[5/5] xenbus/xenbus_backend: Disallow pending watch messages
Origin: https://git.kernel.org/linus/
9996bd494794a2fe393e97e7a982388c6249aa76
Bug: https://xenbits.xen.org/xsa/advisory-349.html
Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2020-29568
'xenbus_backend' watches 'state' of devices, which is writable by
guests. Hence, if guests intensively updates it, dom0 will have lots of
pending events that exhausting memory of dom0. In other words, guests
can trigger dom0 memory pressure. This is known as XSA-349. However,
the watch callback of it, 'frontend_changed()', reads only 'state', so
doesn't need to have the pending events.
To avoid the problem, this commit disallows pending watch messages for
'xenbus_backend' using the 'will_handle()' watch callback.
This is part of XSA-349
Cc: stable@vger.kernel.org
Signed-off-by: SeongJae Park <sjpark@amazon.de>
Reported-by: Michael Kurth <mku@amazon.de>
Reported-by: Pawel Wieczorkiewicz <wipawel@amazon.de>
Reviewed-by: Juergen Gross <jgross@suse.com>
Signed-off-by: Juergen Gross <jgross@suse.com>
Gbp-Pq: Topic bugfix/all
Gbp-Pq: Name xenbus-xenbus_backend-Disallow-pending-watch-message.patch
projects / linux.git / commit