[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH for-4.12 RFC] xen/console: Handle NUL character in buffer sent via CONSOLEIO_write


  • To: Julien Grall <julien.grall@xxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx
  • From: Juergen Gross <jgross@xxxxxxxx>
  • Date: Tue, 5 Mar 2019 17:44:43 +0100
  • Autocrypt: addr=jgross@xxxxxxxx; prefer-encrypt=mutual; keydata= xsBNBFOMcBYBCACgGjqjoGvbEouQZw/ToiBg9W98AlM2QHV+iNHsEs7kxWhKMjrioyspZKOB ycWxw3ie3j9uvg9EOB3aN4xiTv4qbnGiTr3oJhkB1gsb6ToJQZ8uxGq2kaV2KL9650I1SJve dYm8Of8Zd621lSmoKOwlNClALZNew72NjJLEzTalU1OdT7/i1TXkH09XSSI8mEQ/ouNcMvIJ NwQpd369y9bfIhWUiVXEK7MlRgUG6MvIj6Y3Am/BBLUVbDa4+gmzDC9ezlZkTZG2t14zWPvx XP3FAp2pkW0xqG7/377qptDmrk42GlSKN4z76ELnLxussxc7I2hx18NUcbP8+uty4bMxABEB AAHNHkp1ZXJnZW4gR3Jvc3MgPGpncm9zc0BzdXNlLmRlPsLAeQQTAQIAIwUCU4xw6wIbAwcL CQgHAwIBBhUIAgkKCwQWAgMBAh4BAheAAAoJELDendYovxMvi4UH/Ri+OXlObzqMANruTd4N zmVBAZgx1VW6jLc8JZjQuJPSsd/a+bNr3BZeLV6lu4Pf1Yl2Log129EX1KWYiFFvPbIiq5M5 kOXTO8Eas4CaScCvAZ9jCMQCgK3pFqYgirwTgfwnPtxFxO/F3ZcS8jovza5khkSKL9JGq8Nk czDTruQ/oy0WUHdUr9uwEfiD9yPFOGqp4S6cISuzBMvaAiC5YGdUGXuPZKXLpnGSjkZswUzY d9BVSitRL5ldsQCg6GhDoEAeIhUC4SQnT9SOWkoDOSFRXZ+7+WIBGLiWMd+yKDdRG5RyP/8f 3tgGiB6cyuYfPDRGsELGjUaTUq3H2xZgIPfOwE0EU4xwFgEIAMsx+gDjgzAY4H1hPVXgoLK8 B93sTQFN9oC6tsb46VpxyLPfJ3T1A6Z6MVkLoCejKTJ3K9MUsBZhxIJ0hIyvzwI6aYJsnOew cCiCN7FeKJ/oA1RSUemPGUcIJwQuZlTOiY0OcQ5PFkV5YxMUX1F/aTYXROXgTmSaw0aC1Jpo w7Ss1mg4SIP/tR88/d1+HwkJDVW1RSxC1PWzGizwRv8eauImGdpNnseneO2BNWRXTJumAWDD pYxpGSsGHXuZXTPZqOOZpsHtInFyi5KRHSFyk2Xigzvh3b9WqhbgHHHE4PUVw0I5sIQt8hJq 5nH5dPqz4ITtCL9zjiJsExHuHKN3NZsAEQEAAcLAXwQYAQIACQUCU4xwFgIbDAAKCRCw3p3W KL8TL0P4B/9YWver5uD/y/m0KScK2f3Z3mXJhME23vGBbMNlfwbr+meDMrJZ950CuWWnQ+d+ Ahe0w1X7e3wuLVODzjcReQ/v7b4JD3wwHxe+88tgB9byc0NXzlPJWBaWV01yB2/uefVKryAf AHYEd0gCRhx7eESgNBe3+YqWAQawunMlycsqKa09dBDL1PFRosF708ic9346GLHRc6Vj5SRA UTHnQqLetIOXZm3a2eQ1gpQK9MmruO86Vo93p39bS1mqnLLspVrL4rhoyhsOyh0Hd28QCzpJ wKeHTd0MAWAirmewHXWPco8p1Wg+V+5xfZzuQY0f4tQxvOpXpt4gQ1817GQ5/Ed/wsDtBBgB CAAgFiEEhRJncuj2BJSl0Jf3sN6d1ii/Ey8FAlrd8NACGwIAgQkQsN6d1ii/Ey92IAQZFggA HRYhBFMtsHpB9jjzHji4HoBcYbtP2GO+BQJa3fDQAAoJEIBcYbtP2GO+TYsA/30H/0V6cr/W V+J/FCayg6uNtm3MJLo4rE+o4sdpjjsGAQCooqffpgA+luTT13YZNV62hAnCLKXH9n3+ZAgJ RtAyDWk1B/0SMDVs1wxufMkKC3Q/1D3BYIvBlrTVKdBYXPxngcRoqV2J77lscEvkLNUGsu/z W2pf7+P3mWWlrPMJdlbax00vevyBeqtqNKjHstHatgMZ2W0CFC4hJ3YEetuRBURYPiGzuJXU pAd7a7BdsqWC4o+GTm5tnGrCyD+4gfDSpkOT53S/GNO07YkPkm/8J4OBoFfgSaCnQ1izwgJQ jIpcG2fPCI2/hxf2oqXPYbKr1v4Z1wthmoyUgGN0LPTIm+B5vdY82wI5qe9uN6UOGyTH2B3p hRQUWqCwu2sqkI3LLbTdrnyDZaixT2T0f4tyF5Lfs+Ha8xVMhIyzNb1byDI5FKCb
  • Cc: Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wei.liu2@xxxxxxxxxx>, Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>, George Dunlap <George.Dunlap@xxxxxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Ian Jackson <ian.jackson@xxxxxxxxxxxxx>, Tim Deegan <tim@xxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>
  • Delivery-date: Tue, 05 Mar 2019 16:44:54 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Openpgp: preference=signencrypt

