From: Paolo Bonzini Date: Wed, 5 Feb 2020 08:45:39 +0000 (+0100) Subject: tools/virtiofsd: convert to Meson X-Git-Url: http://git.maquefel.me/?a=commitdiff_plain;h=3f99cf5710d77ce218116d1b6bb9682c466bbde1;p=qemu.git tools/virtiofsd: convert to Meson Signed-off-by: Paolo Bonzini --- diff --git a/Makefile b/Makefile index 78d3a78e97..e591d1b2b4 100644 --- a/Makefile +++ b/Makefile @@ -205,11 +205,6 @@ HELPERS-y += vhost-user-gpu$(EXESUF) vhost-user-json-y += contrib/vhost-user-gpu/50-qemu-gpu.json endif -ifeq ($(CONFIG_SOFTMMU)$(CONFIG_LINUX)$(CONFIG_SECCOMP)$(CONFIG_LIBCAP_NG),yyyy) -HELPERS-y += virtiofsd$(EXESUF) -vhost-user-json-y += tools/virtiofsd/50-qemu-virtiofsd.json -endif - # Sphinx does not allow building manuals into the same directory as # the source files, so if we're doing an in-tree QEMU build we must # build the manuals into a subdirectory (and then install them from @@ -316,7 +311,6 @@ dummy := $(call unnest-vars,, \ elf2dmp-obj-y \ ivshmem-client-obj-y \ ivshmem-server-obj-y \ - virtiofsd-obj-y \ rdmacm-mux-obj-y \ vhost-user-scsi-obj-y \ vhost-user-blk-obj-y \ @@ -549,12 +543,6 @@ rdmacm-mux$(EXESUF): LIBS += "-libumad" rdmacm-mux$(EXESUF): $(rdmacm-mux-obj-y) $(COMMON_LDADDS) $(call LINK, $^) -# relies on Linux-specific syscalls -ifeq ($(CONFIG_LINUX)$(CONFIG_SECCOMP)$(CONFIG_LIBCAP_NG),yyy) -virtiofsd$(EXESUF): $(virtiofsd-obj-y) contrib/libvhost-user/libvhost-user.a $(COMMON_LDADDS) - $(call LINK, $^) -endif - vhost-user-gpu$(EXESUF): $(vhost-user-gpu-obj-y) contrib/libvhost-user/libvhost-user.a $(COMMON_LDADDS) $(call LINK, $^) diff --git a/Makefile.objs b/Makefile.objs index 9489864967..fee0f71372 100644 --- a/Makefile.objs +++ b/Makefile.objs @@ -113,6 +113,5 @@ vhost-user-blk-obj-y = contrib/vhost-user-blk/ rdmacm-mux-obj-y = contrib/rdmacm-mux/ vhost-user-input-obj-y = contrib/vhost-user-input/ vhost-user-gpu-obj-y = contrib/vhost-user-gpu/ -virtiofsd-obj-y = tools/virtiofsd/ ###################################################################### diff --git a/configure b/configure index 75ffe30d75..4d8936ee59 100755 --- a/configure +++ b/configure @@ -7047,6 +7047,7 @@ if test "$gprof" = "yes" ; then fi if test "$cap_ng" = "yes" ; then echo "CONFIG_LIBCAP_NG=y" >> $config_host_mak + echo "LIBCAP_NG_LIBS=$cap_libs" >> $config_host_mak fi echo "CONFIG_AUDIO_DRIVERS=$audio_drv_list" >> $config_host_mak for drv in $audio_drv_list; do diff --git a/meson.build b/meson.build index 00f17ef36f..00970e6e19 100644 --- a/meson.build +++ b/meson.build @@ -83,6 +83,15 @@ if 'CONFIG_GNUTLS' in config_host gnutls = declare_dependency(compile_args: config_host['GNUTLS_CFLAGS'].split(), link_args: config_host['GNUTLS_LIBS'].split()) endif +seccomp = not_found +if 'CONFIG_SECCOMP' in config_host + seccomp = declare_dependency(compile_args: config_host['SECCOMP_CFLAGS'].split(), + link_args: config_host['SECCOMP_LIBS'].split()) +endif +libcap_ng = not_found +if 'CONFIG_LIBCAP_NG' in config_host + libcap_ng = declare_dependency(link_args: config_host['LIBCAP_NG_LIBS'].split()) +endif target_dirs = config_host['TARGET_DIRS'].split() have_user = false @@ -251,6 +260,8 @@ if have_tools endif endif +subdir('tools') + summary_info = {} summary_info += {'Install prefix': config_host['prefix']} summary_info += {'BIOS directory': config_host['qemu_datadir']} diff --git a/tools/meson.build b/tools/meson.build new file mode 100644 index 0000000000..513bd2ff4f --- /dev/null +++ b/tools/meson.build @@ -0,0 +1,10 @@ +have_virtiofsd = (have_system and + have_tools and + 'CONFIG_LINUX' in config_host and + 'CONFIG_SECCOMP' in config_host and + 'CONFIG_LIBCAP_NG' in config_host and + 'CONFIG_VHOST_USER' in config_host) + +if have_virtiofsd + subdir('virtiofsd') +endif diff --git a/tools/virtiofsd/Makefile.objs b/tools/virtiofsd/Makefile.objs deleted file mode 100644 index 076f667e46..0000000000 --- a/tools/virtiofsd/Makefile.objs +++ /dev/null @@ -1,12 +0,0 @@ -virtiofsd-obj-y = buffer.o \ - fuse_opt.o \ - fuse_log.o \ - fuse_lowlevel.o \ - fuse_signals.o \ - fuse_virtio.o \ - helper.o \ - passthrough_ll.o \ - seccomp.o - -seccomp.o-cflags := $(SECCOMP_CFLAGS) -seccomp.o-libs := $(SECCOMP_LIBS) diff --git a/tools/virtiofsd/meson.build b/tools/virtiofsd/meson.build new file mode 100644 index 0000000000..d1e23c5760 --- /dev/null +++ b/tools/virtiofsd/meson.build @@ -0,0 +1,19 @@ +executable('virtiofsd', files( + 'buffer.c', + 'fuse_opt.c', + 'fuse_log.c', + 'fuse_lowlevel.c', + 'fuse_signals.c', + 'fuse_virtio.c', + 'helper.c', + 'passthrough_ll.c', + 'passthrough_seccomp.c'), + link_with: libvhost_user, + dependencies: [seccomp, qemuutil, libcap_ng], + install: true, + install_dir: get_option('libexecdir')) + +configure_file(input: '50-qemu-virtiofsd.json.in', + output: '50-qemu-virtiofsd.json', + configuration: config_host, + install_dir: config_host['qemu_datadir'] / 'vhost-user') diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c index 94e0de2d2b..63d1d00565 100644 --- a/tools/virtiofsd/passthrough_ll.c +++ b/tools/virtiofsd/passthrough_ll.c @@ -65,7 +65,7 @@ #include #include "passthrough_helpers.h" -#include "seccomp.h" +#include "passthrough_seccomp.h" /* Keep track of inode posix locks for each owner. */ struct lo_inode_plock { diff --git a/tools/virtiofsd/passthrough_seccomp.c b/tools/virtiofsd/passthrough_seccomp.c new file mode 100644 index 0000000000..19fee60011 --- /dev/null +++ b/tools/virtiofsd/passthrough_seccomp.c @@ -0,0 +1,172 @@ +/* + * Seccomp sandboxing for virtiofsd + * + * Copyright (C) 2019 Red Hat, Inc. