vhost_user_fs: Allow specific shared directory to be specified

Because the vhost_user_backend crate needs some changes to support moving the process to a different mount namespace and perform a pivot root, it is not possible to change '/' to the given shared directory. This commit, as a temporary measure, let the code point at the given shared directory. The long term solution is to perform the mount namespace change and the pivot root as this will provide greater security. Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2025-01-22 04:25:21 +00:00 · 2019-11-14 22:29:13 -08:00 · 2019-11-14 22:29:13 -08:00 · 50b0e58c88
commit 50b0e58c88
parent ba17758ac0
2 changed files with 13 additions and 5 deletions
--- a/src/bin/vhost_user_fs.rs
+++ b/src/bin/vhost_user_fs.rs
@ -199,7 +199,7 @@ fn main() {
        .get_matches();

    // Retrieve arguments
-    let _shared_dir = cmd_arguments
+    let shared_dir = cmd_arguments
        .value_of("shared-dir")
        .expect("Failed to retrieve shared directory path");
    let sock = cmd_arguments
@ -209,7 +209,11 @@ fn main() {
    // Convert into appropriate types
    let sock = String::from(sock);

-    let fs = PassthroughFs::new(passthrough::Config::default()).unwrap();
+    let fs_cfg = passthrough::Config {
+        root_dir: shared_dir.to_string(),
+        ..Default::default()
+    };
+    let fs = PassthroughFs::new(fs_cfg).unwrap();
    let fs_backend = Arc::new(RwLock::new(VhostUserFsBackend::new(fs).unwrap()));

    let mut daemon = VhostUserDaemon::new(
--- a/vhost_user_fs/src/passthrough.rs
+++ b/vhost_user_fs/src/passthrough.rs
@ -27,7 +27,6 @@ use crate::multikey::MultikeyBTreeMap;
 const CURRENT_DIR_CSTR: &[u8] = b".\0";
 const PARENT_DIR_CSTR: &[u8] = b"..\0";
 const EMPTY_CSTR: &[u8] = b"\0";
-const ROOT_CSTR: &[u8] = b"/\0";
 const PROC_CSTR: &[u8] = b"/proc\0";

 type Inode = u64;
@ -226,6 +225,11 @@ pub struct Config {
    ///
    /// The default value for this option is `false`.
    pub writeback: bool,
+
+    /// The path of the root directory.
+    ///
+    /// The default is `/`.
+    pub root_dir: String,
 }

 impl Default for Config {
@ -235,6 +239,7 @@ impl Default for Config {
            attr_timeout: Duration::from_secs(5),
            cache_policy: Default::default(),
            writeback: false,
+            root_dir: String::from("/"),
        }
    }
 }
@ -640,8 +645,7 @@ impl FileSystem for PassthroughFs {
    type Handle = Handle;

    fn init(&self, capable: FsOptions) -> io::Result<FsOptions> {
-        // Safe because this is a constant value and a valid C string.
-        let root = unsafe { CStr::from_bytes_with_nul_unchecked(ROOT_CSTR) };
+        let root = CString::new(self.cfg.root_dir.as_str()).expect("CString::new failed");

        // Safe because this doesn't modify any memory and we check the return value.
        // We use `O_PATH` because we just want this for traversing the directory tree