File xs-04-get_node-context.patch of Package xen.4698

Overview Repositories Revisions Requests Users Attributes Meta

File xs-04-get_node-context.patch of Package xen.4698

commit ab32687503e054a72ebcede9b7aa34ef856634f6
Author: Juergen Gross <jgross@suse.com>
Date:   Tue Jul 19 13:30:45 2016 +0200

xenstore: add explicit memory context parameter to get_node()
    
    Add a parameter to xenstored get_node() function to explicitly
    specify the memory context to be used for allocations. This will make
    it easier to avoid memory leaks by using a context which is freed
    soon.
    
    This requires adding the temporary context to errno_from_parents() and
    ask_parents(), too.
    
    When calling get_node() select a sensible memory context for the new
    parameter by preferring a temporary one.
    
    Signed-off-by: Juergen Gross <jgross@suse.com>
    Reviewed-by: Wei Liu <wei.liu2@citrix.com>
    Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>

Index: xen-4.4.4-testing/tools/xenstore/xenstored_core.c
===================================================================
--- xen-4.4.4-testing.orig/tools/xenstore/xenstored_core.c
+++ xen-4.4.4-testing/tools/xenstore/xenstored_core.c
@@ -528,14 +528,18 @@ static char *get_parent(const void *ctx,
 	return talloc_asprintf(ctx, "%.*s", (int)(slash - node), node);
 }
 
-/* What do parents say? */
-static enum xs_perm_type ask_parents(struct connection *conn, const char *name)
+/*
+ * What do parents say?
+ * Temporary memory allocations are done with ctx.
+ */
+static enum xs_perm_type ask_parents(struct connection *conn, const void *ctx,
+				     const char *name)
 {
 	struct node *node;
 
 	do {
-		name = get_parent(name, name);
-		node = read_node(conn, name, name);
+		name = get_parent(ctx, name);
+		node = read_node(conn, ctx, name);
 		if (node)
 			break;
 	} while (!streq(name, "/"));
@@ -549,24 +553,32 @@ static enum xs_perm_type ask_parents(str
 	return perm_for_conn(conn, node->perms, node->num_perms);
 }
 
-/* We have a weird permissions system.  You can allow someone into a
+/*
+ * We have a weird permissions system.  You can allow someone into a
  * specific node without allowing it in the parents.  If it's going to
  * fail, however, we don't want the errno to indicate any information
- * about the node. */
-static int errno_from_parents(struct connection *conn, const char *node,
-			      int errnum, enum xs_perm_type perm)
+ * about the node.
+ * Temporary memory allocations are done with ctx.
+ */
+static int errno_from_parents(struct connection *conn, const void *ctx,
+			      const char *node, int errnum,
+			      enum xs_perm_type perm)
 {
 	/* We always tell them about memory failures. */
 	if (errnum == ENOMEM)
 		return errnum;
 
-	if (ask_parents(conn, node) & perm)
+	if (ask_parents(conn, ctx, node) & perm)
 		return errnum;
 	return EACCES;
 }
 
-/* If it fails, returns NULL and sets errno. */
+/*
+ * If it fails, returns NULL and sets errno.
+ * Temporary memory allocations are done with ctx.
+ */
 struct node *get_node(struct connection *conn,
+		      const void *ctx,
 		      const char *name,
 		      enum xs_perm_type perm)
 {
@@ -576,7 +588,7 @@ struct node *get_node(struct connection
 		errno = EINVAL;
 		return NULL;
 	}
-	node = read_node(conn, name, name);
+	node = read_node(conn, ctx, name);
 	/* If we don't have permission, we don't have node. */
 	if (node) {
 		if ((perm_for_conn(conn, node->perms, node->num_perms) & perm)
@@ -587,7 +599,7 @@ struct node *get_node(struct connection
 	}
 	/* Clean up errno if they weren't supposed to know. */
 	if (!node) 
-		errno = errno_from_parents(conn, name, errno, perm);
+		errno = errno_from_parents(conn, ctx, name, errno, perm);
 	return node;
 }
 
