From mboxrd@z Thu Jan  1 00:00:00 1970
From: Magnus Carlsson <magnus@galois.com>
Subject: Fix for unassigned errno in xenstored_core.c
Date: Fri, 10 Nov 2006 11:45:21 -0800
Message-ID: <4554D6D1.6070608@galois.com>
References: <454277E5.9070407@galois.com>
	<eacc82a40610311232o71fa6e84g64c20c03ca21e810@mail.gmail.com>
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="------------050603070902080109000400"
Return-path: <xen-devel-bounces@lists.xensource.com>
In-Reply-To: <eacc82a40610311232o71fa6e84g64c20c03ca21e810@mail.gmail.com>
List-Unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xensource.com>
List-Help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-Subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
Sender: xen-devel-bounces@lists.xensource.com
Errors-To: xen-devel-bounces@lists.xensource.com
To: xen-devel@lists.xensource.com
List-Id: xen-devel@lists.xenproject.org

This is a multi-part message in MIME format.
--------------050603070902080109000400
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit

Dear all,

In certain cases, when a client doesn't have enough permissions, the
errno variable is not set in xenstored_core.c before its value is
reported back.  As a result, the client can learn about the errno of the
last failed request to xenstored (which could have come from another
client).  (An unintended information channel! :-)

Attached is a patch that I believe fixes the problem.  Also included are
a couple of test cases that demonstrate the problem.

Cheers,
Magnus


--------------050603070902080109000400
Content-Type: text/x-patch;
 name="xenstored_core.patch"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
 filename="xenstored_core.patch"

*** xenstore/xenstored_core.c	Sun Apr  9 15:05:54 2006
--- xs/xenstored_core.c	Fri Nov  3 15:57:13 2006
***************
*** 555,562 ****
  	/* If we don't have permission, we don't have node. */
  	if (node) {
  		if ((perm_for_conn(conn, node->perms, node->num_perms) & perm)
! 		    != perm)
  			node = NULL;
  	}
  	/* Clean up errno if they weren't supposed to know. */
  	if (!node) 
--- 555,564 ----
  	/* If we don't have permission, we don't have node. */
  	if (node) {
  		if ((perm_for_conn(conn, node->perms, node->num_perms) & perm)
! 		    != perm) {
! 			errno = EACCES;
  			node = NULL;
+ 		}
  	}
  	/* Clean up errno if they weren't supposed to know. */
  	if (!node) 


--------------050603070902080109000400
Content-Type: text/plain;
 name="99permissions.test"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
 filename="99permissions.test"

write /a/b v
setperm /a 1 READ
setperm /a/b 1 NONE

expect read failed: No such file or directory
read /nonexistent

setid 2

# this should presumably fail with EACCES, but fails with previous error instead
expect read failed: Permission denied
read /a/b

--------------050603070902080109000400
Content-Type: text/plain;
 name="99permissions2.test"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
 filename="99permissions2.test"

write /a/b v
setperm /a 1 READ
setperm /a/b 1 NONE

expect read failed: Invalid argument
read //

setid 2

# this should presumably fail with EACCES, but fails with previous error instead
expect read failed: Permission denied
read /a/b

--------------050603070902080109000400
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

--------------050603070902080109000400--