|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-devel] [PATCH] libxl: set permissions for xs frontend entry pointing to xs backend
libxl doesn't currently set the permissions of entries like:
/local/domain/<domid>/device/<dev_type>/<devid>/backend
This allows the guest to change this xenstore entries to point to a
different backend path, or to malicious xenstore path forged by the
guest itself. libxl currently relies on this path being valid in order
to perform the unplug of devices in libxl__devices_destroy, so we
should prevent the guest from modifying this xenstore entry.
This patch sets the permisions of said path to be the same as a
backend xenstore entry (owned by the toolstack domain, readable by the
guest).
Signed-off-by: Roger Pau Monnà <roger.pau@xxxxxxxxxx>
Cc: Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx>
Cc: Ian Campbell <ian.campbell@xxxxxxxxxx>
---
tools/libxl/libxl_device.c | 2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
diff --git a/tools/libxl/libxl_device.c b/tools/libxl/libxl_device.c
index ea845b7..d7e7161 100644
--- a/tools/libxl/libxl_device.c
+++ b/tools/libxl/libxl_device.c
@@ -126,6 +126,8 @@ retry_transaction:
xs_set_permissions(ctx->xsh, t, frontend_path,
frontend_perms, ARRAY_SIZE(frontend_perms));
xs_write(ctx->xsh, t, libxl__sprintf(gc, "%s/backend", frontend_path),
backend_path, strlen(backend_path));
+ xs_set_permissions(ctx->xsh, t, GCSPRINTF("%s/backend", frontend_path),
+ backend_perms, ARRAY_SIZE(backend_perms));
if (fents)
libxl__xs_writev_perms(gc, t, frontend_path, fents,
frontend_perms, ARRAY_SIZE(frontend_perms));
--
1.7.7.5 (Apple Git-26)
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |