[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v6 04/12] xen: add basic hypervisor filesystem support

To: Jürgen Groß <jgross@xxxxxxxx>
From: Jan Beulich <jbeulich@xxxxxxxx>
Date: Fri, 6 Mar 2020 09:19:09 +0100
Cc: Stefano Stabellini <sstabellini@xxxxxxxxxx>, Julien Grall <julien@xxxxxxx>, Wei Liu <wl@xxxxxxx>, Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Ian Jackson <ian.jackson@xxxxxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx, Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>, Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>
Delivery-date: Fri, 06 Mar 2020 08:19:11 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 06.03.2020 07:06, Jürgen Groß wrote:
> On 04.03.20 16:21, Jan Beulich wrote:
>> On 04.03.2020 16:14, Jürgen Groß wrote:
>>> On 04.03.20 16:07, Jan Beulich wrote:
>>>> On 04.03.2020 15:39, Jürgen Groß wrote:
>>>>> On 04.03.20 14:03, Jan Beulich wrote:
>>>>>> On 04.03.2020 13:00, Jürgen Groß wrote:
>>>>>>> It is perfectly valid to write a shorter string into a character
>>>>>>> array. I could drop the blob here, but in the end I think allowing
>>>>>>> for a blob to change the size should be fine.
>>>>>>
>>>>>> But shouldn't this then also adjust the recorded size?
>>>>>
>>>>> No, this is the max size of the buffer (you can have a look at patch 9
>>>>> where the size is set to the provided space for custom and string
>>>>> parameters).
>>>>
>>>> If I'm not mistaken it is hypfs_read_leaf() which processes read
>>>> requests for strings. Yet that copies entry->size bytes, not the
>>>> potentially smaller strlen()-bounded payload. Things would be
>>>
>>> There is no risk of leaking problematic data here.
>>
>> I didn't think of leaks, but rather of consumers looking at the
>> size and strlen() and getting confused about the mismatch.
> 
> I think telling the maximum possible write length is mandatory.
> 
> So either I can add a comment to the header saying that for strings
> and blobs the length is the maximum value and the content is to be
> self-descriptive regarding its true length (which is the case for
> strings due to the terminating 0 byte), or I need two size fields:
> one for the actual size and one for the maximum allowed size for
> writes (this could then replace the writable flag with "0" for "not
> writable").

Personally I'd prefer the latter, but I could also live with a
comment. The self-descriptive part may, for blobs or gzip-ed
data, be problematic though.

Jan

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

References:
- Re: [Xen-devel] [PATCH v6 04/12] xen: add basic hypervisor filesystem support
  - From: Jan Beulich
- Re: [Xen-devel] [PATCH v6 04/12] xen: add basic hypervisor filesystem support
  - From: Jürgen Groß
- Re: [Xen-devel] [PATCH v6 04/12] xen: add basic hypervisor filesystem support
  - From: Jan Beulich
- Re: [Xen-devel] [PATCH v6 04/12] xen: add basic hypervisor filesystem support
  - From: Jürgen Groß
- Re: [Xen-devel] [PATCH v6 04/12] xen: add basic hypervisor filesystem support
  - From: Jan Beulich
- Re: [Xen-devel] [PATCH v6 04/12] xen: add basic hypervisor filesystem support
  - From: Jürgen Groß
- Re: [Xen-devel] [PATCH v6 04/12] xen: add basic hypervisor filesystem support
  - From: Jan Beulich
- Re: [Xen-devel] [PATCH v6 04/12] xen: add basic hypervisor filesystem support
  - From: Jürgen Groß

Prev by Date: Re: [Xen-devel] [PATCH 4/8] xen: add locks with timeouts for keyhandlers
Next by Date: Re: [Xen-devel] [PATCH v6 09/12] xen: add runtime parameter access support to hypfs
Previous by thread: Re: [Xen-devel] [PATCH v6 04/12] xen: add basic hypervisor filesystem support
Next by thread: [Xen-devel] [PATCH v6 0/6] x86: improve assisted tlb flush and use it in guest mode
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.