From patchwork Tue Nov  5 13:25:54 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: James Dingwall <james-xen@dingwall.me.uk>
X-Patchwork-Id: 13862951
Return-Path: <xen-devel-bounces@lists.xenproject.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.lore.kernel.org (Postfix) with ESMTPS id 27FE8D2B926
	for <xen-devel@archiver.kernel.org>; Tue,  5 Nov 2024 13:26:17 +0000 (UTC)
Received: from list by lists.xenproject.org with
 outflank-mailman.830225.1245155 (Exim 4.92)
	(envelope-from <xen-devel-bounces@lists.xenproject.org>)
	id 1t8JZJ-0006yR-Nn; Tue, 05 Nov 2024 13:26:01 +0000
X-Outflank-Mailman: Message body and most headers restored to incoming version
Received: by outflank-mailman (output) from mailman id 830225.1245155;
 Tue, 05 Nov 2024 13:26:01 +0000
Received: from localhost ([127.0.0.1] helo=lists.xenproject.org)
	by lists.xenproject.org with esmtp (Exim 4.92)
	(envelope-from <xen-devel-bounces@lists.xenproject.org>)
	id 1t8JZJ-0006yK-Km; Tue, 05 Nov 2024 13:26:01 +0000
Received: by outflank-mailman (input) for mailman id 830225;
 Tue, 05 Nov 2024 13:26:00 +0000
Received: from se1-gles-flk1-in.inumbo.com ([94.247.172.50]
 helo=se1-gles-flk1.inumbo.com)
 by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from
 <SRS0=I3dk=SA=dingwall.me.uk=james@srs-se1.protection.inumbo.net>)
 id 1t8JZI-0006yC-1E
 for xen-devel@lists.xen.org; Tue, 05 Nov 2024 13:26:00 +0000
Received: from smarthost01c.ixn.mail.zen.net.uk
 (smarthost01c.ixn.mail.zen.net.uk [212.23.1.22])
 by se1-gles-flk1.inumbo.com (Halon) with ESMTPS
 id 7c3b9d57-9b79-11ef-99a3-01e77a169b0f;
 Tue, 05 Nov 2024 14:25:55 +0100 (CET)
Received: from [217.155.64.189] (helo=mail0.xen.dingwall.me.uk)
 by smarthost01c.ixn.mail.zen.net.uk with esmtpsa (TLS1.0) tls
 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (Exim 4.95)
 (envelope-from <james@dingwall.me.uk>) id 1t8JZA-006bDC-QU;
 Tue, 05 Nov 2024 13:25:54 +0000
Received: from localhost (localhost [IPv6:::1])
 by mail0.xen.dingwall.me.uk (Postfix) with ESMTP id 3C3B5B18FA9;
 Tue,  5 Nov 2024 13:25:54 +0000 (GMT)
Received: from mail0.xen.dingwall.me.uk ([127.0.0.1])
 by localhost (mail0.xen.dingwall.me.uk [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id qd_Oa4LXPPnl; Tue,  5 Nov 2024 13:25:54 +0000 (GMT)
Received: from ghoul.dingwall.me.uk (ghoul.dingwall.me.uk
 [IPv6:2a02:8010:698e:302::c0a8:1c8])
 by dingwall.me.uk (Postfix) with ESMTP id 0C736B18FA4;
 Tue,  5 Nov 2024 13:25:54 +0000 (GMT)
Received: by ghoul.dingwall.me.uk (Postfix, from userid 1000)
 id 482955F8; Tue,  5 Nov 2024 13:25:54 +0000 (GMT)
X-BeenThere: xen-devel@lists.xenproject.org
List-Id: Xen developer discussion <xen-devel.lists.xenproject.org>
List-Unsubscribe: <https://lists.xenproject.org/mailman/options/xen-devel>,
 <mailto:xen-devel-request@lists.xenproject.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xenproject.org>
List-Help: <mailto:xen-devel-request@lists.xenproject.org?subject=help>
List-Subscribe: <https://lists.xenproject.org/mailman/listinfo/xen-devel>,
 <mailto:xen-devel-request@lists.xenproject.org?subject=subscribe>
Errors-To: xen-devel-bounces@lists.xenproject.org
Precedence: list
Sender: "Xen-devel" <xen-devel-bounces@lists.xenproject.org>
X-Inumbo-ID: 7c3b9d57-9b79-11ef-99a3-01e77a169b0f
X-Custom-Connection: 
 eyJyZW1vdGVpcCI6IjIxMi4yMy4xLjIyIiwiaGVsbyI6InNtYXJ0aG9zdDAxYy5peG4ubWFpbC56ZW4ubmV0LnVrIn0=
X-Custom-Transaction: 
 eyJpZCI6IjdjM2I5ZDU3LTliNzktMTFlZi05OWEzLTAxZTc3YTE2OWIwZiIsInRzIjoxNzMwODEzMTU1LjIwNzc4MSwic2VuZGVyIjoiamFtZXNAZGluZ3dhbGwubWUudWsiLCJyZWNpcGllbnQiOiJ4ZW4tZGV2ZWxAbGlzdHMueGVuLm9yZyJ9
X-Virus-Scanned: Debian amavisd-new at dingwall.me.uk
Date: Tue, 5 Nov 2024 13:25:54 +0000
From: James Dingwall <james-xen@dingwall.me.uk>
To: xen-devel@lists.xen.org
Cc: Jan Beulich <jbeulich@suse.com>
Subject: [PATCH v2] drop setting XEN_QEMU_CONSOLE_LIMIT in the environment
Message-ID: <Zyoc4t3RAS7sbVOv@dingwall.me.uk>
References: <ZyoTBgbGGYTyphH6@dingwall.me.uk>
 <a111a4d4-66cf-4270-ac53-0e18288ad9ee@suse.com>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <a111a4d4-66cf-4270-ac53-0e18288ad9ee@suse.com>
X-Originating-smarthost01c-IP: [217.155.64.189]
Feedback-ID: 217.155.64.189

