target-ppc: Document TOCTTOU in hugepage support

The code to find the minimum page size is is vulnerable to TOCTTOU. Added in commit 2d103aa "target-ppc: fix hugepage support when using memory-backend-file" (v2.4.0). Since I can't fix it myself right now, add a FIXME comment. Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: Michael Roth <mdroth@linux.vnet.ibm.com> Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <1458066895-20632-2-git-send-email-armbru@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2016-03-15 19:34:16 +01:00 · 2016-03-15 19:34:16 +01:00 · 3be5cc2324
commit 3be5cc2324
parent 6741d38ad0
1 changed files with 6 additions and 0 deletions
--- a/target-ppc/kvm.c
+++ b/target-ppc/kvm.c
@ -333,6 +333,12 @@ static long gethugepagesize(const char *mem_path)
    return fs.f_bsize;
 }

+/*
+ * FIXME TOCTTOU: this iterates over memory backends' mem-path, which
+ * may or may not name the same files / on the same filesystem now as
+ * when we actually open and map them.  Iterate over the file
+ * descriptors instead, and use qemu_fd_getpagesize().
+ */
 static int find_max_supported_pagesize(Object *obj, void *opaque)
 {
    char *mem_path;