On Tue, 2015-12-22 at 18:45 +0000, Ian Jackson wrote:
> Add a maximum limit of physmap entries to save, so that when the guest
> gets write access to physmap it cannot DOS the toolstack.
>
> Signed-off-by: Stefano Stabellini <stefano.stabell...@eu.citrix.com>
> Signed-off-by: Ian Jackson <ian.jack...@eu.citrix.com>
Can we have a reference for where the number 12 comes from please.
With that I think this doesn't need to wait for the rest of the series?
> ---
> v6: Split out of xs permissions relaxation patch.
> ---
> tools/libxl/libxl_dom.c | 7 +++++++
> 1 file changed, 7 insertions(+)
>
> diff --git a/tools/libxl/libxl_dom.c b/tools/libxl/libxl_dom.c
> index 6ded9c1..60e8f7f 100644
> --- a/tools/libxl/libxl_dom.c
> +++ b/tools/libxl/libxl_dom.c
> @@ -1431,6 +1431,8 @@ static void append_string(libxl__gc *gc, char
> **buf, uint32_t *len,
> *len += extralen;
> }
>
> +#define MAX_PHYSMAP_ENTRIES 12
> +
> int libxl__save_emulator_xenstore_data(libxl__domain_suspend_state *dss,
> char **callee_buf,
> uint32_t *callee_len)
> @@ -1450,6 +1452,11 @@ int
> libxl__save_emulator_xenstore_data(libxl__domain_suspend_state *dss,
> &nr_entries);
> if (!entries || nr_entries == 0) { rc = 0; goto out; }
>
> + if (nr_entries > MAX_PHYSMAP_ENTRIES) {
> + LOG(ERROR, "Max physmap entries reached");
> + return ERROR_FAIL;
> + }
> +
> for (i = 0; i < nr_entries; ++i) {
> static const char *const physmap_subkeys[] = {
> "start_addr", "size", "name"
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
