Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP2:GA
xen.3680
xsa178-0012-libxl-Rename-READ_BACKEND-to-READ_L...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File xsa178-0012-libxl-Rename-READ_BACKEND-to-READ_LIBXLDEV.patch of Package xen.3680
References: bsc#979670 CVE-2016-4963 XSA-178 From 729ba26c1180288fd93585af4328482e60babf2a Mon Sep 17 00:00:00 2001 From: Ian Jackson <ian.jackson@eu.citrix.com> Date: Wed, 4 May 2016 16:07:02 +0100 Subject: [PATCH 12/21] libxl: Rename READ_BACKEND to READ_LIBXLDEV We are going to want to change all the functions that use READ_BACKEND to get untrustworthy information from the backend, to use trustworthy information from /libxl. This will involve replacing READ_BACKEND, which reads from be_path, with a similar macro READ_LIBXLDEV, which reads from libxl_path. The macro name change generates a lot of clutter in the diff. So we break it out into this separate patch. Here, we rename the macro, but the implementation does not really match the new name. So, another way to look at this, is that we have transformed the bug: * All of the backends use READ_BACKEND, which is unsafe into the new bug: * READ_LIBXLDEV actually reads be_path, which is unsafe. There is no functional change as yet. This is part of XSA-178. Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com> Reviewed-by: Wei Liu <wei.liu2@citrix.com> --- tools/libxl/libxl.c | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) Index: xen-4.4.4-testing/tools/libxl/libxl.c =================================================================== --- xen-4.4.4-testing.orig/tools/libxl/libxl.c +++ xen-4.4.4-testing/tools/libxl/libxl.c @@ -3039,7 +3039,8 @@ static int libxl__device_nic_from_xs_be( libxl_device_nic_init(nic); -#define READ_BACKEND(tgc, subpath) ({ \ +/* Utility to read /libxl or backend xenstore keys, from be_path */ +#define READ_LIBXLDEV(tgc, subpath) ({ \ rc = libxl__xs_read_checked(tgc, XBT_NULL, \ GCSPRINTF("%s/" subpath, be_path), \ &tmp); \ @@ -3047,7 +3048,7 @@ static int libxl__device_nic_from_xs_be( (char*)tmp; \ }); - tmp = READ_BACKEND(gc, "handle"); + tmp = READ_LIBXLDEV(gc, "handle"); if (tmp) nic->devid = atoi(tmp); else @@ -3055,7 +3056,7 @@ static int libxl__device_nic_from_xs_be( /* nic->mtu = */ - tmp = READ_BACKEND(gc, "mac"); + tmp = READ_LIBXLDEV(gc, "mac"); if (tmp) { rc = libxl__parse_mac(tmp, nic->mac); if (rc) goto out; @@ -3063,9 +3064,9 @@ static int libxl__device_nic_from_xs_be( memset(nic->mac, 0, sizeof(nic->mac)); } - nic->ip = READ_BACKEND(NOGC, "ip"); - nic->bridge = READ_BACKEND(NOGC, "bridge"); - nic->script = READ_BACKEND(NOGC, "script"); + nic->ip = READ_LIBXLDEV(NOGC, "ip"); + nic->bridge = READ_LIBXLDEV(NOGC, "bridge"); + nic->script = READ_LIBXLDEV(NOGC, "script"); /* vif_ioemu nics use the same xenstore entries as vif interfaces */ nic->nictype = LIBXL_NIC_TYPE_VIF;
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor