| Message ID | 20230118095016.13091-18-jgross@suse.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show
Return-Path: <xen-devel-bounces@lists.xenproject.org> X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 5E84AC004D4 for <xen-devel@archiver.kernel.org>; Wed, 18 Jan 2023 09:55:36 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.480362.744741 (Exim 4.92) (envelope-from <xen-devel-bounces@lists.xenproject.org>) id 1pI5A3-0006Py-D3; Wed, 18 Jan 2023 09:55:15 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 480362.744741; Wed, 18 Jan 2023 09:55:15 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from <xen-devel-bounces@lists.xenproject.org>) id 1pI5A3-0006Oz-5r; Wed, 18 Jan 2023 09:55:15 +0000 Received: by outflank-mailman (input) for mailman id 480362; Wed, 18 Jan 2023 09:55:13 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from <SRS0=Ov7m=5P=suse.com=jgross@srs-se1.protection.inumbo.net>) id 1pI56p-0001v4-L2 for xen-devel@lists.xenproject.org; Wed, 18 Jan 2023 09:51:55 +0000 Received: from smtp-out1.suse.de (smtp-out1.suse.de [2001:67c:2178:6::1c]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id bd8568b3-9715-11ed-91b6-6bf2151ebd3b; Wed, 18 Jan 2023 10:51:54 +0100 (CET) Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by smtp-out1.suse.de (Postfix) with ESMTPS id B727B3EAA9; Wed, 18 Jan 2023 09:51:54 +0000 (UTC) Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by imap2.suse-dmz.suse.de (Postfix) with ESMTPS id 8A7C7139D2; Wed, 18 Jan 2023 09:51:54 +0000 (UTC) Received: from dovecot-director2.suse.de ([192.168.254.65]) by imap2.suse-dmz.suse.de with ESMTPSA id BY56IDrBx2MZRAAAMHmgww (envelope-from <jgross@suse.com>); Wed, 18 Jan 2023 09:51:54 +0000 X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion <xen-devel.lists.xenproject.org> List-Unsubscribe: <https://lists.xenproject.org/mailman/options/xen-devel>, <mailto:xen-devel-request@lists.xenproject.org?subject=unsubscribe> List-Post: <mailto:xen-devel@lists.xenproject.org> List-Help: <mailto:xen-devel-request@lists.xenproject.org?subject=help> List-Subscribe: <https://lists.xenproject.org/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xenproject.org?subject=subscribe> Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" <xen-devel-bounces@lists.xenproject.org> X-Inumbo-ID: bd8568b3-9715-11ed-91b6-6bf2151ebd3b DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=susede1; t=1674035514; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=oOWWalZWNgxUmz2EcuOumPLWbSmCnLaSwu6nlgaH5og=; b=MnBYQ9rCSeBrpPsHd0awpeK2iE9dO+VVk+UHKc1jbPAbC/tVx88sj6j55NHfvUJA3ae+GF 3ONWFIJKVj2I9Hl23kCiQCkPfOnYzIOGNiNmXz5stRxUCLr641M+DfciV4Zyhi0WF7/ocZ f7DbrcOyCyM5IGAhEBHGjVLB/7QiHfE= From: Juergen Gross <jgross@suse.com> To: xen-devel@lists.xenproject.org Cc: Juergen Gross <jgross@suse.com>, Wei Liu <wl@xen.org>, Julien Grall <julien@xen.org>, Anthony PERARD <anthony.perard@citrix.com> Subject: [PATCH v4 17/17] tools/xenstore: don't allow creating too many nodes in a transaction Date: Wed, 18 Jan 2023 10:50:16 +0100 Message-Id: <20230118095016.13091-18-jgross@suse.com> X-Mailer: git-send-email 2.35.3 In-Reply-To: <20230118095016.13091-1-jgross@suse.com> References: <20230118095016.13091-1-jgross@suse.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit |
| Series |
tools/xenstore: do some cleanup and fixes
|
expand
|
diff --git a/tools/xenstore/xenstored_domain.c b/tools/xenstore/xenstored_domain.c index 9ef41ede03..7eb9cd077b 100644 --- a/tools/xenstore/xenstored_domain.c +++ b/tools/xenstore/xenstored_domain.c @@ -1116,9 +1116,8 @@ int domain_nbentry_fix(unsigned int domid, int num, bool update) int domain_nbentry(struct connection *conn) { - return (domain_is_unprivileged(conn)) - ? conn->domain->nbentry - : 0; + return domain_is_unprivileged(conn) + ? domain_nbentry_add(conn, conn->id, 0, true) : 0; } static bool domain_chk_quota(struct domain *domain, int mem)
The accounting for the number of nodes of a domain in an active transaction is not working correctly, as it allows to create arbitrary number of nodes. The transaction will finally fail due to exceeding the number of nodes quota, but before closing the transaction an unprivileged guest could cause Xenstore to use a lot of memory. Signed-off-by: Juergen Gross <jgross@suse.com> --- tools/xenstore/xenstored_domain.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-)