[PATCH] pnfsd: Add IP address validation to nfsd4_set_pnfs_dlm

public inbox for linux-nfs@vger.kernel.org
 help / color / mirror / Atom feed

* [PATCH] pnfsd: Add IP address validation to nfsd4_set_pnfs_dlm_device()
@ 2010-06-14 20:00 J. Bruce Fields
  2010-06-14 20:09 ` Benny Halevy
  0 siblings, 1 reply; 4+ messages in thread
From: J. Bruce Fields @ 2010-06-14 20:00 UTC (permalink / raw)
  To: Benny Halevy; +Cc: linux-nfs, eanderle

From: Eric Anderle <eanderle@umich.edu>

We should catch errors in the format at the time the list is given to
the kernel, rather than just returning garbage to the client and letting
the client fail.

Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
---
 fs/nfsd/nfs4pnfsdlm.c |   29 +++++++++++++++++++++++------
 1 files changed, 23 insertions(+), 6 deletions(-)

diff --git a/fs/nfsd/nfs4pnfsdlm.c b/fs/nfsd/nfs4pnfsdlm.c
index 1cf1b69..b6d9f23 100644
--- a/fs/nfsd/nfs4pnfsdlm.c
+++ b/fs/nfsd/nfs4pnfsdlm.c
@@ -26,6 +26,7 @@
 #include <linux/nfsd/debug.h>
 #include <linux/nfsd/nfs4pnfsdlm.h>
 #include <linux/nfsd/nfs4layoutxdr.h>
+#include <linux/sunrpc/clnt.h>
 
 #include "nfsfh.h"
 #include "nfsd.h"
@@ -87,6 +88,24 @@ out:
 	return ret;
 }
 
+bool nfsd4_validate_pnfs_dlm_device(char *ds_list, int len, int *num_ds)
+{
+	char *start = ds_list;
+
+	*num_ds = 0;
+
+	while (*start) {
+		struct sockaddr_storage tempAddr;
+		int ipLen = strcspn(start, ",");
+
+		if (!rpc_pton(start, ipLen, (struct sockaddr *)&tempAddr, sizeof(tempAddr)))
+			return false;
+		(*num_ds)++;
+		start += ipLen + 1;
+	}
+	return true;
+}
+
 /*
  * pnfs_dlm_device string format:
  *     block-device-path:<ds1 ipv4 address>,<ds2 ipv4 address>
@@ -140,12 +159,10 @@ nfsd4_set_pnfs_dlm_device(char *pnfs_dlm_device, int len)
 		goto out_free;
 	memcpy(new->ds_list, bufp, len);
 
-	/* count the number of comma-delimited DS IPs */
-	new->num_ds = 1;
-	while ((bufp = strchr(bufp, ',')) != NULL) {
-		new->num_ds++;
-		bufp++;
-	}
+
+	/*  validate the ips */
+	if (!nfsd4_validate_pnfs_dlm_device(new->ds_list, len, &(new->num_ds)))
+		goto out_free;
 
 	dprintk("%s disk_name %s num_ds %d ds_list %s\n", __func__,
 		new->disk_name, new->num_ds, new->ds_list);
-- 
1.7.0.4


^ permalink raw reply related	[flat|nested] 4+ messages in thread

* Re: [PATCH] pnfsd: Add IP address validation to nfsd4_set_pnfs_dlm_device()
  2010-06-14 20:00 [PATCH] pnfsd: Add IP address validation to nfsd4_set_pnfs_dlm_device() J. Bruce Fields
@ 2010-06-14 20:09 ` Benny Halevy
  2010-06-15  0:09   ` Benny Halevy
  0 siblings, 1 reply; 4+ messages in thread
From: Benny Halevy @ 2010-06-14 20:09 UTC (permalink / raw)
  To: J. Bruce Fields; +Cc: linux-nfs, eanderle

