From: bfields@fieldses.org (J. Bruce Fields)
To: Chuck Lever <chuck.lever@oracle.com>
Cc: linux-nfs@vger.kernel.org, simo@redhat.com
Subject: Re: [PATCH RFC 09/10] SUNRPC: Remove xdr_buf_trim()
Date: Mon, 4 Feb 2019 14:46:15 -0500 [thread overview]
Message-ID: <20190204194615.GC1816@fieldses.org> (raw)
In-Reply-To: <20190201195814.11389.4023.stgit@manet.1015granger.net>
On Fri, Feb 01, 2019 at 02:58:14PM -0500, Chuck Lever wrote:
> The key action of xdr_buf_trim() is that it shortens buf->len, the
> length of the xdr_buf' content. The other actions -- shortening the
> head, pages, and tail components -- are actually not necessary. In
> some cases, changing the size of those components corrupts the RPC
> message contained in the buffer.
That's really burying the lede.... Is there an actual user-visible bug
here?
--b.
>
> Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
> ---
> include/linux/sunrpc/xdr.h | 1 -
> net/sunrpc/auth_gss/gss_krb5_wrap.c | 8 ++++---
> net/sunrpc/auth_gss/svcauth_gss.c | 2 +-
> net/sunrpc/xdr.c | 41 -----------------------------------
> 4 files changed, 6 insertions(+), 46 deletions(-)
>
> diff --git a/include/linux/sunrpc/xdr.h b/include/linux/sunrpc/xdr.h
> index 69161cb..4ae398c 100644
> --- a/include/linux/sunrpc/xdr.h
> +++ b/include/linux/sunrpc/xdr.h
> @@ -183,7 +183,6 @@ static inline __be32 *xdr_encode_array(__be32 *p, const void *s, unsigned int le
> extern void xdr_shift_buf(struct xdr_buf *, size_t);
> extern void xdr_buf_from_iov(struct kvec *, struct xdr_buf *);
> extern int xdr_buf_subsegment(struct xdr_buf *, struct xdr_buf *, unsigned int, unsigned int);
> -extern void xdr_buf_trim(struct xdr_buf *, unsigned int);
> extern int xdr_buf_read_netobj(struct xdr_buf *, struct xdr_netobj *, unsigned int);
> extern int read_bytes_from_xdr_buf(struct xdr_buf *, unsigned int, void *, unsigned int);
> extern int write_bytes_to_xdr_buf(struct xdr_buf *, unsigned int, void *, unsigned int);
> diff --git a/net/sunrpc/auth_gss/gss_krb5_wrap.c b/net/sunrpc/auth_gss/gss_krb5_wrap.c
> index 5cdde6c..14a0aff 100644
> --- a/net/sunrpc/auth_gss/gss_krb5_wrap.c
> +++ b/net/sunrpc/auth_gss/gss_krb5_wrap.c
> @@ -570,14 +570,16 @@ static void rotate_left(u32 base, struct xdr_buf *buf, unsigned int shift)
> */
> movelen = min_t(unsigned int, buf->head[0].iov_len, buf->len);
> movelen -= offset + GSS_KRB5_TOK_HDR_LEN + headskip;
> - BUG_ON(offset + GSS_KRB5_TOK_HDR_LEN + headskip + movelen >
> - buf->head[0].iov_len);
> + if (offset + GSS_KRB5_TOK_HDR_LEN + headskip + movelen >
> + buf->head[0].iov_len)
> + return GSS_S_FAILURE;
> memmove(ptr, ptr + GSS_KRB5_TOK_HDR_LEN + headskip, movelen);
> buf->head[0].iov_len -= GSS_KRB5_TOK_HDR_LEN + headskip;
> buf->len -= GSS_KRB5_TOK_HDR_LEN + headskip;
>
> /* Trim off the trailing "extra count" and checksum blob */
> - xdr_buf_trim(buf, ec + GSS_KRB5_TOK_HDR_LEN + tailskip);
> + buf->len -= ec + GSS_KRB5_TOK_HDR_LEN + tailskip;
> +
> return GSS_S_COMPLETE;
> }
>
> diff --git a/net/sunrpc/auth_gss/svcauth_gss.c b/net/sunrpc/auth_gss/svcauth_gss.c
> index 152790e..f1aabab 100644
> --- a/net/sunrpc/auth_gss/svcauth_gss.c
> +++ b/net/sunrpc/auth_gss/svcauth_gss.c
> @@ -896,7 +896,7 @@ u32 svcauth_gss_flavor(struct auth_domain *dom)
> if (svc_getnl(&buf->head[0]) != seq)
> goto out;
> /* trim off the mic and padding at the end before returning */
> - xdr_buf_trim(buf, round_up_to_quad(mic.len) + 4);
> + buf->len -= 4 + round_up_to_quad(mic.len);
> stat = 0;
> out:
> kfree(mic.data);
> diff --git a/net/sunrpc/xdr.c b/net/sunrpc/xdr.c
> index 5f0aa53..4bce619 100644
> --- a/net/sunrpc/xdr.c
> +++ b/net/sunrpc/xdr.c
> @@ -1139,47 +1139,6 @@ void xdr_enter_page(struct xdr_stream *xdr, unsigned int len)
> }
> EXPORT_SYMBOL_GPL(xdr_buf_subsegment);
>
> -/**
> - * xdr_buf_trim - lop at most "len" bytes off the end of "buf"
> - * @buf: buf to be trimmed
> - * @len: number of bytes to reduce "buf" by
> - *
> - * Trim an xdr_buf by the given number of bytes by fixing up the lengths. Note
> - * that it's possible that we'll trim less than that amount if the xdr_buf is
> - * too small, or if (for instance) it's all in the head and the parser has
> - * already read too far into it.
> - */
> -void xdr_buf_trim(struct xdr_buf *buf, unsigned int len)
> -{
> - size_t cur;
> - unsigned int trim = len;
> -
> - if (buf->tail[0].iov_len) {
> - cur = min_t(size_t, buf->tail[0].iov_len, trim);
> - buf->tail[0].iov_len -= cur;
> - trim -= cur;
> - if (!trim)
> - goto fix_len;
> - }
> -
> - if (buf->page_len) {
> - cur = min_t(unsigned int, buf->page_len, trim);
> - buf->page_len -= cur;
> - trim -= cur;
> - if (!trim)
> - goto fix_len;
> - }
> -
> - if (buf->head[0].iov_len) {
> - cur = min_t(size_t, buf->head[0].iov_len, trim);
> - buf->head[0].iov_len -= cur;
> - trim -= cur;
> - }
> -fix_len:
> - buf->len -= (len - trim);
> -}
> -EXPORT_SYMBOL_GPL(xdr_buf_trim);
> -
> static void __read_bytes_from_xdr_buf(struct xdr_buf *subbuf, void *obj, unsigned int len)
> {
> unsigned int this_len;
next prev parent reply other threads:[~2019-02-04 19:46 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-02-01 19:57 [PATCH RFC 00/10] SUNRPC GSS overhaul Chuck Lever
2019-02-01 19:57 ` [PATCH RFC 01/10] SUNRPC: Remove some dprintk() call sites from auth functions Chuck Lever
2019-02-04 19:04 ` J. Bruce Fields
2019-02-04 19:07 ` Chuck Lever
2019-02-01 19:57 ` [PATCH RFC 02/10] SUNRPC: Remove rpc_xprt::tsh_size Chuck Lever
2019-02-01 19:57 ` [PATCH RFC 03/10] SUNRPC: Add build option to disable support for insecure enctypes Chuck Lever
2019-02-01 19:57 ` [PATCH RFC 04/10] SUNRPC: Add common byte-swapped RPC header constants Chuck Lever
2019-02-02 2:30 ` Tom Talpey
2019-02-02 22:46 ` Chuck Lever
2019-02-03 15:00 ` Trond Myklebust
2019-02-03 16:49 ` Chuck Lever
2019-02-03 18:58 ` Trond Myklebust
2019-02-02 17:02 ` Christoph Hellwig
2019-02-02 22:49 ` Chuck Lever
2019-02-04 7:53 ` Christoph Hellwig
2019-02-04 14:16 ` Chuck Lever
2019-02-04 14:32 ` Christoph Hellwig
2019-02-04 14:56 ` Chuck Lever
2019-02-04 19:37 ` J. Bruce Fields
2019-02-05 1:57 ` Tom Talpey
2019-02-01 19:57 ` [PATCH RFC 05/10] SUNRPC: Use struct xdr_stream when constructing RPC Call header Chuck Lever
2019-02-01 19:57 ` [PATCH RFC 06/10] SUNRPC: Clean up rpc_verify_header() Chuck Lever
2019-02-01 19:58 ` [PATCH RFC 07/10] SUNRPC: Use struct xdr_stream when decoding RPC Reply header Chuck Lever
2019-02-01 19:58 ` [PATCH RFC 08/10] SUNRPC: Introduce trace points in rpc_auth_gss.ko Chuck Lever
2019-02-01 19:58 ` [PATCH RFC 09/10] SUNRPC: Remove xdr_buf_trim() Chuck Lever
2019-02-04 19:46 ` J. Bruce Fields [this message]
2019-02-04 19:49 ` Chuck Lever
2019-02-04 20:00 ` Bruce Fields
2019-02-04 20:07 ` Chuck Lever
2019-02-04 20:11 ` Bruce Fields
2019-02-01 19:58 ` [PATCH RFC 10/10] SUNRPC: Add SPDX IDs to some net/sunrpc/auth_gss/ files Chuck Lever
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190204194615.GC1816@fieldses.org \
--to=bfields@fieldses.org \
--cc=chuck.lever@oracle.com \
--cc=linux-nfs@vger.kernel.org \
--cc=simo@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).