[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH] domctl: relax getdomaininfo permissions

To: "Andrew Cooper" <andrew.cooper3@xxxxxxxxxx>
From: "Jan Beulich" <JBeulich@xxxxxxxx>
Date: Thu, 04 Aug 2016 10:07:11 -0600
Cc: Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wei.liu2@xxxxxxxxxx>, George Dunlap <George.Dunlap@xxxxxxxxxxxxx>, TimDeegan <tim@xxxxxxx>, Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx>, xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>, dgdegra@xxxxxxxxxxxxx
Delivery-date: Thu, 04 Aug 2016 16:07:27 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

>>> On 04.08.16 at 17:55, <andrew.cooper3@xxxxxxxxxx> wrote:
> On 04/08/16 16:44, Jan Beulich wrote:
>>>>> On 04.08.16 at 17:22, <andrew.cooper3@xxxxxxxxxx> wrote:
>>> On 04/08/16 09:41, Jan Beulich wrote:
>>>> @@ -817,14 +816,22 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe
>>>>  
>>>>      case XEN_DOMCTL_getdomaininfo:
>>>>      {
>>>> -        domid_t dom = op->domain;
>>>> -
>>>> -        rcu_read_lock(&domlist_read_lock);
>>>> +        domid_t dom = DOMID_INVALID;
>>>>  
>>>> -        for_each_domain ( d )
>>>> -            if ( d->domain_id >= dom )
>>>> +        if ( !d )
>>>> +        {
>>>> +            ret = -EINVAL;
>>>> +            if ( op->domain >= DOMID_FIRST_RESERVED )
>>>>                  break;
>>>>  
>>>> +            rcu_read_lock(&domlist_read_lock);
>>>> +
>>>> +            dom = op->domain;
>>>> +            for_each_domain ( d )
>>>> +                if ( d->domain_id >= dom )
>>>> +                    break;
>>>> +        }
>>>> +
>>>>          ret = -ESRCH;
>>>>          if ( d == NULL )
>>>>              goto getdomaininfo_out;
>>>> @@ -839,6 +846,9 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe
>>>>          copyback = 1;
>>>>  
>>>>      getdomaininfo_out:
>>>> +        if ( dom == DOMID_INVALID )
>>>> +            break;
>>> What is this hunk for?  If you fail the "op->domain >=
>>> DOMID_FIRST_RESERVED" check we break out of the entire
>>> XEN_DOMCTL_getdomaininfo case.
>> If we start out with a non-NULL d, we have to avoid the
>> rcu_read_unlock() as well as the setting of d to NULL at the
>> end.
> 
> Would you mind adding a short comment to that effect?  It is certainly
> not obvious from just looking at the code.

How about:

@@ -839,6 +846,10 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe
         copyback = 1;
 
     getdomaininfo_out:
+        /* When d was non-NULL upon entry, no cleanup is needed. */
+        if ( dom == DOMID_INVALID )
+            break;
+
         rcu_read_unlock(&domlist_read_lock);
         d = NULL;
         break;

Jan


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH] domctl: relax getdomaininfo permissions
  - From: Andrew Cooper

References:
- [Xen-devel] [PATCH] domctl: relax getdomaininfo permissions
  - From: Jan Beulich
- Re: [Xen-devel] [PATCH] domctl: relax getdomaininfo permissions
  - From: Andrew Cooper
- Re: [Xen-devel] [PATCH] domctl: relax getdomaininfo permissions
  - From: Jan Beulich
- Re: [Xen-devel] [PATCH] domctl: relax getdomaininfo permissions
  - From: Andrew Cooper

Prev by Date: Re: [Xen-devel] [OSSTEST PATCH RFC 06/14] Introduce ts-xtf-build [and 1 more messages]
Next by Date: Re: [Xen-devel] [PATCH v2 03/25] arm/altp2m: Add struct vttbr.
Previous by thread: Re: [Xen-devel] [PATCH] domctl: relax getdomaininfo permissions
Next by thread: Re: [Xen-devel] [PATCH] domctl: relax getdomaininfo permissions
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.