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "qemu/osdep.h" +#include "passthrough_seccomp.h" +#include "fuse_i.h" +#include "fuse_log.h" +#include +#include +#include +#include + +/* Bodge for libseccomp 2.4.2 which broke ppoll */ +#if !defined(__SNR_ppoll) && defined(__SNR_brk) +#ifdef __NR_ppoll +#define __SNR_ppoll __NR_ppoll +#else +#define __SNR_ppoll __PNR_ppoll +#endif +#endif + +static const int syscall_whitelist[] = { + /* TODO ireg sem*() syscalls */ + SCMP_SYS(brk), + SCMP_SYS(capget), /* For CAP_FSETID */ + SCMP_SYS(capset), + SCMP_SYS(clock_gettime), + SCMP_SYS(clone), +#ifdef __NR_clone3 + SCMP_SYS(clone3), +#endif + SCMP_SYS(close), + SCMP_SYS(copy_file_range), + SCMP_SYS(dup), + SCMP_SYS(eventfd2), + SCMP_SYS(exit), + SCMP_SYS(exit_group), + SCMP_SYS(fallocate), + SCMP_SYS(fchdir), + SCMP_SYS(fchmod), + SCMP_SYS(fchmodat), + SCMP_SYS(fchownat), + SCMP_SYS(fcntl), + SCMP_SYS(fdatasync), + SCMP_SYS(fgetxattr), + SCMP_SYS(flistxattr), + SCMP_SYS(flock), + SCMP_SYS(fremovexattr), + SCMP_SYS(fsetxattr), + SCMP_SYS(fstat), + SCMP_SYS(fstatfs), + SCMP_SYS(fsync), + SCMP_SYS(ftruncate), + SCMP_SYS(futex), + SCMP_SYS(getdents), + SCMP_SYS(getdents64), + SCMP_SYS(getegid), + SCMP_SYS(geteuid), + SCMP_SYS(getpid), + SCMP_SYS(gettid), + SCMP_SYS(gettimeofday), + SCMP_SYS(getxattr), + SCMP_SYS(linkat), + SCMP_SYS(listxattr), + SCMP_SYS(lseek), + SCMP_SYS(madvise), + SCMP_SYS(mkdirat), + SCMP_SYS(mknodat), + SCMP_SYS(mmap), + SCMP_SYS(mprotect), + SCMP_SYS(mremap), + SCMP_SYS(munmap), + SCMP_SYS(newfstatat), + SCMP_SYS(open), + SCMP_SYS(openat), + SCMP_SYS(ppoll), + SCMP_SYS(prctl), /* TODO restrict to just PR_SET_NAME? */ + SCMP_SYS(preadv), + SCMP_SYS(pread64), + SCMP_SYS(pwritev), + SCMP_SYS(pwrite64), + SCMP_SYS(read), + SCMP_SYS(readlinkat), + SCMP_SYS(recvmsg), + SCMP_SYS(renameat), + SCMP_SYS(renameat2), + SCMP_SYS(removexattr), + SCMP_SYS(rt_sigaction), + SCMP_SYS(rt_sigprocmask), + SCMP_SYS(rt_sigreturn), + SCMP_SYS(sendmsg), + SCMP_SYS(setresgid), + SCMP_SYS(setresuid), +#ifdef __NR_setresgid32 + SCMP_SYS(setresgid32), +#endif +#ifdef __NR_setresuid32 + SCMP_SYS(setresuid32), +#endif + SCMP_SYS(set_robust_list), + SCMP_SYS(setxattr), + SCMP_SYS(symlinkat), + SCMP_SYS(time), /* Rarely needed, except on static builds */ + SCMP_SYS(tgkill), + SCMP_SYS(unlinkat), + SCMP_SYS(unshare), + SCMP_SYS(utimensat), + SCMP_SYS(write), + SCMP_SYS(writev), +}; + +/* Syscalls used when --syslog is enabled */ +static const int syscall_whitelist_syslog[] = { + SCMP_SYS(sendto), +}; + +static void add_whitelist(scmp_filter_ctx ctx, const int syscalls[], size_t len) +{ + size_t i; + + for (i = 0; i < len; i++) { + if (seccomp_rule_add(ctx, SCMP_ACT_ALLOW, syscalls[i], 0) != 0) { + fuse_log(FUSE_LOG_ERR, "seccomp_rule_add syscall %d failed\n", + syscalls[i]); + exit(1); + } + } +} + +void setup_seccomp(bool enable_syslog) +{ + scmp_filter_ctx ctx; + +#ifdef SCMP_ACT_KILL_PROCESS + ctx = seccomp_init(SCMP_ACT_KILL_PROCESS); + /* Handle a newer libseccomp but an older kernel */ + if (!ctx && errno == EOPNOTSUPP) { + ctx = seccomp_init(SCMP_ACT_TRAP); + } +#else + ctx = seccomp_init(SCMP_ACT_TRAP); +#endif + if (!ctx) { + fuse_log(FUSE_LOG_ERR, "seccomp_init() failed\n"); + exit(1); + } + + add_whitelist(ctx, syscall_whitelist, G_N_ELEMENTS(syscall_whitelist)); + if (enable_syslog) { + add_whitelist(ctx, syscall_whitelist_syslog, + G_N_ELEMENTS(syscall_whitelist_syslog)); + } + + /* libvhost-user calls this for post-copy migration, we don't need it */ + if (seccomp_rule_add(ctx, SCMP_ACT_ERRNO(ENOSYS), + SCMP_SYS(userfaultfd), 0) != 0) { + fuse_log(FUSE_LOG_ERR, "seccomp_rule_add userfaultfd failed\n"); + exit(1); + } + + if (seccomp_load(ctx) < 0) { + fuse_log(FUSE_LOG_ERR, "seccomp_load() failed\n"); + exit(1); + } + + seccomp_release(ctx); +} diff --git a/tools/virtiofsd/passthrough_seccomp.h b/tools/virtiofsd/passthrough_seccomp.h new file mode 100644 index 0000000000..d47c8eade6 --- /dev/null +++ b/tools/virtiofsd/passthrough_seccomp.h @@ -0,0 +1,16 @@ +/* + * Seccomp sandboxing for virtiofsd + * + * Copyright (C) 2019 Red Hat, Inc. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#ifndef VIRTIOFSD_SECCOMP_H +#define VIRTIOFSD_SECCOMP_H + +#include + +void setup_seccomp(bool enable_syslog); + +#endif /* VIRTIOFSD_SECCOMP_H */ diff --git a/tools/virtiofsd/seccomp.c b/tools/virtiofsd/seccomp.c deleted file mode 100644 index 3b1522acdd..0000000000 --- a/tools/virtiofsd/seccomp.c +++ /dev/null @@ -1,172 +0,0 @@ -/* - * Seccomp sandboxing for virtiofsd - * - * Copyright (C) 2019 Red Hat, Inc. - * - * SPDX-License-Identifier: GPL-2.0-or-later - */ - -#include "qemu/osdep.h" -#include "seccomp.h" -#include "fuse_i.h" -#include "fuse_log.h" -#include -#include -#include -#include - -/* Bodge for libseccomp 2.4.2 which broke ppoll */ -#if !defined(__SNR_ppoll) && defined(__SNR_brk) -#ifdef __NR_ppoll -#define __SNR_ppoll __NR_ppoll -#else -#define __SNR_ppoll __PNR_ppoll -#endif -#endif - -static const int syscall_whitelist[] = { - /* TODO ireg sem*() syscalls */ - SCMP_SYS(brk), - SCMP_SYS(capget), /* For CAP_FSETID */ - SCMP_SYS(capset), - SCMP_SYS(clock_gettime), - SCMP_SYS(clone), -#ifdef __NR_clone3 - SCMP_SYS(clone3), -#endif - SCMP_SYS(close), - SCMP_SYS(copy_file_range), - SCMP_SYS(dup), - SCMP_SYS(eventfd2), - SCMP_SYS(exit), - SCMP_SYS(exit_group), - SCMP_SYS(fallocate), - SCMP_SYS(fchdir), - SCMP_SYS(fchmod), - SCMP_SYS(fchmodat), - SCMP_SYS(fchownat), - SCMP_SYS(fcntl), - SCMP_SYS(fdatasync), - SCMP_SYS(fgetxattr), - SCMP_SYS(flistxattr), - SCMP_SYS(flock), - SCMP_SYS(fremovexattr), - SCMP_SYS(fsetxattr), - SCMP_SYS(fstat), - SCMP_SYS(fstatfs), - SCMP_SYS(fsync), - SCMP_SYS(ftruncate), - SCMP_SYS(futex), - SCMP_SYS(getdents), - SCMP_SYS(getdents64), - SCMP_SYS(getegid), - SCMP_SYS(geteuid), - SCMP_SYS(getpid), - SCMP_SYS(gettid), - SCMP_SYS(gettimeofday), - SCMP_SYS(getxattr), - SCMP_SYS(linkat), - SCMP_SYS(listxattr), - SCMP_SYS(lseek), - SCMP_SYS(madvise), - SCMP_SYS(mkdirat), - SCMP_SYS(mknodat), - SCMP_SYS(mmap), - SCMP_SYS(mprotect), - SCMP_SYS(mremap), - SCMP_SYS(munmap), - SCMP_SYS(newfstatat), - SCMP_SYS(open), - SCMP_SYS(openat), - SCMP_SYS(ppoll), - SCMP_SYS(prctl), /* TODO