cryptospore / rpms / qemu-kvm

Forked from rpms/qemu-kvm 2 years ago
Clone
902636
From 6f5cf644bebc189bdb16f1caf3d7c47835d7c287 Mon Sep 17 00:00:00 2001
902636
From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
902636
Date: Mon, 27 Jan 2020 19:01:36 +0100
902636
Subject: [PATCH 065/116] virtiofsd: add --syslog command-line option
902636
MIME-Version: 1.0
902636
Content-Type: text/plain; charset=UTF-8
902636
Content-Transfer-Encoding: 8bit
902636
902636
RH-Author: Dr. David Alan Gilbert <dgilbert@redhat.com>
902636
Message-id: <20200127190227.40942-62-dgilbert@redhat.com>
902636
Patchwork-id: 93509
902636
O-Subject: [RHEL-AV-8.2 qemu-kvm PATCH 061/112] virtiofsd: add --syslog command-line option
902636
Bugzilla: 1694164
902636
RH-Acked-by: Philippe Mathieu-Daudé <philmd@redhat.com>
902636
RH-Acked-by: Stefan Hajnoczi <stefanha@redhat.com>
902636
RH-Acked-by: Sergio Lopez Pascual <slp@redhat.com>
902636
902636
From: Stefan Hajnoczi <stefanha@redhat.com>
902636
902636
Sometimes collecting output from stderr is inconvenient or does not fit
902636
within the overall logging architecture.  Add syslog(3) support for
902636
cases where stderr cannot be used.
902636
902636
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
902636
dgilbert: Reworked as a logging function
902636
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
902636
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
902636
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
902636
(cherry picked from commit f185621d41f03a23b55795b89e6584253fa23505)
902636
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
902636
---
902636
 tools/virtiofsd/fuse_lowlevel.h  |  1 +
902636
 tools/virtiofsd/helper.c         |  2 ++
902636
 tools/virtiofsd/passthrough_ll.c | 50 +++++++++++++++++++++++++++++++++++++---
902636
 tools/virtiofsd/seccomp.c        | 32 +++++++++++++++++--------
902636
 tools/virtiofsd/seccomp.h        |  4 +++-
902636
 5 files changed, 76 insertions(+), 13 deletions(-)
902636
902636
diff --git a/tools/virtiofsd/fuse_lowlevel.h b/tools/virtiofsd/fuse_lowlevel.h
902636
index 0d61df8..f2750bc 100644
902636
--- a/tools/virtiofsd/fuse_lowlevel.h
902636
+++ b/tools/virtiofsd/fuse_lowlevel.h
902636
@@ -1795,6 +1795,7 @@ struct fuse_cmdline_opts {
902636
     int show_version;
902636
     int show_help;
902636
     int print_capabilities;
902636
+    int syslog;
902636
     unsigned int max_idle_threads;
902636
 };
902636
 
902636
diff --git a/tools/virtiofsd/helper.c b/tools/virtiofsd/helper.c
902636
index 5531425..9692ef9 100644
902636
--- a/tools/virtiofsd/helper.c
902636
+++ b/tools/virtiofsd/helper.c
902636
@@ -54,6 +54,7 @@ static const struct fuse_opt fuse_helper_opts[] = {
902636
     FUSE_HELPER_OPT("subtype=", nodefault_subtype),
902636
     FUSE_OPT_KEY("subtype=", FUSE_OPT_KEY_KEEP),
902636
     FUSE_HELPER_OPT("max_idle_threads=%u", max_idle_threads),
902636
+    FUSE_HELPER_OPT("--syslog", syslog),
902636
     FUSE_OPT_END
902636
 };
902636
 
902636
@@ -138,6 +139,7 @@ void fuse_cmdline_help(void)
902636
            "    -V   --version             print version\n"
902636
            "    --print-capabilities       print vhost-user.json\n"
902636
            "    -d   -o debug              enable debug output (implies -f)\n"
902636
+           "    --syslog                   log to syslog (default stderr)\n"
902636
            "    -f                         foreground operation\n"
902636
            "    --daemonize                run in background\n"
902636
            "    -o max_idle_threads        the maximum number of idle worker "
902636
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
902636
index c281d81..0372aca 100644
902636
--- a/tools/virtiofsd/passthrough_ll.c
902636
+++ b/tools/virtiofsd/passthrough_ll.c
902636
@@ -58,6 +58,7 @@
902636
 #include <sys/types.h>
902636
 #include <sys/wait.h>
902636
 #include <sys/xattr.h>
902636
+#include <syslog.h>
902636
 #include <unistd.h>
902636
 
902636
 #include "passthrough_helpers.h"
902636
@@ -138,6 +139,7 @@ static const struct fuse_opt lo_opts[] = {
902636
     { "norace", offsetof(struct lo_data, norace), 1 },
902636
     FUSE_OPT_END
902636
 };
902636
+static bool use_syslog = false;
902636
 
902636
 static void unref_inode(struct lo_data *lo, struct lo_inode *inode, uint64_t n);
902636
 
902636
@@ -2262,11 +2264,12 @@ static void setup_mounts(const char *source)
902636
  * Lock down this process to prevent access to other processes or files outside
902636
  * source directory.  This reduces the impact of arbitrary code execution bugs.
902636
  */
902636
-static void setup_sandbox(struct lo_data *lo, struct fuse_session *se)
902636
+static void setup_sandbox(struct lo_data *lo, struct fuse_session *se,
902636
+                          bool enable_syslog)
902636
 {
902636
     setup_namespaces(lo, se);
902636
     setup_mounts(lo->source);
902636
-    setup_seccomp();
902636
+    setup_seccomp(enable_syslog);
902636
 }
902636
 
902636
 /* Raise the maximum number of open file descriptors */
902636
@@ -2298,6 +2301,42 @@ static void setup_nofile_rlimit(void)
902636
     }
902636
 }
902636
 
902636
+static void log_func(enum fuse_log_level level, const char *fmt, va_list ap)
902636
+{
902636
+    if (use_syslog) {
902636
+        int priority = LOG_ERR;
902636
+        switch (level) {
902636
+        case FUSE_LOG_EMERG:
902636
+            priority = LOG_EMERG;
902636
+            break;
902636
+        case FUSE_LOG_ALERT:
902636
+            priority = LOG_ALERT;
902636
+            break;
902636
+        case FUSE_LOG_CRIT:
902636
+            priority = LOG_CRIT;
902636
+            break;
902636
+        case FUSE_LOG_ERR:
902636
+            priority = LOG_ERR;
902636
+            break;
902636
+        case FUSE_LOG_WARNING:
902636
+            priority = LOG_WARNING;
902636
+            break;
902636
+        case FUSE_LOG_NOTICE:
902636
+            priority = LOG_NOTICE;
902636
+            break;
902636
+        case FUSE_LOG_INFO:
902636
+            priority = LOG_INFO;
902636
+            break;
902636
+        case FUSE_LOG_DEBUG:
902636
+            priority = LOG_DEBUG;
902636
+            break;
902636
+        }
902636
+        vsyslog(priority, fmt, ap);
902636
+    } else {
902636
+        vfprintf(stderr, fmt, ap);
902636
+    }
902636
+}
902636
+
902636
 int main(int argc, char *argv[])
902636
 {
902636
     struct fuse_args args = FUSE_ARGS_INIT(argc, argv);
902636
@@ -2336,6 +2375,11 @@ int main(int argc, char *argv[])
902636
     if (fuse_parse_cmdline(&args, &opts) != 0) {
902636
         return 1;
902636
     }
902636
+    fuse_set_log_func(log_func);
902636
+    use_syslog = opts.syslog;
902636
+    if (use_syslog) {
902636
+        openlog("virtiofsd", LOG_PID, LOG_DAEMON);
902636
+    }
902636
     if (opts.show_help) {
902636
         printf("usage: %s [options]\n\n", argv[0]);
902636
         fuse_cmdline_help();
902636
@@ -2424,7 +2468,7 @@ int main(int argc, char *argv[])
902636
     /* Must be before sandbox since it wants /proc */
902636
     setup_capng();
902636
 
902636
-    setup_sandbox(&lo, se);
902636
+    setup_sandbox(&lo, se, opts.syslog);
902636
 
902636
     /* Block until ctrl+c or fusermount -u */
902636
     ret = virtio_loop(se);
902636
diff --git a/tools/virtiofsd/seccomp.c b/tools/virtiofsd/seccomp.c
902636
index 691fb63..2d9d4a7 100644
902636
--- a/tools/virtiofsd/seccomp.c
902636
+++ b/tools/virtiofsd/seccomp.c
902636
@@ -107,11 +107,28 @@ static const int syscall_whitelist[] = {
902636
     SCMP_SYS(writev),
902636
 };
902636
 
902636
-void setup_seccomp(void)
902636
+/* Syscalls used when --syslog is enabled */
902636
+static const int syscall_whitelist_syslog[] = {
902636
+    SCMP_SYS(sendto),
902636
+};
902636
+
902636
+static void add_whitelist(scmp_filter_ctx ctx, const int syscalls[], size_t len)
902636
 {
902636
-    scmp_filter_ctx ctx;
902636
     size_t i;
902636
 
902636
+    for (i = 0; i < len; i++) {
902636
+        if (seccomp_rule_add(ctx, SCMP_ACT_ALLOW, syscalls[i], 0) != 0) {
902636
+            fuse_log(FUSE_LOG_ERR, "seccomp_rule_add syscall %d failed\n",
902636
+                     syscalls[i]);
902636
+            exit(1);
902636
+        }
902636
+    }
902636
+}
902636
+
902636
+void setup_seccomp(bool enable_syslog)
902636
+{
902636
+    scmp_filter_ctx ctx;
902636
+
902636
 #ifdef SCMP_ACT_KILL_PROCESS
902636
     ctx = seccomp_init(SCMP_ACT_KILL_PROCESS);
902636
     /* Handle a newer libseccomp but an older kernel */
902636
@@ -126,13 +143,10 @@ void setup_seccomp(void)
902636
         exit(1);
902636
     }
902636
 
902636
-    for (i = 0; i < G_N_ELEMENTS(syscall_whitelist); i++) {
902636
-        if (seccomp_rule_add(ctx, SCMP_ACT_ALLOW,
902636
-                             syscall_whitelist[i], 0) != 0) {
902636
-            fuse_log(FUSE_LOG_ERR, "seccomp_rule_add syscall %d",
902636
-                     syscall_whitelist[i]);
902636
-            exit(1);
902636
-        }
902636
+    add_whitelist(ctx, syscall_whitelist, G_N_ELEMENTS(syscall_whitelist));
902636
+    if (enable_syslog) {
902636
+        add_whitelist(ctx, syscall_whitelist_syslog,
902636
+                      G_N_ELEMENTS(syscall_whitelist_syslog));
902636
     }
902636
 
902636
     /* libvhost-user calls this for post-copy migration, we don't need it */
902636
diff --git a/tools/virtiofsd/seccomp.h b/tools/virtiofsd/seccomp.h
902636
index 86bce72..d47c8ea 100644
902636
--- a/tools/virtiofsd/seccomp.h
902636
+++ b/tools/virtiofsd/seccomp.h
902636
@@ -9,6 +9,8 @@
902636
 #ifndef VIRTIOFSD_SECCOMP_H
902636
 #define VIRTIOFSD_SECCOMP_H
902636
 
902636
-void setup_seccomp(void);
902636
+#include <stdbool.h>
902636
+
902636
+void setup_seccomp(bool enable_syslog);
902636
 
902636
 #endif /* VIRTIOFSD_SECCOMP_H */
902636
-- 
902636
1.8.3.1
902636