Stream: git-wasmtime

Topic: wasmtime / issue #7331 Permission denied


view this post on Zulip Wasmtime GitHub notifications bot (Oct 23 2023 at 14:00):

orangeC23 added the bug label to Issue #7331.

view this post on Zulip Wasmtime GitHub notifications bot (Oct 23 2023 at 14:00):

orangeC23 opened issue #7331:

Steps to Reproduce

(1) The cfile is :

#include <stdio.h>
#include <stdlib.h>
#include <dirent.h>
#include <sys/stat.h>


//#include <sys/uio.h>
//#include <unistd.h>
#include <fcntl.h>


int main() {
    const char *dirPath = "Data/mydir";
    int open_style= O_RDONLY;
    int fd = get_fd(dirPath, open_style);
    readdirQ6TwcRnVK4(dirPath);
    return 0;
}

int readdirQ6TwcRnVK4 (const char *path) {
    return fd_readdir(path);
}

int get_fd(const char* file_name, int open_style){
    int fd = open(file_name, open_style);
    if (fd == -1) {
        perror("Failed to open the file");
        return 1;
    }

    return fd;
}

int fd_readdir(const char *path) {
    printf("Enter fd_readdir.\n");

    DIR *directory;
    struct dirent *entry;

    directory = opendir(path);

    if (directory == NULL) {
        perror("opendir");
        return 1;
    }

    while ((entry = readdir(directory)) != NULL) {
        printf("%s\n", entry->d_name);
    }

    closedir(directory);
    printf("Leave fd_readdir.\n");
    return 0;
}

(2)compile the c file into wasm: ./wasi-sdk-16.0/bin/clang --target=wasm32-unkown-wasi --sysroot=./wasi-sdk-16.0/share/wasi-sysroot readdir.c -o readdir.wasm
(3)exeute open.wasm
wasmtime run --dir=./Data test1.wasm
The permission of Data/mydir is 0400 or 0500 or 0600, user1 create the Data/mydir directory before and user1 execute the Wasm file.

Expected Results

Using gcc test1.c -o test1 and ./test1 to execute get the following result:

Enter fd_readdir.
.
..
test.txt
Leave fd_readdir.

And wamr, wasmedge also print the above message.

Actual Results

wasmtime prints:

Enter fd_readdir.
opendir: Permission denied

I'm not sure whether wasmtime and native ubuntu and other runtimes get different could be a bug or only difference ? Maybe something error about the permission?
0400 r--
0500 r-x
0600 rw-

0400, 0500, and 0600 has the read permission

Versions and Environment

wasmtime 13.0.0
Operating system: Ubuntu 20.04

Architecture: x86_64

view this post on Zulip Wasmtime GitHub notifications bot (Oct 23 2023 at 14:00):

orangeC23 edited issue #7331:

Steps to Reproduce

(1) The cfile is :

#include <stdio.h>
#include <stdlib.h>
#include <dirent.h>
#include <sys/stat.h>
#include <fcntl.h>


int main() {
    const char *dirPath = "Data/mydir";
    int open_style= O_RDONLY;
    int fd = get_fd(dirPath, open_style);
    readdirQ6TwcRnVK4(dirPath);
    return 0;
}

int readdirQ6TwcRnVK4 (const char *path) {
    return fd_readdir(path);
}

int get_fd(const char* file_name, int open_style){
    int fd = open(file_name, open_style);
    if (fd == -1) {
        perror("Failed to open the file");
        return 1;
    }

    return fd;
}

int fd_readdir(const char *path) {
    printf("Enter fd_readdir.\n");

    DIR *directory;
    struct dirent *entry;

    directory = opendir(path);

    if (directory == NULL) {
        perror("opendir");
        return 1;
    }

    while ((entry = readdir(directory)) != NULL) {
        printf("%s\n", entry->d_name);
    }

    closedir(directory);
    printf("Leave fd_readdir.\n");
    return 0;
}

(2)compile the c file into wasm: ./wasi-sdk-16.0/bin/clang --target=wasm32-unkown-wasi --sysroot=./wasi-sdk-16.0/share/wasi-sysroot readdir.c -o readdir.wasm
(3)exeute open.wasm
wasmtime run --dir=./Data test1.wasm
The permission of Data/mydir is 0400 or 0500 or 0600, user1 create the Data/mydir directory before and user1 execute the Wasm file.

Expected Results

Using gcc test1.c -o test1 and ./test1 to execute get the following result:

Enter fd_readdir.
.
..
test.txt
Leave fd_readdir.

And wamr, wasmedge also print the above message.

Actual Results

wasmtime prints:

Enter fd_readdir.
opendir: Permission denied

I'm not sure whether wasmtime and native ubuntu and other runtimes get different could be a bug or only difference ? Maybe something error about the permission?
0400 r--
0500 r-x
0600 rw-

0400, 0500, and 0600 has the read permission

Versions and Environment

wasmtime 13.0.0
Operating system: Ubuntu 20.04

Architecture: x86_64

view this post on Zulip Wasmtime GitHub notifications bot (Oct 23 2023 at 14:01):

orangeC23 edited issue #7331:

Steps to Reproduce

(1) The cfile is :

#include <stdio.h>
#include <stdlib.h>
#include <dirent.h>
#include <sys/stat.h>
#include <fcntl.h>


int main() {
    const char *dirPath = "Data/mydir";
    int open_style= O_RDONLY;
    int fd = get_fd(dirPath, open_style);
    readdirQ6TwcRnVK4(dirPath);
    return 0;
}

int readdirQ6TwcRnVK4 (const char *path) {
    return fd_readdir(path);
}

int get_fd(const char* file_name, int open_style){
    int fd = open(file_name, open_style);
    if (fd == -1) {
        perror("Failed to open the file");
        return 1;
    }

    return fd;
}

int fd_readdir(const char *path) {
    printf("Enter fd_readdir.\n");

    DIR *directory;
    struct dirent *entry;

    directory = opendir(path);

    if (directory == NULL) {
        perror("opendir");
        return 1;
    }

    while ((entry = readdir(directory)) != NULL) {
        printf("%s\n", entry->d_name);
    }

    closedir(directory);
    printf("Leave fd_readdir.\n");
    return 0;
}

(2)compile the c file into wasm: ./wasi-sdk-16.0/bin/clang --target=wasm32-unkown-wasi --sysroot=./wasi-sdk-16.0/share/wasi-sysroot readdir.c -o readdir.wasm
(3)exeute open.wasm
wasmtime run --dir=./Data readdir.wasm
The permission of Data/mydir is 0400 or 0500 or 0600, user1 create the Data/mydir directory before and user1 execute the Wasm file.

Expected Results

Using gcc readdir.c -o readdir and ./readdir to execute get the following result:

Enter fd_readdir.
.
..
test.txt
Leave fd_readdir.

And wamr, wasmedge also print the above message.

Actual Results

wasmtime prints:

Enter fd_readdir.
opendir: Permission denied

I'm not sure whether wasmtime and native ubuntu and other runtimes get different could be a bug or only difference ? Maybe something error about the permission?
0400 r--
0500 r-x
0600 rw-

0400, 0500, and 0600 has the read permission

Versions and Environment

wasmtime 13.0.0
Operating system: Ubuntu 20.04

Architecture: x86_64

view this post on Zulip Wasmtime GitHub notifications bot (Oct 23 2023 at 14:01):

orangeC23 edited issue #7331:

Steps to Reproduce

(1) The cfile is :

#include <stdio.h>
#include <stdlib.h>
#include <dirent.h>
#include <sys/stat.h>
#include <fcntl.h>


int main() {
    const char *dirPath = "Data/mydir";
    int open_style= O_RDONLY;
    int fd = get_fd(dirPath, open_style);
    readdirQ6TwcRnVK4(dirPath);
    return 0;
}

int readdirQ6TwcRnVK4 (const char *path) {
    return fd_readdir(path);
}

int get_fd(const char* file_name, int open_style){
    int fd = open(file_name, open_style);
    if (fd == -1) {
        perror("Failed to open the file");
        return 1;
    }

    return fd;
}

int fd_readdir(const char *path) {
    printf("Enter fd_readdir.\n");

    DIR *directory;
    struct dirent *entry;

    directory = opendir(path);

    if (directory == NULL) {
        perror("opendir");
        return 1;
    }

    while ((entry = readdir(directory)) != NULL) {
        printf("%s\n", entry->d_name);
    }

    closedir(directory);
    printf("Leave fd_readdir.\n");
    return 0;
}

(2)compile the c file into wasm: ./wasi-sdk-16.0/bin/clang --target=wasm32-unkown-wasi --sysroot=./wasi-sdk-16.0/share/wasi-sysroot readdir.c -o readdir.wasm
(3)exeute open.wasm
wasmtime run --dir=./Data readdir.wasm
The permission of Data/mydir is 0400 or 0500 or 0600, user1 create the Data/mydir directory before and user1 execute the Wasm file.

Expected Results

Using gcc readdir.c -o readdir and ./readdir to execute get the following result:

Enter fd_readdir.
.
..
test.txt
Leave fd_readdir.

And wamr, wasmedge also print the above message.

Actual Results

wasmtime prints:

Enter fd_readdir.
opendir: Permission denied

I'm not sure whether wasmtime and native ubuntu and other runtimes get different could be a bug or only difference ? Maybe something error about the permission?
0400 r--
0500 r-x
0600 rw-

0400, 0500, and 0600 has the read permission

Sorry for bothering you. Thanks a lot !

