[Virtio-fs] [virtiofsd] MR opened: Do not create tmpdir and bind mount /proc/self/fd there
virtiofs-bot at sinrega.org
virtiofs-bot at sinrega.org
Mon May 23 21:08:50 UTC 2022
virtiofsd needs access to /proc/self/fd but we also want to make
sure that if virtiofsd is hacked, it is not able to traverse up the
directory tree and be able to access /proc/ etc.
Currently virtiofsd creates a tmpdir and bind mounts /proc/self/fd/
there and then opens an O_PATH fd for tmpdir. And then it deletes
the tmpdir.
C version of virtiofsd bind mounts /proc/self/fd on /proc/ and then
opens an O_PATH fd on /proc.
Creating a separate dir needs to find a temporary space and SELinux
policy might not allow for writing to some tmp space directly. Instead
runtime needs to setup some space and label it properly so that virtiofsd
can write to it.
So going away from the need of creating tmpdir will be good as long
as one can not traverse into /proc/self or /proc. I think it is
not possible with bind mounting /proc/self/fd on /proc. So proposing
this patch.
Yet-to-be-signed-off-by: Vivek Goyal <vgoyal at redhat.com>
---
https://gitlab.com/virtio-fs/virtiofsd/-/merge_requests/119
More information about the Virtio-fs
mailing list