aboutsummaryrefslogtreecommitdiff
path: root/hw/9pfs/cofs.c
diff options
context:
space:
mode:
authorChen Gang <gang.chen.5i5j@gmail.com>2014-03-02 01:36:19 +0800
committerAneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>2014-03-04 00:57:57 +0530
commit4fa4ce7107c6ec432f185307158c5df91ce54308 (patch)
tree0fb2161b9f48eeab937b25a14f8911003754bf8c /hw/9pfs/cofs.c
parentfae0864573b08b12f29003baabfd9902d89608fe (diff)
downloadqemu-4fa4ce7107c6ec432f185307158c5df91ce54308.zip
qemu-4fa4ce7107c6ec432f185307158c5df91ce54308.tar.gz
qemu-4fa4ce7107c6ec432f185307158c5df91ce54308.tar.bz2
hw/9pfs: use g_strdup_printf() instead of PATH_MAX limitation
When path is truncated by PATH_MAX limitation, it causes QEMU to access incorrect file. So use original full path instead of PATH_MAX within 9pfs (need check/process ENOMEM for related memory allocation). The related test: - Environments (for qemu-devel): - Host is under fedora17 desktop with ext4fs: qemu-system-x86_64 -hda test.img -m 1024 \ -net nic,vlan=4,model=virtio,macaddr=00:16:35:AF:94:04 \ -net tap,vlan=4,ifname=tap4,script=no,downscript=no \ -device virtio-9p-pci,id=fs0,fsdev=fsdev0,mount_tag=hostshare \ -fsdev local,security_model=passthrough,id=fsdev0,\ path=/upstream/vm/data/share/1234567890abcdefghijklmnopqrstuvwxyz\ ABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890acdefghijklmnopqrstuvwxyz\ ABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890/111111111111111111111111111\ 1111111111111111111111111111111111111111111111111111222222222222\ 2222222222222222222222222222222222222222222222222222222222222222\ 2222222222222222222222222222222222233333333333333333333333333333\ 3333333333333333333333333333333333 - Guest is ubuntu12 server with 9pfs. mount -t 9p -o trans=virtio,version=9p2000.L hostshare /share - Limitations: full path limitation is PATH_MAX (4096B include nul) under Linux. file/dir node name maximized length is 256 (include nul) under ext4. - Special test: Under host, modify the file: "/upstream/vm/data/share/1234567890abcdefg\ hijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890acdefghijklmno\ pqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890/111111111111111111111\ 111111111111111111111111111111111111111111111111111111111122222222222\ 222222222222222222222222222222222222222222222222222222222222222222222\ 222222222222222222222222222222233333333333333333333333333333333333333\ 3333333333333333333333333/4444444444444444444444444444444444444444444\ 444444444444444444444444444444444444444444444444444444444444444444444\ 444444444444444444444444444444444444444444444444444444444444444444444\ 444444444444444444444444444444444444444/55555555555555555555555555555\ 555555555555555555555555555555555555555555555555555555555555555555555\ 555555555555555555555555555555555555555555555555555555555555555555555\ 555555555555555555555555555555555555555555555555555555555555555555555\ 55555555/666666666666666666666666666666666666666666666666666666666666\ 666666666666666666666666666666666666666666666666666666666666666666666\ 666666666666666666666666666666666666666666666666666666666666666666666\ 666666666666666666666/77777777777777777777777777777777777777777777777\ 777777777777777777777777777777777777777777777777777777777777777777777\ 777777777777777777777777777777777777777777777777777777777777777777777\ 77777777777777777777777777777777777777777777777777777777777/888888888\ 888888888888888888888888888888888888888888888888888888888888888888888\ 888888888888888888888888888888888888888888888888888888888888888888888\ 888888888888888888888888888888888888888888888888888888888888888888888\ 888888888/99999999999999999999999999999999999999999999999999999999999\ 999999999999999999999999999999999999999999999999999999999999999999999\ 999999999999999999999999999999999999999999999999999999999999999999999\ 99999999999999999999999999999999999999999/000000000000000000000000000\ 000000000000000000000000000000000000000000000000000000000000000000000\ 000000000000000000000000000000000000000000000000000000000000000000000\ 