[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-changelog] [xen stable-4.4] libxl: Cleanup: Have libxl__alloc_vdev use /libxl
commit 45c12108db3643cfaafad41fbeca91fdc0d73c83 Author: Ian Jackson <ian.jackson@xxxxxxxxxxxxx> AuthorDate: Tue May 3 15:25:19 2016 +0100 Commit: Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx> CommitDate: Mon Jun 6 16:24:41 2016 +0100 libxl: Cleanup: Have libxl__alloc_vdev use /libxl When allocating a vdev for a new disk, look in /libxl/device, rather than the frontends directory in xenstore. This is more in line with the other parts of libxl, which ought not to trust frontends. In this case, though, there is no security bug prior to this patch because the frontend is the toolstack domain itself. If libxl__alloc_vdev were ever changed to take a frontend domain argument, this patch will fix a latent security bug. This is a followup to XSA-175. Signed-off-by: Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx> Reviewed-by: Wei Liu <wei.liu2@xxxxxxxxxx> --- tools/libxl/libxl.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tools/libxl/libxl.c b/tools/libxl/libxl.c index 3a7ced6..88c85d6 100644 --- a/tools/libxl/libxl.c +++ b/tools/libxl/libxl.c @@ -2627,7 +2627,7 @@ static char * libxl__alloc_vdev(libxl__gc *gc, void *get_vdev_user, { const char *blkdev_start = (const char *) get_vdev_user; int devid = 0, disk = 0, part = 0; - char *dompath = libxl__xs_get_dompath(gc, LIBXL_TOOLSTACK_DOMID); + char *libxl_dom_path = libxl__xs_libxl_path(gc, LIBXL_TOOLSTACK_DOMID); libxl__device_disk_dev_number(blkdev_start, &disk, &part); if (part != 0) { @@ -2642,7 +2642,7 @@ static char * libxl__alloc_vdev(libxl__gc *gc, void *get_vdev_user, return NULL; if (libxl__xs_read(gc, t, libxl__sprintf(gc, "%s/device/vbd/%d/backend", - dompath, devid)) == NULL) { + libxl_dom_path, devid)) == NULL) { if (errno == ENOENT) return libxl__devid_to_localdev(gc, devid); else -- generated by git-patchbot for /home/xen/git/xen.git#stable-4.4 _______________________________________________ Xen-changelog mailing list Xen-changelog@xxxxxxxxxxxxx http://lists.xensource.com/xen-changelog
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |