qemu-trivial
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-trivial] [Qemu-devel] [PATCH] virtfs-proxy-helper: check retur


From: Paolo Bonzini
Subject: Re: [Qemu-trivial] [Qemu-devel] [PATCH] virtfs-proxy-helper: check return code of setfsgid/setfsuid
Date: Wed, 10 Oct 2012 19:00:36 +0200
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:15.0) Gecko/20120911 Thunderbird/15.0.1

Il 10/10/2012 18:54, Stefan Weil ha scritto:
>>
>>     if (setfsuid(uid) < 0 || setfsuid(uid) != uid) {
>>         return -1;
>>     }
>>
>> but it seems wasteful to do four syscalls instead of two.
> 
> I added a local variable in my example to avoid those extra
> syscalls.

Note that the two setfsuid() calls are different.

The first checks the "-1" error from glibc.  The second says "if the
first call succeeded, the second call should see "uid" as the current
fsuid and the second call will be a no-op; if not, the first call must
have failed".

> The functions have an additional problem: they don't set
> errno (see manpages). I tested this, and here the manpages
> are correct. The code in virtfs-proxy-helper expects that
> errno was set, so the patch must set errno = EPERM or
> something like that.

So it would be

    if (setfsuid(uid) < 0) {
        return -1;
    }
    if (setfsuid(uid) != uid) {
        errno = EPERM;
        return -1;
    }

I still prefer my v2 (v1 is wrong).  The return path seems to be dead,
but it's not worse than before...

Paolo



reply via email to

[Prev in Thread] Current Thread [Next in Thread]