From nobody Sat Apr 20 02:12:56 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of redhat.com designates
 63.128.21.124 as permitted sender) client-ip=63.128.21.124;
 envelope-from=libvir-list-bounces@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 63.128.21.124 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1602580939; cv=none;
	d=zohomail.com; s=zohoarc;
	b=dXvas96ejq0ilGY1DB1UZn7kn0vctzj/L3D5t70827Fj5N2PPUNqdbbTRwJmN6Se9KVlGJGM86pZa1i0ZAn7mhzUhyv9aL3sKb35RHN0MEqj+kAgMmJlLH2OIYCise7SI72TzXNRIu5Ei4yISm0JYbxWajhVZr6tZsdj0nCrOBE=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1602580939;
 h=Content-Type:Content-Transfer-Encoding:Date:From:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Sender:Subject:To;
	bh=ec0jCZJRtdHSHtej3EZVofJihnKwOfi2D3lnVfMKgp8=;
	b=WizGzzswRLB6AvXUEazZilJB+4tqiViP3DsxLOCXKSdokKdJCtt2dR8LyrUtfV0VN+VDHRX6vRbMBkRqeyyKkO+bcBXt/Zep2dbvyAAheJbYo1r9MsdOuElWF7RPsXuaMrVkJXa564kcWecj6aoiB2He8GFdqydQWC553jJ7I18=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 63.128.21.124 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from=<berrange@redhat.com> (p=none dis=none)
 header.from=<berrange@redhat.com>
Return-Path: <libvir-list-bounces@redhat.com>
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [63.128.21.124]) by mx.zohomail.com
	with SMTPS id 1602580939423927.406829770156;
 Tue, 13 Oct 2020 02:22:19 -0700 (PDT)
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
 [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
 us-mta-486-NQF_K8pmPwySgt0GaksN6w-1; Tue, 13 Oct 2020 05:22:16 -0400
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com
 [10.5.11.15])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 56B20425EF;
	Tue, 13 Oct 2020 09:22:10 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 067CE5578A;
	Tue, 13 Oct 2020 09:22:09 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id E4B641826D36;
	Tue, 13 Oct 2020 09:22:04 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com
	[10.5.11.15])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id 09D9M3qa009989 for <libvir-list@listman.util.phx.redhat.com>;
	Tue, 13 Oct 2020 05:22:03 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id BA8AA5578D; Tue, 13 Oct 2020 09:22:03 +0000 (UTC)
Received: from localhost.localdomain.com (ovpn-114-78.ams2.redhat.com
	[10.36.114.78])
	by smtp.corp.redhat.com (Postfix) with ESMTP id E41FC5578A;
	Tue, 13 Oct 2020 09:21:59 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1602580938;
	h=from:from:sender:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:list-id:list-help:
	 list-unsubscribe:list-subscribe:list-post;
	bh=ec0jCZJRtdHSHtej3EZVofJihnKwOfi2D3lnVfMKgp8=;
	b=WXfvfcziSR932FTxntM3pL1f/8F8OIajYdwkZzsfLsphp3a8A5N9sgiFtXF7zvKGqvncvn
	9nU4o8fTbDWMXA4GKGnytMvZpU4NUFXmQGvxMnngc78h+si71PuJfeTQTHhGnGv3rGBf4D
	CDCRJ+5nNg5W2olsT+WzMhC22LkT9CU=
X-MC-Unique: NQF_K8pmPwySgt0GaksN6w-1
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
To: libvir-list@redhat.com
Subject: [libvirt PATCH] logging: allow max_len=0 to disable log rollover
Date: Tue, 13 Oct 2020 10:21:58 +0100
Message-Id: <20201013092158.80428-1-berrange@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
X-loop: libvir-list@redhat.com
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
Authentication-Results: relay.mimecast.com;
	auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @redhat.com)

Currently setting max_len=3D0 causes virtlogd to spin in a busy loop. It
is natural to allow this to disable log rollover which can be useful for
developers debugging things.

Note disabling rollover exposes the host to denial of service from a
malicious guest, so must be used with care.

