Re: [PULL 0/6] virtiofs queue
On Tue, 16 Feb 2021 at 18:45, Dr. David Alan Gilbert (git) wrote: > > From: "Dr. David Alan Gilbert" > > The following changes since commit 18543229fd7a2c79dcd6818c7b1f0f62512b5220: > > Merge remote-tracking branch > 'remotes/cleber-gitlab/tags/python-next-pull-request' into staging > (2021-02-16 14:37:57 +) > > are available in the Git repository at: > > https://gitlab.com/dagrh/qemu.git tags/pull-virtiofs-20210216 > > for you to fetch changes up to 26ec1909648e0c06ff06ebc3ddb2f88ebeeaa6a9: > > virtiofsd: Do not use a thread pool by default (2021-02-16 17:54:18 +) > > > virtiofsd pull 2021-02-16 > > Vivek's support for new FUSE KILLPRIV_V2 > and some smaller cleanups. > > Signed-off-by: Dr. David Alan Gilbert > Applied, thanks. Please update the changelog at https://wiki.qemu.org/ChangeLog/6.0 for any user-visible changes. -- PMM
[PULL 0/6] virtiofs queue
From: "Dr. David Alan Gilbert" The following changes since commit 18543229fd7a2c79dcd6818c7b1f0f62512b5220: Merge remote-tracking branch 'remotes/cleber-gitlab/tags/python-next-pull-request' into staging (2021-02-16 14:37:57 +) are available in the Git repository at: https://gitlab.com/dagrh/qemu.git tags/pull-virtiofs-20210216 for you to fetch changes up to 26ec1909648e0c06ff06ebc3ddb2f88ebeeaa6a9: virtiofsd: Do not use a thread pool by default (2021-02-16 17:54:18 +) virtiofsd pull 2021-02-16 Vivek's support for new FUSE KILLPRIV_V2 and some smaller cleanups. Signed-off-by: Dr. David Alan Gilbert Greg Kurz (1): virtiofsd: vu_dispatch locking should never fail Philippe Mathieu-Daudé (1): tools/virtiofsd: Replace the word 'whitelist' Vivek Goyal (3): virtiofsd: Save error code early at the failure callsite viriofsd: Add support for FUSE_HANDLE_KILLPRIV_V2 virtiofsd: Do not use a thread pool by default Wainer dos Santos Moschetta (1): virtiofsd: Allow to build it without the tools tools/meson.build | 7 ++- tools/virtiofsd/fuse_common.h | 15 ++ tools/virtiofsd/fuse_lowlevel.c | 13 - tools/virtiofsd/fuse_lowlevel.h | 1 + tools/virtiofsd/fuse_virtio.c | 49 - tools/virtiofsd/passthrough_ll.c | 99 ++- tools/virtiofsd/passthrough_seccomp.c | 12 ++--- 7 files changed, 158 insertions(+), 38 deletions(-)
Re: [PULL 0/6] virtiofs queue
* Peter Maydell (peter.mayd...@linaro.org) wrote: > On Fri, 1 May 2020 at 20:16, Dr. David Alan Gilbert (git) > wrote: > > > > From: "Dr. David Alan Gilbert" > > > > The following changes since commit 1c47613588ccff44422d4bdeea0dc36a0a308ec7: > > > > Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into > > staging (2020-04-30 19:25:41 +0100) > > > > are available in the Git repository at: > > > > https://gitlab.com/dagrh/qemu.git tags/pull-virtiofs-20200501 > > > > for you to fetch changes up to 66502bbca37ca7a3bfa57e82cfc03b89a7a11eae: > > > > virtiofsd: drop all capabilities in the wait parent process (2020-05-01 > > 20:05:37 +0100) > > > > > > virtiofsd: Pull 2020-05-01 (includes CVE fix) > > > > This set includes a security fix, other fixes and improvements. > > > > Security fix: > > The security fix is for CVE-2020-10717 where, on low RAM hosts, > > the guest can potentially exceed the maximum fd limit. > > This fix adds some more configuration so that the user > > can explicitly set the limit. > > Thank you to Yuval Avrahami for reporting this. > > > > Fixes: > > > > Recursive mounting of the exported directory is now used in > > the sandbox, such that if there was a mount underneath present at > > the time the virtiofsd was started, that mount is also > > visible to the guest; in the existing code, only mounts that > > happened after startup were visible. > > > > Security improvements: > > > > The jailing for /proc/self/fd is improved - but it's something > > that shouldn't be accessible anyway. > > > > Most capabilities are now dropped at startup; again this shouldn't > > change any behaviour but is extra protection. > > > > > > > Applied, thanks. > > Please update the changelog at https://wiki.qemu.org/ChangeLog/5.1 > for any user-visible changes. > > I notice you didn't include the usual Cc: qemu-sta...@nongnu.org > lines in the commits to be backported, but I think the stable > branch maintainers can deal with the occasional manual notification. Thanks, yes I sent a mail to qemu-stable as a reply to the series saying which patches I thought should be for stable. Dave > thanks > -- PMM > -- Dr. David Alan Gilbert / dgilb...@redhat.com / Manchester, UK
