From: "J. Bruce Fields" <bfields@fieldses.org>
To: Christoph Hellwig <hch@lst.de>
Cc: trond.myklebust@primarydata.com, linux-nfs@vger.kernel.org
Subject: Re: [PATCH 4/4] nfsd: add SCSI layout support
Date: Tue, 22 Mar 2016 14:56:01 -0400 [thread overview]
Message-ID: <20160322185601.GE4083@fieldses.org> (raw)
In-Reply-To: <20160317215218.GB27078@fieldses.org>
On Thu, Mar 17, 2016 at 05:52:18PM -0400, J. Bruce Fields wrote:
> On Fri, Mar 04, 2016 at 08:46:17PM +0100, Christoph Hellwig wrote:
> > +int
> > +nfsd4_scsi_decode_layoutupdate(__be32 *p, u32 len, struct iomap **iomapp,
> > + u32 block_size)
> > +{
> > + struct iomap *iomaps;
> > + u32 nr_iomaps, expected, i;
> > +
> > + if (len < sizeof(u32)) {
> > + dprintk("%s: extent array too small: %u\n", __func__, len);
> > + return -EINVAL;
> > + }
> > +
> > + nr_iomaps = be32_to_cpup(p++);
> > + expected = sizeof(__be32) + nr_iomaps * PNFS_SCSI_RANGE_SIZE;
> > + if (len != expected) {
>
> You could add any multiple of 2^32/PNFS_SCSI_RANGE_SIZE to nr_iomaps and
> still pass this check. Then you'd probably fail the following kcalloc,
> but best to be paranoid if this is from-the-wire data.
>
> Maybe something like this? (Untested)
OK, I've added this, and also did some minor edits on your patches
(comment typos, split out one bit of code movement into a separate
patch). Results in
git://linux-nfs.org/~bfields/linux.git for-next
I'll send that along soon.
--b.
>
> diff --git a/fs/nfsd/blocklayoutxdr.c b/fs/nfsd/blocklayoutxdr.c
> index ca1883668810..6c3b316f932e 100644
> --- a/fs/nfsd/blocklayoutxdr.c
> +++ b/fs/nfsd/blocklayoutxdr.c
> @@ -105,18 +105,22 @@ nfsd4_block_decode_layoutupdate(__be32 *p, u32 len, struct iomap **iomapp,
> u32 block_size)
> {
> struct iomap *iomaps;
> - u32 nr_iomaps, expected, i;
> + u32 nr_iomaps, i;
>
> if (len < sizeof(u32)) {
> dprintk("%s: extent array too small: %u\n", __func__, len);
> return -EINVAL;
> }
> + len -= sizeof(u32);
> + if (len % PNFS_BLOCK_EXTENT_SIZE) {
> + dprintk("%s: extent array invalid: %u\n", __func__, len);
> + return -EINVAL;
> + }
>
> nr_iomaps = be32_to_cpup(p++);
> - expected = sizeof(__be32) + nr_iomaps * PNFS_BLOCK_EXTENT_SIZE;
> - if (len != expected) {
> + if (nr_iomaps != len / PNFS_BLOCK_EXTENT_SIZE) {
> dprintk("%s: extent array size mismatch: %u/%u\n",
> - __func__, len, expected);
> + __func__, len, nr_iomaps);
> return -EINVAL;
> }
>
> --b.
prev parent reply other threads:[~2016-03-22 18:56 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-03-04 19:46 pNFS SCSI layout support V2 Christoph Hellwig
2016-03-04 19:46 ` [PATCH 1/4] nfs4.h: add SCSI layout defintions Christoph Hellwig
2016-03-04 19:46 ` [PATCH 2/4] nfs/blocklayout: add SCSI layout support Christoph Hellwig
2016-03-08 22:07 ` J. Bruce Fields
2016-03-08 22:42 ` Trond Myklebust
2016-03-17 21:01 ` J. Bruce Fields
2016-03-18 14:18 ` Trond Myklebust
2016-03-08 22:09 ` J. Bruce Fields
2016-03-04 19:46 ` [PATCH 3/4] nfsd: add a new config option for the block layout driver Christoph Hellwig
2016-03-04 19:46 ` [PATCH 4/4] nfsd: add SCSI layout support Christoph Hellwig
2016-03-08 22:15 ` J. Bruce Fields
2016-03-09 14:48 ` Christoph Hellwig
2016-03-10 22:26 ` J. Bruce Fields
2016-03-11 9:24 ` Christoph Hellwig
2016-03-11 22:52 ` J. Bruce Fields
2016-03-17 21:52 ` J. Bruce Fields
2016-03-22 18:56 ` J. Bruce Fields [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160322185601.GE4083@fieldses.org \
--to=bfields@fieldses.org \
--cc=hch@lst.de \
--cc=linux-nfs@vger.kernel.org \
--cc=trond.myklebust@primarydata.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.