haraldwolff/qemu-patch-raspberry4
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
qemu-patch-raspberry4/include/authz/listfile.h
Daniel P. Berrangé b4682a63f8 filemon: fix watch IDs to avoid potential wraparound issues 
Watch IDs are allocated from incrementing a int counter against
the QFileMonitor object. In very long life QEMU processes with
a huge amount of USB MTP activity creating & deleting directories
it is just about conceivable that the int counter can wrap
around. This would result in incorrect behaviour of the file
monitor watch APIs due to clashing watch IDs.

Instead of trying to detect this situation, this patch changes
the way watch IDs are allocated. It is turned into an int64_t
variable where the high 32 bits are set from the underlying
inotify "int" ID. This gives an ID that is guaranteed unique
for the directory as a whole, and we can rely on the kernel
to enforce this. QFileMonitor then sets the low 32 bits from
a per-directory counter.

The USB MTP device only sets watches on the directory as a
whole, not files within, so there is no risk of guest
triggered wrap around on the low 32 bits.

Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-04-02 13:52:02 +01:00

112 lines
3.2 KiB
C
Raw Blame History

/*
* QEMU list file authorization driver
*
* Copyright (c) 2018 Red Hat, Inc.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, see <http://www.gnu.org/licenses/>.
*
*/
#ifndef QAUTHZ_LIST_FILE_H__
#define QAUTHZ_LIST_FILE_H__
#include "authz/list.h"
#include "qapi/qapi-types-authz.h"
#include "qemu/filemonitor.h"
#define TYPE_QAUTHZ_LIST_FILE "authz-list-file"
#define QAUTHZ_LIST_FILE_CLASS(klass) \
OBJECT_CLASS_CHECK(QAuthZListFileClass, (klass), \
TYPE_QAUTHZ_LIST_FILE)
#define QAUTHZ_LIST_FILE_GET_CLASS(obj) \
OBJECT_GET_CLASS(QAuthZListFileClass, (obj), \
TYPE_QAUTHZ_LIST_FILE)
#define QAUTHZ_LIST_FILE(obj) \
OBJECT_CHECK(QAuthZListFile, (obj), \
TYPE_QAUTHZ_LIST_FILE)
typedef struct QAuthZListFile QAuthZListFile;
typedef struct QAuthZListFileClass QAuthZListFileClass;
/**
* QAuthZListFile:
*
* This authorization driver provides a file mechanism
* for granting access by matching user names against a
* file of globs. Each match rule has an associated policy
* and a catch all policy applies if no rule matches
*
* To create an instance of this class via QMP:
*
* {
* "execute": "object-add",
* "arguments": {
* "qom-type": "authz-list-file",
* "id": "authz0",
* "props": {
* "filename": "/etc/qemu/myvm-vnc.acl",
* "refresh": true
* }
* }
* }
*
* If 'refresh' is 'yes', inotify is used to monitor for changes
* to the file and auto-reload the rules.
*
* The myvm-vnc.acl file should contain the parameters for
* the QAuthZList object in JSON format:
*
* {
* "rules": [
* { "match": "fred", "policy": "allow", "format": "exact" },
* { "match": "bob", "policy": "allow", "format": "exact" },
* { "match": "danb", "policy": "deny", "format": "exact" },
* { "match": "dan*", "policy": "allow", "format": "glob" }
* ],
* "policy": "deny"
* }
*
* The object can be created on the command line using
*
* -object authz-list-file,id=authz0,\
* filename=/etc/qemu/myvm-vnc.acl,refresh=yes
*
*/
struct QAuthZListFile {
QAuthZ parent_obj;
QAuthZ *list;
char *filename;
bool refresh;
QFileMonitor *file_monitor;
int64_t file_watch;
};
struct QAuthZListFileClass {
QAuthZClass parent_class;
};
QAuthZListFile *qauthz_list_file_new(const char *id,
const char *filename,
bool refresh,
Error **errp);
#endif /* QAUTHZ_LIST_FILE_H__ */
Reference in a new issue View git blame Copy permalink