On 09/09/2010 08:02 AM, Kevin Wolf wrote:
Or instead of completely removing it, we could add
a size limit, though I suspect that would mean violating some specs.
One thing I was thinking of trying was splitting off the first sector
into a linear buffer, then allocating a new iovec and adjusting the new
iovec to cover the new request minus the first sector.
That doesn't help any of the other use cases. Either we consider it a
problem or not. If we do, it must be fixed everywhere.
Yes, it's a problem. In other places in the code base, we go to
incredible lengths to avoid unbounded allocations.
I think we have to two choices: 1) refactor all of the code to not
require qemu_iovec_to_buffer() or 2) cap the request size and fail a
request if it's greater.
Regards,
Anthony Liguori
Kevin
