[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH 1/3] xen: xenbus driver must not accept invalid transaction ids



On 12/22/2016 02:19 AM, Juergen Gross wrote:
> When accessing Xenstore in a transaction the user is specifying a
> transaction id which he normally obtained from Xenstore when starting
> the transaction. Xenstore is validating a transaction id against all
> known transaction ids of the connection the request came in. As all
> requests of a domain not being the one where Xenstore lives share
> one connection, validation of transaction ids of different users of
> Xenstore in that domain should be done by the kernel of that domain
> being the multiplexer between the Xenstore users in that domain and
> Xenstore.
>
> In order to prohibit one Xenstore user to be able to "hijack" a
> transaction from another user the xenbus driver has to verify a
> given transaction id against all known transaction ids of the user
> before forwarding it to Xenstore.
>
> Signed-off-by: Juergen Gross <jgross@xxxxxxxx>


Should this go to stable trees as well?


Reviewed-by: Boris Ostrovsky <boris.ostrovsky@xxxxxxxxxx>



_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.