Linux-NFS Archive on lore.kernel.org
 help / color / Atom feed
From: Chuck Lever <chuck.lever@oracle.com>
To: linux-nfs@vger.kernel.org
Subject: [PATCH v3 19/85] NFSD: Replace READ* macros in nfsd4_decode_fattr()
Date: Mon, 23 Nov 2020 15:05:38 -0500
Message-ID: <160616193897.51996.12609995444933822837.stgit@klimt.1015granger.net> (raw)
In-Reply-To: <160616177104.51996.14915419165992024951.stgit@klimt.1015granger.net>

Let's be more careful to avoid overrunning the memory that backs
the bitmap array. This requires updating the synopsis of
nfsd4_decode_fattr().

Bruce points out that a server needs to be careful to return nfs_ok
when a client presents bitmap bits the server doesn't support. This
includes bits in bitmap words the server might not yet support.

The current READ* based implementation is good about that, but that
requirement hasn't been documented.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
---
 fs/nfsd/nfs4xdr.c |   82 +++++++++++++++++++++++++++++++++++++++++------------
 1 file changed, 64 insertions(+), 18 deletions(-)

diff --git a/fs/nfsd/nfs4xdr.c b/fs/nfsd/nfs4xdr.c
index 54481804a096..9b295c810ef3 100644
--- a/fs/nfsd/nfs4xdr.c
+++ b/fs/nfsd/nfs4xdr.c
@@ -260,6 +260,46 @@ nfsd4_decode_bitmap(struct nfsd4_compoundargs *argp, u32 *bmval)
 	DECODE_TAIL;
 }
 
+/**
+ * nfsd4_decode_bitmap4 - Decode an NFSv4 bitmap4
+ * @argp: NFSv4 compound argument structure
+ * @bmval: pointer to an array of u32's to decode into
+ * @bmlen: size of the @bmval array
+ *
+ * The server needs to return nfs_ok rather than nfserr_bad_xdr when
+ * encountering bitmaps containing bits it does not recognize. This
+ * includes bits in bitmap words past WORDn, where WORDn is the last
+ * bitmap WORD the implementation currently supports. Thus we are
+ * careful here to simply ignore bits in bitmap words that this
+ * implementation has yet to support explicitly.
+ *
+ * Return values:
+ *   %nfs_ok: @bmval populated successfully
+ *   %nfserr_bad_xdr: the encoded bitmap was invalid
+ */
+static __be32
+nfsd4_decode_bitmap4(struct nfsd4_compoundargs *argp, u32 *bmval, u32 bmlen)
+{
+	u32 i, count;
+	__be32 *p;
+
+	if (xdr_stream_decode_u32(argp->xdr, &count) < 0)
+		return nfserr_bad_xdr;
+	/* request sanity */
+	if (count > 1000)
+		return nfserr_bad_xdr;
+	p = xdr_inline_decode(argp->xdr, count << 2);
+	if (!p)
+		return nfserr_bad_xdr;
+	i = 0;
+	while (i < count)
+		bmval[i++] = be32_to_cpup(p++);
+	while (i < bmlen)
+		bmval[i++] = 0;
+
+	return nfs_ok;
+}
+
 static __be32
 nfsd4_decode_nfsace4(struct nfsd4_compoundargs *argp, struct nfs4_ace *ace)
 {
@@ -352,17 +392,18 @@ nfsd4_decode_security_label(struct nfsd4_compoundargs *argp,
 }
 
 static __be32
-nfsd4_decode_fattr(struct nfsd4_compoundargs *argp, u32 *bmval,
-		   struct iattr *iattr, struct nfs4_acl **acl,
-		   struct xdr_netobj *label, int *umask)
+nfsd4_decode_fattr4(struct nfsd4_compoundargs *argp, u32 *bmval, u32 bmlen,
+		    struct iattr *iattr, struct nfs4_acl **acl,
+		    struct xdr_netobj *label, int *umask)
 {
 	unsigned int starting_pos;
 	u32 attrlist4_count;
+	__be32 *p, status;
 
