Xen project Mailing List

[Xen-changelog] [xen-3.2-testing] xend: Actually restrict a domU's access to xenstore when we mean to --

From: "Xen patchbot-3.2-testing" <patchbot-3.2-testing@xxxxxxxxxxxxxxxxxxx>

Date: Fri, 19 Dec 2008 07:20:42 -0800

Delivery-date: Fri, 19 Dec 2008 07:22:16 -0800

List-id: BK change log <xen-changelog.lists.xensource.com>

# HG changeset patch # User Keir Fraser <keir.fraser@xxxxxxxxxx> # Date 1229699703 0 # Node ID fbf571142e7702cf0447884cd9bb7b16e0feaeb9 # Parent 441f32211cca364808b141a6979c0eefbd7c5c45 xend: Actually restrict a domU's access to xenstore when we mean to -- this means that in some cases it cannot be owner of its own xenstore nodes. This bug was pointed out by Daniel Berrange at Red Hat. This patch is my own more generic fix that automatically covers a range of callers (albeit the patch is arguably a bit of a hack ;-). Signed-off-by: Keir Fraser <keir.fraser@xxxxxxxxxx> xen-unstable changeset: 18933:8c35da364ab39605839869d8eb0ac9b831c370f0 xen-unstable date: Thu Dec 18 17:18:28 2008 +0000 --- tools/python/xen/lowlevel/xs/xs.c | 17 ++++++++++++++++- 1 files changed, 16 insertions(+), 1 deletion(-) diff -r 441f32211cca -r fbf571142e77 tools/python/xen/lowlevel/xs/xs.c --- a/tools/python/xen/lowlevel/xs/xs.c Wed Dec 17 13:53:24 2008 +0000 +++ b/tools/python/xen/lowlevel/xs/xs.c Fri Dec 19 15:15:03 2008 +0000 @@ -336,15 +336,19 @@ static PyObject *xspy_set_permissions(Xs xs_set_error(EINVAL); goto exit; } + xsperms_n = PyList_Size(perms); - xsperms = calloc(xsperms_n, sizeof(struct xs_permissions)); + /* NB. alloc +1 so we can change the owner if necessary. */ + xsperms = calloc(xsperms_n + 1, sizeof(struct xs_permissions)); if (!xsperms) { xs_set_error(ENOMEM); goto exit; } + tuple0 = PyTuple_New(0); if (!tuple0) goto exit; + for (i = 0; i < xsperms_n; i++) { /* Read/write perms. Set these. */ int p_read = 0, p_write = 0; @@ -357,6 +361,17 @@ static PyObject *xspy_set_permissions(Xs if (p_write) xsperms[i].perms |= XS_PERM_WRITE; } + + /* + * Is the caller trying to restrict access to the first specified + * domain? If so then it cannot be owner, so we force dom0 as owner. + */ + if (xsperms_n && xsperms[0].perms && xsperms[0].id) { + memmove(&xsperms[1], &xsperms[0], xsperms_n * sizeof(*xsperms)); + xsperms[0].id = xsperms[0].perms = 0; + xsperms_n++; + } + Py_BEGIN_ALLOW_THREADS result = xs_set_permissions(xh, th, path, xsperms, xsperms_n); Py_END_ALLOW_THREADS _______________________________________________ Xen-changelog mailing list Xen-changelog@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-changelog

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.