000000000000000000000000000000000000000000000000/aaaaaaaaaaaaaaaaaaaa\ aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\ aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\ aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/bbbbbbbbbbbbbbbbbbbbbbb\ bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb\ bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb\ bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb/ccccccccc\ ccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccc\ ccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccc\ ccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccc\ cccccccccc/dddddddddddddddddddddddddddddddddddddddddddddddddddddddddd\ ddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd\ ddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd\ dddddddddddddddddddddd/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee\ eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee\ eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee\ eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee/fffffffffffffff\ fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff\ fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff\ ffffffffffffffffffffffffffffffffffffffffffffffffffffffffff/gggggggggg\ ggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggg\ ggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggg\ ggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggg\ ggggggggggggggggggggggg/iiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiii\ iiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiii\ iiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiii\ iiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiii/jjjjjjjjjjjjj\ jjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjj\ jjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjj/ppppppppppppppppppppp\ ppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp\ ppppppppppppppppppppppppppppppppppppppp/test1234567890file.log" (need enter dir firstly, then modify file, or can not open it). Under guest, still allow modify "test1234567890file.log" (will generate "test123456" file with contents). After apply this patch, can not open "test1234567890file.log" under guest (permission denied). - Common test: All are still OK after apply this path. "mkdir -p", "create/open file/dir", "modify file/dir", "rm file/dir". change various mount point paths under host and/or guest. Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com> Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Diffstat (limited to 'hw/9pfs/cofs.c')
-rw-r--r--hw/9pfs/cofs.c48
1 files changed, 34 insertions, 14 deletions
diff --git a/hw/9pfs/cofs.c b/hw/9pfs/cofs.c
index 3891050..42ee614 100644
--- a/hw/9pfs/cofs.c
+++ b/hw/9pfs/cofs.c
@@ -17,35 +17,55 @@
#include "block/coroutine.h"
#include "virtio-9p-coth.h"
+static ssize_t __readlink(V9fsState *s, V9fsPath *path, V9fsString *buf)
+{
+ ssize_t len, maxlen = PATH_MAX;
+
+ buf->data = g_malloc(PATH_MAX);
+ for(;;) {
+ len = s->ops->readlink(&s->ctx, path, buf->data, maxlen);
+ if (len < 0) {
+ g_free(buf->data);
+ buf->data = NULL;
+ buf->size = 0;
+ break;
+ } else if (len == maxlen) {
+ /*
+ * We dodn't have space to put the NULL or we have more
+ * to read. Increase the size and try again
+ */
+ maxlen *= 2;
+ g_free(buf->data);
+ buf->data = g_malloc(maxlen);
+ continue;
+ }
+ /*
+ * Null terminate the readlink output
+ */
+ buf->data[len] = '\0';
+ buf->size = len;
+ break;
+ }
+ return len;
+}
+
int v9fs_co_readlink(V9fsPDU *pdu, V9fsPath *path, V9fsString *buf)
{
int err;
- ssize_t len;
V9fsState *s = pdu->s;
if (v9fs_request_cancelled(pdu)) {
return -EINTR;
}
- buf->data = g_malloc(PATH_MAX);
v9fs_path_read_lock(s);
v9fs_co_run_in_worker(
{
- len = s->ops->readlink(&s->ctx, path,
- buf->data, PATH_MAX - 1);
- if (len > -1) {
- buf->size = len;
- buf->data[len] = 0;
- err = 0;
- } else {
+ err = __readlink(s, path, buf);
+ if (err < 0) {
err = -errno;
}
});
v9fs_path_unlock(s);
- if (err) {
- g_free(buf->data);
- buf->data = NULL;
- buf->size = 0;
- }
return err;
}