From nobody Sat Jul 4 21:10:42 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass(p=reject dis=none) header.from=citrix.com ARC-Seal: i=1; a=rsa-sha256; t=1783004625; cv=none; d=zohomail.com; s=zohoarc; b=hLgeglXBgovrMHhBy+AomLWf5/EEdNL16k9Ztdt+ucP6LzEIchuLDguWc/QWk+yYbgNgn5gqKE7Z+3uDDEjZYyfKIh5JYf1IdGpNAtWly6ybmTbFKekbR455MeJUBRL2SaY+Lo861NDzcCVGHaZg3Q2ySCWZNaH+fsW0uRVakqI= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1783004625; h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=DjmOe84IrhGJfQjiy2t/gDqUrLCLWBZLNspBTB4loJM=; b=T+wc1qZlLRMfIwhK7O+5yOJrI+ikclg2C1JsPX8eePxLcgw9c1hdRkgyuHSpUESpgi5DerB34jP6QpFZJXIjpOX8tCyfEi+Ncs675bpDH+jHhREvnftSxFOsTqFzOveGeoZ+TOMo3tOZmJtsAd2eFsY28aqhSCJsIyRG98U+BII= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1783004625817373.31364590596854; Thu, 2 Jul 2026 08:03:45 -0700 (PDT) Received: from list by lists.xenproject.org with outflank-mailman.1352012.1608968 (Exim 4.92) (envelope-from ) id 1wfIwa-0005Yl-Vx; Thu, 02 Jul 2026 15:03:12 +0000 Received: by outflank-mailman (output) from mailman id 1352012.1608968; Thu, 02 Jul 2026 15:03:12 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1wfIwa-0005Ye-T9; Thu, 02 Jul 2026 15:03:12 +0000 Received: by outflank-mailman (input) for mailman id 1352012; Thu, 02 Jul 2026 15:03:11 +0000 Received: from mx.expurgate.net ([194.145.224.10]) by lists.xenproject.org with esmtp (Exim 4.92) id 1wfIwZ-0005YR-3D for xen-devel@lists.xenproject.org; Thu, 02 Jul 2026 15:03:11 +0000 Received: from mx.expurgate.net (helo=localhost) by mx.expurgate.net with esmtp id 1wfIwX-007ziY-RR for xen-devel@lists.xenproject.org; Thu, 02 Jul 2026 17:03:09 +0200 Received: from [10.42.69.3] (helo=localhost) by localhost with ESMTP (eXpurgate MTA 0.9.1) (envelope-from ) id 6a467d9b-bab6-0a2a0a5309dd-0a2a4503e5ce-46 for ; Thu, 02 Jul 2026 17:03:09 +0200 Received: from [209.85.208.47] (helo=mail-ed1-f47.google.com) by tlsNG-33051d.mxtls.expurgate.net with ESMTPS (eXpurgate 4.57.1) (envelope-from ) id 6a467da8-ec1a-0a2a45030019-d155d02fa899-3 for ; Thu, 02 Jul 2026 17:03:04 +0200 Received: by mail-ed1-f47.google.com with SMTP id 4fb4d7f45d1cf-6983d3dae7aso1171353a12.0 for ; Thu, 02 Jul 2026 08:03:04 -0700 (PDT) Received: from localhost.localdomain (host-78-146-248-75.as13285.net. [78.146.248.75]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-477db8a4b83sm11052511f8f.12.2026.07.02.08.03.02 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 02 Jul 2026 08:03:03 -0700 (PDT) X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" Authentication-Results: eu.smtp.expurgate.cloud; dkim=pass header.s=google header.d=citrix.com header.i="@citrix.com" header.h="Content-Transfer-Encoding:MIME-Version:Message-Id:Date:Subject:Cc:To:From" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=citrix.com; s=google; t=1783004584; x=1783609384; darn=lists.xenproject.org; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=DjmOe84IrhGJfQjiy2t/gDqUrLCLWBZLNspBTB4loJM=; b=JP5i7hTN5B82dxM7VAn+1fc0tYAt2zceSPUA9OL1YZy+G6v8zjGD5wYPvbGVUAVmIc 7wr1vBNf+MkN92xxVILVb5hDvJrZo3EM+gnp5LlOVuBiGnqdzPMA7Ekq+Yu9W+2vJeni d2nlGh/JmQQbhMiaQxnO9yaH0bOtK586Rh5/s= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1783004584; x=1783609384; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-gg:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=DjmOe84IrhGJfQjiy2t/gDqUrLCLWBZLNspBTB4loJM=; b=p/ZEzCOHKU0wFPoXQAEMuUudOnPc6ie4tluiu7AMHUlx8Kq4iCFJ36O0V14d5pSo6d Qh8Ytnw6+ZPckrhcDQmDFI5XatCs8dv7dE/4zTqkNj8X0oaLRbZVnC1dgtyZVBSjK3y3 DnVSeFdTFWaOsdBvXjDdBhNVvStSIq9ffwCcgEhryvSCpkeGGmgePRfu0AN2Pp/m7riI Zd92ZcgFWUPaUrxh3HSGr0snbWQpERuNP9K1jgGDuJqZR6gfX7ahqTksCECMa1sPGv/q