From: Jeff Layton <jlayton@redhat.com>
To: Christoph Hellwig <hch@lst.de>,
Trond Myklebust <trond.myklebust@primarydata.com>,
Anna Schumaker <anna.schumaker@netapp.com>,
"J. Bruce Fields" <bfields@fieldses.org>
Cc: linux-nfs@vger.kernel.org
Subject: Re: [PATCH 33/33] nfsd4: const-ify nfsd4_ops
Date: Fri, 12 May 2017 14:42:21 -0400 [thread overview]
Message-ID: <1494614541.4227.12.camel@redhat.com> (raw)
In-Reply-To: <20170512161701.22468-34-hch@lst.de>
On Fri, 2017-05-12 at 18:17 +0200, Christoph Hellwig wrote:
> nfsd4_ops contains function pointers, and marking it as constant avoids
> it being able to be used as an attach vector for code injections.
>
> Signed-off-by: Christoph Hellwig <hch@lst.de>
> ---
> fs/nfsd/nfs4proc.c | 13 ++++++-------
> 1 file changed, 6 insertions(+), 7 deletions(-)
>
> diff --git a/fs/nfsd/nfs4proc.c b/fs/nfsd/nfs4proc.c
> index e814c1946f6e..fe6cb5b6d31c 100644
> --- a/fs/nfsd/nfs4proc.c
> +++ b/fs/nfsd/nfs4proc.c
> @@ -1584,7 +1584,7 @@ struct nfsd4_operation {
> union nfsd4_op_u *);
> };
>
> -static struct nfsd4_operation nfsd4_ops[];
> +static const struct nfsd4_operation nfsd4_ops[];
>
> static const char *nfsd4_op_name(unsigned opnum);
>
> @@ -1621,7 +1621,7 @@ static __be32 nfs41_check_op_ordering(struct nfsd4_compoundargs *args)
> return nfs_ok;
> }
>
> -static inline struct nfsd4_operation *OPDESC(struct nfsd4_op *op)
> +static inline const struct nfsd4_operation *OPDESC(struct nfsd4_op *op)
> {
> return &nfsd4_ops[op->opnum];
> }
> @@ -1639,10 +1639,9 @@ static bool need_wrongsec_check(struct svc_rqst *rqstp)
> struct nfsd4_compoundargs *argp = rqstp->rq_argp;
> struct nfsd4_op *this = &argp->ops[resp->opcnt - 1];
> struct nfsd4_op *next = &argp->ops[resp->opcnt];
> - struct nfsd4_operation *thisd;
> - struct nfsd4_operation *nextd;
> + const struct nfsd4_operation *thisd = OPDESC(this);
> + const struct nfsd4_operation *nextd;
>
> - thisd = OPDESC(this);
> /*
> * Most ops check wronsec on our own; only the putfh-like ops
> * have special rules.
> @@ -1695,7 +1694,7 @@ nfsd4_proc_compound(struct svc_rqst *rqstp)
> struct nfsd4_compoundargs *args = rqstp->rq_argp;
> struct nfsd4_compoundres *resp = rqstp->rq_resp;
> struct nfsd4_op *op;
> - struct nfsd4_operation *opdesc;
> + const struct nfsd4_operation *opdesc;
> struct nfsd4_compound_state *cstate = &resp->cstate;
> struct svc_fh *current_fh = &cstate->current_fh;
> struct svc_fh *save_fh = &cstate->save_fh;
> @@ -2109,7 +2108,7 @@ static inline u32 nfsd4_seek_rsize(struct svc_rqst *rqstp, struct nfsd4_op *op)
> return (op_encode_hdr_size + 3) * sizeof(__be32);
> }
>
> -static struct nfsd4_operation nfsd4_ops[] = {
> +static const struct nfsd4_operation nfsd4_ops[] = {
> [OP_ACCESS] = {
> .op_func = nfsd4_access,
> .op_name = "OP_ACCESS",
...and I'll save us some emails. You can add my Reviewed-by to the whole
set. Nice cleanup/prophylaxis!