restrict to just PR_SET_NAME? */ - SCMP_SYS(preadv), - SCMP_SYS(pread64), - SCMP_SYS(pwritev), - SCMP_SYS(pwrite64), - SCMP_SYS(read), - SCMP_SYS(readlinkat), - SCMP_SYS(recvmsg), - SCMP_SYS(renameat), - SCMP_SYS(renameat2), - SCMP_SYS(removexattr), - SCMP_SYS(rt_sigaction), - SCMP_SYS(rt_sigprocmask), - SCMP_SYS(rt_sigreturn), - SCMP_SYS(sendmsg), - SCMP_SYS(setresgid), - SCMP_SYS(setresuid), -#ifdef __NR_setresgid32 - SCMP_SYS(setresgid32), -#endif -#ifdef __NR_setresuid32 - SCMP_SYS(setresuid32), -#endif - SCMP_SYS(set_robust_list), - SCMP_SYS(setxattr), - SCMP_SYS(symlinkat), - SCMP_SYS(time), /* Rarely needed, except on static builds */ - SCMP_SYS(tgkill), - SCMP_SYS(unlinkat), - SCMP_SYS(unshare), - SCMP_SYS(utimensat), - SCMP_SYS(write), - SCMP_SYS(writev), -}; - -/* Syscalls used when --syslog is enabled */ -static const int syscall_whitelist_syslog[] = { - SCMP_SYS(sendto), -}; - -static void add_whitelist(scmp_filter_ctx ctx, const int syscalls[], size_t len) -{ - size_t i; - - for (i = 0; i < len; i++) { - if (seccomp_rule_add(ctx, SCMP_ACT_ALLOW, syscalls[i], 0) != 0) { - fuse_log(FUSE_LOG_ERR, "seccomp_rule_add syscall %d failed\n", - syscalls[i]); - exit(1); - } - } -} - -void setup_seccomp(bool enable_syslog) -{ - scmp_filter_ctx ctx; - -#ifdef SCMP_ACT_KILL_PROCESS - ctx = seccomp_init(SCMP_ACT_KILL_PROCESS); - /* Handle a newer libseccomp but an older kernel */ - if (!ctx && errno == EOPNOTSUPP) { - ctx = seccomp_init(SCMP_ACT_TRAP); - } -#else - ctx = seccomp_init(SCMP_ACT_TRAP); -#endif - if (!ctx) { - fuse_log(FUSE_LOG_ERR, "seccomp_init() failed\n"); - exit(1); - } - - add_whitelist(ctx, syscall_whitelist, G_N_ELEMENTS(syscall_whitelist)); - if (enable_syslog) { - add_whitelist(ctx, syscall_whitelist_syslog, - G_N_ELEMENTS(syscall_whitelist_syslog)); - } - - /* libvhost-user calls this for post-copy migration, we don't need it */ - if (seccomp_rule_add(ctx, SCMP_ACT_ERRNO(ENOSYS), - SCMP_SYS(userfaultfd), 0) != 0) { - fuse_log(FUSE_LOG_ERR, "seccomp_rule_add userfaultfd failed\n"); - exit(1); - } - - if (seccomp_load(ctx) < 0) { - fuse_log(FUSE_LOG_ERR, "seccomp_load() failed\n"); - exit(1); - } - - seccomp_release(ctx); -} diff --git a/tools/virtiofsd/seccomp.h b/tools/virtiofsd/seccomp.h deleted file mode 100644 index d47c8eade6..0000000000 --- a/tools/virtiofsd/seccomp.h +++ /dev/null @@ -1,16 +0,0 @@ -/* - * Seccomp sandboxing for virtiofsd - * - * Copyright (C) 2019 Red Hat, Inc. - * - * SPDX-License-Identifier: GPL-2.0-or-later - */ - -#ifndef VIRTIOFSD_SECCOMP_H -#define VIRTIOFSD_SECCOMP_H - -#include - -void setup_seccomp(bool enable_syslog); - -#endif /* VIRTIOFSD_SECCOMP_H */