@@ -517,13 +517,14 @@ static char *get_parent(const void *mem, const char *node)
}
/* What do parents say? */
-static enum xs_perm_type ask_parents(struct connection *conn, const char *name)
+static enum xs_perm_type ask_parents(struct connection *conn, const void *mem,
+ const char *name)
{
struct node *node;
do {
- name = get_parent(name, name);
- node = read_node(conn, name, name);
+ name = get_parent(mem, name);
+ node = read_node(conn, mem, name);
if (node)
break;
} while (!streq(name, "/"));
@@ -541,20 +542,22 @@ static enum xs_perm_type ask_parents(struct connection *conn, const char *name)
* specific node without allowing it in the parents. If it's going to
* fail, however, we don't want the errno to indicate any information
* about the node. */
-static int errno_from_parents(struct connection *conn, const char *node,
- int errnum, enum xs_perm_type perm)
+static int errno_from_parents(struct connection *conn, const void *mem,
+ const char *node, int errnum,
+ enum xs_perm_type perm)
{
/* We always tell them about memory failures. */
if (errnum == ENOMEM)
return errnum;
- if (ask_parents(conn, node) & perm)
+ if (ask_parents(conn, mem, node) & perm)
return errnum;
return EACCES;
}
/* If it fails, returns NULL and sets errno. */
struct node *get_node(struct connection *conn,
+ const void *mem,
const char *name,
enum xs_perm_type perm)
{
@@ -564,7 +567,7 @@ struct node *get_node(struct connection *conn,
errno = EINVAL;
return NULL;
}
- node = read_node(conn, name, name);
+ node = read_node(conn, mem, name);
/* If we don't have permission, we don't have node. */
if (node) {
if ((perm_for_conn(conn, node->perms, node->num_perms) & perm)
@@ -575,7 +578,7 @@ struct node *get_node(struct connection *conn,
}
/* Clean up errno if they weren't supposed to know. */
if (!node)
- errno = errno_from_parents(conn, name, errno, perm);
+ errno = errno_from_parents(conn, mem, name, errno, perm);
return node;
}
@@ -768,7 +771,7 @@ static void send_directory(struct connection *conn, struct buffered_data *in)
const char *name = onearg(in);
name = canonicalize(conn, name);
- node = get_node(conn, name, XS_PERM_READ);
+ node = get_node(conn, in, name, XS_PERM_READ);
if (!node) {
send_error(conn, errno);
return;
@@ -783,7 +786,7 @@ static void do_read(struct connection *conn, struct buffered_data *in)
const char *name = onearg(in);
name = canonicalize(conn, name);
- node = get_node(conn, name, XS_PERM_READ);
+ node = get_node(conn, in, name, XS_PERM_READ);
if (!node) {
send_error(conn, errno);
return;
@@ -920,7 +923,7 @@ static void do_write(struct connection *conn, struct buffered_data *in)
datalen = in->used - offset;
name = canonicalize(conn, vec[0]);
- node = get_node(conn, name, XS_PERM_WRITE);
+ node = get_node(conn, in, name, XS_PERM_WRITE);
if (!node) {
/* No permissions, invalid input? */
if (errno != ENOENT) {
@@ -952,7 +955,7 @@ static void do_mkdir(struct connection *conn, struct buffered_data *in)
const char *name = onearg(in);
name = canonicalize(conn, name);
- node = get_node(conn, name, XS_PERM_WRITE);
+ node = get_node(conn, in, name, XS_PERM_WRITE);
/* If it already exists, fine. */
if (!node) {
@@ -1070,7 +1073,7 @@ static void do_rm(struct connection *conn, struct buffered_data *in)
const char *name = onearg(in);
name = canonicalize(conn, name);
- node = get_node(conn, name, XS_PERM_WRITE);
+ node = get_node(conn, in, name, XS_PERM_WRITE);
if (!node) {
/* Didn't exist already? Fine, if parent exists. */
if (errno == ENOENT) {
@@ -1107,7 +1110,7 @@ static void do_get_perms(struct connection *conn, struct buffered_data *in)
unsigned int len;
name = canonicalize(conn, name);
- node = get_node(conn, name, XS_PERM_READ);
+ node = get_node(conn, in, name, XS_PERM_READ);
if (!node) {
send_error(conn, errno);
return;
@@ -1139,7 +1142,7 @@ static void do_set_perms(struct connection *conn, struct buffered_data *in)
num--;
/* We must own node to do this (tools can do this too). */
- node = get_node(conn, name, XS_PERM_WRITE|XS_PERM_OWNER);
+ node = get_node(conn, in, name, XS_PERM_WRITE|XS_PERM_OWNER);
if (!node) {
send_error(conn, errno);
return;
@@ -149,6 +149,7 @@ bool check_event_node(const char *node);
/* Get this node, checking we have permissions. */
struct node *get_node(struct connection *conn,
+ const void *mem,
const char *name,
enum xs_perm_type perm);
@@ -57,7 +57,7 @@ static void add_event(struct connection *conn,
if (!check_event_node(name)) {
/* Can this conn load node, or see that it doesn't exist? */
- struct node *node = get_node(conn, name, XS_PERM_READ);
+ struct node *node = get_node(conn, name, name, XS_PERM_READ);
/*
* XXX We allow EACCES here because otherwise a non-dom0
* backend driver cannot watch for disappearance of a frontend
Add a parameter to xenstored get_node() function to explicitly specify the memory context to be used for allocations. This will make it easier to avoid memory leaks by using a context which is freed soon. This requires adding the temporary context to errno_from_parents() and ask_parents(), too. When calling get_node() select a sensible memory context for the new parameter by preferring a temporary one. Signed-off-by: Juergen Gross <jgross@suse.com> --- tools/xenstore/xenstored_core.c | 33 ++++++++++++++++++--------------- tools/xenstore/xenstored_core.h | 1 + tools/xenstore/xenstored_watch.c | 2 +- 3 files changed, 20 insertions(+), 16 deletions(-)