On 05/24/2017 02:42 PM, Richard W.M. Jones wrote:
On Tue, May 23, 2017 at 05:07:40PM +0200, Michal Privoznik wrote:
> Because:
>
>
https://www.redhat.com/archives/libvir-list/2017-May/msg00088.html
I don't think this is a reason at all.
Libguestfs uses an RPC system which was modelled on the libvirt one,
and has exactly the same problem with message size limits, except
smaller -- 4MB and we've never had to increase it.
So you're basically doing what I'm describing in point a). Transforming
problem to another one. The maximum number of 4MB messages.
We get around this by batching operations over messages as necessary
(eg [1]). This adds a little complexity in the implementation of the
API, but the point is that the complexity is entirely hidden to users
of the APIs.
Exactly. A little complexity. That's in your case. In our case it would
be slightly more complex IMO (although I've never tried to write the
code, so I cannot say really). BUT, more importantly why even bother
when we can just raise the limit of the message?
The limits are there so that if one side starts sending malicious
packets it won't eat all the memory on the other side. Well, what if the
attacker is slightly more ingenious and sends N messages that fit size
limit for one message? I don't really see a difference between raising
limit for one message and splitting the data into multiple messages.
Michal