commit 8508bacf355f6d66d863bb10417d93f7453a1a5c
author Alan Stokes <alanstokes@google.com> Mon Jun 17 15:33:21 2024 +0100
committer Alan Stokes <alanstokes@google.com> Mon Jun 17 15:33:21 2024 +0100
tree dfb777934e1b4d43d16b07c7b5be727c21aebb3b
parent 32be59b1fc06fcc2319f970b66146c3fb02bd604

Reject bogus vsock connections

We expect connections from guest VMs to send tombstones. Nothing else
should be connecting to our listening vsock port. If they do, just
close the connection.

Bug: 347661724
Test: atest MicrodroidTestApp MicrodroidHostTestCases
Change-Id: I2cb71fca1fd132fcc2cd0cd62ea1a6e50076c744

virtualizationservice/src/aidl.rs

diff --git a/virtualizationservice/src/aidl.rs b/virtualizationservice/src/aidl.rs
index 70da37b..a3e0dfe 100644
--- a/virtualizationservice/src/aidl.rs
+++ b/virtualizationservice/src/aidl.rs
@@ -33,7 +33,7 @@
     LazyServiceGuard, ParcelFileDescriptor, Status, Strong,
 };
 use lazy_static::lazy_static;
-use libc::VMADDR_CID_HOST;
+use libc::{VMADDR_CID_HOST, VMADDR_CID_HYPERVISOR, VMADDR_CID_LOCAL};
 use log::{error, info, warn};
 use nix::unistd::{chown, Uid};
 use openssl::x509::X509;
@@ -860,11 +860,21 @@
     for incoming_stream in listener.incoming() {
         let mut incoming_stream = match incoming_stream {
             Err(e) => {
-                warn!("invalid incoming connection: {:?}", e);
+                warn!("invalid incoming connection: {e:?}");
                 continue;
             }
             Ok(s) => s,
         };
+        if let Ok(addr) = incoming_stream.peer_addr() {
+            let cid = addr.cid();
+            match cid {
+                VMADDR_CID_LOCAL | VMADDR_CID_HOST | VMADDR_CID_HYPERVISOR => {
+                    warn!("Rejecting non-guest tombstone vsock connection from cid={cid}");
+                    continue;
+                }
+                _ => info!("Vsock Stream connected to cid={cid} for tombstones"),
+            }
+        }
         std::thread::spawn(move || {
             if let Err(e) = handle_tombstone(&mut incoming_stream) {
                 error!("Failed to write tombstone- {:?}", e);
@@ -875,9 +885,6 @@
 }
 
 fn handle_tombstone(stream: &mut VsockStream) -> Result<()> {
-    if let Ok(addr) = stream.peer_addr() {
-        info!("Vsock Stream connected to cid={} for tombstones", addr.cid());
-    }
     let tb_connection =
         TombstonedConnection::connect(std::process::id() as i32, DebuggerdDumpType::Tombstone)
             .context("Failed to connect to tombstoned")?;