On 2010-06-14 16:00, J. Bruce Fields wrote:
> From: Eric Anderle <eanderle@umich.edu>
> 
> We should catch errors in the format at the time the list is given to
> the kernel, rather than just returning garbage to the client and letting
> the client fail.
> 
> Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
> ---
>  fs/nfsd/nfs4pnfsdlm.c |   29 +++++++++++++++++++++++------
>  1 files changed, 23 insertions(+), 6 deletions(-)
> 
> diff --git a/fs/nfsd/nfs4pnfsdlm.c b/fs/nfsd/nfs4pnfsdlm.c
> index 1cf1b69..b6d9f23 100644
> --- a/fs/nfsd/nfs4pnfsdlm.c
> +++ b/fs/nfsd/nfs4pnfsdlm.c
> @@ -26,6 +26,7 @@
>  #include <linux/nfsd/debug.h>
>  #include <linux/nfsd/nfs4pnfsdlm.h>
>  #include <linux/nfsd/nfs4layoutxdr.h>
> +#include <linux/sunrpc/clnt.h>
>  
>  #include "nfsfh.h"
>  #include "nfsd.h"
> @@ -87,6 +88,24 @@ out:
>  	return ret;
>  }
>  
> +bool nfsd4_validate_pnfs_dlm_device(char *ds_list, int len, int *num_ds)

Is "len" used?

Benny

> +{
> +	char *start = ds_list;
> +
> +	*num_ds = 0;
> +
> +	while (*start) {
> +		struct sockaddr_storage tempAddr;
> +		int ipLen = strcspn(start, ",");
> +
> +		if (!rpc_pton(start, ipLen, (struct sockaddr *)&tempAddr, sizeof(tempAddr)))
> +			return false;
> +		(*num_ds)++;
> +		start += ipLen + 1;
> +	}
> +	return true;
> +}
> +
>  /*
>   * pnfs_dlm_device string format:
>   *     block-device-path:<ds1 ipv4 address>,<ds2 ipv4 address>
> @@ -140,12 +159,10 @@ nfsd4_set_pnfs_dlm_device(char *pnfs_dlm_device, int len)
>  		goto out_free;
>  	memcpy(new->ds_list, bufp, len);
>  
> -	/* count the number of comma-delimited DS IPs */
> -	new->num_ds = 1;
> -	while ((bufp = strchr(bufp, ',')) != NULL) {
> -		new->num_ds++;
> -		bufp++;
> -	}
> +
> +	/*  validate the ips */
> +	if (!nfsd4_validate_pnfs_dlm_device(new->ds_list, len, &(new->num_ds)))
> +		goto out_free;
>  
>  	dprintk("%s disk_name %s num_ds %d ds_list %s\n", __func__,
>  		new->disk_name, new->num_ds, new->ds_list);

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH] pnfsd: Add IP address validation to nfsd4_set_pnfs_dlm_device()
  2010-06-14 20:09 ` Benny Halevy
@ 2010-06-15  0:09   ` Benny Halevy
  2010-06-15 14:55     ` J. Bruce Fields
  0 siblings, 1 reply; 4+ messages in thread
From: Benny Halevy @ 2010-06-15  0:09 UTC (permalink / raw)
  To: eanderle; +Cc: J. Bruce Fields, linux-nfs

On Jun. 14, 2010, 16:09 -0400, Benny Halevy <bhalevy@panasas.com> wrote:
> On 2010-06-14 16:00, J. Bruce Fields wrote:
>> From: Eric Anderle <eanderle@umich.edu>
>>
>> We should catch errors in the format at the time the list is given to
>> the kernel, rather than just returning garbage to the client and letting
>> the client fail.
>>
>> Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
>> ---
>>  fs/nfsd/nfs4pnfsdlm.c |   29 +++++++++++++++++++++++------
>>  1 files changed, 23 insertions(+), 6 deletions(-)
>>
>> diff --git a/fs/nfsd/nfs4pnfsdlm.c b/fs/nfsd/nfs4pnfsdlm.c
>> index 1cf1b69..b6d9f23 100644
>> --- a/fs/nfsd/nfs4pnfsdlm.c
>> +++ b/fs/nfsd/nfs4pnfsdlm.c
>> @@ -26,6 +26,7 @@
>>  #include <linux/nfsd/debug.h>
>>  #include <linux/nfsd/nfs4pnfsdlm.h>
>>  #include <linux/nfsd/nfs4layoutxdr.h>
>> +#include <linux/sunrpc/clnt.h>
>>  
>>  #include "nfsfh.h"
>>  #include "nfsd.h"
>> @@ -87,6 +88,24 @@ out:
>>  	return ret;
>>  }
>>  
>> +bool nfsd4_validate_pnfs_dlm_device(char *ds_list, int len, int *num_ds)
> 
> Is "len" used?

