From: "J. Bruce Fields" <bfields@fieldses.org>
To: Mi Jinlong <mijinlong@cn.fujitsu.com>
Cc: NFS <linux-nfs@vger.kernel.org>
Subject: Re: [PATCH 2/2 v2] nfsd41: check the size of request
Date: Fri, 8 Jul 2011 16:03:19 -0400 [thread overview]
Message-ID: <20110708200319.GC13886@fieldses.org> (raw)
In-Reply-To: <4E16CA48.3030308@cn.fujitsu.com>
On Fri, Jul 08, 2011 at 05:13:44PM +0800, Mi Jinlong wrote:
>
>
> J. Bruce Fields 写道:
> > On Sat, Jul 02, 2011 at 05:02:54PM +0800, Mi Jinlong wrote:
> >> This patch just check request's size when it consists SEQUENCE.
> >>
> >> Signed-off-by: Mi Jinlong <mijinlong@cn.fujitsu.com>
> >> ---
> >> fs/nfsd/nfs4state.c | 16 ++++++++++++++++
> >> 1 files changed, 16 insertions(+), 0 deletions(-)
> >>
> >> diff --git a/fs/nfsd/nfs4state.c b/fs/nfsd/nfs4state.c
> >> index e98f3c2..17e30bf 100644
> >> --- a/fs/nfsd/nfs4state.c
> >> +++ b/fs/nfsd/nfs4state.c
> >> @@ -1736,6 +1736,21 @@ static bool nfsd4_session_too_many_ops(struct svc_rqst *rqstp, struct nfsd4_sess
> >> return args->opcnt > session->se_fchannel.maxops;
> >> }
> >>
> >> +static int nfsd4_check_request_size(struct nfsd4_compoundargs *args,
> >> + struct nfsd4_session *session)
> >> +{
> >> + struct xdr_buf *xb = &args->rqstp->rq_arg;
> >> +
> >> + /* Only SEQUENCE operation */
> >> + if (args->opcnt == 1)
> >> + return 0;
> >
> > Do we need this special check?
> >
> > Sure, it's possible that a crazy client could set se_fchannel.maxreq_sz
> > too small, and then we'd get a failure here even when they only sent a
> > single sequence. Such a client gets what it deserves.
>
> If kernel err out when crazy client sets maxreq_sz to small,
> only SEQUENCE operation's size will never exceed maxreq_sz.
>
> According to RFC5661 18.36.3, if client set maxreq_sz too small,
> the server SHOULD return NFS4ERR_TOOSMALL in the CREATE_SESSION reply.
The rpc header size can vary. If you reject any CREATE_SESSION attempts
with maxreq_sz smaller than
largest possible rpc header + SEQUENCE
then you risk rejecting some legitimate CREATE_SESSIONs.
But if you allow maxreq_sz's less than that, then it becomes possible
for a client to send a single-SEQUENCE compound that still exceeds
maxreq_sz.
So let's not try to safe every broken client from itself. Instead,
let's keep things simple, catch those client errors that are easy to
catch, and that we know are errors, and don't worry about the rest.
--b.
next prev parent reply other threads:[~2011-07-08 20:03 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-07-02 9:02 [PATCH 2/2 v2] nfsd41: check the size of request Mi Jinlong
2011-07-06 16:43 ` J. Bruce Fields
2011-07-08 9:13 ` Mi Jinlong
2011-07-08 20:03 ` J. Bruce Fields [this message]
2011-07-09 2:19 ` [PATCH 2/2 v3] " Mi Jinlong
2011-07-13 0:25 ` J. Bruce Fields
2011-07-14 6:56 ` [PATCH 2/2 v4] " Mi Jinlong
2011-07-14 14:51 ` J. Bruce Fields
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20110708200319.GC13886@fieldses.org \
--to=bfields@fieldses.org \
--cc=linux-nfs@vger.kernel.org \
--cc=mijinlong@cn.fujitsu.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.