Zhou Zheng Sheng has posted comments on this change.
Change subject: Improvement of the GuestAgent class memory usage
......................................................................
Patch Set 6: (1 inline comment)
....................................................
File vdsm/guestIF.py
Line 285: while (not self._stopped) and '\n' in data:
Line 286: line, data = data.split('\n', 1)
Line 287: line = ''.join(self._buffer) + line
Line 288: self._clear_read_buffer()
Line 289: if self._message_state is MessageState.TOO_BIG:
It can prevent DoS attack from a guest OS. Suppose a hacker buys a VM from us,
and writes his own guest agent to produce tons of garbage to the channel. Then
vdsm will be busy processing the garbage and take a lot of memory. Other nice
guests will get worse service quality in this case. If the attack is serious,
vdsm may take too many memory and other guests can not run.
Line 290: self._message_state = MessageState.NORMAL
Line 291: self.log.error("[GuestAgent._handle_data] Not
processing "
Line 292: "current message because it was too
big")
Line 293: else:
--
To view, visit http://gerrit.ovirt.org/9239
To unsubscribe, visit http://gerrit.ovirt.org/settings
Gerrit-MessageType: comment
Gerrit-Change-Id: Ibf6274bb10c9e3b80962b69c5df316f03ee21214
Gerrit-PatchSet: 6
Gerrit-Project: vdsm
Gerrit-Branch: master
Gerrit-Owner: Vinzenz Feenstra <[email protected]>
Gerrit-Reviewer: Dan Kenigsberg <[email protected]>
Gerrit-Reviewer: Gal Hammer <[email protected]>
Gerrit-Reviewer: Peter V. Saveliev <[email protected]>
Gerrit-Reviewer: ShaoHe Feng <[email protected]>
Gerrit-Reviewer: Vinzenz Feenstra <[email protected]>
Gerrit-Reviewer: Zhou Zheng Sheng <[email protected]>
Gerrit-Reviewer: oVirt Jenkins CI Server
_______________________________________________
vdsm-patches mailing list
[email protected]
https://lists.fedorahosted.org/mailman/listinfo/vdsm-patches
