[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[xen stable-4.16] tools/xenstore: fix connection->id usage

commit 787241f55216d34ca025c835c6a2096d7664d711
Author:     Juergen Gross <jgross@xxxxxxxx>
AuthorDate: Tue Sep 13 07:35:08 2022 +0200
Commit:     Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
CommitDate: Tue Nov 1 14:07:24 2022 +0000

    tools/xenstore: fix connection->id usage
    
    Don't use conn->id for privilege checks, but domain_is_unprivileged().
    
    This is part of XSA-326.
    
    Signed-off-by: Juergen Gross <jgross@xxxxxxxx>
    Reviewed-by: Julien Grall <jgrall@xxxxxxxxxx>
    (cherry picked from commit 3047df38e1991510bc295e3e1bb6b6b6c4a97831)
---
 tools/xenstore/xenstored_control.c     | 2 +-
 tools/xenstore/xenstored_core.h        | 2 +-
 tools/xenstore/xenstored_transaction.c | 3 ++-
 3 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/tools/xenstore/xenstored_control.c 
b/tools/xenstore/xenstored_control.c
index 7b4300ef77..adb8d51b04 100644
--- a/tools/xenstore/xenstored_control.c
+++ b/tools/xenstore/xenstored_control.c
@@ -891,7 +891,7 @@ int do_control(struct connection *conn, struct 
buffered_data *in)
        unsigned int cmd, num, off;
        char **vec = NULL;
 
-       if (conn->id != 0)
+       if (domain_is_unprivileged(conn))
                return EACCES;
 
        off = get_string(in, 0);
diff --git a/tools/xenstore/xenstored_core.h b/tools/xenstore/xenstored_core.h
index b9b50e81c7..b1a70488b9 100644
--- a/tools/xenstore/xenstored_core.h
+++ b/tools/xenstore/xenstored_core.h
@@ -123,7 +123,7 @@ struct connection
        /* The index of pollfd in global pollfd array */
        int pollfd_idx;
 
-       /* Who am I? 0 for socket connections. */
+       /* Who am I? Domid of connection. */
        unsigned int id;
 
        /* Is this connection ignored? */
diff --git a/tools/xenstore/xenstored_transaction.c 
b/tools/xenstore/xenstored_transaction.c
index 54432907fc..ee1b09031a 100644
--- a/tools/xenstore/xenstored_transaction.c
+++ b/tools/xenstore/xenstored_transaction.c
@@ -477,7 +477,8 @@ int do_transaction_start(struct connection *conn, struct 
buffered_data *in)
        if (conn->transaction)
                return EBUSY;
 
-       if (conn->id && conn->transaction_started > quota_max_transaction)
+       if (domain_is_unprivileged(conn) &&
+           conn->transaction_started > quota_max_transaction)
                return ENOSPC;
 
        /* Attach transaction to input for autofree until it's complete */
--
generated by git-patchbot for /home/xen/git/xen.git#stable-4.16

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.