direct-io.hg

changeset 15241:b0109d3dc3dd

Avoid using /tmp for qemu state files since an unprivileged user
in dom0 could potentially exploit the fact.

Thanks to Dan Berrange <berrange@redhat.com>

Signed-off-by: Steven Hand
author Steven Hand <steven@xensource.com>
date Fri Jun 08 17:37:58 2007 +0100 (2007-06-08)
parents 55230846b2f4
children 6d6b4b48773b
files tools/ioemu/target-i386-dm/helper2.c tools/python/xen/xend/XendCheckpoint.py tools/python/xen/xend/image.py
line diff
     1.1 --- a/tools/ioemu/target-i386-dm/helper2.c	Fri Jun 08 11:21:21 2007 +0100
     1.2 +++ b/tools/ioemu/target-i386-dm/helper2.c	Fri Jun 08 17:37:58 2007 +0100
     1.3 @@ -635,7 +635,7 @@ int main_loop(void)
     1.4      main_loop_wait(1); /* For the select() on events */
     1.5  
     1.6      /* Save the device state */
     1.7 -    sprintf(qemu_file, "/tmp/xen.qemu-dm.%d", domid);
     1.8 +    sprintf(qemu_file, "/var/lib/xen/qemu-save.%d", domid);
     1.9      do_savevm(qemu_file);
    1.10  
    1.11      return 0;
     2.1 --- a/tools/python/xen/xend/XendCheckpoint.py	Fri Jun 08 11:21:21 2007 +0100
     2.2 +++ b/tools/python/xen/xend/XendCheckpoint.py	Fri Jun 08 17:37:58 2007 +0100
     2.3 @@ -111,7 +111,8 @@ def save(fd, dominfo, network, live, dst
     2.4          # put qemu device model state
     2.5          if hvm:
     2.6              write_exact(fd, QEMU_SIGNATURE, "could not write qemu signature")
     2.7 -            qemu_fd = os.open("/tmp/xen.qemu-dm.%d" % dominfo.getDomid(), os.O_RDONLY)
     2.8 +            qemu_fd = os.open("/var/lib/xen/qemu-save.%d" % dominfo.getDomid(),
     2.9 +                              os.O_RDONLY)
    2.10              while True:
    2.11                  buf = os.read(qemu_fd, dm_batch)
    2.12                  if len(buf):
    2.13 @@ -119,7 +120,7 @@ def save(fd, dominfo, network, live, dst
    2.14                  else:
    2.15                      break
    2.16              os.close(qemu_fd)
    2.17 -            os.remove("/tmp/xen.qemu-dm.%d" % dominfo.getDomid())
    2.18 +            os.remove("/var/lib/xen/qemu-save.%d" % dominfo.getDomid())
    2.19  
    2.20          if checkpoint:
    2.21              dominfo.resumeDomain()
    2.22 @@ -238,7 +239,7 @@ def restore(xd, fd, dominfo = None, paus
    2.23              if qemu_signature != QEMU_SIGNATURE:
    2.24                  raise XendError("not a valid device model state: found '%s'" %
    2.25                                  qemu_signature)
    2.26 -            qemu_fd = os.open("/tmp/xen.qemu-dm.%d" % dominfo.getDomid(),
    2.27 +            qemu_fd = os.open("/var/lib/xen/qemu-save.%d" % dominfo.getDomid(),
    2.28                                os.O_WRONLY | os.O_CREAT | os.O_TRUNC)
    2.29              while True:
    2.30                  buf = os.read(fd, dm_batch)
     3.1 --- a/tools/python/xen/xend/image.py	Fri Jun 08 11:21:21 2007 +0100
     3.2 +++ b/tools/python/xen/xend/image.py	Fri Jun 08 17:37:58 2007 +0100
     3.3 @@ -429,7 +429,7 @@ class HVMImageHandler(ImageHandler):
     3.4                               (self.getRequiredInitialReservation() / 1024) ])
     3.5          args = args + self.dmargs
     3.6          if restore:
     3.7 -            args = args + ([ "-loadvm", "/tmp/xen.qemu-dm.%d" %
     3.8 +            args = args + ([ "-loadvm", "/var/lib/xen/xen.qemu-dm.%d" %
     3.9                               self.vm.getDomid() ])
    3.10          env = dict(os.environ)
    3.11          if self.display: