[PATCH] drop setting XEN_QEMU_CONSOLE_LIMIT in the environment

[PATCH] drop setting XEN_QEMU_CONSOLE_LIMIT in the environment

[James Dingwall]

[-- Attachment #1: Type: text/plain, Size: 886 bytes --]

Hi,

Since qemu-xen-4.18.0 the corresponding code which responds to this
environment variable was not applied to the qemu tree.  It doesn't make
sense to me that it continues to be set in libxl so here's a patch
which removes it.

These are the relevant commits for various qemu tags:

qemu-xen-4.10.0: c349189772cec43498b0bec8a84146f10b8937af
qemu-xen-4.11.0: 2b033e396f4fa0981bae1213cdacd15775655a97
qemu-xen-4.12.0: 4f080070a9809bde857851e68a3aeff0c4b9b6a6
qemu-xen-4.13.0: c81d7597747f29432a0e197bf2c2109e77f2b6cf
qemu-xen-4.14.0: 410cc30fdc590417ae730d635bbc70257adf6750
qemu-xen-4.15.0: 677cbe1324c29294bb1d1b8454b3f214725e40fd
qemu-xen-4.16.0: b6e539830bf45e2d7a6bd86ddfdf003088b173b0
qemu-xen-4.17.0: 9a5e4bc76058766962ab3ff13f42c1d39a8e08d3
qemu-xen-4.18.0: not present
qemu-xen-4.19.0: not present

If this is approved is someone able to apply it to the tree?

Regards,
James

[-- Attachment #2: remove-XEN_QEMU_CONSOLE_LIMIT.diff --]
[-- Type: text/x-diff, Size: 2215 bytes --]

commit 86bfb2b8105c840311645a5587bc6cce6e5312ef
Author: James Dingwall <james@dingwall.me.uk>
Date:   Tue Nov 5 11:16:20 2024 +0000

    libxl: drop setting XEN_QEMU_CONSOLE_LIMIT in the environment (XSA-180 / CVE-2014-3672)
    
    The corresponding code in the Xen qemu repository was not applied from
    qemu-xen-4.18.0.

diff --git a/tools/libs/light/libxl_dm.c b/tools/libs/light/libxl_dm.c
index 1f2f5bd97a..b193a5dc37 100644
--- a/tools/libs/light/libxl_dm.c
+++ b/tools/libs/light/libxl_dm.c
@@ -638,20 +638,6 @@ int libxl__domain_device_construct_rdm(libxl__gc *gc,
     return ERROR_FAIL;
 }
 
-/* XSA-180 / CVE-2014-3672
- *
- * The QEMU shipped with Xen has a bodge. It checks for
- * XEN_QEMU_CONSOLE_LIMIT to see how much data QEMU is allowed
- * to write to stderr. We set that to 1MB if it is not set by
- * system administrator.
- */
-static void libxl__set_qemu_env_for_xsa_180(libxl__gc *gc,
-                                            flexarray_t *dm_envs)
-{
-    if (getenv("XEN_QEMU_CONSOLE_LIMIT")) return;
-    flexarray_append_pair(dm_envs, "XEN_QEMU_CONSOLE_LIMIT", "1048576");
-}
-
 const libxl_vnc_info *libxl__dm_vnc(const libxl_domain_config *guest_config)
 {
     const libxl_vnc_info *vnc = NULL;
@@ -704,8 +690,6 @@ static int libxl__build_device_model_args_old(libxl__gc *gc,
 
     assert(state->dm_monitor_fd == -1);
 
-    libxl__set_qemu_env_for_xsa_180(gc, dm_envs);
-
     flexarray_vappend(dm_args, dm,
                       "-d", GCSPRINTF("%d", domid), NULL);
 
@@ -1210,8 +1194,6 @@ static int libxl__build_device_model_args_new(libxl__gc *gc,
     dm_args = flexarray_make(gc, 16, 1);
     dm_envs = flexarray_make(gc, 16, 1);
 
