diff options
author | Juergen Gross <jgross@suse.com> | 2023-05-02 12:04:58 +0200 |
---|---|---|
committer | Jan Beulich <jbeulich@suse.com> | 2023-05-02 12:04:58 +0200 |
commit | b033eddc9779109c06a26936321d27a2ef4e088b (patch) | |
tree | ad4dcbc776215c259241cf5c368f7c2360a7b183 /xen | |
parent | 60b18e55c2ad0e0c840422b25b155a1544542907 (diff) | |
download | xen-b033eddc9779109c06a26936321d27a2ef4e088b.tar.gz |
xen/sysctl: fix XEN_SYSCTL_getdomaininfolist handling with XSM
In case XSM is active, the handling of XEN_SYSCTL_getdomaininfolist
can fail if the last domain scanned isn't allowed to be accessed by
the calling domain (i.e. xsm_getdomaininfo(XSM_HOOK, d) is failing).
Fix that by just ignoring scanned domains where xsm_getdomaininfo()
is returning an error, like it is effectively done when such a
situation occurs for a domain not being the last one scanned.
Fixes: d046f361dc93 ("Xen Security Modules: XSM")
Signed-off-by: Juergen Gross <jgross@suse.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
Diffstat (limited to 'xen')
-rw-r--r-- | xen/common/sysctl.c | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/xen/common/sysctl.c b/xen/common/sysctl.c index 02505ab044..0cbfe8bd44 100644 --- a/xen/common/sysctl.c +++ b/xen/common/sysctl.c @@ -89,8 +89,7 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xen_sysctl_t) u_sysctl) if ( num_domains == op->u.getdomaininfolist.max_domains ) break; - ret = xsm_getdomaininfo(XSM_HOOK, d); - if ( ret ) + if ( xsm_getdomaininfo(XSM_HOOK, d) ) continue; getdomaininfo(d, &info); |