[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH v6 4/8] tools/xenstored: Check NULL domain in domain_chk_quota()
- To: <xen-devel@xxxxxxxxxxxxxxxxxxxx>
- From: Jason Andryuk <jason.andryuk@xxxxxxx>
- Date: Fri, 15 Aug 2025 17:35:52 -0400
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=lists.xenproject.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0)
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=MfnTWYT+hidron2wSySDF7eq4i9pLVKgrFQZivNWi+0=; b=c6jIVBCQE0dqlucOPJvRk0NmraTBv71Gks5+gCFp7Q7JR3F/GPnhzebbKeIFxzdBH92yY49QqaS3QZyGjWHKpQymbWcGdjhiHhxKp1fVIZPqM0Eo2qoz6v/uNhlh5hdAose6vRXcrTYlvVM6XxeiihUAYnNYPW//yDCJtJSiq32K6PDm6Q6l0+f4hx06LihcS+ld6E2kC2o1WhWnIP5ebTF83HTcMujled78h5l1xRVBqxHHDIoNkduoGLZrx8pbLu+Rw6E1a3OSs5phOMDPH/7b/6rLHmZ3Qq7WYG7CvydkQfpeau1okjN6VBPdLfmIEj838BXF9ks/4SFBnp7G9g==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=oN790B/dhLgF92Q9Pj7f/82XLVQXMXxSENmlPkyJE9aEddTF/f9fOM1smcSkAdMNrVXkKbtaLjeqnx7PHYaTMnds+JsJfxrxXZ3VcxakzKhCnaFLZ0DM/j8Mpk1aQouwKSCZGg9oPZ+O0VeWKY2AV+BBP+kUXtvpLEEe8bm9dY27FTE5LoR6osJqxhryROYDkxVF/7UdIPnSX1YTTOah+ZiejdAmciLJ//Kono3doC7u0w+8Rx5IY/HLGgrjQtWHm2gF8IVoiTtl3FplnEOwSOP6UB9GzI7G+XXKlYyUyYujtJwZAuqksKr+jwx6pW9a1gLvin2AXHGm07WLKS1WxA==
- Cc: Jason Andryuk <jason.andryuk@xxxxxxx>, Juergen Gross <jgross@xxxxxxxx>, Julien Grall <julien@xxxxxxx>, Anthony PERARD <anthony.perard@xxxxxxxxxx>
- Delivery-date: Fri, 15 Aug 2025 21:36:04 +0000
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
With separate control and xenstore domains, the xenstore domain itself
is no longer privileged. Local socket connections do not have
conn->domain assigned, but domain_chk_quota() will go ahead and
dereference it. The !domid_is_unprivileged(conn->id) check usually
means the function would have already returned.
Bail out on !conn->domain to avoid faulting. This adds a similar check
to that in domain_max_chk()
Signed-off-by: Jason Andryuk <jason.andryuk@xxxxxxx>
---
v6:
New
---
tools/xenstored/domain.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tools/xenstored/domain.c b/tools/xenstored/domain.c
index 051e3fd164..c74bafa165 100644
--- a/tools/xenstored/domain.c
+++ b/tools/xenstored/domain.c
@@ -1762,7 +1762,7 @@ static bool domain_chk_quota(struct connection *conn,
unsigned int mem)
time_t now;
struct domain *domain;
- if (!conn || !domid_is_unprivileged(conn->id) ||
+ if (!conn || !conn->domain || !domid_is_unprivileged(conn->id) ||
conn->is_ignored)
return false;
--
2.50.1
|
