From: "J. Bruce Fields" <bfields@fieldses.org>
To: Olga Kornievskaia <aglo@umich.edu>
Cc: Olga Kornievskaia <kolga@netapp.com>,
"J. Bruce Fields" <bfields@redhat.com>,
linux-nfs <linux-nfs@vger.kernel.org>
Subject: Re: [PATCH v6 05/10] NFSD first draft of async copy
Date: Thu, 15 Feb 2018 15:06:04 -0500 [thread overview]
Message-ID: <20180215200604.GA13228@fieldses.org> (raw)
In-Reply-To: <CAN-5tyHoYk+tybHBaMXNE2vgtb8nfAn+3h5yBk8hd5f5UCUmpQ@mail.gmail.com>
On Thu, Feb 15, 2018 at 02:59:14PM -0500, Olga Kornievskaia wrote:
> On Thu, Jan 25, 2018 at 5:04 PM, J. Bruce Fields <bfields@fieldses.org> wrote:
> > Nit: this could use a better subject line.
> >
> > On Tue, Oct 24, 2017 at 01:47:47PM -0400, Olga Kornievskaia wrote:
> > ...
> >> + if (!copy->cp_synchronous) {
> >> + status = nfsd4_init_copy_res(copy, 0);
> >> + async_copy = kzalloc(sizeof(struct nfsd4_copy), GFP_KERNEL);
> >> + if (!async_copy) {
> >> + status = nfserrno(-ENOMEM);
> >> + goto out;
> >> + }
> >> + dup_copy_fields(copy, async_copy);
> >> + memcpy(©->cp_res.cb_stateid, ©->cp_dst_stateid,
> >> + sizeof(copy->cp_dst_stateid));
> >> + spin_lock(&async_copy->cp_clp->async_lock);
> >> + list_add(&async_copy->copies,
> >> + &async_copy->cp_clp->async_copies);
> >> + spin_unlock(&async_copy->cp_clp->async_lock);
> >
> > At this point other threads could in theory look up this async_copy, but
> > its copy_task field is not yet initialized. I don't *think* that's a
> > problem for nfsd4_shutdown_copy, because I don't think the server could
> > be processing rpc's for this client any more at that point. But I think
> > a malicious client might be able to trigger a NULL dereference in
> > nfsd4_offload_cancel.
> >
> > Is there any reason not to assign copy_task before adding it to this
> > list?
>
> Now that I'm making changes I don't believe this is an issue. A client
> can't send nfsd4_offload_cancel() because it needs a copy stateid to
> send it with. And at this point the copy has not been replied to.
Right, but a malicious client might guess that copy stateid before it
gets the reply.
We want to make sure we're safe from crashing even on input that is very
unlikely.
--b.
next prev parent reply other threads:[~2018-02-15 20:06 UTC|newest]
Thread overview: 48+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-10-24 17:47 [PATCH v6 00/10] NFSD support for asynchronous COPY Olga Kornievskaia
2017-10-24 17:47 ` [PATCH v6 01/10] NFSD CB_OFFLOAD xdr Olga Kornievskaia
2018-01-25 16:43 ` J. Bruce Fields
2018-01-26 15:16 ` Olga Kornievskaia
2017-10-24 17:47 ` [PATCH v6 02/10] NFSD OFFLOAD_STATUS xdr Olga Kornievskaia
2017-10-24 17:47 ` [PATCH v6 03/10] NFSD OFFLOAD_CANCEL xdr Olga Kornievskaia
2017-10-24 17:47 ` [PATCH v6 04/10] NFSD xdr callback stateid in async COPY reply Olga Kornievskaia
2017-10-24 17:47 ` [PATCH v6 05/10] NFSD first draft of async copy Olga Kornievskaia
2018-01-25 22:04 ` J. Bruce Fields
2018-01-26 15:17 ` Olga Kornievskaia
2018-02-15 19:59 ` Olga Kornievskaia
2018-02-15 20:06 ` J. Bruce Fields [this message]
2018-01-25 22:29 ` J. Bruce Fields
2018-01-26 15:17 ` Olga Kornievskaia
2018-01-26 21:34 ` J. Bruce Fields
2018-02-02 19:50 ` Olga Kornievskaia
2018-02-02 19:55 ` J. Bruce Fields
2017-10-24 17:47 ` [PATCH v6 06/10] NFSD return nfs4_stid in nfs4_preprocess_stateid_op Olga Kornievskaia
2017-10-24 17:47 ` [PATCH v6 07/10] NFSD create new stateid for async copy Olga Kornievskaia
2018-01-26 21:37 ` J. Bruce Fields
2018-01-26 21:59 ` J. Bruce Fields
2018-02-02 20:45 ` Olga Kornievskaia
2018-02-02 21:45 ` J. Bruce Fields
2018-02-15 22:18 ` Olga Kornievskaia
2018-02-16 1:43 ` J. Bruce Fields
2018-02-16 16:06 ` Olga Kornievskaia
2018-02-16 18:12 ` J. Bruce Fields
2018-02-16 20:53 ` Olga Kornievskaia
2018-02-20 18:48 ` J. Bruce Fields
2018-03-06 17:15 ` Olga Kornievskaia
2018-03-06 19:33 ` J. Bruce Fields
2017-10-24 17:47 ` [PATCH v6 08/10] NFSD handle OFFLOAD_CANCEL op Olga Kornievskaia
2018-02-16 17:28 ` Olga Kornievskaia
2018-02-16 18:10 ` J. Bruce Fields
2017-10-24 17:47 ` [PATCH v6 09/10] NFSD support OFFLOAD_STATUS Olga Kornievskaia
2017-10-24 17:47 ` [PATCH v6 10/10] NFSD stop queued async copies on client shutdown Olga Kornievskaia
2018-01-25 22:22 ` J. Bruce Fields
2018-01-26 15:17 ` Olga Kornievskaia
2017-11-03 19:57 ` [PATCH v6 00/10] NFSD support for asynchronous COPY Olga Kornievskaia
2017-11-10 15:01 ` Olga Kornievskaia
2017-11-14 0:48 ` J. Bruce Fields
2017-11-28 20:28 ` Olga Kornievskaia
2017-11-30 20:18 ` J. Bruce Fields
2017-11-30 23:03 ` Olga Kornievskaia
2017-12-04 21:32 ` J. Bruce Fields
[not found] ` <CAN-5tyEVSwBmPMtUBJYDdLi7FK2MNMGuDQrrsvp776zD3Jcw0w@mail.gmail.com>
2018-01-22 16:51 ` Olga Kornievskaia
2018-01-25 22:33 ` J. Bruce Fields
2018-01-26 15:16 ` Olga Kornievskaia
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180215200604.GA13228@fieldses.org \
--to=bfields@fieldses.org \
--cc=aglo@umich.edu \
--cc=bfields@redhat.com \
--cc=kolga@netapp.com \
--cc=linux-nfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).