--
Jeff Layton <jlayton@redhat.com>
next prev parent reply other threads:[~2017-05-12 18:42 UTC|newest]
Thread overview: 70+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-05-12 16:16 remove function pointer casts and constify function tables Christoph Hellwig
2017-05-12 16:16 ` [PATCH 01/33] sunrpc: properly type argument to kxdreproc_t Christoph Hellwig
2017-05-12 16:16 ` [PATCH 02/33] sunrpc: fix encoder callback prototypes Christoph Hellwig
2017-05-12 16:16 ` [PATCH 03/33] lockd: " Christoph Hellwig
2017-05-12 16:16 ` [PATCH 04/33] nfs: " Christoph Hellwig
2017-05-12 16:16 ` [PATCH 05/33] nfsd: " Christoph Hellwig
2017-05-12 16:16 ` [PATCH 06/33] sunrpc/auth_gss: " Christoph Hellwig
2017-05-12 16:16 ` [PATCH 07/33] sunrpc: properly type argument to kxdrdproc_t Christoph Hellwig
2017-05-12 16:16 ` [PATCH 08/33] sunrpc: fix decoder callback prototypes Christoph Hellwig
2017-05-12 16:16 ` [PATCH 09/33] sunrpc/auth_gss: " Christoph Hellwig
2017-05-12 16:16 ` [PATCH 10/33] nfsd: " Christoph Hellwig
2017-05-12 16:16 ` [PATCH 11/33] lockd: " Christoph Hellwig
2017-05-12 16:16 ` [PATCH 12/33] nfs: " Christoph Hellwig
2017-05-12 16:16 ` [PATCH 13/33] nfs: don't cast callback decode/proc/encode routines Christoph Hellwig
2017-05-12 16:16 ` [PATCH 14/33] lockd: fix some weird indentation Christoph Hellwig
2017-05-12 18:01 ` Jeff Layton
2017-05-12 16:16 ` [PATCH 15/33] sunrpc: move p_count out of struct rpc_procinfo Christoph Hellwig
2017-05-12 18:24 ` Jeff Layton
2017-05-12 16:16 ` [PATCH 16/33] nfs: use ARRAY_SIZE() in the nfsacl_version3 declaration Christoph Hellwig
2017-05-12 18:25 ` Jeff Layton
2017-05-12 16:16 ` [PATCH 17/33] sunrpc: mark all struct rpc_procinfo instances as const Christoph Hellwig
2017-05-12 18:30 ` Jeff Layton
2017-05-12 16:16 ` [PATCH 18/33] nfsd4: const-ify nfs_cb_version4 Christoph Hellwig
2017-05-12 18:31 ` Jeff Layton
2017-05-12 16:16 ` [PATCH 19/33] nfsd: use named initializers in PROC() Christoph Hellwig
2017-05-12 18:32 ` Jeff Layton
2017-05-12 16:16 ` [PATCH 20/33] nfsd: remove the unused PROC() macro in nfs3proc.c Christoph Hellwig
2017-05-12 18:33 ` Jeff Layton
2017-05-12 16:16 ` [PATCH 21/33] sunrpc: properly type pc_func callbacks Christoph Hellwig
2017-05-12 18:34 ` Jeff Layton
2017-05-12 16:16 ` [PATCH 22/33] sunrpc: properly type pc_release callbacks Christoph Hellwig
2017-05-12 16:16 ` [PATCH 23/33] sunrpc: properly type pc_decode callbacks Christoph Hellwig
2017-05-12 16:16 ` [PATCH 24/33] sunrpc: properly type pc_encode callbacks Christoph Hellwig
2017-05-12 16:16 ` [PATCH 25/33] sunrpc: remove kxdrproc_t Christoph Hellwig
2017-05-12 16:16 ` [PATCH 26/33] nfsd4: properly type op_set_currentstateid callbacks Christoph Hellwig
2017-05-12 16:16 ` [PATCH 27/33] nfsd4: properly type op_get_currentstateid callbacks Christoph Hellwig
2017-05-12 16:16 ` [PATCH 28/33] nfsd4: remove nfsd4op_rsize Christoph Hellwig
2017-05-12 16:16 ` [PATCH 29/33] nfsd4: properly type op_func callbacks Christoph Hellwig
2017-05-12 16:16 ` [PATCH 30/33] sunrpc: move pc_count out of struct svc_procinfo Christoph Hellwig
2017-05-12 16:16 ` [PATCH 31/33] sunrpc: mark all struct svc_procinfo instances as const Christoph Hellwig
2017-05-12 16:17 ` [PATCH 32/33] sunrpc: mark all struct svc_version " Christoph Hellwig
2017-05-12 16:17 ` [PATCH 33/33] nfsd4: const-ify nfsd4_ops Christoph Hellwig
2017-05-12 18:42 ` Jeff Layton [this message]
2017-05-12 20:14 ` remove function pointer casts and constify function tables Trond Myklebust
2017-05-12 22:04 ` bfields
2017-05-13 7:25 ` hch
2017-05-13 16:10 ` Trond Myklebust
2017-05-15 15:21 ` bfields
2017-05-15 15:44 ` hch
2017-05-23 8:11 ` hch
2017-05-23 12:23 ` bfields
2017-05-26 15:08 ` bfields
2017-05-26 15:09 ` bfields
2017-05-26 19:31 ` bfields
2017-05-26 19:31 ` bfields
2017-05-30 16:26 ` Michael S. Tsirkin
2017-05-30 16:26 ` Michael S. Tsirkin
2017-05-30 16:58 ` Michael S. Tsirkin
2017-05-30 16:58 ` Michael S. Tsirkin
2017-05-31 20:57 ` bfields
2017-05-31 20:57 ` bfields
2017-05-31 21:09 ` bfields
2017-05-31 21:15 ` bfields
2017-05-31 21:15 ` bfields
2017-05-31 21:09 ` bfields
2017-05-30 17:03 ` Michael S. Tsirkin
2017-05-30 17:03 ` Michael S. Tsirkin
2017-05-31 21:00 ` bfields
2017-05-31 21:00 ` bfields
2017-05-26 15:09 ` bfields
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1494614541.4227.12.camel@redhat.com \
--to=jlayton@redhat.com \
--cc=anna.schumaker@netapp.com \
--cc=bfields@fieldses.org \
--cc=hch@lst.de \
--cc=linux-nfs@vger.kernel.org \
--cc=trond.myklebust@primarydata.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.