• Keir Fraser's avatar
    blkback: Fix CVE-2010-3699 · 313d7b00
    Keir Fraser authored
    A guest can cause the backend driver to leak a kernel thread. Such
    leaked threads hold references to the device, whichmakes the device
    impossible to tear down. If shut down, the guest remains a zombie
    domain, the xenwatch process hangs, and most xm commands will stop
    working.
    
    This patch tries to do the following for blkback:
        - identify/extract idempotent teardown operations,
        - add/move the invocation of said teardown operation
          right before we're about to allocate new resources in the
          Connected states.
    
    [ linux-2.6.18-xen.hg 59f097ef181b ]
    Signed-off-by: default avatarLaszlo Ersek <lersek@redhat.com>
    Signed-off-by: default avatarKeir Fraser <keir@xen.org>
    Signed-off-by: default avatarJeremy Fitzhardinge <jeremy.fitzhardinge@citrix.com>
    313d7b00
xenbus.c 13.6 KB