# HG changeset patch
# User Ian Campbell <ian.campbell@xxxxxxxxxx>
# Date 1317389247 -3600
# Node ID 4e640cbed20e8ef533f8eb27a82dcdac2be2e8ab
# Parent 8645a81f04282ca4e3c51141b1c177ad9a8d5943
libxl: do not read f.e. xenstore dir in disk list function
Instead store a duplicate of the "device-type" node in the backend dir
and use that instead.
This maintains the invariant that the list function is always "safe".
XXX I'm not sure this is an actual issue. The entries in the frontend device
XXX area are writeable by the guest but maybe the solution is to restrict that?
Signed-off-by: Ian Campbell <ian.campbell@xxxxxxxxxx>
diff -r 8645a81f0428 -r 4e640cbed20e tools/libxl/libxl.c
--- a/tools/libxl/libxl.c Fri Sep 30 14:27:27 2011 +0100
+++ b/tools/libxl/libxl.c Fri Sep 30 14:27:27 2011 +0100
@@ -1015,6 +1015,8 @@ int libxl_device_disk_add(libxl_ctx *ctx
flexarray_append(back,
libxl__device_disk_string_of_backend(disk->backend));
flexarray_append(back, "mode");
flexarray_append(back, disk->readwrite ? "w" : "r");
+ flexarray_append(back, "device-type");
+ flexarray_append(back, disk->is_cdrom ? "cdrom" : "disk");
flexarray_append(front, "backend-id");
flexarray_append(front, libxl__sprintf(&gc, "%d", disk->backend_domid));
@@ -1509,7 +1511,6 @@ static void libxl__device_disk_from_xs_b
libxl_ctx *ctx = libxl__gc_owner(gc);
unsigned int len;
char *tmp;
- const char *fe_path; /* XXX unsafe */
memset(disk, 0, sizeof(*disk));
@@ -1541,10 +1542,8 @@ static void libxl__device_disk_from_xs_b
else
disk->readwrite = 0;
- fe_path = libxl__xs_read(gc, XBT_NULL,
- libxl__sprintf(gc, "%s/frontend", be_path));
tmp = libxl__xs_read(gc, XBT_NULL,
- libxl__sprintf(gc, "%s/device-type", fe_path));
+ libxl__sprintf(gc, "%s/device-type", be_path));
disk->is_cdrom = !strcmp(tmp, "cdrom");
disk->format = LIBXL_DISK_FORMAT_UNKNOWN;
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
|