[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] tools/xenstore: Avoid leaking memory in check_store


  • To: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
  • From: Henry Wang <Henry.Wang@xxxxxxx>
  • Date: Fri, 29 Sep 2023 08:46:36 +0000
  • Accept-language: zh-CN, en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=/Z/18ITuBagn3j6CdrLAC7BenFW5denps1Qs/5TXe9g=; b=dTpTSSXBZoX4E41D+scKr/IPYzO796eXUcFZJaGebx+4ZfIRTFNL7nT4aW6jJzwFEQZOuIjKDOuNB+Ef49uAtR3dtV7vlOu246fmu9VYFX+1fQQYdkAL+dSmLowyn6uSGHk+FPhtVZ2kR64zekHAYZI2xzN/aPtUMUSZ8QaBt4eSGKFty/Rk9zZZriOJRL7wUGGWXMXj2d+CWvMNKGjiqDh9TP0eUlhS8XE4cn1IK8J8Prnun2hKe6VrEdZpWxwEPmMVEEu1+SDzIL1dgQls3gTaI6DC6y4nI28OORgbZLLQemd6j6hwoxRcfQjMDfb/g7S/hrrIWu8scPulDx31MA==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=YfDnQKAWhsGDACNM7xWgVk4admFMxNZnqCSYwfJLFy/sRbzACltB8ea0WiAhn2BCcKGfsMSuQYzSAHmaucbsO+WQt0jlu6eFNuwfbwGXM9Zp9cBwWI05od69pCywQ2b5MU6M6LikwkYcXFJOYDty7O9RmhiiFTC/a0hQkG+dBZ51oBA7ALFVSA9lFF16fg7qVN2Eyb7BZkcigL3lgS4J83TXBl87l4hZFgn++oIixrazG0WDxLPVgOjQtq+WvycFz1vLe699X9bq4iY+n4ZJDUUG9rLXvrW7MB/Jwj/CdXDBsR3NBThKwIeCAIFkXp/SJzROjqKCdpuhEshZ32sxXQ==
  • Authentication-results-original: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com;
  • Cc: Juergen Gross <jgross@xxxxxxxx>, David Kahurani <k.kahurani@xxxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • Delivery-date: Fri, 29 Sep 2023 08:46:51 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Nodisclaimer: true
  • Original-authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com;
  • Thread-index: AQHZ8pGDrH8+iI/p30O2arocOudwy7AxTkYAgAAo9ICAAAZ+gA==
  • Thread-topic: [PATCH] tools/xenstore: Avoid leaking memory in check_store

Hi all,

> On Sep 29, 2023, at 16:23, Andrew Cooper <andrew.cooper3@xxxxxxxxxx> wrote:
> 
> On 29/09/2023 6:56 am, Juergen Gross wrote:
>> On 29.09.23 06:57, David Kahurani wrote:
>> 
>> I'd like the following paragraph added to the commit message:
>> 
>>   check_store() will leak the memory from reading the "@introduceDomain"
>>   and "@releaseDomain" nodes.
>> 
>>> While this code should not be trigger-able from an unprivileged domain
>>> it is called multiple times when the database gets inconsistent. This
>>> means that a malicious guest able to corrupt the database will trigger
>>> the leaks here.
>>> 
>>> Fix the leaks so that this code can be safely called from anywhere
>>> 
>> 
>> Fixes: 67617067f0b6 ("tools/xenstore: let check_store() check the
>> accounting data")
>> 
>>> Signed-off-by: David Kahurani <k.kahurani@xxxxxxxxx>
>> 
>> With above additions (can probably be done while committing):
>> 
>> Reviewed-by: Juergen Gross <jgross@xxxxxxxx>
> 
> Can do, but this needs Henry's approval too at this point in 4.18

This is definitely a patch that should go with 4.18 so:

Release-acked-by: Henry Wang <Henry.Wang@xxxxxxx>

Kind regards,
Henry


> 
> ~Andrew




 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.