weiming
2009-Jul-14 17:40 UTC
[Xen-devel] bug in dom create script regarding xenstore permission?
Hi, I upgraded from xen 3.2 to xen 3.4 and found that in 3.4, I can''t write xenstore in domU. Then, I found that the owner of the /local/domain/<domid> is 0. That is: When I used xs_get_permissions to get the permission of "/local/domain/1", I got (0,0), (1,1) (dom, perm) which implies that dom0 is the owner, and dom1 has read-only perm. in xen 3.2, it returns (1,0), which is correct. So I guess it might be a bug in the dom create scripts, but I can''t find where. Thanks, Zephyr _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Vincent Hanquez
2009-Jul-14 17:45 UTC
Re: [Xen-devel] bug in dom create script regarding xenstore permission?
weiming wrote:> Hi, > > I upgraded from xen 3.2 to xen 3.4 and found that in 3.4, I can''t write > xenstore in domU. > Then, I found that the owner of the /local/domain/<domid> is 0. > That is: > When I used xs_get_permissions to get the permission of > "/local/domain/1", I got > (0,0), (1,1) (dom, perm) > which implies that dom0 is the owner, and dom1 has read-only perm. > > in xen 3.2, it returns (1,0), which is correct. > > So I guess it might be a bug in the dom create scripts, but I can''t find > where.Hi weiming, it''s not a bug. the behavior that you are seeing in 3.2 was a security issue. 3.4 got the issue fixed. Cheers, -- Vincent _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
weiming
2009-Jul-14 18:05 UTC
Re: [Xen-devel] bug in dom create script regarding xenstore permission?
Hi Vincent, Thanks for letting me know. Is their any way to override this default behavior? I have a script in domU, which is supposed to post some info to xenstore after it boots up. Yes, I can manually grant permission after I create a guest domain, but I wish I could automated it. Thanks, Weiming On Tue, Jul 14, 2009 at 1:45 PM, Vincent Hanquez < vincent.hanquez@eu.citrix.com> wrote:> weiming wrote: > >> Hi, >> >> I upgraded from xen 3.2 to xen 3.4 and found that in 3.4, I can''t write >> xenstore in domU. >> Then, I found that the owner of the /local/domain/<domid> is 0. >> That is: >> When I used xs_get_permissions to get the permission of "/local/domain/1", >> I got >> (0,0), (1,1) (dom, perm) >> which implies that dom0 is the owner, and dom1 has read-only perm. >> >> in xen 3.2, it returns (1,0), which is correct. >> >> So I guess it might be a bug in the dom create scripts, but I can''t find >> where. >> > > Hi weiming, > > it''s not a bug. the behavior that you are seeing in 3.2 was a security > issue. 3.4 got the issue fixed. > > Cheers, > -- > Vincent >_______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Vincent Hanquez
2009-Jul-15 10:30 UTC
Re: [Xen-devel] bug in dom create script regarding xenstore permission?
weiming wrote:> Hi Vincent, > > Thanks for letting me know. > > Is their any way to override this default behavior? > I have a script in domU, which is supposed to post some info to > xenstore after it boots up. > Yes, I can manually grant permission after I create a guest domain, > but I wish I could automated it.I don''t really know how to do that exactly; you have to look at where the /local/domain/<domid>/ entry get created, and put an explicit setperm there. However I think changing your script in a domU is the way forward. there are other place in xenstore (have a look at maybe /vm/<uuid>/ and /local/domain/<domid>/*/ ) that are still writable. -- Vincent _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
weiming
2009-Jul-15 12:52 UTC
Re: [Xen-devel] bug in dom create script regarding xenstore permission?
Thanks. But as I said in the first post, /local/domain/<domid>/* is readonly to that domain of <domid> That makes me feel weird. (and you told me it''s for security purpose. :D) Weiming On Wed, Jul 15, 2009 at 6:30 AM, Vincent Hanquez < vincent.hanquez@eu.citrix.com> wrote:> weiming wrote: > >> Hi Vincent, >> >> Thanks for letting me know. >> >> Is their any way to override this default behavior? >> I have a script in domU, which is supposed to post some info to xenstore >> after it boots up. >> Yes, I can manually grant permission after I create a guest domain, but I >> wish I could automated it. >> > I don''t really know how to do that exactly; you have to look at where the > /local/domain/<domid>/ entry get created, and put an explicit setperm there. > > However I think changing your script in a domU is the way forward. there > are other place in xenstore (have a look at maybe /vm/<uuid>/ and > /local/domain/<domid>/*/ ) that are still writable. > > -- > Vincent >_______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel