mirror of
https://github.com/opnsense/src.git
synced 2026-04-03 16:35:27 -04:00
4e4e43dc9e
Xenstore watches received are queued in a list and processed in a deferred thread. Such queuing was done without any checking, so a guest could potentially trigger a resource starvation against the FreeBSD kernel if such kernel is watching any user-controlled xenstore path. Allowing limiting the amount of pending events a watch can accumulate to prevent a remote guest from triggering this resource starvation issue. For the PV device backends and frontends this limitation is only applied to the other end /state node, which is limited to 1 pending event, the rest of the watched paths can still have unlimited pending watches because they are either local or controlled by a privileged domain. The xenstore user-space device gets special treatment as it's not possible for the kernel to know whether the paths being watched by user-space processes are controlled by a guest domain. For this reason watches set by the xenstore user-space device are limited to 1000 pending events. Note this can be modified using the max_pending_watch_events sysctl of the device. This is XSA-349. Sponsored by: Citrix Systems R&D MFC after: 3 days |
||
|---|---|---|
| .. | ||
| evtchn | ||
| interface | ||
| xenbus | ||
| xenmem | ||
| xenstore | ||
| blkif.h | ||
| error.h | ||
| evtchn.h | ||
| features.c | ||
| features.h | ||
| gntdev.h | ||
| gnttab.h | ||
| hvm.h | ||
| hypervisor.h | ||
| privcmd.h | ||
| xen-os.h | ||
| xen_intr.h | ||
| xen_msi.h | ||
| xen_pci.h | ||
| xen_pv.h | ||