From 37bd738b783053c2e94b4c215c32496bae5081ed Mon Sep 17 00:00:00 2001
From: Chirantan Ekbote <chirantan@chromium.org>
Date: Mon, 18 Nov 2019 14:50:10 +0900
Subject: [PATCH] devices: fs: Use 32-bit uid/gid values on arm

The setres{u,g}id and the gete{u,g}id system calls on arm use 16 bit
values for uid_t and gid_t. This causes the kernel to interpret a
uid/gid of 65535 as -1, which means do nothing.

Use the 32-bit variants of these system calls instead so that we can use
32-bit values. Normally, libc would take care of hiding these kinds of
implementation details but since we can't use the libc wrappers for
these system calls, we have to do it ourselves.

BUG=b:136128319
TEST=`tast run vm.Virtiofs` on kevin

Change-Id: I6c0fda42c131e059139000828b3a53d4a73f340c
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1923569
Tested-by: Chirantan Ekbote <chirantan@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Chirantan Ekbote <chirantan@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
---
 devices/src/virtio/fs/passthrough.rs | 21 +++++++++++++++++++--
 seccomp/arm/fs_device.policy         |  8 ++++----
 2 files changed, 23 insertions(+), 6 deletions(-)

diff --git a/devices/src/virtio/fs/passthrough.rs b/devices/src/virtio/fs/passthrough.rs
index 6b843fc01f..7f6e3bb010 100644
--- a/devices/src/virtio/fs/passthrough.rs
+++ b/devices/src/virtio/fs/passthrough.rs
@@ -116,14 +116,31 @@ macro_rules! scoped_cred {
         }
     };
 }
+#[cfg(not(target_arch = "arm"))]
 scoped_cred!(ScopedUid, libc::uid_t, libc::SYS_setresuid);
+#[cfg(target_arch = "arm")]
+scoped_cred!(ScopedUid, libc::uid_t, libc::SYS_setresuid32);
+
+#[cfg(not(target_arch = "arm"))]
 scoped_cred!(ScopedGid, libc::gid_t, libc::SYS_setresgid);
+#[cfg(target_arch = "arm")]
+scoped_cred!(ScopedGid, libc::gid_t, libc::SYS_setresgid32);
+
+#[cfg(not(target_arch = "arm"))]
+const SYS_GETEUID: libc::c_long = libc::SYS_geteuid;
+#[cfg(target_arch = "arm")]
+const SYS_GETEUID: libc::c_long = libc::SYS_geteuid32;
+
+#[cfg(not(target_arch = "arm"))]
+const SYS_GETEGID: libc::c_long = libc::SYS_getegid;
+#[cfg(target_arch = "arm")]
+const SYS_GETEGID: libc::c_long = libc::SYS_getegid32;
 
 thread_local! {
     // Both these calls are safe because they take no parameters, and only return an integer value.
     // The kernel also guarantees that they can never fail.
-    static THREAD_EUID: libc::uid_t = unsafe { libc::syscall(libc::SYS_geteuid) as libc::uid_t };
-    static THREAD_EGID: libc::gid_t = unsafe { libc::syscall(libc::SYS_getegid) as libc::gid_t };
+    static THREAD_EUID: libc::uid_t = unsafe { libc::syscall(SYS_GETEUID) as libc::uid_t };
+    static THREAD_EGID: libc::gid_t = unsafe { libc::syscall(SYS_GETEGID) as libc::gid_t };
 }
 
 fn set_creds(
diff --git a/seccomp/arm/fs_device.policy b/seccomp/arm/fs_device.policy
index 2d903079d1..0ea7fe069a 100644
--- a/seccomp/arm/fs_device.policy
+++ b/seccomp/arm/fs_device.policy
@@ -14,8 +14,8 @@ fstatat64: 1
 fstatfs64: 1
 ftruncate64: 1
 getdents64: 1
-getegid: 1
-geteuid: 1
+getegid32: 1
+geteuid32: 1
 linkat: 1
 _llseek: 1
 mkdirat: 1
@@ -24,8 +24,8 @@ preadv: 1
 pwritev: 1
 readlinkat: 1
 renameat2: 1
-setresgid: 1
-setresuid: 1
+setresgid32: 1
+setresuid32: 1
 symlinkat: 1
 umask: 1
 unlinkat: 1