@@ -780,7 +792,7 @@ static void send_directory(struct connec
 	const char *name = onearg(in);
 
 	name = canonicalize(conn, name);
-	node = get_node(conn, name, XS_PERM_READ);
+	node = get_node(conn, in, name, XS_PERM_READ);
 	if (!node) {
 		send_error(conn, errno);
 		return;
@@ -795,7 +807,7 @@ static void do_read(struct connection *c
 	const char *name = onearg(in);
 
 	name = canonicalize(conn, name);
-	node = get_node(conn, name, XS_PERM_READ);
+	node = get_node(conn, in, name, XS_PERM_READ);
 	if (!node) {
 		send_error(conn, errno);
 		return;
@@ -945,7 +957,7 @@ static void do_write(struct connection *
 	datalen = in->used - offset;
 
 	name = canonicalize(conn, vec[0]);
-	node = get_node(conn, name, XS_PERM_WRITE);
+	node = get_node(conn, in, name, XS_PERM_WRITE);
 	if (!node) {
 		/* No permissions, invalid input? */
 		if (errno != ENOENT) {
@@ -978,7 +990,7 @@ static void do_mkdir(struct connection *
 	const char *name = onearg(in);
 
 	name = canonicalize(conn, name);
-	node = get_node(conn, name, XS_PERM_WRITE);
+	node = get_node(conn, in, name, XS_PERM_WRITE);
 
 	/* If it already exists, fine. */
 	if (!node) {
@@ -1097,7 +1109,7 @@ static void do_rm(struct connection *con
 	const char *name = onearg(in);
 
 	name = canonicalize(conn, name);
-	node = get_node(conn, name, XS_PERM_WRITE);
+	node = get_node(conn, in, name, XS_PERM_WRITE);
 	if (!node) {
 		/* Didn't exist already?  Fine, if parent exists. */
 		if (errno == ENOENT) {
@@ -1135,7 +1147,7 @@ static void do_get_perms(struct connecti
 	unsigned int len;
 
 	name = canonicalize(conn, name);
-	node = get_node(conn, name, XS_PERM_READ);
+	node = get_node(conn, in, name, XS_PERM_READ);
 	if (!node) {
 		send_error(conn, errno);
 		return;
@@ -1167,7 +1179,7 @@ static void do_set_perms(struct connecti
 	num--;
 
 	/* We must own node to do this (tools can do this too). */
-	node = get_node(conn, name, XS_PERM_WRITE|XS_PERM_OWNER);
+	node = get_node(conn, in, name, XS_PERM_WRITE|XS_PERM_OWNER);
 	if (!node) {
 		send_error(conn, errno);
 		return;
Index: xen-4.4.4-testing/tools/xenstore/xenstored_core.h
===================================================================
--- xen-4.4.4-testing.orig/tools/xenstore/xenstored_core.h
+++ xen-4.4.4-testing/tools/xenstore/xenstored_core.h
@@ -153,6 +153,7 @@ bool check_event_node(const char *node);
 
 /* Get this node, checking we have permissions. */
 struct node *get_node(struct connection *conn,
+		      const void *ctx,
 		      const char *name,
 		      enum xs_perm_type perm);
 
Index: xen-4.4.4-testing/tools/xenstore/xenstored_watch.c
===================================================================
--- xen-4.4.4-testing.orig/tools/xenstore/xenstored_watch.c
+++ xen-4.4.4-testing/tools/xenstore/xenstored_watch.c
@@ -58,7 +58,7 @@ static void add_event(struct connection
 
 	if (!check_event_node(name)) {
 		/* Can this conn load node, or see that it doesn't exist? */
-		struct node *node = get_node(conn, name, XS_PERM_READ);
+		struct node *node = get_node(conn, name, name, XS_PERM_READ);
 		/*
 		 * XXX We allow EACCES here because otherwise a non-dom0
 		 * backend driver cannot watch for disappearance of a frontend

Places

File xs-04-get_node-context.patch of Package xen.4698

Places