Merged at pnfs-all-2.6.35-rc3-2010-06-14
len parameter removed.

Thanks!

Benny

> 
> Benny
> 
>> +{
>> +	char *start = ds_list;
>> +
>> +	*num_ds = 0;
>> +
>> +	while (*start) {
>> +		struct sockaddr_storage tempAddr;
>> +		int ipLen = strcspn(start, ",");
>> +
>> +		if (!rpc_pton(start, ipLen, (struct sockaddr *)&tempAddr, sizeof(tempAddr)))
>> +			return false;
>> +		(*num_ds)++;
>> +		start += ipLen + 1;
>> +	}
>> +	return true;
>> +}
>> +
>>  /*
>>   * pnfs_dlm_device string format:
>>   *     block-device-path:<ds1 ipv4 address>,<ds2 ipv4 address>
>> @@ -140,12 +159,10 @@ nfsd4_set_pnfs_dlm_device(char *pnfs_dlm_device, int len)
>>  		goto out_free;
>>  	memcpy(new->ds_list, bufp, len);
>>  
>> -	/* count the number of comma-delimited DS IPs */
>> -	new->num_ds = 1;
>> -	while ((bufp = strchr(bufp, ',')) != NULL) {
>> -		new->num_ds++;
>> -		bufp++;
>> -	}
>> +
>> +	/*  validate the ips */
>> +	if (!nfsd4_validate_pnfs_dlm_device(new->ds_list, len, &(new->num_ds)))
>> +		goto out_free;
>>  
>>  	dprintk("%s disk_name %s num_ds %d ds_list %s\n", __func__,
>>  		new->disk_name, new->num_ds, new->ds_list);
> --
> To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH] pnfsd: Add IP address validation to nfsd4_set_pnfs_dlm_device()
  2010-06-15  0:09   ` Benny Halevy
@ 2010-06-15 14:55     ` J. Bruce Fields
  0 siblings, 0 replies; 4+ messages in thread
From: J. Bruce Fields @ 2010-06-15 14:55 UTC (permalink / raw)
  To: Benny Halevy; +Cc: eanderle, linux-nfs

On Mon, Jun 14, 2010 at 08:09:17PM -0400, Benny Halevy wrote:
> On Jun. 14, 2010, 16:09 -0400, Benny Halevy <bhalevy@panasas.com> wrote:
> > On 2010-06-14 16:00, J. Bruce Fields wrote:
> >> From: Eric Anderle <eanderle@umich.edu>
> >>
> >> We should catch errors in the format at the time the list is given to
> >> the kernel, rather than just returning garbage to the client and letting
> >> the client fail.
> >>
> >> Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
> >> ---
> >>  fs/nfsd/nfs4pnfsdlm.c |   29 +++++++++++++++++++++++------
> >>  1 files changed, 23 insertions(+), 6 deletions(-)
> >>
> >> diff --git a/fs/nfsd/nfs4pnfsdlm.c b/fs/nfsd/nfs4pnfsdlm.c
> >> index 1cf1b69..b6d9f23 100644
> >> --- a/fs/nfsd/nfs4pnfsdlm.c
> >> +++ b/fs/nfsd/nfs4pnfsdlm.c
> >> @@ -26,6 +26,7 @@
> >>  #include <linux/nfsd/debug.h>
> >>  #include <linux/nfsd/nfs4pnfsdlm.h>
> >>  #include <linux/nfsd/nfs4layoutxdr.h>
> >> +#include <linux/sunrpc/clnt.h>
> >>  
> >>  #include "nfsfh.h"
> >>  #include "nfsd.h"
> >> @@ -87,6 +88,24 @@ out:
> >>  	return ret;
> >>  }
> >>  
> >> +bool nfsd4_validate_pnfs_dlm_device(char *ds_list, int len, int *num_ds)
> > 
> > Is "len" used?
> 
> Merged at pnfs-all-2.6.35-rc3-2010-06-14
> len parameter removed.

Thanks.

--b.

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2010-06-15 14:55 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2010-06-14 20:00 [PATCH] pnfsd: Add IP address validation to nfsd4_set_pnfs_dlm_device() J. Bruce Fields
2010-06-14 20:09 ` Benny Halevy
2010-06-15  0:09   ` Benny Halevy
2010-06-15 14:55     ` J. Bruce Fields

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox