From: Andrew Cooper <andrew.cooper3@citrix.com>
To: Xen-devel <xen-devel@lists.xenproject.org>
Cc: "Edwin Török" <edvin.torok@citrix.com>,
"Christian Lindig" <christian.lindig@citrix.com>,
"Ian Jackson" <iwj@xenproject.org>, "Wei Liu" <wl@xen.org>
Subject: [PATCH 1/3] tools/oxenstored: Fix quota calculation for mkdir EEXIST
Date: Wed, 3 Feb 2021 17:35:47 +0000 [thread overview]
Message-ID: <20210203173549.21159-2-andrew.cooper3@citrix.com> (raw)
In-Reply-To: <20210203173549.21159-1-andrew.cooper3@citrix.com>
From: Edwin Török <edvin.torok@citrix.com>
We increment the domain's quota on mkdir even when the node already exists.
This results in a quota inconsistency after live update, where reconstructing
the tree from scratch results in a different quota.
Not a security issue because the domain uses up quota faster, so it will only
get a Quota error sooner than it should.
Found by the structured fuzzer.
Signed-off-by: Edwin Török <edvin.torok@citrix.com>
---
CC: Christian Lindig <christian.lindig@citrix.com>
CC: Ian Jackson <iwj@xenproject.org>
CC: Wei Liu <wl@xen.org>
---
tools/ocaml/xenstored/store.ml | 1 +
1 file changed, 1 insertion(+)
diff --git a/tools/ocaml/xenstored/store.ml b/tools/ocaml/xenstored/store.ml
index 1bd0c81f6f..20e67b1427 100644
--- a/tools/ocaml/xenstored/store.ml
+++ b/tools/ocaml/xenstored/store.ml
@@ -419,6 +419,7 @@ let mkdir store perm path =
(* It's upt to the mkdir logic to decide what to do with existing path *)
if not (existing || (Perms.Connection.is_dom0 perm)) then Quota.check store.quota owner 0;
store.root <- path_mkdir store perm path;
+ if not existing then
Quota.add_entry store.quota owner
let rm store perm path =
--
2.11.0
next prev parent reply other threads:[~2021-02-03 17:36 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-02-03 17:35 [PATCH for-4.15 0/3] tools/oxenstored bugfixes Andrew Cooper
2021-02-03 17:35 ` Andrew Cooper [this message]
2021-02-03 17:40 ` [PATCH 1/3] tools/oxenstored: Fix quota calculation for mkdir EEXIST Ian Jackson
2021-02-03 17:35 ` [PATCH 2/3] tools/oxenstored: Reject invalid watch paths early Andrew Cooper
2021-02-04 10:51 ` Christian Lindig
2021-02-03 17:35 ` [PATCH 3/3] tools/oxenstored: mkdir conflicts were sometimes missed Andrew Cooper
2021-02-04 10:52 ` Christian Lindig
2021-02-03 17:41 ` [PATCH for-4.15 0/3] tools/oxenstored bugfixes Ian Jackson
2021-02-04 10:46 ` Christian Lindig
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210203173549.21159-2-andrew.cooper3@citrix.com \
--to=andrew.cooper3@citrix.com \
--cc=christian.lindig@citrix.com \
--cc=edvin.torok@citrix.com \
--cc=iwj@xenproject.org \
--cc=wl@xen.org \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.