From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:53266) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Zp9VI-0000IT-DF for qemu-devel@nongnu.org; Thu, 22 Oct 2015 02:37:37 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Zp9VF-00011n-68 for qemu-devel@nongnu.org; Thu, 22 Oct 2015 02:37:36 -0400 Received: from mx-v6.kamp.de ([2a02:248:0:51::16]:41024 helo=mx01.kamp.de) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Zp9VE-00011S-Se for qemu-devel@nongnu.org; Thu, 22 Oct 2015 02:37:33 -0400 References: <1435047135-31647-1-git-send-email-pl@kamp.de> <20150625131806.GG4419@stefanha-thinkpad.redhat.com> <5600F1A6.2080900@kamp.de> From: Peter Lieven Message-ID: <5628841F.4010907@kamp.de> Date: Thu, 22 Oct 2015 08:37:19 +0200 MIME-Version: 1.0 In-Reply-To: <5600F1A6.2080900@kamp.de> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: [Qemu-devel] [Qemu-block] [PATCH] block/nfs: add support for setting debug level List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Stefan Hajnoczi Cc: kwolf@redhat.com, ronniesahlberg@gmail.com, qemu-devel@nongnu.org, qemu-block@nongnu.org Am 22.09.2015 um 08:13 schrieb Peter Lieven: > Am 25.06.2015 um 15:18 schrieb Stefan Hajnoczi: >> On Tue, Jun 23, 2015 at 10:12:15AM +0200, Peter Lieven wrote: >>> upcoming libnfs versions will support logging debug messages. Add >>> support for it in qemu through an URL parameter. >>> >>> Signed-off-by: Peter Lieven >>> --- >>> block/nfs.c | 4 ++++ >>> 1 file changed, 4 insertions(+) >>> >>> diff --git a/block/nfs.c b/block/nfs.c >>> index ca9e24e..f7388a3 100644 >>> --- a/block/nfs.c >>> +++ b/block/nfs.c >>> @@ -329,6 +329,10 @@ static int64_t nfs_client_open(NFSClient *client, const char *filename, >>> } else if (!strcmp(qp->p[i].name, "readahead")) { >>> nfs_set_readahead(client->context, val); >>> #endif >>> +#ifdef LIBNFS_FEATURE_DEBUG >>> + } else if (!strcmp(qp->p[i].name, "debug")) { >>> + nfs_set_debug(client->context, val); >>> +#endif >>> } else { >>> error_setg(errp, "Unknown NFS parameter name: %s", >>> qp->p[i].name); >> Untrusted users may be able to set these options since they are encoded >> in the URI. I'm imagining a hosting or cloud scenario like OpenStack. >> >> A verbose debug level spams stderr and could consume a lot of disk >> space. >> >> (The uid and gid options are probably okay since the NFS server cannot >> trust the uid/gid coming from QEMU anyway.) >> >> I think we can merge this patch for QEMU 2.4 but I'd like to have a >> discussion about the security risk of encoding libnfs options in the >> URI. >> >> CCed Eric Blake in case libvirt is affected. >> >> Has anyone thought about this and what are the rules? > > As I hadn't time to work further on the best way to add options for NFS (and other > protocols), would it be feasible to allow passing debug as an URL parameter, but > limit the maximum debug level to limit a possible security impact (flooding logs)? > > If a higher debug level is needed it can be set via device specific options as soon > there is a common scheme for them. Any objections? Peter