Overview

File 55ffea69-libxl-handle-read-only-drives-with-qemu-xen.patch of Package xen.1589

References: bsc#947165 CVE-2015-7311 XSA-142

Subject: libxl: handle read-only drives with qemu-xen
From: Stefano Stabellini stefano.stabellini@eu.citrix.com Tue Sep 22 16:56:29 2015 +0100
Date: Tue Sep 22 16:56:29 2015 +0100:
Git: 4d99a76cfeba6d23504121a51e7750f230128d85

The current libxl code doesn't deal with read-only drives at all.

Upstream QEMU and qemu-xen only support read-only cdrom drives: make
sure to specify "readonly=on" for cdrom drives and return error in case
the user requested a non-cdrom read-only drive.

This is XSA-142, discovered by Lin Liu
(https://bugzilla.redhat.com/show_bug.cgi?id=1257893).

Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>

Backport to Xen 4.5 and earlier, apropos of report and review from
Michael Young.

Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>

Index: xen-4.4.3-testing/tools/libxl/libxl_dm.c
===================================================================
--- xen-4.4.3-testing.orig/tools/libxl/libxl_dm.c
+++ xen-4.4.3-testing/tools/libxl/libxl_dm.c
@@ -737,13 +737,18 @@ static char ** libxl__build_device_model
             if (disks[i].is_cdrom) {
                 if (disks[i].format == LIBXL_DISK_FORMAT_EMPTY)
                     drive = libxl__sprintf
-                        (gc, "if=ide,index=%d,media=cdrom,cache=writeback,id=ide-%i",
-                         disk, dev_number);
+                        (gc, "if=ide,index=%d,readonly=%s,media=cdrom,cache=writeback,id=ide-%i",
+                         disk, disks[i].readwrite ? "off" : "on", dev_number);
                 else
                     drive = libxl__sprintf
-                        (gc, "file=%s,if=ide,index=%d,media=cdrom,format=%s,cache=writeback,id=ide-%i",
-                         disks[i].pdev_path, disk, format, dev_number);
+                        (gc, "file=%s,if=ide,index=%d,readonly=%s,media=cdrom,format=%s,cache=writeback,id=ide-%i",
+                         disks[i].pdev_path, disk, disks[i].readwrite ? "off" : "on", format, dev_number);
             } else {
+                if (!disks[i].readwrite) {
+                    LIBXL__LOG(ctx, LIBXL__LOG_ERROR, "qemu-xen doesn't support read-only disk drivers");
+                    return NULL;
+                }
+
                 if (disks[i].format == LIBXL_DISK_FORMAT_EMPTY) {
                     LIBXL__LOG(ctx, LIBXL__LOG_WARNING, "cannot support"
                                " empty disk format for %s", disks[i].vdev);
openSUSE Build Service is sponsored by
Places