# Commit c9616d74b7f672ceaa383226531a4965228b13f1 # Date 2017-10-11 12:51:22 +0100 # Author Ian Jackson # Committer Ian Jackson libxl: userlookup_helper_getpwnam rename and turn into a macro We are going to want versions of getpwuid, too. And maybe in the future getgr*. This is most sanely achieved with a macro, as otherwise the types are a mess. Signed-off-by: Ian Jackson Acked-by: Wei Liu # Commit 6cde84a81b157828ec421f84b8c7fb1b649a7306 # Date 2017-10-13 11:31:59 +0100 # Author Ian Jackson # Committer Ian Jackson libxl: dm_restrict: DEFINE_USERLOOKUP_HELPER returned a pointer to an auto When I converted the previous open-coded user lookup functionality into DEFINE_USERLOOKUP_HELPER, I moved the struct passwd buffer into the function generated by the macro. This is wrong because that buffer is used by get{pw,gr}* for its return value, so the helper function would contrive to return a pointer to the buffer on its own stack. Fix this by adding a buffer parameter to the generated helpers, that the caller must supply, and updating all the call sites. Reported-by: Andrew Cooper Signed-off-by: Ian Jackson Acked-by: Wei Liu --- a/tools/libxl/libxl_dm.c +++ b/tools/libxl/libxl_dm.c @@ -729,39 +729,49 @@ libxl__detect_gfx_passthru_kind(libxl__g return LIBXL_GFX_PASSTHRU_KIND_DEFAULT; } -/* return 1 if the user was found, 0 if it was not, -1 on error */ -static int libxl__dm_runas_helper(libxl__gc *gc, const char *username, - struct passwd **pwd_r) -{ - struct passwd pwd, *user = NULL; - char *buf = NULL; - long buf_size; - int ret; - - buf_size = sysconf(_SC_GETPW_R_SIZE_MAX); - if (buf_size < 0) { - buf_size = 2048; - LOG(DEBUG, -"sysconf(_SC_GETPW_R_SIZE_MAX) failed, setting the initial buffer size to %ld", - buf_size); - } - - while (1) { - buf = libxl__realloc(gc, buf, buf_size); - ret = getpwnam_r(username, &pwd, buf, buf_size, &user); - if (ret == ERANGE) { - buf_size += 128; - continue; - } - if (ret != 0) - return ERROR_FAIL; - if (user != NULL) { - if (pwd_r) *pwd_r = pwd; - return 1; - } - return 0; +/* + * userlookup_helper_getpwnam(libxl__gc*, const char *user, + * struct passwd **pwd_r); + * + * returns 1 if the user was found, 0 if it was not, -1 on error + */ +#define DEFINE_USERLOOKUP_HELPER(NAME,SPEC_TYPE,STRUCTNAME,SYSCONF) \ + static int userlookup_helper_##NAME(libxl__gc *gc, \ + SPEC_TYPE spec, \ + struct STRUCTNAME *resultbuf, \ + struct STRUCTNAME **out) \ + { \ + struct STRUCTNAME *resultp = NULL; \ + char *buf = NULL; \ + long buf_size; \ + int ret; \ + \ + buf_size = sysconf(SYSCONF); \ + if (buf_size < 0) { \ + buf_size = 2048; \ + LOG(DEBUG, \ + "sysconf failed, setting the initial buffer size to %ld", \ + buf_size); \ + } \ + \ + while (1) { \ + buf = libxl__realloc(gc, buf, buf_size); \ + ret = NAME##_r(spec, resultbuf, buf, buf_size, &resultp); \ + if (ret == ERANGE) { \ + buf_size += 128; \ + continue; \ + } \ + if (ret != 0) \ + return ERROR_FAIL; \ + if (resultp != NULL) { \ + if (out) *out = resultp; \ + return 1; \ + } \ + return 0; \ + } \ } -} + +DEFINE_USERLOOKUP_HELPER(getpwnam, const char*, passwd, _SC_GETPW_R_SIZE_MAX); /* colo mode */ enum { @@ -926,6 +936,7 @@ static int libxl__build_device_model_arg uint64_t ram_size; const char *path, *chardev; char *user = NULL; + struct passwd user_pwbuf; dm_args = flexarray_make(gc, 16, 1); dm_envs = flexarray_make(gc, 16, 1); @@ -1620,14 +1631,14 @@ static int libxl__build_device_model_arg } user = GCSPRINTF("%s%d", LIBXL_QEMU_USER_BASE, guest_domid); - ret = libxl__dm_runas_helper(gc, user, 0); + ret = userlookup_helper_getpwnam(gc, user, &user_pwbuf, 0); if (ret < 0) return ret; if (ret > 0) goto end_search; user = LIBXL_QEMU_USER_SHARED; - ret = libxl__dm_runas_helper(gc, user, 0); + ret = userlookup_helper_getpwnam(gc, user, &user_pwbuf, 0); if (ret < 0) return ret; if (ret > 0) {