|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-changelog] [xen stable-4.4] libxl: Do not trust frontend for disk in getinfo
commit 0006b20136204e9341f49671b24d2fa263c0bab8
Author: Ian Jackson <ian.jackson@xxxxxxxxxxxxx>
AuthorDate: Fri Apr 29 19:21:51 2016 +0100
Commit: Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx>
CommitDate: Mon Jun 6 15:54:27 2016 +0100
libxl: Do not trust frontend for disk in getinfo
* Rename the frontend variable to `fe_path' to check we caught them all
* Read the backend path from /libxl, rather than from the frontend
* Parse the backend domid from the backend path, rather than reading it
from the frontend (and add the appropriate error path and initialisation)
This is part of XSA-175.
Signed-off-by: Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx>
Reviewed-by: Wei Liu <wei.liu2@xxxxxxxxxx>
---
tools/libxl/libxl.c | 27 +++++++++++++++++++--------
1 file changed, 19 insertions(+), 8 deletions(-)
diff --git a/tools/libxl/libxl.c b/tools/libxl/libxl.c
index f101334..18f9f0a 100644
--- a/tools/libxl/libxl.c
+++ b/tools/libxl/libxl.c
@@ -2449,27 +2449,34 @@ int libxl_device_disk_getinfo(libxl_ctx *ctx, uint32_t
domid,
libxl_device_disk *disk, libxl_diskinfo
*diskinfo)
{
GC_INIT(ctx);
- char *dompath, *diskpath;
+ char *dompath, *fe_path, *libxl_path;
char *val;
+ int rc;
+
+ diskinfo->backend = NULL;
dompath = libxl__xs_get_dompath(gc, domid);
diskinfo->devid = libxl__device_disk_dev_number(disk->vdev, NULL, NULL);
/* tap devices entries in xenstore are written as vbd devices. */
- diskpath = libxl__sprintf(gc, "%s/device/vbd/%d", dompath,
diskinfo->devid);
+ fe_path = GCSPRINTF("%s/device/vbd/%d", dompath, diskinfo->devid);
+ libxl_path = GCSPRINTF("%s/device/vbd/%d",
+ libxl__xs_libxl_path(gc, domid), diskinfo->devid);
diskinfo->backend = xs_read(ctx->xsh, XBT_NULL,
- libxl__sprintf(gc, "%s/backend", diskpath),
NULL);
+ GCSPRINTF("%s/backend", libxl_path), NULL);
if (!diskinfo->backend) {
GC_FREE;
return ERROR_FAIL;
}
- val = libxl__xs_read(gc, XBT_NULL, libxl__sprintf(gc, "%s/backend-id",
diskpath));
- diskinfo->backend_id = val ? strtoul(val, NULL, 10) : -1;
- val = libxl__xs_read(gc, XBT_NULL, libxl__sprintf(gc, "%s/state",
diskpath));
+ rc = libxl__backendpath_parse_domid(gc, diskinfo->backend,
+ &diskinfo->backend_id);
+ if (rc) goto out;
+
+ val = libxl__xs_read(gc, XBT_NULL, GCSPRINTF("%s/state", fe_path));
diskinfo->state = val ? strtoul(val, NULL, 10) : -1;
- val = libxl__xs_read(gc, XBT_NULL, libxl__sprintf(gc, "%s/event-channel",
diskpath));
+ val = libxl__xs_read(gc, XBT_NULL, GCSPRINTF("%s/event-channel", fe_path));
diskinfo->evtch = val ? strtoul(val, NULL, 10) : -1;
- val = libxl__xs_read(gc, XBT_NULL, libxl__sprintf(gc, "%s/ring-ref",
diskpath));
+ val = libxl__xs_read(gc, XBT_NULL, GCSPRINTF("%s/ring-ref", fe_path));
diskinfo->rref = val ? strtoul(val, NULL, 10) : -1;
diskinfo->frontend = xs_read(ctx->xsh, XBT_NULL,
libxl__sprintf(gc, "%s/frontend",
diskinfo->backend), NULL);
@@ -2478,6 +2485,10 @@ int libxl_device_disk_getinfo(libxl_ctx *ctx, uint32_t
domid,
GC_FREE;
return 0;
+
+ out:
+ free(diskinfo->backend);
+ return rc;
}
int libxl_cdrom_insert(libxl_ctx *ctx, uint32_t domid, libxl_device_disk *disk,
--
generated by git-patchbot for /home/xen/git/xen.git#stable-4.4
_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |