From: Edwin Török <[email protected]> We increment the domain's quota on mkdir even when the node already exists. This results in a quota inconsistency after live update, where reconstructing the tree from scratch results in a different quota.
Not a security issue because the domain uses up quota faster, so it will only get a Quota error sooner than it should. Found by the structured fuzzer. Signed-off-by: Edwin Török <[email protected]> --- CC: Christian Lindig <[email protected]> CC: Ian Jackson <[email protected]> CC: Wei Liu <[email protected]> --- tools/ocaml/xenstored/store.ml | 1 + 1 file changed, 1 insertion(+) diff --git a/tools/ocaml/xenstored/store.ml b/tools/ocaml/xenstored/store.ml index 1bd0c81f6f..20e67b1427 100644 --- a/tools/ocaml/xenstored/store.ml +++ b/tools/ocaml/xenstored/store.ml @@ -419,6 +419,7 @@ let mkdir store perm path = (* It's upt to the mkdir logic to decide what to do with existing path *) if not (existing || (Perms.Connection.is_dom0 perm)) then Quota.check store.quota owner 0; store.root <- path_mkdir store perm path; + if not existing then Quota.add_entry store.quota owner let rm store perm path = -- 2.11.0
