[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH v4] aarch64: Allow -kernel option to take a gzip
From: |
Richard W.M. Jones |
Subject: |
Re: [Qemu-devel] [PATCH v4] aarch64: Allow -kernel option to take a gzip-compressed kernel. |
Date: |
Mon, 4 Aug 2014 09:48:44 +0100 |
User-agent: |
Mutt/1.5.20 (2009-12-10) |
On Mon, Aug 04, 2014 at 09:05:39AM +1000, Peter Crosthwaite wrote:
> On Sun, Aug 3, 2014 at 1:45 AM, Richard W.M. Jones <address@hidden> wrote:
> > + max_bytes = UBOOT_MAX_GUNZIP_BYTES;
>
> Why does u-boot's maximum size limit apply here?
We need some maximum to prevent people uploading a kernel (perhaps
from an untrusted source) which is some sort of malicious gzip file
that expands to a huge size.
In this case the u-boot limit is 64 MB which is larger than most
possible kernels, so it seemed like a reasonable limit to choose.
You're right there is no connection to u-boot, except that both the
-kernel option and u-boot have similar concerns with maximum kernel
size, and presumably the u-boot limit is battle-tested.
I'll split the patch into two and send v5 soon.
Rich.
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
libguestfs lets you edit virtual machines. Supports shell scripting,
bindings from many languages. http://libguestfs.org