libxl: Do not trust backend in channel list

Read the name from /libxl/device.  Pass the /libxl path to
libxl__device_channel_from_xenstore.

This removes the final route by which READ_LIBXLDEV might receive a
backend path.

This is part of XSA-178.

Signed-off-by: Ian Jackson <Ian.Jackson@eu.citrix.com>
Reviewed-by: Wei Liu <wei.liu2@citrix.com>
---
v2: Remove be_path variable which is now no longer used.

diff --git a/tools/libxl/libxl.c b/tools/libxl/libxl.c
index bbe37434f54bdcdceb4879da4bde0b291333a79c..9ff08a5ffbe49b79d10c642cbd76ad14aabb7f3d 100644 (file)
--- a/tools/libxl/libxl.c
+++ b/tools/libxl/libxl.c
@@ -3959,7 +3959,7 @@ static int libxl__append_channel_list(libxl__gc *gc,
                                               libxl_device_channel **channels,
                                               int *nchannels)
 {
-    char *libxl_dir_path = NULL, *be_path = NULL;
+    char *libxl_dir_path = NULL;
     char **dir = NULL;
     unsigned int n = 0, devid = 0;
     libxl_device_channel *next = NULL;
@@ -3976,10 +3976,7 @@ static int libxl__append_channel_list(libxl__gc *gc,
         libxl_device_channel *tmp;
 
         libxl_path = GCSPRINTF("%s/%s", libxl_dir_path, dir[i]);
-        be_path = libxl__xs_read(gc, XBT_NULL,
-                                 GCSPRINTF("%s/backend", libxl_path));
-        if (!be_path) continue;
-        name = libxl__xs_read(gc, XBT_NULL, GCSPRINTF("%s/name", be_path));
+        name = libxl__xs_read(gc, XBT_NULL, GCSPRINTF("%s/name", libxl_path));
         /* 'channels' are consoles with names, so ignore all consoles
            without names */
         if (!name) continue;
@@ -3991,7 +3988,7 @@ static int libxl__append_channel_list(libxl__gc *gc,
         }
         *channels = tmp;
         next = *channels + *nchannels + devid;
-        rc = libxl__device_channel_from_xenstore(gc, be_path, next);
+        rc = libxl__device_channel_from_xenstore(gc, libxl_path, next);
         if (rc) goto out;
         next->devid = devid;
         devid++;