Mike Larkin <mlar...@azathoth.net> wrote:
> On Wed, Jan 03, 2018 at 08:03:56PM -0800, Carlos Cardenas wrote:
> > Howdy.
> >
> > Attached is a patch to address a TOCTOU issue with checking to
> > ensure disks are regular files, reported by jca@ .
> >
> > Comments? Ok?
> >
> > +--+
> > Carlos
>
> > Index: config.c
> > ===================================================================
> > RCS file: /home/los/cvs/src/usr.sbin/vmd/config.c,v
> > retrieving revision 1.38
> > diff -u -p -a -u -r1.38 config.c
> > --- config.c 3 Jan 2018 05:39:56 -0000 1.38
> > +++ config.c 4 Jan 2018 03:55:47 -0000
> > @@ -262,23 +262,23 @@ config_setvm(struct privsep *ps, struct
> > /* Open disk images for child */
> > for (i = 0 ; i < vcp->vcp_ndisks; i++) {
> > /* Stat disk[i] to ensure it is a regular file */
> > - if (stat(vcp->vcp_disks[i], &stat_buf) == -1) {
> > + if ((diskfds[i] =
> > + open(vcp->vcp_disks[i], O_RDWR)) == -1) {
>
> O_RDONLY? Or do we actually support the SCSI write commands (ala
> writing ISO images?)
vcp_disks represent the vioblk devices which are RDWR.
vcp_cdrom is RDONLY since it doesn't support writing ISOs.
>
> > log_warn("%s: can't open disk %s", __func__,
> > vcp->vcp_disks[i]);
> > errno = VMD_DISK_MISSING;
> > goto fail;
> > }
> > - if (S_ISREG(stat_buf.st_mode) == 0) {
> > - log_warn("%s: disk %s is not a regular file", __func__,
> > + if (fstat(diskfds[i], &stat_buf) == -1) {
> > + log_warn("%s: can't open disk %s", __func__,
> > vcp->vcp_disks[i]);
> > - errno = VMD_DISK_INVALID;
> > + errno = VMD_DISK_MISSING;
>
> I'd probably stick with INVALID here since technically the image is not
> really "missing"
Makes sense.
>
> > goto fail;
> > }
> > - if ((diskfds[i] =
> > - open(vcp->vcp_disks[i], O_RDWR)) == -1) {
> > - log_warn("%s: can't open disk %s", __func__,
> > + if (S_ISREG(stat_buf.st_mode) == 0) {
> > + log_warn("%s: disk %s is not a regular file", __func__,
> > vcp->vcp_disks[i]);
> > - errno = VMD_DISK_MISSING;
> > + errno = VMD_DISK_INVALID;
> > goto fail;
> > }
> > }
>
> ok mlarkin otherwise
