bug in dom create script regarding xenstore permission?

bug in dom create script regarding xenstore permission?

[weiming]

[-- Attachment #1.1: Type: text/plain, Size: 489 bytes --]

Hi,

I upgraded from xen 3.2 to xen 3.4 and found that in 3.4, I can't write
xenstore in domU.
Then, I found that the owner of the /local/domain/<domid> is 0.
That is:
When I used xs_get_permissions to get the permission of "/local/domain/1", I
got
(0,0), (1,1)   (dom, perm)
which implies that dom0 is the owner, and dom1 has read-only perm.

in xen 3.2, it returns (1,0), which is correct.

So I guess it might be a bug in the dom create scripts, but I can't find
where.

Thanks,
Zephyr

[-- Attachment #1.2: Type: text/html, Size: 601 bytes --]

[-- Attachment #2: Type: text/plain, Size: 138 bytes --]

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

Re: bug in dom create script regarding xenstore permission?

[Vincent Hanquez]

weiming wrote:
> Hi,
> 
> I upgraded from xen 3.2 to xen 3.4 and found that in 3.4, I can't write 
> xenstore in domU.
> Then, I found that the owner of the /local/domain/<domid> is 0.
> That is:
> When I used xs_get_permissions to get the permission of 
> "/local/domain/1", I got
> (0,0), (1,1)   (dom, perm)
> which implies that dom0 is the owner, and dom1 has read-only perm.
> 
> in xen 3.2, it returns (1,0), which is correct.
> 
> So I guess it might be a bug in the dom create scripts, but I can't find 
> where.

Hi weiming,

it's not a bug. the behavior that you are seeing in 3.2 was a security 
issue. 3.4 got the issue fixed.

Cheers,
-- 
Vincent

Re: bug in dom create script regarding xenstore permission?

[weiming]

[-- Attachment #1.1: Type: text/plain, Size: 1087 bytes --]

Hi Vincent,

Thanks for letting me know.

Is their any way to override this default behavior?
I have a script in domU, which is supposed to post some info to xenstore
after it boots up.
Yes, I can manually grant permission after I create a guest domain, but I
wish I could automated it.

Thanks,
Weiming


On Tue, Jul 14, 2009 at 1:45 PM, Vincent Hanquez <
vincent.hanquez@eu.citrix.com> wrote:

> weiming wrote:
>
>> Hi,
>>
>> I upgraded from xen 3.2 to xen 3.4 and found that in 3.4, I can't write
>> xenstore in domU.
>> Then, I found that the owner of the /local/domain/<domid> is 0.
>> That is:
>> When I used xs_get_permissions to get the permission of "/local/domain/1",
>> I got
>> (0,0), (1,1)   (dom, perm)
>> which implies that dom0 is the owner, and dom1 has read-only perm.
>>
>> in xen 3.2, it returns (1,0), which is correct.
>>
>> So I guess it might be a bug in the dom create scripts, but I can't find
>> where.
>>
>
> Hi weiming,
>
> it's not a bug. the behavior that you are seeing in 3.2 was a security
> issue. 3.4 got the issue fixed.
>
> Cheers,
> --
> Vincent
>

[-- Attachment #1.2: Type: text/html, Size: 1678 bytes --]

[-- Attachment #2: Type: text/plain, Size: 138 bytes --]

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

Re: bug in dom create script regarding xenstore permission?

[Vincent Hanquez]

weiming wrote:
> Hi Vincent,
>
> Thanks for letting me know.
>
> Is their any way to override this default behavior?
> I have a script in domU, which is supposed to post some info to 
> xenstore after it boots up.
> Yes, I can manually grant permission after I create a guest domain, 
> but I wish I could automated it.
I don't really know how to do that exactly; you have to look at where 
the /local/domain/<domid>/ entry get created, and put an explicit 
setperm there.

However I think changing your script in a domU is the way forward. there 
are other place in xenstore (have a look at maybe /vm/<uuid>/ and 
/local/domain/<domid>/*/ ) that are still writable.

-- 
Vincent

Re: bug in dom create script regarding xenstore permission?

[weiming]

[-- Attachment #1.1: Type: text/plain, Size: 985 bytes --]

Thanks.
But as I said in the first post, /local/domain/<domid>/* is readonly to that
domain of <domid>
That makes me feel weird. (and you told me it's for security purpose. :D)

Weiming


On Wed, Jul 15, 2009 at 6:30 AM, Vincent Hanquez <
vincent.hanquez@eu.citrix.com> wrote:

> weiming wrote:
>
>> Hi Vincent,
>>
>> Thanks for letting me know.
>>
>> Is their any way to override this default behavior?
>> I have a script in domU, which is supposed to post some info to xenstore
>> after it boots up.
>> Yes, I can manually grant permission after I create a guest domain, but I
>> wish I could automated it.
>>
> I don't really know how to do that exactly; you have to look at where the
> /local/domain/<domid>/ entry get created, and put an explicit setperm there.
>
> However I think changing your script in a domU is the way forward. there
> are other place in xenstore (have a look at maybe /vm/<uuid>/ and
> /local/domain/<domid>/*/ ) that are still writable.
>
> --
> Vincent
>

[-- Attachment #1.2: Type: text/html, Size: 1530 bytes --]

[-- Attachment #2: Type: text/plain, Size: 138 bytes --]

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel