Re: [PATCH v8 0/9] NFSD support for async COPY

linux-nfs.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: "J. Bruce Fields" <bfields@redhat.com>
To: Christoph Hellwig <hch@infradead.org>
Cc: Olga Kornievskaia <kolga@netapp.com>, linux-nfs@vger.kernel.org
Subject: Re: [PATCH v8 0/9] NFSD support for async COPY
Date: Tue, 17 Apr 2018 11:00:03 -0400	[thread overview]
Message-ID: <20180417150002.GF10291@parsley.fieldses.org> (raw)
In-Reply-To: <20180417065203.GA15145@infradead.org>

On Mon, Apr 16, 2018 at 11:52:03PM -0700, Christoph Hellwig wrote:
> Also even if we have a good reason to add it I absolutely want a config
> option for the feature - it is a lot code adding potential attack
> vectors, so we should not just enabled it by default.

By the way, am I forgetting some mitigation or can a client provide any
address it wants as the source server to copy from?

That opens up the server to a lot of the same risks you'd see from
unprivileged NFS mounts--a malicious client could copy from a server
under it's control that's modified to exploit bugs in the server's NFS
client code.

I wonder if there's also the possibility of weird results even without
malicious intent: e.g. a user copying files between two different
servers may unintentionally tie up resources on the target server.

There's interest in enabling unprivileged NFS mounts to allow
unprivileged containers to do NFS mounts.  But even if we get to the
point where we're comfortable enabling that, distributions may still
want it off by default, and may advise admins to do firewalling that
restricts the set of NFS servers that containers can mount.

--b.

next prev parent reply	other threads:[~2018-04-17 15:00 UTC|newest]

Thread overview: 42+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-04-13 17:01 [PATCH v8 0/9] NFSD support for async COPY Olga Kornievskaia
2018-04-13 17:01 ` [PATCH v8 1/9] NFSD CB_OFFLOAD xdr Olga Kornievskaia
2018-04-13 17:01 ` [PATCH v8 2/9] NFSD OFFLOAD_STATUS xdr Olga Kornievskaia
2018-04-13 17:01 ` [PATCH v8 3/9] NFSD OFFLOAD_CANCEL xdr Olga Kornievskaia
2018-04-13 17:01 ` [PATCH v8 4/9] NFSD xdr callback stateid in async COPY reply Olga Kornievskaia
2018-04-13 17:01 ` [PATCH v8 5/9] NFSD introduce async copy feature Olga Kornievskaia
2018-04-13 17:01 ` [PATCH v8 6/9] NFSD create new stateid for async copy Olga Kornievskaia
2018-04-13 17:01 ` [PATCH v8 7/9] NFSD handle OFFLOAD_CANCEL op Olga Kornievskaia
2018-04-17 18:06   ` Anna Schumaker
2018-04-17 18:08     ` Olga Kornievskaia
2018-04-17 18:10     ` Olga Kornievskaia
2018-04-13 17:01 ` [PATCH v8 8/9] NFSD support OFFLOAD_STATUS Olga Kornievskaia
2018-04-13 17:01 ` [PATCH v8 9/9] NFSD stop ongoing async copies on client shutdown Olga Kornievskaia
2018-04-14  7:22 ` [PATCH v8 0/9] NFSD support for async COPY Christoph Hellwig
2018-04-14 12:32   ` Olga Kornievskaia
2018-04-18  7:05     ` Christoph Hellwig
2018-04-16 21:45   ` J. Bruce Fields
2018-04-17  6:52     ` Christoph Hellwig
2018-04-17 13:22       ` Olga Kornievskaia
2018-04-17 13:41         ` J. Bruce Fields
2018-04-17 13:45           ` Olga Kornievskaia
     [not found]           ` <FE7DF381-A335-4827-94AB-1DEBF5FCEB05@netapp.com>
2018-04-17 13:57             ` J. Bruce Fields
2018-04-17 14:04               ` J. Bruce Fields
2018-04-17 14:08               ` Olga Kornievskaia
2018-04-17 14:13                 ` Olga Kornievskaia
2018-04-17 14:50                   ` Anna Schumaker
2018-04-17 14:41         ` Steve Dickson
     [not found]           ` <1E0C45FE-2214-41FB-8634-1005CC13AD9E@netapp.com>
2018-04-18  7:08             ` Christoph Hellwig
2018-04-24 20:29               ` Olga Kornievskaia
2018-04-27 16:03                 ` J. Bruce Fields
2018-04-27 23:11                   ` Olga Kornievskaia
2018-05-22 21:05                     ` Olga Kornievskaia
2018-05-22 22:01                       ` J. Bruce Fields
2018-04-17 13:42       ` J. Bruce Fields
2018-04-17 15:00       ` J. Bruce Fields [this message]
2018-04-17 15:17         ` Olga Kornievskaia
2018-04-17 15:41           ` J. Bruce Fields
2018-04-17 15:58             ` J. Bruce Fields
2018-04-17 17:41               ` J. Bruce Fields
2018-04-17 16:15             ` Olga Kornievskaia
2018-04-17 17:39               ` J. Bruce Fields
2018-04-18  7:07     ` Christoph Hellwig

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20180417150002.GF10291@parsley.fieldses.org \
    --to=bfields@redhat.com \
    --cc=hch@infradead.org \
    --cc=kolga@netapp.com \
    --cc=linux-nfs@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).