Re: [PULL 0/6] virtiofs queue
On Fri, 1 May 2020 at 20:16, Dr. David Alan Gilbert (git) wrote: > > From: "Dr. David Alan Gilbert" > > The following changes since commit 1c47613588ccff44422d4bdeea0dc36a0a308ec7: > > Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging > (2020-04-30 19:25:41 +0100) > > are available in the Git repository at: > > https://gitlab.com/dagrh/qemu.git tags/pull-virtiofs-20200501 > > for you to fetch changes up to 66502bbca37ca7a3bfa57e82cfc03b89a7a11eae: > > virtiofsd: drop all capabilities in the wait parent process (2020-05-01 > 20:05:37 +0100) > > > virtiofsd: Pull 2020-05-01 (includes CVE fix) > > This set includes a security fix, other fixes and improvements. > > Security fix: > The security fix is for CVE-2020-10717 where, on low RAM hosts, > the guest can potentially exceed the maximum fd limit. > This fix adds some more configuration so that the user > can explicitly set the limit. > Thank you to Yuval Avrahami for reporting this. > > Fixes: > > Recursive mounting of the exported directory is now used in > the sandbox, such that if there was a mount underneath present at > the time the virtiofsd was started, that mount is also > visible to the guest; in the existing code, only mounts that > happened after startup were visible. > > Security improvements: > > The jailing for /proc/self/fd is improved - but it's something > that shouldn't be accessible anyway. > > Most capabilities are now dropped at startup; again this shouldn't > change any behaviour but is extra protection. > > Applied, thanks. Please update the changelog at https://wiki.qemu.org/ChangeLog/5.1 for any user-visible changes. I notice you didn't include the usual Cc: qemu-sta...@nongnu.org lines in the commits to be backported, but I think the stable branch maintainers can deal with the occasional manual notification. thanks -- PMM
Re: [PULL 0/6] virtiofs queue
Dear Stable, From this series, the fixes: virtiofsd: add --rlimit-nofile=NUM option virtiofsd: stay below fs.file-max sysctl value (CVE-2020-10717) and virtiofsd: Show submounts should probably be backported. Dave * Dr. David Alan Gilbert (git) (dgilb...@redhat.com) wrote: > From: "Dr. David Alan Gilbert" > > The following changes since commit 1c47613588ccff44422d4bdeea0dc36a0a308ec7: > > Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging > (2020-04-30 19:25:41 +0100) > > are available in the Git repository at: > > https://gitlab.com/dagrh/qemu.git tags/pull-virtiofs-20200501 > > for you to fetch changes up to 66502bbca37ca7a3bfa57e82cfc03b89a7a11eae: > > virtiofsd: drop all capabilities in the wait parent process (2020-05-01 > 20:05:37 +0100) > > > virtiofsd: Pull 2020-05-01 (includes CVE fix) > > This set includes a security fix, other fixes and improvements. > > Security fix: > The security fix is for CVE-2020-10717 where, on low RAM hosts, > the guest can potentially exceed the maximum fd limit. > This fix adds some more configuration so that the user > can explicitly set the limit. > Thank you to Yuval Avrahami for reporting this. > > Fixes: > > Recursive mounting of the exported directory is now used in > the sandbox, such that if there was a mount underneath present at > the time the virtiofsd was started, that mount is also > visible to the guest; in the existing code, only mounts that > happened after startup were visible. > > Security improvements: > > The jailing for /proc/self/fd is improved - but it's something > that shouldn't be accessible anyway. > > Most capabilities are now dropped at startup; again this shouldn't > change any behaviour but is extra protection. > > > Max Reitz (1): > virtiofsd: Show submounts > > Miklos Szeredi (1): > virtiofsd: jail lo->proc_self_fd > > Stefan Hajnoczi (4): > virtiofsd: add --rlimit-nofile=NUM option > virtiofsd: stay below fs.file-max sysctl value (CVE-2020-10717) > virtiofsd: only retain file system capabilities > virtiofsd: drop all capabilities in the wait parent process > > tools/virtiofsd/fuse_lowlevel.h | 1 + > tools/virtiofsd/helper.c | 47 ++ > tools/virtiofsd/passthrough_ll.c | 102 > --- > 3 files changed, 133 insertions(+), 17 deletions(-) > > -- Dr. David Alan Gilbert / dgilb...@redhat.com / Manchester, UK
[PULL 0/6] virtiofs queue
From: "Dr. David Alan Gilbert" The following changes since commit 1c47613588ccff44422d4bdeea0dc36a0a308ec7: Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging (2020-04-30 19:25:41 +0100) are available in the Git repository at: https://gitlab.com/dagrh/qemu.git tags/pull-virtiofs-20200501 for you to fetch changes up to 66502bbca37ca7a3bfa57e82cfc03b89a7a11eae: virtiofsd: drop all capabilities in the wait parent process (2020-05-01 20:05:37 +0100) virtiofsd: Pull 2020-05-01 (includes CVE fix) This set includes a security fix, other fixes and improvements. Security fix: The security fix is for CVE-2020-10717 where, on low RAM hosts, the guest can potentially exceed the maximum fd limit. This fix adds some more configuration so that the user can explicitly set the limit. Thank you to Yuval Avrahami for reporting this. Fixes: Recursive mounting of the exported directory is now used in the sandbox, such that if there was a mount underneath present at the time the virtiofsd was started, that mount is also visible to the guest; in the existing code, only mounts that happened after startup were visible. Security improvements: The jailing for /proc/self/fd is improved - but it's something that shouldn't be accessible anyway. Most capabilities are now dropped at startup; again this shouldn't change any behaviour but is extra protection. Max Reitz (1): virtiofsd: Show submounts Miklos Szeredi (1): virtiofsd: jail lo->proc_self_fd Stefan Hajnoczi (4): virtiofsd: add --rlimit-nofile=NUM option virtiofsd: stay below fs.file-max sysctl value (CVE-2020-10717) virtiofsd: only retain file system capabilities virtiofsd: drop all capabilities in the wait parent process tools/virtiofsd/fuse_lowlevel.h | 1 + tools/virtiofsd/helper.c | 47 ++ tools/virtiofsd/passthrough_ll.c | 102 --- 3 files changed, 133 insertions(+), 17 deletions(-)
Re: [PULL 0/6] virtiofs queue
On Fri, 21 Feb 2020 at 13:52, Dr. David Alan Gilbert (git) wrote: > > From: "Dr. David Alan Gilbert" > > The following changes since commit b651b80822fa8cb66ca30087ac7fbc75507ae5d2: > > Merge remote-tracking branch > 'remotes/vivier2/tags/linux-user-for-5.0-pull-request' into staging > (2020-02-20 17:35:42 +) > > are available in the Git repository at: > > https://gitlab.com/dagrh/qemu.git tags/pull-virtiofs-20200221 > > for you to fetch changes up to 5bb8e8beedb47fc0d0a44957a154918c4f4afc80: > > docs: Fix virtiofsd.1 location (2020-02-21 13:05:27 +) > > > virtiofs pull 20200221 > > Mostly minor cleanups. > Miroslav's fixes a make install corner case. > Philippe's set includes an error corner case fix. > Applied, thanks. Please update the changelog at https://wiki.qemu.org/ChangeLog/5.0 for any user-visible changes. -- PMM
[PULL 0/6] virtiofs queue
From: "Dr. David Alan Gilbert" The following changes since commit b651b80822fa8cb66ca30087ac7fbc75507ae5d2: Merge remote-tracking branch 'remotes/vivier2/tags/linux-user-for-5.0-pull-request' into staging (2020-02-20 17:35:42 +) are available in the Git repository at: https://gitlab.com/dagrh/qemu.git tags/pull-virtiofs-20200221 for you to fetch changes up to 5bb8e8beedb47fc0d0a44957a154918c4f4afc80: docs: Fix virtiofsd.1 location (2020-02-21 13:05:27 +) virtiofs pull 20200221 Mostly minor cleanups. Miroslav's fixes a make install corner case. Philippe's set includes an error corner case fix. Dr. David Alan Gilbert (1): virtiofsd: Help message fix for 'seconds' Miroslav Rezanina (1): docs: Fix virtiofsd.1 location Philippe Mathieu-Daudé (3): tools/virtiofsd/passthrough_ll: Remove unneeded variable assignment tools/virtiofsd/passthrough_ll: Remove unneeded variable assignment tools/virtiofsd/fuse_lowlevel: Fix fuse_out_header::error value Xiao Yang (1): virtiofsd: Remove fuse.h and struct fuse_module Makefile |2 +- tools/virtiofsd/fuse.h | 1229 -- tools/virtiofsd/fuse_i.h | 16 - tools/virtiofsd/fuse_lowlevel.c |2 +- tools/virtiofsd/helper.c |2 +- tools/virtiofsd/passthrough_ll.c |4 - 6 files changed, 3 insertions(+), 1252 deletions(-) delete mode 100644 tools/virtiofsd/fuse.h