Previously this option would be silently ignored, which is a potential
security problem (introduced in 84f2fd1b "run QEMU as non-root" in
xen-unstable only).
Signed-off-by: Ian Jackson <ian.jack...@eu.citrix.com>
CC: Stefano Stabellini <stefano.stabell...@eu.citrix.com>
---
v6: New patch.
---
tools/libxl/libxl_dm.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/tools/libxl/libxl_dm.c b/tools/libxl/libxl_dm.c
index 886ed9c..8232981 100644
--- a/tools/libxl/libxl_dm.c
+++ b/tools/libxl/libxl_dm.c
@@ -415,6 +415,14 @@ static int libxl__build_device_model_args_old(libxl__gc
*gc,
dm_args = flexarray_make(gc, 16, 1);
dm_envs = flexarray_make(gc, 16, 1);
+ if (b_info->device_model_user && /* default is NULL if stubdom */
+ strcmp(b_info->device_model_user,"root")) {
+ LOG(ERROR,
+ "device_model_user != root (%s) not supported by qemu-xen-traditional",
+ b_info->device_model_user);
+ return ERROR_INVAL;
+ }
+
flexarray_vappend(dm_args, dm,
"-d", GCSPRINTF("%d", domid), NULL);
--
1.7.10.4
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
