[libvirt PATCHv3 0/4] Add support for QEMU's fmode and dmode
Peter Krempa
pkrempa at redhat.com
Tue Oct 6 07:55:49 UTC 2020
On Mon, Oct 05, 2020 at 19:40:12 +0100, Brian Turek wrote:
> Apologies for the second submission here. I got a kickback on two of the
> emails saying it was "rejected due to security policies."
>
> This third version of the patches fixes a bug where QEMU interpreted the
> command line value passed to it as base-10 rather than base-8. This new
> version ensures there is always a preceeding 0 in the QEMU args (using
> %04o formatting) and explictly sets it in the generated XML.
That sounds like a very bad design from qemu. Unfortunately this version
doesn't fix it completely either. The XML parser you've implemented
parses the passed number as octal but doesn't validate it's maximum value.
Since the qemu command line option is formatted as 4 octal digits, a
mode such as '1775' which is a valid mode for a directory will still be
formatted as something which looks like a decimal number:
-fsdev local,security_model=mapped,dmode=1775,id=fsdev-fs1,path=/export/fs1 \
Also the documentation doesn't mention whether sticky bit and such are
actually handled.
More information about the libvir-list
mailing list