Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/0052-tools-xenstore-fix-connection-id-usage.patch
diff options
context:
space:
mode:
Diffstat (limited to '0052-tools-xenstore-fix-connection-id-usage.patch')
-rw-r--r--0052-tools-xenstore-fix-connection-id-usage.patch61
1 files changed, 0 insertions, 61 deletions
diff --git a/0052-tools-xenstore-fix-connection-id-usage.patch b/0052-tools-xenstore-fix-connection-id-usage.patch
deleted file mode 100644
index 5eac10f..0000000
--- a/0052-tools-xenstore-fix-connection-id-usage.patch
+++ /dev/null
@@ -1,61 +0,0 @@
-From 787241f55216d34ca025c835c6a2096d7664d711 Mon Sep 17 00:00:00 2001
-From: Juergen Gross <jgross@suse.com>
-Date: Tue, 13 Sep 2022 07:35:08 +0200
-Subject: [PATCH 52/87] tools/xenstore: fix connection->id usage
-
-Don't use conn->id for privilege checks, but domain_is_unprivileged().
-
-This is part of XSA-326.
-
-Signed-off-by: Juergen Gross <jgross@suse.com>
-Reviewed-by: Julien Grall <jgrall@amazon.com>
-(cherry picked from commit 3047df38e1991510bc295e3e1bb6b6b6c4a97831)
----
- tools/xenstore/xenstored_control.c | 2 +-
- tools/xenstore/xenstored_core.h | 2 +-
- tools/xenstore/xenstored_transaction.c | 3 ++-
- 3 files changed, 4 insertions(+), 3 deletions(-)
-
-diff --git a/tools/xenstore/xenstored_control.c b/tools/xenstore/xenstored_control.c
-index 7b4300ef7777..adb8d51b043b 100644
---- a/tools/xenstore/xenstored_control.c
-+++ b/tools/xenstore/xenstored_control.c
-@@ -891,7 +891,7 @@ int do_control(struct connection *conn, struct buffered_data *in)
- unsigned int cmd, num, off;
- char **vec = NULL;
-
-- if (conn->id != 0)
-+ if (domain_is_unprivileged(conn))
- return EACCES;
-
- off = get_string(in, 0);
-diff --git a/tools/xenstore/xenstored_core.h b/tools/xenstore/xenstored_core.h
-index b9b50e81c7b4..b1a70488b989 100644
---- a/tools/xenstore/xenstored_core.h
-+++ b/tools/xenstore/xenstored_core.h
-@@ -123,7 +123,7 @@ struct connection
- /* The index of pollfd in global pollfd array */
- int pollfd_idx;
-
-- /* Who am I? 0 for socket connections. */
-+ /* Who am I? Domid of connection. */
- unsigned int id;
-
- /* Is this connection ignored? */
-diff --git a/tools/xenstore/xenstored_transaction.c b/tools/xenstore/xenstored_transaction.c
-index 54432907fc76..ee1b09031a3b 100644
---- a/tools/xenstore/xenstored_transaction.c
-+++ b/tools/xenstore/xenstored_transaction.c
-@@ -477,7 +477,8 @@ int do_transaction_start(struct connection *conn, struct buffered_data *in)
- if (conn->transaction)
- return EBUSY;
-
-- if (conn->id && conn->transaction_started > quota_max_transaction)
-+ if (domain_is_unprivileged(conn) &&
-+ conn->transaction_started > quota_max_transaction)
- return ENOSPC;
-
- /* Attach transaction to input for autofree until it's complete */
---
-2.37.4
-