Re: [Xen-devel] [PATCH] Do not read files at once in pygrub

[M A Young <m.a.young@xxxxxxxxxxxx>]

On Tue, 22 May 2012, Ian Campbell wrote:

> On Tue, 2012-05-22 at 08:37 +0100, Miroslav Rezanina wrote:
> > If guest kernel or ramdisk image is too large to fit in the dom0 memory, it causes pygrub 
> > crash with "out of memory" error.
> > This patch reads kernel/ramdisk file in 1 MB blocks so prevent exhausting whole 
> > memory.
> Thanks, we've had a similar patch from Michael Young (CCd) too, see:
> <alpine.DEB.2.00.1205170029550.26049@xxxxxxxxxxxxxxxx>.
or at
http://lists.xen.org/archives/html/xen-devel/2012-05/msg01183.html

> They look functionally pretty similar, one big difference is that
> Michael limits the size of the cfg file as well, which seems wise.
Yes, a malicious guest could have a huge grub configuration file as well.
My strategy was just to read the first megabyte as I can't see why a 
legitimate configuration file would be anywhere near that long.
> Looks like his handles errors on the os.write too?
Yes, if there are write problems my patch deletes the kernel and ramdisk 
temporary files and exits with an error. This isn't so important though as 
the calling process should clean them up afterwards though my testing 
suggested that if the write failed due to lack of space, the guest may try 
to run with incomplete kernel or ramdisk files, and also you would have a 
full filesystem for a bit longer.
> I do like splitting the read loop out into a function as you've done
> though.
Yes, that does seem neater.

        Michael Young

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel