]> git.ipfire.org Git - thirdparty/libvirt.git/commitdiff
projects / thirdparty / libvirt.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 50864dc)
rpc: require write acl for guest agent in virDomainInterfaceAddresses
authorJán Tomko <jtomko@redhat.com>
Fri, 18 Sep 2020 15:54:14 +0000 (17:54 +0200)
committerJán Tomko <jtomko@redhat.com>
Wed, 30 Sep 2020 09:42:28 +0000 (11:42 +0200)
CVE-2020-25637

Add a requirement for domain:write if source is set to
VIR_DOMAIN_INTERFACE_ADDRESSES_SRC_AGENT.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
src/libxl/libxl_driver.c patch | blob | blame | history
src/lxc/lxc_driver.c patch | blob | blame | history
src/qemu/qemu_driver.c patch | blob | blame | history
src/remote/remote_protocol.x patch | blob | blame | history

diff --git a/src/libxl/libxl_driver.c b/src/libxl/libxl_driver.c
index 571b70f98246644f50dfd8183b045e49396c432c..cbb692d92a383f9734cf28d1bb175209e12101fa 100644 (file)
--- a/src/libxl/libxl_driver.c
+++ b/src/libxl/libxl_driver.c
@@ -6428,7 +6428,7 @@ libxlDomainInterfaceAddresses(virDomainPtr dom,
     if (!(vm = libxlDomObjFromDomain(dom)))
         goto cleanup;
 
-    if (virDomainInterfaceAddressesEnsureACL(dom->conn, vm->def) < 0)
+    if (virDomainInterfaceAddressesEnsureACL(dom->conn, vm->def, source) < 0)
         goto cleanup;
 
     if (virDomainObjCheckActive(vm) < 0)
diff --git a/src/lxc/lxc_driver.c b/src/lxc/lxc_driver.c
index a530488dd238067fabeef5488eb0c59db2a1e38d..ec3cb60a78b4268f3bdbd5bfef87d882bcca5305 100644 (file)
--- a/src/lxc/lxc_driver.c
+++ b/src/lxc/lxc_driver.c
@@ -1700,7 +1700,7 @@ lxcDomainInterfaceAddresses(virDomainPtr dom,
     if (!(vm = lxcDomObjFromDomain(dom)))
         goto cleanup;
 
-    if (virDomainInterfaceAddressesEnsureACL(dom->conn, vm->def) < 0)
+    if (virDomainInterfaceAddressesEnsureACL(dom->conn, vm->def, source) < 0)
         goto cleanup;
 
     if (virDomainObjCheckActive(vm) < 0)
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index b27f05992bcb9f3dacfcb5976f50f0b11d7d71bf..e158cf85a9061a931f2fe9cec6d12e6e7f3dc97e 100644 (file)
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -19004,7 +19004,7 @@ qemuDomainInterfaceAddresses(virDomainPtr dom,
     if (!(vm = qemuDomainObjFromDomain(dom)))
         goto cleanup;
 
-    if (virDomainInterfaceAddressesEnsureACL(dom->conn, vm->def) < 0)
+    if (virDomainInterfaceAddressesEnsureACL(dom->conn, vm->def, source) < 0)
         goto cleanup;
 
     if (virDomainObjCheckActive(vm) < 0)
diff --git a/src/remote/remote_protocol.x b/src/remote/remote_protocol.x
index 718829e2d241a8827d290e80beb0ce3d98e85225..f4d61476768802b07cede02174bbd1f53e9398ff 100644 (file)
--- a/src/remote/remote_protocol.x
+++ b/src/remote/remote_protocol.x
@@ -6211,6 +6211,7 @@ enum remote_procedure {
     /**
      * @generate: none
      * @acl: domain:read
+     * @acl: domain:write::source:VIR_DOMAIN_INTERFACE_ADDRESSES_SRC_AGENT
      */
     REMOTE_PROC_DOMAIN_INTERFACE_ADDRESSES = 353,
 
Mirror of https://github.com/libvirt/libvirt.git