From: Wouter Verhelst <w@uter.be>
To: Eric Blake <eblake@redhat.com>
Cc: nbd-general@lists.sourceforge.net,
"Denis V. Lunev" <den@openvz.org>,
qemu-devel@nongnu.org, Pavel Borzenkov <pborzenkov@virtuozzo.com>
Subject: Re: [Qemu-devel] [Nbd] [PATCH 1/3] NBD proto: forbid TRIM command without negotiation
Date: Tue, 29 Mar 2016 09:22:23 +0200 [thread overview]
Message-ID: <20160329072223.GB22386@grep.be> (raw)
In-Reply-To: <56F92AE1.2040709@redhat.com>
On Mon, Mar 28, 2016 at 07:00:17AM -0600, Eric Blake wrote:
> On 03/28/2016 04:43 AM, Denis V. Lunev wrote:
> > From: Pavel Borzenkov <pborzenkov@virtuozzo.com>
> >
> > There is a loophole in the protocol that allows a client to send TRIM
> > request even if support for it wasn't negotiated with the server. State
> > explicitly that the client MUST NOT send such command without prior
> > successful negotiation.
> >
> > Signed-off-by: Pavel Borzenkov <pborzenkov@virtuozzo.com>
> > Reviewed-by: Roman Kagan <rkagan@virtuozzo.com>
> > Signed-off-by: Denis V. Lunev <den@openvz.org>
> > CC: Wouter Verhelst <w@uter.be>
> > CC: Eric Blake <eblake@redhat.com>
> > CC: Alex Bligh <alex@alex.org.uk>
> > ---
> > doc/proto.md | 3 +++
> > 1 file changed, 3 insertions(+)
> >
> > diff --git a/doc/proto.md b/doc/proto.md
> > index 6d1cb34..d54ed19 100644
> > --- a/doc/proto.md
> > +++ b/doc/proto.md
> > @@ -471,6 +471,9 @@ The following request types exist:
> > about the contents of the export affected by this command, until
> > overwriting it again with `NBD_CMD_WRITE`.
> >
> > + A client MUST NOT send a trim request unless `NBD_FLAG_SEND_TRIM`
> > + was set in the export flags field.
> > +
>
> Do we also want to mention that the server SHOULD fail with EINVAL if
> the client sends it anyway, and similarly if NBD_CMD_FLUSH was sent
> without the appropriate export flag (but that the client should not rely
> on that particular failure)?
I think the protocol should mention that the server MAY fail with
EINVAL, rather than SHOULD. Rationale: the robusness principle -- if you
didn't negotiate it, you may end up with a server who doesn't know about
the feature; but if it just so happens that the server does know about it even
though you didn't negotiate it, there is little harm in it following up on the
request.
> But as this is a strict improvement,
> Reviewed-by: Eric Blake <eblake@redhat.com>
--
< ron> I mean, the main *practical* problem with C++, is there's like a dozen
people in the world who think they really understand all of its rules,
and pretty much all of them are just lying to themselves too.
-- #debian-devel, OFTC, 2016-02-12
next prev parent reply other threads:[~2016-03-29 7:22 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-03-28 10:43 [Qemu-devel] [PATCH 0/3] Fix some ambiguities in the NBD protocol Denis V. Lunev
2016-03-28 10:43 ` [Qemu-devel] [PATCH 1/3] NBD proto: forbid TRIM command without negotiation Denis V. Lunev
2016-03-28 13:00 ` Eric Blake
2016-03-29 7:22 ` Wouter Verhelst [this message]
2016-03-29 13:54 ` [Qemu-devel] [Nbd] " Eric Blake
2016-03-28 10:43 ` [Qemu-devel] [PATCH 2/3] NBD proto: document additional error conditions Denis V. Lunev
2016-03-28 13:05 ` Eric Blake
2016-03-28 10:43 ` [Qemu-devel] [PATCH 3/3] NBD proto: add "Command flags" section Denis V. Lunev
2016-03-28 13:45 ` Eric Blake
2016-03-29 7:34 ` [Qemu-devel] [Nbd] " Wouter Verhelst
2016-03-29 16:01 ` [Qemu-devel] " Eric Blake
2016-03-29 16:03 ` Eric Blake
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160329072223.GB22386@grep.be \
--to=w@uter.be \
--cc=den@openvz.org \
--cc=eblake@redhat.com \
--cc=nbd-general@lists.sourceforge.net \
--cc=pborzenkov@virtuozzo.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).