From 444e997e6615d97066552fdf79535acbb8189bcf Mon Sep 17 00:00:00 2001 From: Jerry Jelinek Date: Thu, 27 Jun 2013 19:31:22 +0000 Subject: OS-2341 need a way to disable hsfs use in a zone --- usr/src/cmd/zoneadmd/vplat.c | 34 +++++++++++++++++----- usr/src/lib/libzonecfg/common/libzonecfg.c | 2 +- usr/src/man/man1m/zonecfg.1m | 8 +++-- usr/src/uts/common/fs/hsfs/hsfs_vfsops.c | 3 +- usr/src/uts/common/fs/nfs/nfs3_vfsops.c | 4 +-- usr/src/uts/common/fs/nfs/nfs4_common.c | 3 +- usr/src/uts/common/fs/nfs/nfs4_vfsops.c | 3 +- usr/src/uts/common/fs/nfs/nfs_common.c | 7 +++-- usr/src/uts/common/fs/nfs/nfs_vfsops.c | 4 +-- usr/src/uts/common/fs/smbclnt/smbfs/smbfs_vfsops.c | 3 +- 10 files changed, 45 insertions(+), 26 deletions(-) diff --git a/usr/src/cmd/zoneadmd/vplat.c b/usr/src/cmd/zoneadmd/vplat.c index 415920acb4..9b7162206d 100644 --- a/usr/src/cmd/zoneadmd/vplat.c +++ b/usr/src/cmd/zoneadmd/vplat.c @@ -21,7 +21,7 @@ /* * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved. - * Copyright (c) 2012, Joyent Inc. All rights reserved. + * Copyright (c) 2013, Joyent Inc. All rights reserved. */ /* @@ -161,6 +161,8 @@ static m_label_t *zlabel = NULL; static m_label_t *zid_label = NULL; static priv_set_t *zprivs = NULL; +static char *DFLT_FS_ALLOWED = "hsfs,smbfs,nfs,nfs3,nfs4,nfsdyn"; + /* from libsocket, not in any header file */ extern int getnetmaskbyaddr(struct in_addr, struct in_addr *); @@ -4444,26 +4446,42 @@ setup_zone_hostid(zone_dochandle_t handle, zlog_t *zlogp, zoneid_t zoneid) static int setup_zone_fs_allowed(zone_dochandle_t handle, zlog_t *zlogp, zoneid_t zoneid) { - char fsallowedp[ZONE_FS_ALLOWED_MAX]; + char fsallowed[ZONE_FS_ALLOWED_MAX]; + char *fsallowedp = fsallowed; + int len = sizeof (fsallowed); int res; - res = zonecfg_get_fs_allowed(handle, fsallowedp, sizeof (fsallowedp)); + res = zonecfg_get_fs_allowed(handle, fsallowed, len); if (res == Z_BAD_PROPERTY) { - return (Z_OK); + /* No value, set the defaults */ + (void) strlcpy(fsallowed, DFLT_FS_ALLOWED, len); } else if (res != Z_OK) { - report_prop_err(zlogp, "fs-allowed", fsallowedp, res); + report_prop_err(zlogp, "fs-allowed", fsallowed, res); return (res); + } else if (fsallowed[0] == '-') { + /* dropping default privs - use remaining list */ + if (fsallowed[1] != ',') + return (Z_OK); + fsallowedp += 2; + len -= 2; + } else { + /* Has a value, append the defaults */ + if (strlcat(fsallowed, ",", len) >= len || + strlcat(fsallowed, DFLT_FS_ALLOWED, len) >= len) { + report_prop_err(zlogp, "fs-allowed", fsallowed, + Z_TOO_BIG); + return (Z_TOO_BIG); + } } - if (zone_setattr(zoneid, ZONE_ATTR_FS_ALLOWED, &fsallowedp, - sizeof (fsallowedp)) != 0) { + if (zone_setattr(zoneid, ZONE_ATTR_FS_ALLOWED, fsallowedp, len) != 0) { zerror(zlogp, B_TRUE, "fs-allowed couldn't be set: %s: %d", fsallowedp, res); return (Z_SYSTEM); } - return (res); + return (Z_OK); } static int diff --git a/usr/src/lib/libzonecfg/common/libzonecfg.c b/usr/src/lib/libzonecfg/common/libzonecfg.c index 55e0e58c82..4ce6e90a02 100644 --- a/usr/src/lib/libzonecfg/common/libzonecfg.c +++ b/usr/src/lib/libzonecfg/common/libzonecfg.c @@ -2507,7 +2507,7 @@ zonecfg_valid_fs_allowed(const char *fsallowedp) while (*cp != '\0') { p = cp; while (*p != '\0' && *p != ',') { - if (!isalnum(*p)) + if (!isalnum(*p) && *p != '-') return (Z_INVALID_PROPERTY); p++; } diff --git a/usr/src/man/man1m/zonecfg.1m b/usr/src/man/man1m/zonecfg.1m index 88b6cdd770..f21891fdbd 100644 --- a/usr/src/man/man1m/zonecfg.1m +++ b/usr/src/man/man1m/zonecfg.1m @@ -1,10 +1,10 @@ '\" te .\" Copyright (c) 2004, 2009 Sun Microsystems, Inc. All Rights Reserved. -.\" Copyright (c) 2011 Joyent, Inc. All Rights Reserved. +.\" Copyright 2013 Joyent, Inc. All Rights Reserved. .\" The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License. You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing. .\" See the License for the specific language governing permissions and limitations under the License. When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with the .\" fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner] -.TH ZONECFG 1M "Aug 24, 2012" +.TH ZONECFG 1M "Jun 27, 2013" .SH NAME zonecfg \- set up zone configuration .SH SYNOPSIS @@ -897,7 +897,9 @@ control and is related to the \fBzone.cpu-cap\fR resource control. See .RS 4n A comma-separated list of additional filesystems that may be mounted within the zone; for example "ufs,pcfs". By default, only hsfs(7fs) and network -filesystems can be mounted. +filesystems can be mounted. If the first entry in the list is "-" then +that disables all of the default filesystems. If any filesystems are listed +after "-" then only those filesystems can be mounted. This property does not apply to filesystems mounted into the zone via "add fs" or "add dataset". diff --git a/usr/src/uts/common/fs/hsfs/hsfs_vfsops.c b/usr/src/uts/common/fs/hsfs/hsfs_vfsops.c index 8286dc11ac..dbe9aa4c07 100644 --- a/usr/src/uts/common/fs/hsfs/hsfs_vfsops.c +++ b/usr/src/uts/common/fs/hsfs/hsfs_vfsops.c @@ -21,6 +21,7 @@ /* * Copyright (c) 1990, 2010, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2011 Bayard G. Bell. All rights reserved. + * Copyright 2013 Joyent, Inc. All rights reserved. */ /* @@ -149,7 +150,7 @@ static vfsdef_t vfw = { "hsfs", hsfsinit, /* We don't suppport remounting */ - VSW_HASPROTO|VSW_STATS|VSW_CANLOFI|VSW_ZMOUNT, + VSW_HASPROTO|VSW_STATS|VSW_CANLOFI, &hsfs_proto_opttbl }; diff --git a/usr/src/uts/common/fs/nfs/nfs3_vfsops.c b/usr/src/uts/common/fs/nfs/nfs3_vfsops.c index bdb3d097d2..2176dcb9de 100644 --- a/usr/src/uts/common/fs/nfs/nfs3_vfsops.c +++ b/usr/src/uts/common/fs/nfs/nfs3_vfsops.c @@ -20,6 +20,7 @@ */ /* * Copyright (c) 1986, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright 2013, Joyent, Inc. All rights reserved. */ /* @@ -500,9 +501,6 @@ nfs3_mount(vfs_t *vfsp, vnode_t *mvp, struct mounta *uap, cred_t *cr) if ((error = secpolicy_fs_mount(cr, mvp, vfsp)) != 0) return (EPERM); - if (secpolicy_nfs(cr) != 0) - return (EPERM); - if (mvp->v_type != VDIR) return (ENOTDIR); diff --git a/usr/src/uts/common/fs/nfs/nfs4_common.c b/usr/src/uts/common/fs/nfs/nfs4_common.c index 03c9dbcbaa..11c6984f95 100644 --- a/usr/src/uts/common/fs/nfs/nfs4_common.c +++ b/usr/src/uts/common/fs/nfs/nfs4_common.c @@ -22,6 +22,7 @@ * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved. * * Copyright 2011, 2012 Nexenta Systems, Inc. All rights reserved. + * Copyright 2013 Joyent, Inc. All rights reserved. */ /* @@ -50,7 +51,7 @@ static vfsdef_t vfw4 = { VFSDEF_VERSION, "nfs4", nfs4init, - VSW_CANREMOUNT|VSW_NOTZONESAFE|VSW_STATS|VSW_ZMOUNT, + VSW_CANREMOUNT|VSW_NOTZONESAFE|VSW_STATS, NULL }; diff --git a/usr/src/uts/common/fs/nfs/nfs4_vfsops.c b/usr/src/uts/common/fs/nfs/nfs4_vfsops.c index 002a5e4bdc..2350454d9c 100644 --- a/usr/src/uts/common/fs/nfs/nfs4_vfsops.c +++ b/usr/src/uts/common/fs/nfs/nfs4_vfsops.c @@ -20,6 +20,7 @@ */ /* * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright 2013, Joyent, Inc. All rights reserved. */ /* @@ -713,8 +714,6 @@ nfs4_mount(vfs_t *vfsp, vnode_t *mvp, struct mounta *uap, cred_t *cr) if (secpolicy_fs_mount(cr, mvp, vfsp) != 0) return (EPERM); - if (secpolicy_nfs(cr) != 0) - return (EPERM); if (mvp->v_type != VDIR) return (ENOTDIR); diff --git a/usr/src/uts/common/fs/nfs/nfs_common.c b/usr/src/uts/common/fs/nfs/nfs_common.c index 16a467e64c..6a3cb3d695 100644 --- a/usr/src/uts/common/fs/nfs/nfs_common.c +++ b/usr/src/uts/common/fs/nfs/nfs_common.c @@ -21,6 +21,7 @@ /* * Copyright (c) 1990, 2010, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2011 Bayard G. Bell. All rights reserved. + * Copyright 2013 Joyent, Inc. All rights reserved. */ /* @@ -123,7 +124,7 @@ static vfsdef_t vfw = { VFSDEF_VERSION, "nfsdyn", nfsdyninit, - VSW_ZMOUNT, + 0, NULL }; @@ -140,7 +141,7 @@ static vfsdef_t vfw2 = { VFSDEF_VERSION, "nfs", nfsinit, - VSW_CANREMOUNT|VSW_NOTZONESAFE|VSW_STATS|VSW_ZMOUNT, + VSW_CANREMOUNT|VSW_NOTZONESAFE|VSW_STATS, NULL }; @@ -157,7 +158,7 @@ static vfsdef_t vfw3 = { VFSDEF_VERSION, "nfs3", nfs3init, - VSW_CANREMOUNT|VSW_NOTZONESAFE|VSW_STATS|VSW_ZMOUNT, + VSW_CANREMOUNT|VSW_NOTZONESAFE|VSW_STATS, NULL }; diff --git a/usr/src/uts/common/fs/nfs/nfs_vfsops.c b/usr/src/uts/common/fs/nfs/nfs_vfsops.c index 205bd3d70c..ffd5380a86 100644 --- a/usr/src/uts/common/fs/nfs/nfs_vfsops.c +++ b/usr/src/uts/common/fs/nfs/nfs_vfsops.c @@ -20,6 +20,7 @@ */ /* * Copyright (c) 1986, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright 2013, Joyent, Inc. All rights reserved. * * Copyright (c) 1983,1984,1985,1986,1987,1988,1989 AT&T. * All rights reserved. @@ -518,9 +519,6 @@ nfs_mount(vfs_t *vfsp, vnode_t *mvp, struct mounta *uap, cred_t *cr) if ((error = secpolicy_fs_mount(cr, mvp, vfsp)) != 0) return (error); - if (secpolicy_nfs(cr) != 0) - return (EPERM); - if (mvp->v_type != VDIR) return (ENOTDIR); diff --git a/usr/src/uts/common/fs/smbclnt/smbfs/smbfs_vfsops.c b/usr/src/uts/common/fs/smbclnt/smbfs/smbfs_vfsops.c index 86c8111b72..6473b52690 100644 --- a/usr/src/uts/common/fs/smbclnt/smbfs/smbfs_vfsops.c +++ b/usr/src/uts/common/fs/smbclnt/smbfs/smbfs_vfsops.c @@ -34,6 +34,7 @@ /* * Copyright (c) 2008, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright 2013, Joyent, Inc. All rights reserved. */ #include @@ -115,7 +116,7 @@ static vfsdef_t vfw = { VFSDEF_VERSION, (char *)fs_type_name, smbfsinit, /* init routine */ - VSW_HASPROTO|VSW_NOTZONESAFE|VSW_ZMOUNT, /* flags */ + VSW_HASPROTO|VSW_NOTZONESAFE, /* flags */ &smbfs_mntopts /* mount options table prototype */ }; -- cgit v1.2.3