Closes https://gitlab.com/libvirt/libvirt/-/issues/85
Signed-off-by: Daniel P. Berrang=C3=A9 <berrange@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>=20
---
 src/logging/virtlogd.conf  |  4 ++++
 src/util/virrotatingfile.c | 48 +++++++++++++++++++++-----------------
 2 files changed, 30 insertions(+), 22 deletions(-)

diff --git a/src/logging/virtlogd.conf b/src/logging/virtlogd.conf
index 8b1ff0156f..c53a1112bd 100644
--- a/src/logging/virtlogd.conf
+++ b/src/logging/virtlogd.conf
@@ -87,6 +87,10 @@
=20
 # Maximum file size before rolling over. Defaults to 2 MB
 #
+# Setting max_size to zero will disable rollover entirely.
+# NOTE: disabling rollover exposes the host filesystem to
+# denial of service from a malicious guest.
+#
 # Beware that a logrotate config file might be installed too,
 # to handle cases where virtlogd is disabled. To ensure that
 # the logrotate config is a no-op when virtlogd is running,
diff --git a/src/util/virrotatingfile.c b/src/util/virrotatingfile.c
index a88c332cf4..9f1ef17c3e 100644
--- a/src/util/virrotatingfile.c
+++ b/src/util/virrotatingfile.c
@@ -225,7 +225,8 @@ virRotatingFileWriterDelete(virRotatingFileWriterPtr fi=
le)
  *
  * The files will never exceed @maxlen bytes in size,
  * but may be rolled over before they reach this size
- * in order to avoid splitting lines
+ * in order to avoid splitting lines. If @maxlen is
+ * zero then no rollover will be performed.
  */
 virRotatingFileWriterPtr
 virRotatingFileWriterNew(const char *path,
@@ -430,25 +431,27 @@ virRotatingFileWriterAppend(virRotatingFileWriterPtr =
file,
         size_t towrite =3D len;
         bool forceRollover =3D false;
=20
-        if (file->entry->pos > file->maxlen) {
-            /* If existing file is for some reason larger then max length =
we
-             * won't write to this file anymore, but we rollover this file=
.*/
-            forceRollover =3D true;
-            towrite =3D 0;
-        } else if ((file->entry->pos + towrite) > file->maxlen) {
-            towrite =3D file->maxlen - file->entry->pos;
-
-            /*
-             * If there's a newline in the last 80 chars
-             * we're about to write, then break at that
-             * point to avoid splitting lines across
-             * separate files
-             */
-            for (i =3D 0; i < towrite && i < 80; i++) {
-                if (buf[towrite - i - 1] =3D=3D '\n') {
-                    towrite -=3D i;
-                    forceRollover =3D true;
-                    break;
+        if (file->maxlen !=3D 0) {
+            if (file->entry->pos > file->maxlen) {
+                /* If existing file is for some reason larger then max len=
gth we
+                 * won't write to this file anymore, but we rollover this =
file.*/
+                forceRollover =3D true;
+                towrite =3D 0;
+            } else if ((file->entry->pos + towrite) > file->maxlen) {
+                towrite =3D file->maxlen - file->entry->pos;
+
+                /*
+                 * If there's a newline in the last 80 chars
+                 * we're about to write, then break at that
+                 * point to avoid splitting lines across
+                 * separate files
+                 */
+                for (i =3D 0; i < towrite && i < 80; i++) {
+                    if (buf[towrite - i - 1] =3D=3D '\n') {
+                        towrite -=3D i;
+                        forceRollover =3D true;
+                        break;
+                    }
                 }
             }
         }
@@ -468,8 +471,9 @@ virRotatingFileWriterAppend(virRotatingFileWriterPtr fi=
le,
             file->entry->len +=3D towrite;
         }
=20
-        if ((file->entry->pos =3D=3D file->maxlen && len) ||
-            forceRollover) {
+        if (file->maxlen !=3D 0 &&
+            ((file->entry->pos =3D=3D file->maxlen && len) ||
+             forceRollover)) {
             virRotatingFileWriterEntryPtr tmp;
             VIR_DEBUG("Hit max size %zu on %s (force=3D%d)",
                       file->maxlen, file->basepath, forceRollover);
--=20
2.26.2