From: Mi Jinlong <mijinlong@cn.fujitsu.com>
To: "J. Bruce Fields" <bfields@fieldses.org>
Cc: NFS <linux-nfs@vger.kernel.org>
Subject: [PATCH 1/2 v2] nfsd41: error out when client sets maxreq_sz or, maxresp_sz too small
Date: Sat, 02 Jul 2011 17:01:44 +0800 [thread overview]
Message-ID: <4E0EDE78.1060208@cn.fujitsu.com> (raw)
According to RFC5661, 18.36.3,
"if the client selects a value for ca_maxresponsesize such that
a replier on a channel could never send a response,the server
SHOULD return NFS4ERR_TOOSMALL in the CREATE_SESSION reply."
This patch let server error out when client sets maxreq_sz less than
SEQUENCE request size, and maxresp_sz less than a SEQUENCE reply size.
Signed-off-by: Mi Jinlong <mijinlong@cn.fujitsu.com>
---
fs/nfsd/nfs4xdr.c | 26 +++++++++++++++++++++++++-
1 files changed, 25 insertions(+), 1 deletions(-)
diff --git a/fs/nfsd/nfs4xdr.c b/fs/nfsd/nfs4xdr.c
index 9901811..bece272 100644
--- a/fs/nfsd/nfs4xdr.c
+++ b/fs/nfsd/nfs4xdr.c
@@ -1135,11 +1135,25 @@ nfsd4_decode_create_session(struct nfsd4_compoundargs *argp,
{
DECODE_HEAD;
- u32 dummy;
+ struct xdr_buf *xb = &argp->rqstp->rq_arg;
+ u32 dummy, minreqlen = 0, minresplen = 0;
char *machine_name;
int i;
int nr_secflavs;
+ /* RPC header length and tag, minorversion, Opt count*/
+ minreqlen = (char *)argp->p - ((char *)argp->end - xb->len);
+ /* length with a SEQUENCE operation */
+ minreqlen = minreqlen + sizeof(struct nfs4_sessionid)
+ + 4 * sizeof(__be32);
+
+ /* RPC header, status, tag len */
+ minresplen = argp->rqstp->rq_res.head[0].iov_len + 2 * sizeof(__be32)
+ /* tag, opt count, opcode, op status */
+ + ALIGN(argp->taglen, 4) + 3 * sizeof(__be32)
+ /* sessionid, seqid, 3 * slotid, status*/
+ + sizeof(struct nfs4_sessionid) + 5 * sizeof(__be32);
+
READ_BUF(16);
COPYMEM(&sess->clientid, 8);
READ32(sess->seqid);
@@ -1149,7 +1163,17 @@ nfsd4_decode_create_session(struct nfsd4_compoundargs *argp,
READ_BUF(28);
READ32(dummy); /* headerpadsz is always 0 */
READ32(sess->fore_channel.maxreq_sz);
+ if (sess->fore_channel.maxreq_sz < minreqlen) {
+ status = nfserr_toosmall;
+ goto out;
+ }
+
READ32(sess->fore_channel.maxresp_sz);
+ if (sess->fore_channel.maxresp_sz < minresplen) {
+ status = nfserr_toosmall;
+ goto out;
+ }
+
READ32(sess->fore_channel.maxresp_cached);
READ32(sess->fore_channel.maxops);
READ32(sess->fore_channel.maxreqs);
--
1.7.5.4
next reply other threads:[~2011-07-02 8:58 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-07-02 9:01 Mi Jinlong [this message]
2011-07-06 16:26 ` [PATCH 1/2 v2] nfsd41: error out when client sets maxreq_sz or, maxresp_sz too small J. Bruce Fields
2011-07-09 3:44 ` [PATCH 1/2 v3] " Mi Jinlong
2011-07-12 11:09 ` J. Bruce Fields
2011-07-14 6:50 ` [PATCH 1/2 v4] " Mi Jinlong
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4E0EDE78.1060208@cn.fujitsu.com \
--to=mijinlong@cn.fujitsu.com \
--cc=bfields@fieldses.org \
--cc=linux-nfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.