]> xenbits.xensource.com Git - people/vhanquez/xen.git/commitdiff
projects / people / vhanquez / xen.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 0ac4be1)
xend: Actually restrict a domU's access to xenstore when we mean to --
authorKeir Fraser <keir.fraser@citrix.com>
Fri, 19 Dec 2008 15:15:03 +0000 (15:15 +0000)
committerKeir Fraser <keir.fraser@citrix.com>
Fri, 19 Dec 2008 15:15:03 +0000 (15:15 +0000)
this means that in some cases it cannot be owner of its own xenstore
nodes.

This bug was pointed out by Daniel Berrange at Red Hat. This patch is
my own more generic fix that automatically covers a range of callers
(albeit the patch is arguably a bit of a hack ;-).

Signed-off-by: Keir Fraser <keir.fraser@citrix.com>
xen-unstable changeset:   18933:8c35da364ab39605839869d8eb0ac9b831c370f0
xen-unstable date:        Thu Dec 18 17:18:28 2008 +0000

tools/python/xen/lowlevel/xs/xs.c patch | blob | blame | history

diff --git a/tools/python/xen/lowlevel/xs/xs.c b/tools/python/xen/lowlevel/xs/xs.c
index b2c4b090e467693ca16513f74aa839c19149b701..b583989c72178c5a0bda31aa72b879e58841021a 100644 (file)
--- a/tools/python/xen/lowlevel/xs/xs.c
+++ b/tools/python/xen/lowlevel/xs/xs.c
@@ -336,15 +336,19 @@ static PyObject *xspy_set_permissions(XsHandle *self, PyObject *args)
        xs_set_error(EINVAL);
         goto exit;
     }
+
     xsperms_n = PyList_Size(perms);
-    xsperms = calloc(xsperms_n, sizeof(struct xs_permissions));
+    /* NB. alloc +1 so we can change the owner if necessary. */
+    xsperms = calloc(xsperms_n + 1, sizeof(struct xs_permissions));
     if (!xsperms) {
        xs_set_error(ENOMEM);
         goto exit;
     }
+
     tuple0 = PyTuple_New(0);
     if (!tuple0)
         goto exit;
+
     for (i = 0; i < xsperms_n; i++) {
         /* Read/write perms. Set these. */
         int p_read = 0, p_write = 0;
@@ -357,6 +361,17 @@ static PyObject *xspy_set_permissions(XsHandle *self, PyObject *args)
         if (p_write)
             xsperms[i].perms |= XS_PERM_WRITE;
     }
+
+    /*
+     * Is the caller trying to restrict access to the first specified
+     * domain? If so then it cannot be owner, so we force dom0 as owner.
+     */
+    if (xsperms_n && xsperms[0].perms && xsperms[0].id) {
+        memmove(&xsperms[1], &xsperms[0], xsperms_n * sizeof(*xsperms));
+        xsperms[0].id = xsperms[0].perms = 0;
+        xsperms_n++;
+    }
+
     Py_BEGIN_ALLOW_THREADS
     result = xs_set_permissions(xh, th, path, xsperms, xsperms_n);
     Py_END_ALLOW_THREADS
xen (all branches)