Improve 'zpool import' safety

There are three improvements here to 'zpool import' proposed by Fajar in Github issue openzfs#98. They are all good so I'm commiting all three. 1) Add descriptions for "hpet" and "core" blacklist entries. 2) Add "core" to the blacklist, as described in the issue accessing this device will crash Xen dom0. 3) Refine probing behavior to use fstatat64(). This allows us to determine if a device is a block device or a regular file without having to open it. This is the safest appraoch when probing /dev/ because the simple act of opening a device may have unexpected consequences. Closes openzfs#98
behlendorf · Feb 17, 2011 · f03e41e · f03e41e
1 parent 8b4f9a2
commit f03e41e
Showing 1 changed file with 12 additions and 9 deletions.
diff --git a/lib/libzfs/libzfs_import.c b/lib/libzfs/libzfs_import.c
@@ -1078,6 +1078,10 @@ zpool_find_import_impl(libzfs_handle_t *hdl, importargs_t *iarg)
 			 * parport* - Parallel port interface.
 			 * lp*      - Printer interface.
 			 * fd*      - Floppy interface.
+			 * hpet     - High Precision Event Timer, crashes qemu
+			 *            when accessed from a virtual machine.
+			 * core     - Symlink to /proc/kcore, causes a crash
+			 *            when access from Xen dom0.
 			 */
 			if ((strncmp(name, "watchdog", 8) == 0) ||
 			    (strncmp(name, "fuse", 4) == 0)     ||
@@ -1087,22 +1091,21 @@ zpool_find_import_impl(libzfs_handle_t *hdl, importargs_t *iarg)
 			    (strncmp(name, "parport", 7) == 0)  ||
 			    (strncmp(name, "lp", 2) == 0)       ||
 			    (strncmp(name, "fd", 2) == 0)       ||
-			    (strncmp(name, "hpet", 4) == 0))
-				continue;
-
-			if ((fd = openat64(dfd, name, O_RDONLY)) < 0)
+			    (strncmp(name, "hpet", 4) == 0)     ||
+			    (strncmp(name, "core", 4) == 0))
 				continue;
 
 			/*
 			 * Ignore failed stats.  We only want regular
-			 * files and block devs.
+			 * files and block devices.
 			 */
-			if (fstat64(fd, &statbuf) != 0 ||
+			if ((fstatat64(dfd, name, &statbuf, 0) != 0) ||
 			    (!S_ISREG(statbuf.st_mode) &&
-			    !S_ISBLK(statbuf.st_mode))) {
-				(void) close(fd);
+			    !S_ISBLK(statbuf.st_mode)))
+				continue;
+
+			if ((fd = openat64(dfd, name, O_RDONLY)) < 0)
 				continue;
-			}
 
 			if ((zpool_read_label(fd, &config)) != 0) {
 				(void) close(fd);