On Wed, Apr 19, 2017 at 9:27 AM, Stefan Hajnoczi <stefa...@gmail.com> wrote:
> On Mon, Apr 03, 2017 at 08:48:08PM -0700, Ashish Mittal wrote:
>> Source code for the qnio library that this code loads can be downloaded from:
>> https://github.com/VeritasHyperScale/libqnio.git
>>
>> Sample command line using JSON syntax:
>> ./x86_64-softmmu/qemu-system-x86_64 -name instance-00000008 -S -vnc 0.0.0.0:0
>> -k en-us -vga cirrus -device
>> virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x5
>> -msg timestamp=on
>> 'json:{"driver":"vxhs","vdisk-id":"c3e9095a-a5ee-4dce-afeb-2a59fb387410",
>> "server":{"host":"172.172.17.4","port":"9999"}}'
>>
>> Sample command line using URI syntax:
>> qemu-img convert -f raw -O raw -n
>> /var/lib/nova/instances/_base/0c5eacd5ebea5ed914b6a3e7b18f1ce734c386ad
>> vxhs://192.168.0.1:9999/c6718f6b-0401-441d-a8c3-1f0064d75ee0
>>
>> Sample command line using TLS credentials (run in secure mode):
>> ./qemu-io --object
>> tls-creds-x509,id=tls0,dir=/etc/pki/qemu/vxhs,endpoint=client -c 'read
>> -v 66000 2.5k' 'json:{"server.host": "127.0.0.1", "server.port": "9999",
>> "vdisk-id": "/test.raw", "driver": "vxhs", "tls-creds":"tls0"}'
>>
>> Signed-off-by: Ashish Mittal <ashish.mit...@veritas.com>
>> ---
>> v11 changelog:
>> (1) Replaced InetSocketAddress with InetSocketAddressBase.
>> (2) Removed access to qemu_uuid.
>> (3) Removed unnecessary g_strdup()/g_free().
>> (4) Removed unused acb->qiov.
>> (5) Changed vxhs_init_and_ref() and vxhs_unref() per suggestion.
>> (6) Removed unnecessary initializations from local variables.
>
> QEMU code:
>
> Reviewed-by: Stefan Hajnoczi <stefa...@redhat.com>
>
Thanks!
> libvxhs is not robust yet. Here are two examples:
>
> 1. If the response from the server has an invalid magic number then the
> whole VM is aborted:
>
> QNIO_API_(void) kvset_unmarshal(qnio_byte_t * bs, kvset_t * *p)
> {
> ...
> assert(magic == kvset_magic);
>
> 2. There are buffer overflows and other memory corruptions. For example
> when kv_binary_unpack() gets size=-1 over the wire.
>
We will continue to audit the library code and fix potential security
issues with libvxhs.
> The code needs to be audited line-by-line by someone aware of secure
> coding practices. Please look into this.
>
> Also, is there a plan for getting libvxhs into Fedora and Debian?
At the moment, our requirement is only RHEL. The library should build
and work fine with any distro.
We also plan to build source tarballs and checkin to github for every
release of libvxhs.
