dom0 and anonymous connections can create unlimited sized entries in the store.

author vhanquez@kneesa.uk.xensource.com <vhanquez@kneesa.uk.xensource.com>

Thu, 11 May 2006 14:51:56 +0000 (15:51 +0100)

committer vhanquez@kneesa.uk.xensource.com <vhanquez@kneesa.uk.xensource.com>

Thu, 11 May 2006 14:51:56 +0000 (15:51 +0100)
author vhanquez@kneesa.uk.xensource.com <vhanquez@kneesa.uk.xensource.com>
Thu, 11 May 2006 14:51:56 +0000 (15:51 +0100)
committer vhanquez@kneesa.uk.xensource.com <vhanquez@kneesa.uk.xensource.com>
Thu, 11 May 2006 14:51:56 +0000 (15:51 +0100)
diff --git a/tools/xenstore/xenstored_core.c b/tools/xenstore/xenstored_core.c

index 2dcf9cf591af65f182c4288859fb2fb733d4913c..5c08934cdb41aece8ca804ce30cf6b9b33ae44dc 100644 (file)
--- a/tools/xenstore/xenstored_core.c
+++ b/tools/xenstore/xenstored_core.c
@@ -461,7 +461,7 @@ static bool write_node(struct connection *conn, const struct node *node)
                 + node->num_perms*sizeof(node->perms[0])
                 + node->datalen + node->childlen;
  
-       if (data.dsize >= quota_max_entry_size)
+       if (domain_is_unprivileged(conn) && data.dsize >= quota_max_entry_size)
                 goto error;
  
         data.dptr = talloc_size(node, data.dsize);
diff --git a/tools/xenstore/xenstored_domain.c b/tools/xenstore/xenstored_domain.c

index 0de6f99c170aaead0fe08888b3d47b8ee9766651..fa45e5dbde3c2d03848ecf286f66fab7a4276d49 100644 (file)
--- a/tools/xenstore/xenstored_domain.c
+++ b/tools/xenstore/xenstored_domain.c
@@ -250,6 +250,11 @@ bool domain_can_read(struct connection *conn)
         return (intf->req_cons != intf->req_prod);
  }
  
+bool domain_is_unprivileged(struct connection *conn)
+{
+       return (conn && conn->domain && conn->domain->domid != 0);
+}
+
  bool domain_can_write(struct connection *conn)
  {
         struct xenstore_domain_interface *intf = conn->domain->interface;
@@ -587,7 +592,7 @@ void domain_entry_dec(struct connection *conn)
  
  int domain_entry(struct connection *conn)
  {
-       return (conn && conn->domain && conn->domain->domid)
+       return (domain_is_unprivileged(conn))
                 ? conn->domain->nbentry
                 : 0;
  }
@@ -609,7 +614,7 @@ void domain_watch_dec(struct connection *conn)
  
  int domain_watch(struct connection *conn)
  {
-       return (conn && conn->domain && conn->domain->domid)
+       return (domain_is_unprivileged(conn))
                 ? conn->domain->nbwatch
                 : 0;
  }
diff --git a/tools/xenstore/xenstored_domain.h b/tools/xenstore/xenstored_domain.h

index e35074663927c738e8b827bbc77bfaff4db7c172..38f26b52de0632f7e6ac17a71552d599995a2eee 100644 (file)
--- a/tools/xenstore/xenstored_domain.h
+++ b/tools/xenstore/xenstored_domain.h
@@ -47,6 +47,8 @@ void restore_existing_connections(void);
  bool domain_can_read(struct connection *conn);
  bool domain_can_write(struct connection *conn);
  
+bool domain_is_unprivileged(struct connection *conn);
+
  /* Quota manipulation */
  void domain_entry_inc(struct connection *conn);
  void domain_entry_dec(struct connection *conn);
author	vhanquez@kneesa.uk.xensource.com <vhanquez@kneesa.uk.xensource.com>
	Thu, 11 May 2006 14:51:56 +0000 (15:51 +0100)
committer	vhanquez@kneesa.uk.xensource.com <vhanquez@kneesa.uk.xensource.com>
	Thu, 11 May 2006 14:51:56 +0000 (15:51 +0100)
tools/xenstore/xenstored_core.c		patch \| blob \| history
tools/xenstore/xenstored_domain.c		patch \| blob \| history
tools/xenstore/xenstored_domain.h		patch \| blob \| history