On Tue, Nov 05, 2024 at 01:57:41PM +0100, Jan Beulich wrote:
> On 05.11.2024 13:43, James Dingwall wrote:
> > Since qemu-xen-4.18.0 the corresponding code which responds to this
> > environment variable was not applied to the qemu tree.  It doesn't make
> > sense to me that it continues to be set in libxl so here's a patch
> > which removes it.
> > 
> > These are the relevant commits for various qemu tags:
> > 
> > qemu-xen-4.10.0: c349189772cec43498b0bec8a84146f10b8937af
> > qemu-xen-4.11.0: 2b033e396f4fa0981bae1213cdacd15775655a97
> > qemu-xen-4.12.0: 4f080070a9809bde857851e68a3aeff0c4b9b6a6
> > qemu-xen-4.13.0: c81d7597747f29432a0e197bf2c2109e77f2b6cf
> > qemu-xen-4.14.0: 410cc30fdc590417ae730d635bbc70257adf6750
> > qemu-xen-4.15.0: 677cbe1324c29294bb1d1b8454b3f214725e40fd
> > qemu-xen-4.16.0: b6e539830bf45e2d7a6bd86ddfdf003088b173b0
> > qemu-xen-4.17.0: 9a5e4bc76058766962ab3ff13f42c1d39a8e08d3
> > qemu-xen-4.18.0: not present
> > qemu-xen-4.19.0: not present
> > 
> > If this is approved is someone able to apply it to the tree?
> 
> Once approved, any committer will be able to. First, however, like any patch
> this one also needs a (your?) Signed-off-by:.

v2 with Signed-off-by: (and a promise I've read 'CONTRIBUTING').

Thanks,
James

(This wiki link referenced in CONTRIBUTING currently errors though:
https://wiki.xenproject.org/wiki/Submitting_Xen_Project_Patches)

commit 7b89ea44dbcb965b6b67c8de5092ea2b95d4c6f9
Author: James Dingwall <james@dingwall.me.uk>
Date:   Tue Nov 5 11:16:20 2024 +0000

    libxl: drop setting XEN_QEMU_CONSOLE_LIMIT in the environment (XSA-180 / CVE-2014-3672)
    
    The corresponding code in the Xen qemu repository was not applied from
    qemu-xen-4.18.0.
    
    Signed-off-by: James Dingwall <james@dingwall.me.uk>

diff --git a/tools/libs/light/libxl_dm.c b/tools/libs/light/libxl_dm.c
index 1f2f5bd97a..b193a5dc37 100644
--- a/tools/libs/light/libxl_dm.c
+++ b/tools/libs/light/libxl_dm.c
@@ -638,20 +638,6 @@ int libxl__domain_device_construct_rdm(libxl__gc *gc,
     return ERROR_FAIL;
 }
 
-/* XSA-180 / CVE-2014-3672
- *
- * The QEMU shipped with Xen has a bodge. It checks for
- * XEN_QEMU_CONSOLE_LIMIT to see how much data QEMU is allowed
- * to write to stderr. We set that to 1MB if it is not set by
- * system administrator.
- */
-static void libxl__set_qemu_env_for_xsa_180(libxl__gc *gc,
-                                            flexarray_t *dm_envs)
-{
-    if (getenv("XEN_QEMU_CONSOLE_LIMIT")) return;
-    flexarray_append_pair(dm_envs, "XEN_QEMU_CONSOLE_LIMIT", "1048576");
-}
-
 const libxl_vnc_info *libxl__dm_vnc(const libxl_domain_config *guest_config)
 {
     const libxl_vnc_info *vnc = NULL;
@@ -704,8 +690,6 @@ static int libxl__build_device_model_args_old(libxl__gc *gc,
 
     assert(state->dm_monitor_fd == -1);
 
-    libxl__set_qemu_env_for_xsa_180(gc, dm_envs);
-
     flexarray_vappend(dm_args, dm,
                       "-d", GCSPRINTF("%d", domid), NULL);
 
@@ -1210,8 +1194,6 @@ static int libxl__build_device_model_args_new(libxl__gc *gc,
     dm_args = flexarray_make(gc, 16, 1);
     dm_envs = flexarray_make(gc, 16, 1);
 
-    libxl__set_qemu_env_for_xsa_180(gc, dm_envs);
-
     flexarray_vappend(dm_args, dm,
                       "-xen-domid",
                       GCSPRINTF("%d", guest_domid), NULL);
@@ -3656,7 +3638,6 @@ void libxl__spawn_qemu_xenpv_backend(libxl__egc *egc,
     flexarray_append(dm_args, NULL);
     args = (char **) flexarray_contents(dm_args);
 
-    libxl__set_qemu_env_for_xsa_180(gc, dm_envs);
     envs = (char **) flexarray_contents(dm_envs);
 
     logfile_w = libxl__create_qemu_logfile(gc, GCSPRINTF("qdisk-%u", domid));