[Libguestfs] [libnbd PATCH 3/3] api: Add new API nbd_set_pread_initialize()
Richard W.M. Jones
rjones at redhat.com
Thu Feb 10 09:38:30 UTC 2022
On Wed, Feb 09, 2022 at 04:07:26PM -0600, Eric Blake wrote:
> + "set_pread_initialize", {
> + default_call with
> + args = [Bool "request"]; ret = RErr;
> + shortdesc = "control whether libnbd pre-initializes read buffers";
> + longdesc = "\
> +By default, libnbd will pre-initialize the contents of a buffer
> +passed to calls such as L<nbd_pread(3)> to all zeroes prior to checking
> +for any other errors, so that even if a client application passed in an
> +uninitialized buffer but fails to check for errors, it will not result
> +in a potential security risk caused by an accidental leak of prior heap
> +contents. However, for a client application that has audited that an
> +uninitialized buffer is never dereferenced, or which performs its own
> +pre-initialization, libnbd's sanitization efforts merely pessimize
> +performance.
> +
> +Calling this function with C<request> set to false tells libnbd to
> +skip the buffer initialization step in read commands.";
> + see_also = [Link "get_pread_initialize";
> + Link "set_strict_mode";
> + Link "pread"; Link "pread_structured"; Link "aio_pread";
> + Link "aio_pread_structured"];
> + };
Could it be worth mentioning CVE-2022-0485 by name in the text here?
And/or linking to:
https://listman.redhat.com/archives/libguestfs/2022-February/msg00104.html
Anyway the whole patch series looks good, so:
Reviewed-by: Richard W.M. Jones <rjones at redhat.com>
Rich.
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
virt-p2v converts physical machines to virtual machines. Boot with a
live CD or over the network (PXE) and turn machines into KVM guests.
http://libguestfs.org/virt-v2v
More information about the Libguestfs
mailing list