From dd119a69ea174b96a8e60755ec75c7ed718aa9b9 Mon Sep 17 00:00:00 2001
Message-Id: <dd119a69ea174b96a8e60755ec75c7ed718aa9b9@dist-git>
From: Michal Privoznik <mprivozn@redhat.com>
Date: Fri, 7 Aug 2015 17:30:17 +0200
Subject: [PATCH] virDomainDefParseXML: Check for malicious cpu ids in <numa/>

https://bugzilla.redhat.com/show_bug.cgi?id=1176020

Some users think this is a good idea:

      <vcpu placement='static'>4</vcpu>
      <cpu mode='host-model'>
        <model fallback='allow'/>
        <numa>
          <cell id='0' cpus='0-1' memory='1048576' unit='KiB'/>
          <cell id='1' cpus='9-10' memory='2097152' unit='KiB'/>
        </numa>
      </cpu>

It's not. Lets therefore introduce a check and discourage them in
doing so.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
(cherry picked from commit 82af954c527e88111b05d50953b80eb4afde4d9a)
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
---
 src/conf/domain_conf.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 4fe38ae..54d0651 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -15047,6 +15047,12 @@ virDomainDefParseXML(xmlDocPtr xml,
         goto error;
     }
 
+    if (virDomainNumaGetMaxCPUID(def->numa) >= def->maxvcpus) {
+        virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
+                       _("CPU IDs in <numa> exceed the <vcpu> count"));
+        goto error;
+    }
+
     if (virDomainNumatuneParseXML(def->numa,
                                   def->placement_mode ==
                                   VIR_DOMAIN_CPU_PLACEMENT_MODE_STATIC,
-- 
2.5.0