[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] tools/xenstored: Harden corrupt()


  • To: Julien Grall <julien@xxxxxxx>
  • From: Jan Beulich <jbeulich@xxxxxxxx>
  • Date: Thu, 23 Jun 2022 15:10:55 +0200
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Ciq/mpICNyOEXmFvjm4x0WcGyDt0FHAi/Cs6ANCUgNE=; b=MviDKhFSNMV44Eb4/8YlQLWbQ1KbSyRyUUROLdZYPNw1syChqc3hW16RNrBcnQ6sYy6phnUBtV02xIMFkyQZjpNwc6/qBvcaO8lfE/vWugScOUOMT6AImtxNhDEPvnVtpaN44Hg6kgYSFtmPEjmIy30zM1NXlGqJoUvxqichHIA/WuCx2B5Xxxyv4Bj7BAWjjiXqZwu8BdIFl9/CvCWjboOBVXLJr4r0TnmOj8CHhlGTaCWXEey+y95UaLkgR3tFoRJO65lL8oy2WfQwSgyX4l8ntwJSNLlj3in7TAXOsimlsFevQL8t/DbF9krM0D9b6qEkp/t3A/Q7KXl4wmD4vw==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=PuA5kfUUCXfyToYuDvGmsQXA0Y7sD2xsUoTPKvzyrND8PtYmfgzloy/RnZlgbkRHT8OPMflufX7uSkDpm8OfmKPDMYtQDROEevPZrJPz7t5XmoSOxUKS2H0vglKyvr1720AxhMn57ewlea5JrHYp6Tf1Hqw/sfignL8RgRhHCLF0nOZX2beSCjVJJvDe/jokXuNn6kKukoE7i6+96E4YcEE5+IXrOuCFbIzC2QYOL5HvlaiHXGTqRkA7kDBMHKh3MZOeRCJeNhrhqR6teEDBt8ZIl6wX6DD7JQQPrlOl2M0QKqTXXa7OHUMTH3FU/O9Xa3nr15atTi4gPdqcfMhyCA==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;
  • Cc: Julien Grall <jgrall@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Anthony PERARD <anthony.perard@xxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx, Juergen Gross <jgross@xxxxxxxx>
  • Delivery-date: Thu, 23 Jun 2022 13:11:02 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 23.06.2022 15:03, Julien Grall wrote:
> 
> 
> On 23/06/2022 13:59, Jan Beulich wrote:
>> On 23.06.2022 13:24, Julien Grall wrote:
>>> From: Julien Grall <jgrall@xxxxxxxxxx>
>>>
>>> At the moment, corrupt() is neither checking for allocation failure
>>> nor freeing the allocated memory.
>>>
>>> Harden the code by printing ENOMEM if the allocation failed and
>>> free 'str' after the last use.
>>>
>>> This is not considered to be a security issue because corrupt() should
>>> only be called when Xenstored thinks the database is corrupted. Note
>>> that the trigger (i.e. a guest reliably provoking the call) would be
>>> a security issue.
>>>
>>> Fixes: 06d17943f0cd ("Added a basic integrity checker, and some basic 
>>> ability to recover from store")
>>> Signed-off-by: Julien Grall <jgrall@xxxxxxxxxx>
>>
>> Is this something which would want queuing for backport?
> 
> I would say yes. There are a couple of more Xenstored patches I would 
> consider for backporting:
> 
> fe9be76d880b tools/xenstore: fix error handling of check_store()
> b977929d3646 tools/xenstore: fix hashtable_expand() zeroing new area
> 
> Who is taking care of tools backport nowadays?

I'm trying to, as long as they apply cleanly enough. But I'd prefer if
rather sooner then later I could offload this again. And I'm not
actively looking to spot backporting candidates there (unlike for the
hypervisor, excluding Arm).

Jan



 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.