On 05/03/2019 16:28, Julien Grall wrote:
> Hi Juergen,
> 
> On 3/5/19 2:12 PM, Juergen Gross wrote:
>> On 05/03/2019 15:08, Julien Grall wrote:
>>> Hi Juergen,
>>>
>>> On 3/5/19 12:57 PM, Juergen Gross wrote:
>>>> On 27/02/2019 11:45, Julien Grall wrote:
>>>>> (+ Juergen Gross as RM)
>>>>>
>>>>> I forgot to CC Juergen for this.
>>>>>
>>>>> On 2/26/19 11:03 PM, Julien Grall wrote:
>>>>>> After upgrading Debian to Buster, I started noticing console mangling
>>>>>> when using zsh. This is happenning because output sent by zsh to the
>>>>>> console may contain NUL character in the middle of the buffer.
>>>>>>
>>>>>> Linux is sending the buffer as it is to Xen console via
>>>>>> CONSOLEIO_write.
>>>>>> However, the implementation in Xen considers NUL character is used to
>>>>>> terminate the buffer and therefore will ignore anything after it.
>>>>>>
>>>>>> The actual documentation of CONSOLEIO_write is pretty limited.
>>>>>> From the
>>>>>> declaration, the hypercall takes a buffer and size. So this could
>>>>>> lead
>>>>>> to think the NUL character is allowed in the middle of the buffer.
>>>>>>
>>>>>> This patch updates the console API to pass the size along the buffer
>>>>>> down so we can remove the reliance on buffer terminating by a NUL
>>>>>> character.
>>>>>>
>>>>>> Signed-off-by: Julien Grall <julien.grall@xxxxxxx>
>>>>
>>>> The risk for a regression is too high this late in the 4.12 release
>>>> process IMO.
>>>
>>> This code path is fairly well tested (console are used pretty much all
>>> the times). So a regression would be quickly noticed.
>>
>> Only if you test all the guests out in the wild.
> 
> The buffer is bounded to 'nr'. So the worst things that can happen is
> you print more characters than you wanted. CONSOLEIO_write is using a
> semantics very similar to write() and we didn't document what happen
> when encountering a NUL character. So, I highly doubt anyone relies on
> the current behavior.
> 
> Thinking a bit more, from what Ian wrote [1], the issue maybe wider than
> zsh. So maybe we want to write a band-aid patch at least helping the
> most common case (i.e losing all characters after the first NUL character).
> 
> The band-aid patch should be contained to just the hypercall. Would that
> be more suitable for you?

My main concern is the reasoning of Daniel:

"Yes, I added stripping of non-printable characters because escape
sequences printed out by some guests (in particular, clear screen
sequences printed out by some distro's early boot scripts) interfered
with the output of other guests.  It also prevents guests from
pretending to be one another or the hypervisor, if the console is being
used for some kind of auditing or logging."

With keeping in mind that the behavior is the same since more than 5
years I'd prefer to just add the text below to the release note.

> 
>>
>>> This patch has the advantage to allow upgrade to a newer Debian without
>>> loosing part of your prompt on zsh. I am not sure whether the problem is
>>> the same with other Distros.
>>>
>>>>
>>>> My plan is to have only one further RC before branching off 4.12,
>>>> so please let us shift this patch to 4.13.
>>>
>>> I understand. It is possible to workaround the problem at least with
>>> zsh. So a release note in Xen (and maybe Debian) should do the job.
>>
>> Could you please post the needed information for the 4.12 RN?
> 
> How about:
> 
> "
> While the hypercall CONSOLEIO_write looks analogous to the POSIX call
> write, it will only print character up to the first NUL character if any
> in the buffer. This may result to loss of characters for any application
> using directly the POSIX call write.
> 
> The issue has been confirmed some zsh version (such as in Debian
> Buster). Where the prompt is mangled, this could be avoided by adding
> 'setopt single_line_zle' in your .zshrc.
> "

Sounds okay for me.

With keeping in mind that the behavior is the same since more than 5
years I'm in favor of just adding above text to the release note.


Juergen

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.