| Message ID | 20200428040433.23504-19-jandryuk@gmail.com (mailing list archive) |
|---|---|
| State | Superseded |
| Headers | show |
| Series | Add support for qemu-xen runnning in a Linux-based stubdomain | expand |
Jason Andryuk writes ("[PATCH v5 18/21] libxl: Check stubdomain kernel & ramdisk presence"):
> Just out of context is the following comment for libxl__domain_make:
> /* fixme: this function can leak the stubdom if it fails */
>
> When the stubdomain kernel or ramdisk is not present, the domid and
> stubdomain name will indeed be leaked. Avoid the leak by checking the
> file presence and erroring out when absent. It doesn't fix all cases,
> but it avoids a big one when using a linux device model stubdomain.
Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
diff --git a/tools/libxl/libxl_dm.c b/tools/libxl/libxl_dm.c index 5d61da1de8..a57c13bdf4 100644 --- a/tools/libxl/libxl_dm.c +++ b/tools/libxl/libxl_dm.c @@ -2316,6 +2316,22 @@ void libxl__spawn_stub_dm(libxl__egc *egc, libxl__stub_dm_spawn_state *sdss) dm_config->num_vkbs = 1; } + if (guest_config->b_info.stubdomain_kernel && + access(guest_config->b_info.stubdomain_kernel, R_OK) != 0) { + LOGED(ERROR, guest_domid, "could not access stubdomain kernel %s", + guest_config->b_info.stubdomain_kernel); + ret = ERROR_INVAL; + goto out; + } + + if (guest_config->b_info.stubdomain_ramdisk && + access(guest_config->b_info.stubdomain_ramdisk, R_OK) != 0) { + LOGED(ERROR, guest_domid, "could not access stubdomain ramdisk %s", + guest_config->b_info.stubdomain_ramdisk); + ret = ERROR_INVAL; + goto out; + } + stubdom_state->pv_kernel.path = guest_config->b_info.stubdomain_kernel; stubdom_state->pv_ramdisk.path = guest_config->b_info.stubdomain_ramdisk;
Just out of context is the following comment for libxl__domain_make: /* fixme: this function can leak the stubdom if it fails */ When the stubdomain kernel or ramdisk is not present, the domid and stubdomain name will indeed be leaked. Avoid the leak by checking the file presence and erroring out when absent. It doesn't fix all cases, but it avoids a big one when using a linux device model stubdomain. Signed-off-by: Jason Andryuk <jandryuk@gmail.com> --- tools/libxl/libxl_dm.c | 16 ++++++++++++++++ 1 file changed, 16 insertions(+)