BRCvIPBvqdhMUXk6BXS4t/nffvgubDfSMGgvyscQlMb2D/7f2Xp7eWoKLwqiq/tusSEm mJsg== X-Gm-Message-State: AOJu0YyakJ3Zno1jDu52uMatiAeE581v00fAV1xo9X4/3xm5popGbsjR zWAf7FlUXhrb9JUidMwyjIH+oIreKgxnm3qpa2B9J1Wm7EFn6eZeAWZJCt32auEsnuIsmMXix/6 i4fpFDiM= X-Gm-Gg: AfdE7cliNE1ICdaAVXM1vx2/75Wrufg6+0aMzqbzz14tnOqi0lSf/qUNKTAHoANnzda rqdT5p5NdC9+DBvFo3F2mjewOG9MEMr/iq5FGDGVDRN/uJ05Kaypv1VayoHzPC0Ktl2+Stho2fD vypCuauuStZtk6cg04SQKrlyIYtSi8LAcq/QElp3wBCV4bPcs8QZjXCq26DZ+Ftoe1GAL2pgeGJ SnHMiRVsvHhbGWNY/ApAYrHMKnc4Jol8YvDxWnIZGDgD6einpRG1243fG9P7WtIvO7CkVuf91Jg K1IK4TKCoYiMSPLblPjgUNm6zhwkl+Z+O8eFZOGvgCpALPtU2xpsaGJ9nGCiyPOaofs8ZiLUWcb X8JFsEgzMgH4C7a1q1B9LV+3Zg8DrFfwIxWlPtewOACwBYt0I6wRvgxbs6w84Ft+jXBXoShoypk p9mWCfVEGFR1aF8LSsVIdzSC/KfhDKjq0BNkOw/FXTf1XyWPluK9XF7WxaGYhkhGQ= X-Received: by 2002:a17:907:d303:b0:c12:a7c5:e638 with SMTP id a640c23a62f3a-c12c9d3c84cmr14402666b.7.1783004583966; Thu, 02 Jul 2026 08:03:03 -0700 (PDT) From: Andrew Cooper To: Xen-devel Cc: Andrew Cooper , Anthony PERARD , Michal Orzel , Jan Beulich , Julien Grall , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= , Stefano Stabellini , Oleksii Kurochko Subject: [PATCH for-4.22] tools/libfsimage: Remove the XEN_FSIMAGE_FSDIR environment variable Date: Thu, 2 Jul 2026 16:03:01 +0100 Message-Id: <20260702150301.825883-1-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.39.5 MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-purgate-ID: tlsNG-33051d/1783004589-B57BF5D1-AA55E787/10/73395122804 X-purgate-type: spam X-purgate-size: 2307 X-ZohoMail-DKIM: pass (identity @citrix.com) X-ZM-MESSAGEID: 1783004627977158500 This was reported to the security team, demonstrating that code execution could be achieved, but without a demonstration of a priviliege boundary bei= ng bypassed. Still, it's a high risk path with no obvious evidence of having been used e= ven for debugging, so remove the environment variable and use the build time $(libdir)/xenfsimage path only. Signed-off-by: Andrew Cooper Acked-by: Anthony PERARD Acked-by: Oleksii Kurochko Reviewed-by: Roger Pau Monn=C3=A9 --- CC: Anthony PERARD CC: Michal Orzel CC: Jan Beulich CC: Julien Grall CC: Roger Pau Monn=C3=A9 CC: Stefano Stabellini CC: Oleksii Kurochko For 4.22. This was supposed to be posted earlier but fell through the crac= ks. Given it's borderline-security aspect, we don't want to delay it any furthe= r. --- CHANGELOG.md | 1 + tools/libfsimage/common/fsimage_plugin.c | 5 +---- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index ef4e6ae9c459..0a4e5f013cb1 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -63,6 +63,7 @@ The format is based on [Keep a Changelog](https://keepach= angelog.com/en/1.0.0/) =20 - Removed xenpm tool on non-x86 platforms as it doesn't actually provide anything useful outside of x86. + - Removed the XEN_FSIMAGE_FSDIR environment variable. =20 ## [4.21.0](https://xenbits.xenproject.org/gitweb/?p=3Dxen.git;a=3Dshortlo= g;h=3DRELEASE-4.21.0) - 2025-11-19 =20 diff --git a/tools/libfsimage/common/fsimage_plugin.c b/tools/libfsimage/co= mmon/fsimage_plugin.c index d0cb9e96a654..539dc247356a 100644 --- a/tools/libfsimage/common/fsimage_plugin.c +++ b/tools/libfsimage/common/fsimage_plugin.c @@ -121,7 +121,7 @@ static int init_plugin(const char *lib) =20 int fsi_init(void) { - const char *fsdir =3D getenv("XEN_FSIMAGE_FSDIR"); + const char *fsdir =3D FSIMAGE_FSDIR; struct dirent *dp =3D NULL; DIR *dir =3D NULL; char *tmp =3D NULL; @@ -129,9 +129,6 @@ int fsi_init(void) int err; int ret =3D -1; =20 - if (fsdir =3D=3D NULL) - fsdir =3D FSIMAGE_FSDIR; - if ((name_max =3D pathconf(fsdir, _PC_NAME_MAX)) =3D=3D -1) goto fail; =20 base-commit: ad9f564a5d840389cbf1b230086e1dd8257d8820 --=20 2.39.5