[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH] libxl: set permissions for xs frontend entry pointing to xs backend
On Tue, 2013-09-10 at 16:54 +0200, Roger Pau Monne wrote: > libxl doesn't currently set the permissions of entries like: > > /local/domain/<domid>/device/<dev_type>/<devid>/backend > > This allows the guest to change this xenstore entries to point to a > different backend path, or to malicious xenstore path forged by the > guest itself. libxl currently relies on this path being valid in order > to perform the unplug of devices in libxl__devices_destroy, so we > should prevent the guest from modifying this xenstore entry. > > This patch sets the permisions of said path to be the same as a > backend xenstore entry (owned by the toolstack domain, readable by the > guest). and just to confirm: despite having r/w access to the containing directory, the guest cannot remove this node and recreate it? > > Signed-off-by: Roger Pau Monnà <roger.pau@xxxxxxxxxx> > Cc: Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx> > Cc: Ian Campbell <ian.campbell@xxxxxxxxxx> > --- > tools/libxl/libxl_device.c | 2 ++ > 1 files changed, 2 insertions(+), 0 deletions(-) > > diff --git a/tools/libxl/libxl_device.c b/tools/libxl/libxl_device.c > index ea845b7..d7e7161 100644 > --- a/tools/libxl/libxl_device.c > +++ b/tools/libxl/libxl_device.c > @@ -126,6 +126,8 @@ retry_transaction: > xs_set_permissions(ctx->xsh, t, frontend_path, > frontend_perms, ARRAY_SIZE(frontend_perms)); > xs_write(ctx->xsh, t, libxl__sprintf(gc, "%s/backend", > frontend_path), backend_path, strlen(backend_path)); > + xs_set_permissions(ctx->xsh, t, GCSPRINTF("%s/backend", > frontend_path), > + backend_perms, ARRAY_SIZE(backend_perms)); > if (fents) > libxl__xs_writev_perms(gc, t, frontend_path, fents, > frontend_perms, > ARRAY_SIZE(frontend_perms)); _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |