Re: [Qemu-devel] [PATCH v2 00/20] block: Handle failure for potentially

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH v2 00/20] block: Handle failure for potentially

From:	Kevin Wolf
Subject:	Re: [Qemu-devel] [PATCH v2 00/20] block: Handle failure for potentially large allocations
Date:	Fri, 30 May 2014 13:31:28 +0200
User-agent:	Mutt/1.5.21 (2010-09-15)

Am 30.05.2014 um 13:14 hat Markus Armbruster geschrieben:
> Kevin Wolf <address@hidden> writes:
> 
> > A not too small part of the recent CVEs were DoS scenarios by letting
> > qemu abort with too large memory allocations. We generally "fixed" these
> > cases by setting some limits on values read from image files that
> > influence the size of allocations.
> 
> Just double-checking: do these limits ensure the size calculations in
> arguments of g_malloc() etc. can't overflow?

Yes, or at least that was the intention of the limits.

> > Because we still need to allow reading large images, this works only to
> > a certain degree and we still can get fairly large allocations, which
> > are not unthinkable to fail on some machines.
> >
> > This series converts potentially large allocations to g_try_malloc() and
> > friends and handles failure gracefully e.g. by returning -ENOMEM. This
> > may cause hot-plug of a new disk or individual requests to fail, but the
> > VM as a whole can keep running.
> 
> I guess the resulting error paths are untested.  Just sayin', I'm not
> asking you to test them.

They are mostly untested (I did try some of the easily triggerable
ones), but all of the functions could already return errors, so it
seems reasonable enough to expect that they do work.

Kevin

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] [PATCH v2 13/20] raw-posix: Handle failure for potentially large allocations, (continued)
- [Qemu-devel] [PATCH v2 13/20] raw-posix: Handle failure for potentially large allocations, Kevin Wolf, 2014/05/28
- [Qemu-devel] [PATCH v2 14/20] raw-win32: Handle failure for potentially large allocations, Kevin Wolf, 2014/05/28
- [Qemu-devel] [PATCH v2 15/20] rbd: Handle failure for potentially large allocations, Kevin Wolf, 2014/05/28
  - Re: [Qemu-devel] [PATCH v2 15/20] rbd: Handle failure for potentially large allocations, Markus Armbruster, 2014/05/30
- [Qemu-devel] [PATCH v2 16/20] vdi: Handle failure for potentially large allocations, Kevin Wolf, 2014/05/28
- [Qemu-devel] [PATCH v2 17/20] vhdx: Handle failure for potentially large allocations, Kevin Wolf, 2014/05/28
- [Qemu-devel] [PATCH v2 18/20] vmdk: Handle failure for potentially large allocations, Kevin Wolf, 2014/05/28
- [Qemu-devel] [PATCH v2 19/20] vpc: Handle failure for potentially large allocations, Kevin Wolf, 2014/05/28
- [Qemu-devel] [PATCH v2 20/20] mirror: Handle failure for potentially large allocations, Kevin Wolf, 2014/05/28
- Re: [Qemu-devel] [PATCH v2 00/20] block: Handle failure for potentially large allocations, Markus Armbruster, 2014/05/30
  - Re: [Qemu-devel] [PATCH v2 00/20] block: Handle failure for potentially large allocations, Kevin Wolf <=

Prev by Date: Re: [Qemu-devel] [PATCH v5 1/3] quorum: Add the rewrite-corrupted parameter to quorum.
Next by Date: Re: [Qemu-devel] Question about hcd-ohci and address_space_translate
Previous by thread: Re: [Qemu-devel] [PATCH v2 00/20] block: Handle failure for potentially large allocations
Next by thread: [Qemu-devel] [RFC 0/6] Add the --qmp option to qemu-nbd
Index(es):
- Date
- Thread