From: Greg Kurz <groug@kaod.org>
To: Christian Schoenebeck <qemu_oss@crudebyte.com>
Cc: qemu-devel@nongnu.org
Subject: Re: [PATCH v3 03/11] 9pfs: validate count sent by client with T_readdir
Date: Fri, 17 Jan 2020 16:50:50 +0100 [thread overview]
Message-ID: <20200117165050.27604cf0@bahia.lan> (raw)
In-Reply-To: <5915926.WqdOhGH810@silver>
On Thu, 16 Jan 2020 17:51:10 +0100
Christian Schoenebeck <qemu_oss@crudebyte.com> wrote:
> On Donnerstag, 16. Januar 2020 14:33:42 CET Greg Kurz wrote:
> > On Mon, 13 Jan 2020 23:22:08 +0100
> >
> > Christian Schoenebeck <qemu_oss@crudebyte.com> wrote:
> > > A good 9p client sends T_readdir with "count" parameter that's
> > > sufficiently smaller than client's initially negotiated msize
> > > (maximum message size). We perform a check for that though to
> > > avoid the server to be interrupted with a "Failed to encode
> > > VirtFS reply type 41" error message by bad clients.
> > >
> > > Signed-off-by: Christian Schoenebeck <qemu_oss@crudebyte.com>
> > > ---
> > >
> > > hw/9pfs/9p.c | 8 ++++++++
> > > 1 file changed, 8 insertions(+)
> > >
> > > diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c
> > > index a5fbe821d4..30da2fedf3 100644
> > > --- a/hw/9pfs/9p.c
> > > +++ b/hw/9pfs/9p.c
> > > @@ -2426,6 +2426,7 @@ static void coroutine_fn v9fs_readdir(void *opaque)
> > >
> > > int32_t count;
> > > uint32_t max_count;
> > > V9fsPDU *pdu = opaque;
> > >
> > > + V9fsState *s = pdu->s;
> > >
> > > retval = pdu_unmarshal(pdu, offset, "dqd", &fid,
> > >
> > > &initial_offset, &max_count);
> > >
> > > @@ -2434,6 +2435,13 @@ static void coroutine_fn v9fs_readdir(void *opaque)
> > >
> > > }
> > > trace_v9fs_readdir(pdu->tag, pdu->id, fid, initial_offset,
> > > max_count);
> > >
> > > + if (max_count > s->msize - P9_IOHDRSZ) {
> >
> > P9_IOHDRSZ relates to Twrite. The Rreaddir message has a smaller header
> > of size 11:
> >
> > size[4] Rreaddir tag[2] count[4]
>
> Right, looks like I have falsely picked P9_IOHDRSZ after looking at:
>
> static size_t v9fs_readdir_data_size(V9fsString *name)
> {
> /*
> * Size of each dirent on the wire: size of qid (13) + size of offset (8)
> * size of type (1) + size of name.size (2) + strlen(name.data)
> */
> return 24 + v9fs_string_size(name);
> }
>
> I'll have to correct that in the test cases as well. So no need to comment on
> them for now.
>
> But if you have an idea about the issue mentioned in cover letter (patch 7),
> let me know. I have a feeling that there is some problem with the test
> environment, because I also get strange error messages when I just add some
> more e.g. noop 9pfs test cases (empty test cases doing nothing) or by copy
> pasting existing tests and then running
>
> tests/qos-test -l
>
> which obviously should just list the test cases, but not executing any of
> them. I'd end up with "cannot push stack" error messages for some reason.
>
No idea. I'll have to look more.
> > > + max_count = s->msize - P9_IOHDRSZ;
> > > + warn_report_once(
> > > + "9p: bad client: T_readdir with count > msize - P9_IOHDRSZ"
> > > + );
> > > + }
> > > +
> > >
> > > fidp = get_fid(pdu, fid);
> > > if (fidp == NULL) {
> > >
> > > retval = -EINVAL;
>
> Best regards,
> Christian Schoenebeck
>
>
next prev parent reply other threads:[~2020-01-17 15:51 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-01-13 23:18 [PATCH v3 00/11] 9pfs: readdir optimization Christian Schoenebeck
2020-01-13 22:20 ` [PATCH v3 01/11] tests/virtio-9p: add terminating null in v9fs_string_read() Christian Schoenebeck
2020-01-13 22:21 ` [PATCH v3 02/11] 9pfs: require msize >= 4096 Christian Schoenebeck
2020-01-16 13:15 ` Greg Kurz
2020-01-16 16:16 ` Christian Schoenebeck
2020-01-16 18:07 ` Greg Kurz
2020-01-16 21:39 ` Christian Schoenebeck
2020-01-17 10:24 ` Greg Kurz
2020-01-17 12:01 ` Christian Schoenebeck
2020-01-17 15:15 ` Greg Kurz
2020-01-17 16:41 ` Christian Schoenebeck
2020-01-13 22:22 ` [PATCH v3 03/11] 9pfs: validate count sent by client with T_readdir Christian Schoenebeck
2020-01-16 13:33 ` Greg Kurz
2020-01-16 16:51 ` Christian Schoenebeck
2020-01-17 15:50 ` Greg Kurz [this message]
2020-01-13 22:23 ` [PATCH v3 04/11] hw/9pfs/9p-synth: added directory for readdir test Christian Schoenebeck
2020-01-13 23:08 ` [PATCH v3 05/11] tests/virtio-9p: added " Christian Schoenebeck
2020-01-17 15:51 ` Greg Kurz
2020-01-17 16:44 ` Christian Schoenebeck
2020-01-13 23:11 ` [PATCH v3 06/11] tests/virtio-9p: added splitted " Christian Schoenebeck
2020-01-13 23:13 ` [PATCH v3 07/11] tests/virtio-9p: failing " Christian Schoenebeck
2020-01-13 23:16 ` [PATCH v3 08/11] 9pfs: readdir benchmark Christian Schoenebeck
2020-01-13 23:16 ` [PATCH v3 09/11] hw/9pfs/9p-synth: avoid n-square issue in synth_readdir() Christian Schoenebeck
2020-01-13 23:17 ` [PATCH v3 10/11] 9pfs: T_readdir latency optimization Christian Schoenebeck
2020-01-13 23:17 ` [PATCH v3 11/11] hw/9pfs/9p.c: benchmark time on T_readdir request Christian Schoenebeck
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200117165050.27604cf0@bahia.lan \
--to=groug@kaod.org \
--cc=qemu-devel@nongnu.org \
--cc=qemu_oss@crudebyte.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).