Hi,
I have tagged the e-mail with 4.15 as I think we likely want some of the
patches to be in the next release.
As a minimum, we get the following:
- patch #7: xenstore: handle do_mkdir and do_rm failure
- patch #8: xenstore: add missing NULL check
- patch #10: xs: add error handling
The first two add missing NULL check in runtime code in XenStored. The
3rd one adds a missing NULL check in xs_is_domain_introduced() in
libxenstore (can be used at runtime by xenpaging at least).
In addition to that, I would like to consider patch #3: xenstore: check
formats of trace. It is allowing the compiler to check the format printf
for trace(). This should be low-risk.
For the rest is a mix of silencing coverity and potential errors either
at init or in a standalone binaries.
The init ones would be useful (patch #1, #5, #9) for Xenstored
LiveUpdate as they would be potential triggered when upgrading the
binary. But I am not sure whether we consider LiveUpdate supported.
Any thoughts?
Cheers,
On 26/02/2021 14:41, Norbert Manthey wrote:
> Dear all,
>
> we have been running some code analysis tools on the xenstore code, and triaged
> the results. This series presents the robustness fixes we identified.
>
> Best,
> Norbert
>
> Michael Kurth (1):
> xenstore: add missing NULL check
>
> Norbert Manthey (9):
> xenstore: add missing NULL check
> xenstore: fix print format string
> xenstore: check formats of trace
> xenstore_client: handle memory on error
> xenstore: handle daemon creation errors
> xenstored: handle port reads correctly
> xenstore: handle do_mkdir and do_rm failure
> xs: handle daemon socket error
> xs: add error handling
>
> tools/libs/store/xs.c | 10 +++++++++-
> tools/xenstore/xenstore_client.c | 3 +++
> tools/xenstore/xenstored_core.c | 16 ++++++++++++++++
> tools/xenstore/xenstored_core.h | 2 +-
> tools/xenstore/xenstored_posix.c | 6 +++++-
> tools/xenstore/xs_tdb_dump.c | 6 +++---
> 6 files changed, 37 insertions(+), 6 deletions(-)
>
--
Julien Grall