From: "Michael S. Tsirkin" <mst@redhat.com>
To: Anthony Liguori <aliguori@us.ibm.com>
Cc: Michael Roth <mdroth@linux.vnet.ibm.com>, qemu-devel@nongnu.org
Subject: Re: [Qemu-devel] [RFC] New Migration Protocol using Visitor Interface
Date: Mon, 3 Oct 2011 17:41:18 +0200 [thread overview]
Message-ID: <20111003154117.GC20141@redhat.com> (raw)
In-Reply-To: <4E89CCF1.3030603@us.ibm.com>
On Mon, Oct 03, 2011 at 09:55:45AM -0500, Anthony Liguori wrote:
> How I see this all evolving in the future is that we would have a
> formal protocol specification. From that spec, we would generate
> Visitors. This would handle taking what's on the wire and building
> an in-memory tree. If an ASN.1 sequence that isn't part of the spec
> is passed, we should just silently discard it.
>
> I think the scenario above is that we have an array in the spec, but
> the implementation no longer uses that array. Your concern is that
> its inefficient to keep it in memory?
>
> I think there are two cases. The first is that that array is
> required in the spec, but optional in our implementation and that
> decision is made at run time. In this case, it needs to get entered
> into memory.
>
> If the array is no longer needed at all in our implementation, we
> can certainly annotate the protocol spec to skip it and not bring it
> into memory. Maybe it's an internal spec annotation or something.
>
> All that said, this doesn't seem to be a terribly important problem to solve IMHO.
This is not exactly the concern.
Consider that when we see an optional field we do not recognize,
we need to discard it.
Now, the reason we get a field we do not recognize might be
because someone is feeding us malformed data (to DOS
us, or by mistake). If we just trust input we will
allocate insane amounts of memory.
This is why we should not rely on fields to have reasonable size in the
input, we need to validate them.
--
MST
next prev parent reply other threads:[~2011-10-03 15:40 UTC|newest]
Thread overview: 50+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-09-19 14:41 [Qemu-devel] [RFC] New Migration Protocol using Visitor Interface Michael Roth
2011-09-19 14:41 ` [Qemu-devel] [RFC 1/8] qapi: add Visitor interfaces for uint*_t and int*_t Michael Roth
2011-09-19 14:41 ` [Qemu-devel] [RFC 2/8] qapi: add QemuFileOutputVisitor Michael Roth
2011-09-19 14:41 ` [Qemu-devel] [RFC 3/8] qapi: add QemuFileInputVisitor Michael Roth
2011-10-24 23:59 ` Chris Krumme
2011-09-19 14:41 ` [Qemu-devel] [RFC 4/8] savevm: move QEMUFile interfaces into qemu-file.c Michael Roth
2011-09-24 7:23 ` Blue Swirl
2011-09-19 14:41 ` [Qemu-devel] [RFC 5/8] qapi: test cases for QEMUFile input/output visitors Michael Roth
2011-09-19 14:41 ` [Qemu-devel] [RFC 6/8] savevm: add QEMUFile->visitor lookup routines Michael Roth
2011-09-19 14:41 ` [Qemu-devel] [RFC 7/8] cutil: add strocat(), to concat a string to an offset in another Michael Roth
2011-09-20 10:43 ` Paolo Bonzini
2011-09-19 14:41 ` [Qemu-devel] [RFC 8/8] slirp: convert save/load function to visitor interface Michael Roth
2011-09-30 13:39 ` Anthony Liguori
2011-09-30 14:08 ` Michael Roth
2011-10-02 20:21 ` [Qemu-devel] [RFC] New Migration Protocol using Visitor Interface Stefan Berger
2011-10-02 21:08 ` Michael S. Tsirkin
2011-10-03 12:55 ` Anthony Liguori
2011-10-03 13:10 ` Stefan Berger
2011-10-03 13:18 ` Anthony Liguori
2011-10-03 13:30 ` Michael S. Tsirkin
2011-10-03 13:48 ` Anthony Liguori
2011-10-03 14:18 ` Michael S. Tsirkin
2011-10-03 14:56 ` Anthony Liguori
2011-10-03 15:42 ` Michael S. Tsirkin
2011-10-03 13:38 ` Michael S. Tsirkin
2011-10-03 13:51 ` Anthony Liguori
2011-10-03 14:41 ` Michael S. Tsirkin
2011-10-03 15:00 ` Anthony Liguori
2011-10-03 15:45 ` Michael S. Tsirkin
2011-10-03 16:05 ` Anthony Liguori
2011-10-03 16:24 ` Daniel P. Berrange
2011-10-03 16:51 ` Michael S. Tsirkin
2011-10-05 11:28 ` Michael S. Tsirkin
2011-10-05 12:46 ` Anthony Liguori
2011-10-03 6:46 ` Michael S. Tsirkin
2011-10-03 12:51 ` Anthony Liguori
2011-10-03 13:24 ` Michael S. Tsirkin
2011-10-03 13:43 ` Anthony Liguori
2011-10-03 14:11 ` Michael S. Tsirkin
2011-10-03 14:42 ` Anthony Liguori
2011-10-03 15:29 ` Michael S. Tsirkin
2011-10-03 15:44 ` Anthony Liguori
2011-10-03 15:58 ` Michael S. Tsirkin
2011-10-03 16:02 ` Anthony Liguori
2011-10-03 14:15 ` Michael S. Tsirkin
2011-10-03 14:55 ` Anthony Liguori
2011-10-03 15:41 ` Michael S. Tsirkin [this message]
2011-10-05 2:05 ` Stefan Berger
2011-10-05 12:54 ` Anthony Liguori
2011-10-05 19:06 ` Michael S. Tsirkin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20111003154117.GC20141@redhat.com \
--to=mst@redhat.com \
--cc=aliguori@us.ibm.com \
--cc=mdroth@linux.vnet.ibm.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.