-    libxl__set_qemu_env_for_xsa_180(gc, dm_envs);
-
     flexarray_vappend(dm_args, dm,
                       "-xen-domid",
                       GCSPRINTF("%d", guest_domid), NULL);
@@ -3656,7 +3638,6 @@ void libxl__spawn_qemu_xenpv_backend(libxl__egc *egc,
     flexarray_append(dm_args, NULL);
     args = (char **) flexarray_contents(dm_args);
 
-    libxl__set_qemu_env_for_xsa_180(gc, dm_envs);
     envs = (char **) flexarray_contents(dm_envs);
 
     logfile_w = libxl__create_qemu_logfile(gc, GCSPRINTF("qdisk-%u", domid));

Re: [PATCH] drop setting XEN_QEMU_CONSOLE_LIMIT in the environment

[Jan Beulich]

On 05.11.2024 13:43, James Dingwall wrote:
> Hi,
> 
> Since qemu-xen-4.18.0 the corresponding code which responds to this
> environment variable was not applied to the qemu tree.  It doesn't make
> sense to me that it continues to be set in libxl so here's a patch
> which removes it.
> 
> These are the relevant commits for various qemu tags:
> 
> qemu-xen-4.10.0: c349189772cec43498b0bec8a84146f10b8937af
> qemu-xen-4.11.0: 2b033e396f4fa0981bae1213cdacd15775655a97
> qemu-xen-4.12.0: 4f080070a9809bde857851e68a3aeff0c4b9b6a6
> qemu-xen-4.13.0: c81d7597747f29432a0e197bf2c2109e77f2b6cf
> qemu-xen-4.14.0: 410cc30fdc590417ae730d635bbc70257adf6750
> qemu-xen-4.15.0: 677cbe1324c29294bb1d1b8454b3f214725e40fd
> qemu-xen-4.16.0: b6e539830bf45e2d7a6bd86ddfdf003088b173b0
> qemu-xen-4.17.0: 9a5e4bc76058766962ab3ff13f42c1d39a8e08d3
> qemu-xen-4.18.0: not present
> qemu-xen-4.19.0: not present
> 
> If this is approved is someone able to apply it to the tree?

Once approved, any committer will be able to. First, however, like any patch
this one also needs a (your?) Signed-off-by:.

Jan

[PATCH v2] drop setting XEN_QEMU_CONSOLE_LIMIT in the environment

[James Dingwall]

[-- Attachment #1: Type: text/plain, Size: 1392 bytes --]

On Tue, Nov 05, 2024 at 01:57:41PM +0100, Jan Beulich wrote:
> On 05.11.2024 13:43, James Dingwall wrote:
> > Since qemu-xen-4.18.0 the corresponding code which responds to this
> > environment variable was not applied to the qemu tree.  It doesn't make
> > sense to me that it continues to be set in libxl so here's a patch
> > which removes it.
> > 
> > These are the relevant commits for various qemu tags:
> > 
> > qemu-xen-4.10.0: c349189772cec43498b0bec8a84146f10b8937af
> > qemu-xen-4.11.0: 2b033e396f4fa0981bae1213cdacd15775655a97
> > qemu-xen-4.12.0: 4f080070a9809bde857851e68a3aeff0c4b9b6a6
> > qemu-xen-4.13.0: c81d7597747f29432a0e197bf2c2109e77f2b6cf
> > qemu-xen-4.14.0: 410cc30fdc590417ae730d635bbc70257adf6750
> > qemu-xen-4.15.0: 677cbe1324c29294bb1d1b8454b3f214725e40fd
> > qemu-xen-4.16.0: b6e539830bf45e2d7a6bd86ddfdf003088b173b0
> > qemu-xen-4.17.0: 9a5e4bc76058766962ab3ff13f42c1d39a8e08d3
> > qemu-xen-4.18.0: not present
> > qemu-xen-4.19.0: not present
> > 
> > If this is approved is someone able to apply it to the tree?
> 
> Once approved, any committer will be able to. First, however, like any patch
> this one also needs a (your?) Signed-off-by:.

v2 with Signed-off-by: (and a promise I've read 'CONTRIBUTING').

Thanks,
James

(This wiki link referenced in CONTRIBUTING currently errors though:
https://wiki.xenproject.org/wiki/Submitting_Xen_Project_Patches)

[-- Attachment #2: remove-XEN_QEMU_CONSOLE_LIMIT-v2.diff --]
[-- Type: text/x-diff, Size: 2277 bytes --]

commit 7b89ea44dbcb965b6b67c8de5092ea2b95d4c6f9
Author: James Dingwall <james@dingwall.me.uk>
Date:   Tue Nov 5 11:16:20 2024 +0000

    libxl: drop setting XEN_QEMU_CONSOLE_LIMIT in the environment (XSA-180 / CVE-2014-3672)
    
    The corresponding code in the Xen qemu repository was not applied from
    qemu-xen-4.18.0.
    
    Signed-off-by: James Dingwall <james@dingwall.me.uk>

diff --git a/tools/libs/light/libxl_dm.c b/tools/libs/light/libxl_dm.c
index 1f2f5bd97a..b193a5dc37 100644
--- a/tools/libs/light/libxl_dm.c
+++ b/tools/libs/light/libxl_dm.c
@@ -638,20 +638,6 @@ int libxl__domain_device_construct_rdm(libxl__gc *gc,
     return ERROR_FAIL;
 }
 
-/* XSA-180 / CVE-2014-3672
- *
- * The QEMU shipped with Xen has a bodge. It checks for
- * XEN_QEMU_CONSOLE_LIMIT to see how much data QEMU is allowed
- * to write to stderr. We set that to 1MB if it is not set by
- * system administrator.
- */
-static void libxl__set_qemu_env_for_xsa_180(libxl__gc *gc,
-                                            flexarray_t *dm_envs)
-{
-    if (getenv("XEN_QEMU_CONSOLE_LIMIT")) return;
-    flexarray_append_pair(dm_envs, "XEN_QEMU_CONSOLE_LIMIT", "1048576");
-}
-
 const libxl_vnc_info *libxl__dm_vnc(const libxl_domain_config *guest_config)
 {
     const libxl_vnc_info *vnc = NULL;
@@ -704,8 +690,6 @@ static int libxl__build_device_model_args_old(libxl__gc *gc,
 
     assert(state->dm_monitor_fd == -1);
 
-    libxl__set_qemu_env_for_xsa_180(gc, dm_envs);
-
     flexarray_vappend(dm_args, dm,
                       "-d", GCSPRINTF("%d", domid), NULL);
 
@@ -1210,8 +1194,6 @@ static int libxl__build_device_model_args_new(libxl__gc *gc,
     dm_args = flexarray_make(gc, 16, 1);
     dm_envs = flexarray_make(gc, 16, 1);
 
-    libxl__set_qemu_env_for_xsa_180(gc, dm_envs);
-
     flexarray_vappend(dm_args, dm,
                       "-xen-domid",
                       GCSPRINTF("%d", guest_domid), NULL);
@@ -3656,7 +3638,6 @@ void libxl__spawn_qemu_xenpv_backend(libxl__egc *egc,
     flexarray_append(dm_args, NULL);
     args = (char **) flexarray_contents(dm_args);
 
-    libxl__set_qemu_env_for_xsa_180(gc, dm_envs);
     envs = (char **) flexarray_contents(dm_envs);
 
     logfile_w = libxl__create_qemu_logfile(gc, GCSPRINTF("qdisk-%u", domid));

Re: [PATCH v2] drop setting XEN_QEMU_CONSOLE_LIMIT in the environment

[Anthony PERARD]

> commit 7b89ea44dbcb965b6b67c8de5092ea2b95d4c6f9
> Author: James Dingwall <james@dingwall.me.uk>
> Date:   Tue Nov 5 11:16:20 2024 +0000
> 
>     libxl: drop setting XEN_QEMU_CONSOLE_LIMIT in the environment (XSA-180 / CVE-2014-3672)
>     
>     The corresponding code in the Xen qemu repository was not applied from
>     qemu-xen-4.18.0.
>     
>     Signed-off-by: James Dingwall <james@dingwall.me.uk>

Reviewed-by: Anthony PERARD <anthony.perard@vates.tech>

Thanks,

-- 

Anthony Perard | Vates XCP-ng Developer

XCP-ng & Xen Orchestra - Vates solutions

web: https://vates.tech