[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-devel] [PATCH] libxl: set permissions for xs frontend entry pointing to xs backend
libxl doesn't currently set the permissions of entries like: /local/domain/<domid>/device/<dev_type>/<devid>/backend This allows the guest to change this xenstore entries to point to a different backend path, or to malicious xenstore path forged by the guest itself. libxl currently relies on this path being valid in order to perform the unplug of devices in libxl__devices_destroy, so we should prevent the guest from modifying this xenstore entry. This patch sets the permisions of said path to be the same as a backend xenstore entry (owned by the toolstack domain, readable by the guest). Signed-off-by: Roger Pau Monnà <roger.pau@xxxxxxxxxx> Cc: Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx> Cc: Ian Campbell <ian.campbell@xxxxxxxxxx> --- tools/libxl/libxl_device.c | 2 ++ 1 files changed, 2 insertions(+), 0 deletions(-) diff --git a/tools/libxl/libxl_device.c b/tools/libxl/libxl_device.c index ea845b7..d7e7161 100644 --- a/tools/libxl/libxl_device.c +++ b/tools/libxl/libxl_device.c @@ -126,6 +126,8 @@ retry_transaction: xs_set_permissions(ctx->xsh, t, frontend_path, frontend_perms, ARRAY_SIZE(frontend_perms)); xs_write(ctx->xsh, t, libxl__sprintf(gc, "%s/backend", frontend_path), backend_path, strlen(backend_path)); + xs_set_permissions(ctx->xsh, t, GCSPRINTF("%s/backend", frontend_path), + backend_perms, ARRAY_SIZE(backend_perms)); if (fents) libxl__xs_writev_perms(gc, t, frontend_path, fents, frontend_perms, ARRAY_SIZE(frontend_perms)); -- 1.7.7.5 (Apple Git-26) _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |