# HG changeset patch
# User Ian Campbell <ian.campbell@xxxxxxxxxx>
# Date 1318499565 -3600
# Node ID c6c7a393fe4a6223df6952cc5fed04379166dc38
# Parent 1960247c5d873a4aede18c1aefcc28e78e6ea7dd
libxl: do not read f.e. xenstore dir in disk list function
Instead store a duplicate of the "device-type" node in the backend dir
and use that instead.
This maintains the invariant that the list function is always "safe".
XXX I'm not sure this is an actual issue. The entries in the frontend device
XXX area are writeable by the guest but maybe the solution is to restrict that?
Signed-off-by: Ian Campbell <ian.campbell@xxxxxxxxxx>
diff -r 1960247c5d87 -r c6c7a393fe4a tools/libxl/libxl.c
--- a/tools/libxl/libxl.c Thu Oct 13 10:52:45 2011 +0100
+++ b/tools/libxl/libxl.c Thu Oct 13 10:52:45 2011 +0100
@@ -1018,6 +1018,8 @@ int libxl_device_disk_add(libxl_ctx *ctx
flexarray_append(back,
libxl__device_disk_string_of_backend(disk->backend));
flexarray_append(back, "mode");
flexarray_append(back, disk->readwrite ? "w" : "r");
+ flexarray_append(back, "device-type");
+ flexarray_append(back, disk->is_cdrom ? "cdrom" : "disk");
flexarray_append(front, "backend-id");
flexarray_append(front, libxl__sprintf(&gc, "%d", disk->backend_domid));
@@ -1512,7 +1514,6 @@ static void libxl__device_disk_from_xs_b
libxl_ctx *ctx = libxl__gc_owner(gc);
unsigned int len;
char *tmp;
- const char *fe_path; /* XXX unsafe */
memset(disk, 0, sizeof(*disk));
@@ -1544,10 +1545,8 @@ static void libxl__device_disk_from_xs_b
else
disk->readwrite = 0;
- fe_path = libxl__xs_read(gc, XBT_NULL,
- libxl__sprintf(gc, "%s/frontend", be_path));
tmp = libxl__xs_read(gc, XBT_NULL,
- libxl__sprintf(gc, "%s/device-type", fe_path));
+ libxl__sprintf(gc, "%s/device-type", be_path));
disk->is_cdrom = !strcmp(tmp, "cdrom");
disk->format = LIBXL_DISK_FORMAT_UNKNOWN;
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
|