Versions and Environment

wasmtime 13.0.0
Operating system: Ubuntu 20.04

Architecture: x86_64

view this post on Zulip Wasmtime GitHub notifications bot (Oct 23 2023 at 16:07):

alexcrichton commented on issue #7331:

Thanks for the report, although I can ask a few clarify questions. Your C code as-provided does not compile for me because the functions are in the wrong order. Are you transforming the code to post in this issue report vs what you're running locally?

I can reproduce this behavior for 0400 and 0600 permissions but with 0500 permissions it seems to read the directory ok. Can you confirm whether 0500 works or not for you?

Locally this seems to be related to the 'x' permisison bit. Interestingly I also get different behavior on various platforms. The ls command for example can read an 0600 directory on Linux but not on macOS. A native Rust executable using std::fs::read_dir can seem to open it on both platforms.

I don't know what the "right" behavior is, or even if there is one. I'll cc @sunfishcode as this is related to what cap-std does. On Linux at least cap-std for the entries method on directories issues:

[pid 534964] openat2(3, "mydir", {flags=O_RDONLY|O_LARGEFILE|O_CLOEXEC, resolve=RESOLVE_NO_MAGICLINKS|RESOLVE_BENEATH}, 24) = 6
[pid 534964] statx(6, "", AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, {stx_mask=STATX_ALL|STATX_MNT_ID, stx_attributes=0, stx_mode=S_IFDIR|0600, stx_size=4096, ...}) = 0
[pid 534964] statx(6, "", AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, {stx_mask=STATX_ALL|STATX_MNT_ID, stx_attributes=0, stx_mode=S_IFDIR|0600, stx_size=4096, ...}) = 0
[pid 534964] openat(6, ".", O_RDONLY|O_LARGEFILE|O_NOFOLLOW|O_CLOEXEC|O_DIRECTORY) = -1 EACCES (Permission denied)

as compared to the Rust standard library which issues:

openat(AT_FDCWD, "./Data/mydir", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0600, st_size=4096, ...}, AT_EMPTY_PATH) = 0

That's at least what I've found, but this is also assuming a lot about the original program and @orangeC23's issue, so this could also perhaps be "simply resolved" with more clarifications in the above issue.

view this post on Zulip Wasmtime GitHub notifications bot (Oct 24 2023 at 02:03):

orangeC23 edited issue #7331:

Steps to Reproduce

(1) The cfile is :

#include <stdio.h>
#include <stdlib.h>
#include <dirent.h>
#include <sys/stat.h>
#include <fcntl.h>


int get_fd(const char* file_name, int open_style){
    int fd = open(file_name, open_style);
    if (fd == -1) {
        perror("Failed to open the file");
        return 1;
    }

    return fd;
}

int fd_readdir(const char *path) {
    printf("Enter fd_readdir.\n");

    DIR *directory;
    struct dirent *entry;

    directory = opendir(path);

    if (directory == NULL) {
        perror("opendir");
        return 1;
    }

    while ((entry = readdir(directory)) != NULL) {
        printf("%s\n", entry->d_name);
    }

    closedir(directory);
    printf("Leave fd_readdir.\n");
    return 0;
}

int readdirQ6TwcRnVK4 (const char *path) {
    return fd_readdir(path);
}


int main() {
    const char *dirPath = "Data/mydir";
    int open_style= O_RDONLY;
    int fd = get_fd(dirPath, open_style);
    readdirQ6TwcRnVK4(dirPath);
    return 0;
}

(2)compile the c file into wasm: ./wasi-sdk-16.0/bin/clang --target=wasm32-unkown-wasi --sysroot=./wasi-sdk-16.0/share/wasi-sysroot readdir.c -o readdir.wasm
(3)exeute open.wasm
wasmtime run --dir=./Data readdir.wasm
The permission of Data/mydir is 0400 or 0500 or 0600, user1 create the Data/mydir directory before and user1 execute the Wasm file.

Expected Results

Using gcc readdir.c -o readdir and ./readdir to execute get the following result:

Enter fd_readdir.
.
..
test.txt
Leave fd_readdir.

And wamr, wasmedge also print the above message.

Actual Results

wasmtime prints:

Enter fd_readdir.
opendir: Permission denied

I'm not sure whether wasmtime and native ubuntu and other runtimes get different could be a bug or only difference ? Maybe something error about the permission?
0400 r--
0500 r-x
0600 rw-

0400, 0500, and 0600 has the read permission

Sorry for bothering you. Thanks a lot !

Versions and Environment

wasmtime 13.0.0
Operating system: Ubuntu 20.04

Architecture: x86_64

view this post on Zulip Wasmtime GitHub notifications bot (Oct 24 2023 at 02:08):

orangeC23 commented on issue #7331:

Sorry. I updated the C program.

view this post on Zulip Wasmtime GitHub notifications bot (Oct 24 2023 at 02:10):

orangeC23 edited a comment on issue #7331:

Sorry. I updated the C program. I'll check the other information your provided. Thanks for your reply !


Last updated: Dec 23 2024 at 12:05 UTC