提交 313d7b00 编写于 作者: K Keir Fraser 提交者: Konrad Rzeszutek Wilk

blkback: Fix CVE-2010-3699

A guest can cause the backend driver to leak a kernel thread. Such
leaked threads hold references to the device, whichmakes the device
impossible to tear down. If shut down, the guest remains a zombie
domain, the xenwatch process hangs, and most xm commands will stop
working.

This patch tries to do the following for blkback:
    - identify/extract idempotent teardown operations,
    - add/move the invocation of said teardown operation
      right before we're about to allocate new resources in the
      Connected states.

[ linux-2.6.18-xen.hg 59f097ef181b ]
Signed-off-by: NLaszlo Ersek <lersek@redhat.com>
Signed-off-by: NKeir Fraser <keir@xen.org>
Signed-off-by: NJeremy Fitzhardinge <jeremy.fitzhardinge@citrix.com>
上级 a81135d9
......@@ -382,6 +382,11 @@ static void frontend_changed(struct xenbus_device *dev,
if (dev->state == XenbusStateConnected)
break;
/* Enforce precondition before potential leak point.
* blkif_disconnect() is idempotent.
*/
blkif_disconnect(be->blkif);
err = connect_ring(be);
if (err)
break;
......@@ -399,6 +404,7 @@ static void frontend_changed(struct xenbus_device *dev,
break;
/* fall through if not online */
case XenbusStateUnknown:
/* implies blkif_disconnect() via blkback_remove() */
device_unregister(&dev->dev);
break;
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册
新手
引导
客服 返回
顶部