|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH 27/28] libxl: Limit qemu physmap entries
On Tue, 2015-12-22 at 18:45 +0000, Ian Jackson wrote:
> Add a maximum limit of physmap entries to save, so that when the guest
> gets write access to physmap it cannot DOS the toolstack.
>
> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx>
> Signed-off-by: Ian Jackson <ian.jackson@xxxxxxxxxxxxx>
Can we have a reference for where the number 12 comes from please.
With that I think this doesn't need to wait for the rest of the series?
> ---
> v6: Split out of xs permissions relaxation patch.
> ---
> Âtools/libxl/libxl_dom.c |ÂÂÂÂ7 +++++++
> Â1 file changed, 7 insertions(+)
>
> diff --git a/tools/libxl/libxl_dom.c b/tools/libxl/libxl_dom.c
> index 6ded9c1..60e8f7f 100644
> --- a/tools/libxl/libxl_dom.c
> +++ b/tools/libxl/libxl_dom.c
> @@ -1431,6 +1431,8 @@ static void append_string(libxl__gc *gc, char
> **buf, uint32_t *len,
> ÂÂÂÂÂ*len += extralen;
> Â}
> Â
> +#define MAX_PHYSMAP_ENTRIES 12
> +
> Âint libxl__save_emulator_xenstore_data(libxl__domain_suspend_state *dss,
> ÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂchar **callee_buf,
> ÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂuint32_t *callee_len)
> @@ -1450,6 +1452,11 @@ int
> libxl__save_emulator_xenstore_data(libxl__domain_suspend_state *dss,
> ÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂ&nr_entries);
> ÂÂÂÂÂif (!entries || nr_entries == 0) { rc = 0; goto out; }
> Â
> +ÂÂÂÂif (nr_entries > MAX_PHYSMAP_ENTRIES) {
> +ÂÂÂÂÂÂÂÂLOG(ERROR, "Max physmap entries reached");
> +ÂÂÂÂÂÂÂÂreturn ERROR_FAIL;
> +ÂÂÂÂ}
> +
> ÂÂÂÂÂfor (i = 0; i < nr_entries; ++i) {
> ÂÂÂÂÂÂÂÂÂstatic const char *const physmap_subkeys[] = {
> ÂÂÂÂÂÂÂÂÂÂÂÂÂ"start_addr", "size", "name"
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |