On Thu, Jul 20, 2017 at 1:42 AM, Andrew Morgan <[email protected]> wrote:
> Also did a test with moving in an enormous folder, daemon took up 16%
> CPU for a second in htop then right back to 0%, so seems pretty well
> optimized for now. inotify finds all the files and folders in way until
> a few hundred milli-seconds, so we may need to scale our period for
> calling qvm-file-trust with a list of files down a bit (unless python
> can take in 10K+ full filepaths as arguments).
During exec(2), the kernel places arguments somewhere at the top of
the stack, along with your environment variables and some other stuff.
Thus, the limit is likely actually some number of total bytes (also
dependent on other things like the total size of your current
environment), rather than the limit being only a fixed number of
arguments. This means you would have to check not just the number of
arguments, but the sum of the lengths of each.
If you find yourself running into problems with to much data in argv
for a single exec, you may wish to consider letting xargs handle
splitting the paths into an appropriate number of separate execs of
your python script. This is one of the reasons it exists. If you do
this, be sure to split the paths with '\0' and use xargs -0.
Consider this example:
$ cat argc.c
#include <stdio.h>
int main(int argc) { printf("%d\n", argc); }
$ make argc
cc argc.c -o argc
$ yes AAAA | head -$((1024*100)) | xargs ./argc
26214
26214
26214
23762
$ yes AAAAAAAAAAAA | head -$((1024*100)) | xargs ./argc
10082
10082
10082
10082
10082
10082
10082
10082
10082
10082
1591
You may also wish to set an artificially small max length to guard
against any potential edge cases which xargs itself may have or may
develop in the future which may cause final arguments to get dropped
or truncated, as such bugs may be unlikely to be found and may have
very bad consequences (files not being marked as untrusted).
Cheers,
Jean-Philippe
--
You received this message because you are subscribed to the Google Groups
"qubes-devel" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-devel/CABQWM_D4O1yk7F_fDYOowpW586Vb0ZzT5-e-5Psw_VmYLqPiAw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
