[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 4/4] xen/version: Introduce non-truncating XENVER_* subops

  • To: Andrew Cooper <Andrew.Cooper3@xxxxxxxxxx>
  • From: Jan Beulich <jbeulich@xxxxxxxx>
  • Date: Thu, 5 Jan 2023 09:15:02 +0100
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=zYVrlbX8302WXqllVpFUD8somimCH2U2T6URi+6uf4s=; b=Juy10aC5QMK+ZSCdhuMRudsb4JpV8T2xaHYulUInMks9ZfX7RjwuUhPEvk4h7DfgyKDmnczuHkFHMtzGlTcXJjCh+eUhunEG/oyTDSATxkgAv0/WWZBTaqVD0VZlrYgjUZtXmCF7udczPpqhq+VGgf7Y1uryh3RQ0qED9ETrRLO6YYNHDZ/LBNNetNrcJcpu0A0/vTu+tMxWLviGUEcu8yOXy2qboShPzZGFhSfAIk8q3YJ/JuSSpwcJqRbD0kKXHbqm5MpdEjBVb46cjrkCXgxfQRxal0j3BUZM2adhxF+Ig1cPChk0xWUgIkt8ikChCmZTx6wUnJJ0q9UlPgBGyA==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=T0Fk8ZV87V9TBQSrXBFa5Pihfxwot/6gD6VgL2hefcfA/ykN1oSWoRt/EEHbW58JlqpdjOAp+NP7zSEOltp+6c0ivNIvXqlMtTvur8TcBqwU57oNR4UztpILxmMg5DmVLRMMH0YmI/C2va7JxjWuOCf9DOb3UaPDmx5NiZJJmnZsQ7KRuIkMRbx7ZojwgG71NPEepcdBXoqyW7B74lLL9epwKTdYn5Mz4N5XzgKsVQNa83JfFVkbcr5rfzXPhk5HD1+hJ12NIilQF8A8JvJagvp2JV3XUqewQF3cz4nBRyWiOlbLSz2bQIx+Cykmquu8w0ikQybwFPIkWSFLj3KNZA==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;
  • Cc: George Dunlap <George.Dunlap@xxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Julien Grall <julien@xxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • Delivery-date: Thu, 05 Jan 2023 08:15:16 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 04.01.2023 19:34, Andrew Cooper wrote:
> On 04/01/2023 5:04 pm, Jan Beulich wrote:
>> On 03.01.2023 21:09, Andrew Cooper wrote:
>>> API/ABI wise, XENVER_build_id could be merged into xenver_varstring_op(), 
>>> but
>>> the internal infrastructure is awkward.
>> I guess build-id also doesn't fit the rest because of not returning strings,
>> but indeed an array of bytes. You also couldn't use strlen() on the array.
> 
> The format is unspecified, but it is a base64 encoded ASCII string (not
> NUL terminated).

Where are you taking this base64 encoding from? I see the build ID being pure
binary data, which could easily have an embedded nul.

>>> +    if ( sz > INT32_MAX )
>>> +        return -E2BIG; /* Compat guests.  2G ought to be plenty. */
>> While the comment here and in the public header mention compat guests,
>> the check is uniform. What's the deal?
> 
> Well its either this, or a (comat ? INT32_MAX : INT64_MAX) check, along
> with the ifdefary and predicates required to make that compile.
> 
> But there's not a CPU today which can actually move 2G of data (which is
> 4G of L1d bandwidth) without suffering the watchdog (especially as we've
> just read it once for strlen(), so that's 6G of bandwidth), nor do I
> expect this to change in the forseeable future.
> 
> There's some boundary (probably far lower) beyond which we can't use the
> algorithm here.
> 
> There wants to be some limit, and I don't feel it is necessary to make
> it variable on the guest type.

Sure. My question was merely because of the special mentioning of 32-bit /
compat guests. I'm fine with the universal limit, and I'd also be fine
with a lower (universal) bound. All I'm after is that the (to me at least)
confusing comments be adjusted.

> But overall, I'm not seeing a major objection to this change?  In which
> case I'll go ahead and do the tools/ cleanup too for v2.

Well, I'm not entirely convinced of the need for the new subops (we could
as well introduce build time checks to make sure no truncation will occur
for the existing ones), but I also won't object to their introduction. At
least for the command line I can see that we will want (need) to support
more than 1k worth of a string, considering how many options we have
accumulated.

Jan

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.