev_throttle_parse_opts(opts, &fse->fst, errp)) {
1549         error_prepend(errp, "invalid throttle configuration: ");
1550         return -1;
1551     }
1552 
1553     if (fse->export_flags & V9FS_SM_MAPPED ||
1554         fse->export_flags & V9FS_SM_MAPPED_FILE) {
1555         fse->fmode =
1556             qemu_opt_get_number(opts, "fmode", SM_LOCAL_MODE_BITS) & 0777;
1557         fse->dmode =
1558             qemu_opt_get_number(opts, "dmode", SM_LOCAL_DIR_MODE_BITS) & 0777;
1559     } else {
1560         if (qemu_opt_find(opts, "fmode")) {
1561             error_setg(errp, "fmode is only valid for mapped security modes");
1562             return -1;
1563         }
1564         if (qemu_opt_find(opts, "dmode")) {
1565             error_setg(errp, "dmode is only valid for mapped security modes");
1566             return -1;
1567         }
1568     }
1569 
1570     fse->path = g_strdup(path);
1571 
1572     return 0;
1573 }
1574 
1575 FileOperations local_ops = {
1576     .parse_opts = local_parse_opts,
1577     .init  = local_init,
1578     .cleanup = local_cleanup,
1579     .lstat = local_lstat,
1580     .readlink = local_readlink,
1581     .close = local_close,
1582     .closedir = local_closedir,
1583     .open = local_open,
1584     .opendir = local_opendir,
1585     .rewinddir = local_rewinddir,
1586     .telldir = local_telldir,
1587     .readdir = local_readdir,
1588     .seekdir = local_seekdir,
1589     .preadv = local_preadv,
1590     .pwritev = local_pwritev,
1591     .chmod = local_chmod,
1592     .mknod = local_mknod,
1593     .mkdir = local_mkdir,
1594     .fstat = local_fstat,
1595     .open2 = local_open2,
1596     .symlink = local_symlink,
1597     .link = local_link,
1598     .truncate = local_truncate,
1599     .rename = local_rename,
1600     .chown = local_chown,
1601     .utimensat = local_utimensat,
1602     .remove = local_remove,
1603     .fsync = local_fsync,
1604     .statfs = local_statfs,
1605     .lgetxattr = local_lgetxattr,
1606     .llistxattr = local_llistxattr,
1607     .lsetxattr = local_lsetxattr,
1608     .lremovexattr = local_lremovexattr,
1609     .name_to_path = local_name_to_path,
1610     .renameat  = local_renameat,
1611     .unlinkat = local_unlinkat,
1612 };
1613