From 624c8621764630e812154df9ce78d4f1eadfada1 Mon Sep 17 00:00:00 2001 From: Ian Jackson Date: Thu, 2 Jun 2016 16:10:30 +0100 Subject: [PATCH] libxl: Cleanup: Have libxl__alloc_vdev use /libxl When allocating a vdev for a new disk, look in /libxl/device, rather than the frontends directory in xenstore. This is more in line with the other parts of libxl, which ought not to trust frontends. In this case, though, there is no security bug prior to this patch because the frontend is the toolstack domain itself. If libxl__alloc_vdev were ever changed to take a frontend domain argument, this patch will fix a latent security bug. This is a followup to XSA-175. Signed-off-by: Ian Jackson Reviewed-by: Wei Liu Release-acked-by: Wei Liu --- tools/libxl/libxl.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tools/libxl/libxl.c b/tools/libxl/libxl.c index 9ff08a5ffb..d5475ed7d8 100644 --- a/tools/libxl/libxl.c +++ b/tools/libxl/libxl.c @@ -3105,7 +3105,7 @@ static char * libxl__alloc_vdev(libxl__gc *gc, void *get_vdev_user, { const char *blkdev_start = (const char *) get_vdev_user; int devid = 0, disk = 0, part = 0; - char *dompath = libxl__xs_get_dompath(gc, LIBXL_TOOLSTACK_DOMID); + char *libxl_dom_path = libxl__xs_libxl_path(gc, LIBXL_TOOLSTACK_DOMID); libxl__device_disk_dev_number(blkdev_start, &disk, &part); if (part != 0) { @@ -3120,7 +3120,7 @@ static char * libxl__alloc_vdev(libxl__gc *gc, void *get_vdev_user, return NULL; if (libxl__xs_read(gc, t, GCSPRINTF("%s/device/vbd/%d/backend", - dompath, devid)) == NULL) { + libxl_dom_path, devid)) == NULL) { if (errno == ENOENT) return libxl__devid_to_vdev(gc, devid); else -- 2.30.2