[XEN PATCH] XSM/domctl: Only pass properly initialized ssidref to xsm_domctl

["Teddy Astie" <teddy.astie@xxxxxxxxxx>]

On XEN_DOMCTL_create_domain, we need to pass the ssidref parameter to 
xsm_domctl,
currently, it is always passed regardless of what command we actually do 
(meaning
that we are likely to pass garbage in !XEN_DOMCTL_create_domain).

Pass ssidref from u.createdomain only for create_domain command, 0 otherwise.
No functionnal change as ssidref parameter is ignored for 
non-XEN_DOMCTL_create_domain
commands.

Fixes: ee32b9b29af449d38aad0a1b3a81aaae586f5ea7 ("XSM/domctl: Fix permission 
checks on XEN_DOMCTL_createdomain")
Signed-off-by: Teddy Astie <teddy.astie@xxxxxxxxxx>
---
 xen/common/domctl.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/xen/common/domctl.c b/xen/common/domctl.c
index ea16b75910..313022fe01 100644
--- a/xen/common/domctl.c
+++ b/xen/common/domctl.c
@@ -281,6 +281,7 @@ static struct vnuma_info *vnuma_init(const struct 
xen_domctl_vnuma *uinfo,
 long do_domctl(XEN_GUEST_HANDLE_PARAM(xen_domctl_t) u_domctl)
 {
     long ret = 0;
+    uint32_t ssidref = 0; /* SSIDRef only applicable for cmd == createdomain */
     bool copyback = false;
     struct xen_domctl curop, *op = &curop;
     struct domain *d;
@@ -295,6 +296,7 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xen_domctl_t) 
u_domctl)
     {
     case XEN_DOMCTL_createdomain:
         d = NULL;
+        ssidref = op->u.createdomain.ssidref;
         break;
 
     case XEN_DOMCTL_assign_device:
@@ -322,9 +324,7 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xen_domctl_t) 
u_domctl)
         break;
     }
 
-    ret = xsm_domctl(XSM_OTHER, d, op->cmd,
-                     /* SSIDRef only applicable for cmd == createdomain */
-                     op->u.createdomain.ssidref);
+    ret = xsm_domctl(XSM_OTHER, d, op->cmd, ssidref);
     if ( ret )
         goto domctl_out_unlock_domonly;
 
-- 
2.45.2



Teddy Astie | Vates XCP-ng Developer

XCP-ng & Xen Orchestra - Vates solutions

web: https://vates.tech