-	DECODE_HEAD;
 	iattr->ia_valid = 0;
-	if ((status = nfsd4_decode_bitmap(argp, bmval)))
-		return status;
+	status = nfsd4_decode_bitmap4(argp, bmval, bmlen);
+	if (status)
+		return nfserr_bad_xdr;
 
 	if (bmval[0] & ~NFSD_WRITEABLE_ATTRS_WORD0
 	    || bmval[1] & ~NFSD_WRITEABLE_ATTRS_WORD1
@@ -490,7 +531,7 @@ nfsd4_decode_fattr(struct nfsd4_compoundargs *argp, u32 *bmval,
 	if (attrlist4_count != xdr_stream_pos(argp->xdr) - starting_pos)
 		return nfserr_bad_xdr;
 
-	DECODE_TAIL;
+	return nfs_ok;
 }
 
 static __be32
@@ -690,9 +731,10 @@ nfsd4_decode_create(struct nfsd4_compoundargs *argp, struct nfsd4_create *create
 	if ((status = check_filename(create->cr_name, create->cr_namelen)))
 		return status;
 
-	status = nfsd4_decode_fattr(argp, create->cr_bmval, &create->cr_iattr,
-				    &create->cr_acl, &create->cr_label,
-				    &create->cr_umask);
+	status = nfsd4_decode_fattr4(argp, create->cr_bmval,
+				    ARRAY_SIZE(create->cr_bmval),
+				    &create->cr_iattr, &create->cr_acl,
+				    &create->cr_label, &create->cr_umask);
 	if (status)
 		goto out;
 
@@ -941,9 +983,10 @@ nfsd4_decode_open(struct nfsd4_compoundargs *argp, struct nfsd4_open *open)
 		switch (open->op_createmode) {
 		case NFS4_CREATE_UNCHECKED:
 		case NFS4_CREATE_GUARDED:
-			status = nfsd4_decode_fattr(argp, open->op_bmval,
-				&open->op_iattr, &open->op_acl, &open->op_label,
-				&open->op_umask);
+			status = nfsd4_decode_fattr4(argp, open->op_bmval,
+						     ARRAY_SIZE(open->op_bmval),
+						     &open->op_iattr, &open->op_acl,
+						     &open->op_label, &open->op_umask);
 			if (status)
 				goto out;
 			break;
@@ -956,9 +999,10 @@ nfsd4_decode_open(struct nfsd4_compoundargs *argp, struct nfsd4_open *open)
 				goto xdr_error;
 			READ_BUF(NFS4_VERIFIER_SIZE);
 			COPYMEM(open->op_verf.data, NFS4_VERIFIER_SIZE);
-			status = nfsd4_decode_fattr(argp, open->op_bmval,
-				&open->op_iattr, &open->op_acl, &open->op_label,
-				&open->op_umask);
+			status = nfsd4_decode_fattr4(argp, open->op_bmval,
+						     ARRAY_SIZE(open->op_bmval),
+						     &open->op_iattr, &open->op_acl,
+						     &open->op_label, &open->op_umask);
 			if (status)
 				goto out;
 			break;
@@ -1194,8 +1238,10 @@ nfsd4_decode_setattr(struct nfsd4_compoundargs *argp, struct nfsd4_setattr *seta
 	status = nfsd4_decode_stateid(argp, &setattr->sa_stateid);
 	if (status)
 		return status;
-	return nfsd4_decode_fattr(argp, setattr->sa_bmval, &setattr->sa_iattr,
-				  &setattr->sa_acl, &setattr->sa_label, NULL);
+	return nfsd4_decode_fattr4(argp, setattr->sa_bmval,
+				   ARRAY_SIZE(setattr->sa_bmval),
+				   &setattr->sa_iattr, &setattr->sa_acl,
+				   &setattr->sa_label, NULL);
 }
 
 static __be32



  parent reply index

Thread overview: 86+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-11-23 20:03 [PATCH v3 00/85] Update NFSD XDR functions Chuck Lever
2020-11-23 20:04 ` [PATCH v3 01/85] SUNRPC: Add xdr_set_scratch_page() and xdr_reset_scratch_buffer() Chuck Lever
2020-11-23 20:04 ` [PATCH v3 02/85] SUNRPC: Prepare for xdr_stream-style decoding on the server-side Chuck Lever
2020-11-23 20:04 ` [PATCH v3 03/85] NFSD: Add common helpers to decode void args and encode void results Chuck Lever
2020-11-23 20:04 ` [PATCH v3 04/85] NFSD: Add tracepoints in nfsd_dispatch() Chuck Lever
2020-11-23 20:04 ` [PATCH v3 05/85] NFSD: Add tracepoints in Chuck Lever
2020-11-23 20:04 ` [PATCH v3 06/85] NFSD: Replace the internals of the READ_BUF() macro Chuck Lever
2020-11-23 20:04 ` [PATCH v3 07/85] NFSD: Replace READ* macros in nfsd4_decode_access() Chuck Lever
2020-11-23 20:04 ` [PATCH v3 08/85] NFSD: Replace READ* macros in nfsd4_decode_close() Chuck Lever
2020-11-23 20:04 ` [PATCH v3 09/85] NFSD: Replace READ* macros in nfsd4_decode_commit() Chuck Lever
2020-11-23 20:04 ` [PATCH v3 10/85] NFSD: Change the way the expected length of a fattr4 is checked Chuck Lever
2020-11-23 20:04 ` [PATCH v3 11/85] NFSD: Replace READ* macros that decode the fattr4 size attribute Chuck Lever
2020-11-23 20:05 ` [PATCH v3 12/85] NFSD: Replace READ* macros that decode the fattr4 acl attribute Chuck Lever
2020-11-23 20:05 ` [PATCH v3 13/85] NFSD: Replace READ* macros that decode the fattr4 mode attribute Chuck Lever
2020-11-23 20:05 ` [PATCH v3 14/85] NFSD: Replace READ* macros that decode the fattr4 owner attribute Chuck Lever
2020-11-23 20:05 ` [PATCH v3 15/85] NFSD: Replace READ* macros that decode the fattr4 owner_group attribute Chuck Lever
2020-11-23 20:05 ` [PATCH v3 16/85] NFSD: Replace READ* macros that decode the fattr4 time_set attributes Chuck Lever
2020-11-23 20:05 ` [PATCH v3 17/85] NFSD: Replace READ* macros that decode the fattr4 security label attribute Chuck Lever
2020-11-23 20:05 ` [PATCH v3 18/85] NFSD: Replace READ* macros that decode the fattr4 umask attribute Chuck Lever
2020-11-23 20:05 ` Chuck Lever [this message]
2020-11-23 20:05 ` [PATCH v3 20/85] NFSD: Replace READ* macros in nfsd4_decode_create() Chuck Lever
2020-11-23 20:05 ` [PATCH v3 21/85] NFSD: Replace READ* macros in nfsd4_decode_delegreturn() Chuck Lever
2020-11-23 20:05 ` [PATCH v3 22/85] NFSD: Replace READ* macros in nfsd4_decode_getattr() Chuck Lever
2020-11-23 20:06 ` [PATCH v3 23/85] NFSD: Replace READ* macros in nfsd4_decode_link() Chuck Lever
2020-11-23 20:06 ` [PATCH v3 24/85] NFSD: Relocate nfsd4_decode_opaque() Chuck Lever
2020-11-23 20:06 ` [PATCH v3 25/85] NFSD: Add helpers to decode a clientid4 and an NFSv4 state owner Chuck Lever
2020-11-23 20:06 ` [PATCH v3 26/85] NFSD: Add helper for decoding locker4 Chuck Lever
2020-11-23 20:06 ` [PATCH v3 27/85] NFSD: Replace READ* macros in nfsd4_decode_lock() Chuck Lever
2020-11-23 20:06 ` [PATCH v3 28/85] NFSD: Replace READ* macros in nfsd4_decode_lockt() Chuck Lever
2020-11-23 20:06 ` [PATCH v3 29/85] NFSD: Replace READ* macros in nfsd4_decode_locku() Chuck Lever
2020-11-23 20:06 ` [PATCH v3 30/85] NFSD: Replace READ* macros in nfsd4_decode_lookup() Chuck Lever
2020-11-23 20:06 ` [PATCH v3 31/85] NFSD: Add helper to decode NFSv4 verifiers Chuck Lever
2020-11-23 20:06 ` [PATCH v3 32/85] NFSD: Add helper to decode OPEN's createhow4 argument Chuck Lever
2020-11-23 20:06 ` [PATCH v3 33/85] NFSD: Add helper to decode OPEN's openflag4 argument Chuck Lever
2020-11-23 20:06 ` [PATCH v3 34/85] NFSD: Replace READ* macros in nfsd4_decode_share_access() Chuck Lever
2020-11-23 20:07 ` [PATCH v3 35/85] NFSD: Replace READ* macros in nfsd4_decode_share_deny() Chuck Lever
2020-11-23 20:07 ` [PATCH v3 36/85] NFSD: Add helper to decode OPEN's open_claim4 argument Chuck Lever
2020-11-23 20:07 ` [PATCH v3 37/85] NFSD: Replace READ* macros in nfsd4_decode_open() Chuck Lever
2020-11-23 20:07 ` [PATCH v3 38/85] NFSD: Replace READ* macros in nfsd4_decode_open_confirm() Chuck Lever
2020-11-23 20:07 ` [PATCH v3 39/85] NFSD: Replace READ* macros in nfsd4_decode_open_downgrade() Chuck Lever
2020-11-23 20:07 ` [PATCH v3 40/85] NFSD: Replace READ* macros in nfsd4_decode_putfh() Chuck Lever
2020-11-23 20:07 ` [PATCH v3 41/85] NFSD: Replace READ* macros in nfsd4_decode_read() Chuck Lever
2020-11-23 20:07 ` [PATCH v3 42/85] NFSD: Replace READ* macros in nfsd4_decode_readdir() Chuck Lever
2020-11-23 20:07 ` [PATCH v3 43/85] NFSD: Replace READ* macros in nfsd4_decode_remove() Chuck Lever
2020-11-23 20:07 ` [PATCH v3 44/85] NFSD: Replace READ* macros in nfsd4_decode_rename() Chuck Lever
2020-11-23 20:07 ` [PATCH v3 45/85] NFSD: Replace READ* macros in nfsd4_decode_renew() Chuck Lever
2020-11-23 20:08 ` [PATCH v3 46/85] NFSD: Replace READ* macros in nfsd4_decode_secinfo() Chuck Lever
2020-11-23 20:08 ` [PATCH v3 47/85] NFSD: Replace READ* macros in nfsd4_decode_setattr() Chuck Lever
2020-11-23 20:08 ` [PATCH v3 48/85] NFSD: Replace READ* macros in nfsd4_decode_setclientid() Chuck Lever
2020-11-23 20:08 ` [PATCH v3 49/85] NFSD: Replace READ* macros in nfsd4_decode_setclientid_confirm() Chuck Lever
2020-11-23 20:08 ` [PATCH v3 50/85] NFSD: Replace READ* macros in nfsd4_decode_verify() Chuck Lever
2020-11-23 20:08 ` [PATCH v3 51/85] NFSD: Replace READ* macros in nfsd4_decode_write() Chuck Lever
2020-11-23 20:08 ` [PATCH v3 52/85] NFSD: Replace READ* macros in nfsd4_decode_release_lockowner() Chuck Lever
2020-11-23 20:08 ` [PATCH v3 53/85] NFSD: Replace READ* macros in nfsd4_decode_cb_sec() Chuck Lever
2020-11-23 20:08 ` [PATCH v3 54/85] NFSD: Replace READ* macros in nfsd4_decode_backchannel_ctl() Chuck Lever
2020-11-23 20:08 ` [PATCH v3 55/85] NFSD: Replace READ* macros in nfsd4_decode_bind_conn_to_session() Chuck Lever
2020-11-23 20:08 ` [PATCH v3 56/85] NFSD: Add a separate decoder to handle state_protect_ops Chuck Lever
2020-11-23 20:08 ` [PATCH v3 57/85] NFSD: Add a separate decoder for ssv_sp_parms Chuck Lever
2020-11-23 20:09 ` [PATCH v3 58/85] NFSD: Add a helper to decode state_protect4_a Chuck Lever
2020-11-23 20:09 ` [PATCH v3 59/85] NFSD: Add a helper to decode nfs_impl_id4 Chuck Lever
2020-11-23 20:09 ` [PATCH v3 60/85] NFSD: Add a helper to decode channel_attrs4 Chuck Lever
2020-11-23 20:09 ` [PATCH v3 61/85] NFSD: Replace READ* macros in nfsd4_decode_create_session() Chuck Lever
2020-11-23 20:09 ` [PATCH v3 62/85] NFSD: Replace READ* macros in nfsd4_decode_destroy_session() Chuck Lever
2020-11-23 20:09 ` [PATCH v3 63/85] NFSD: Replace READ* macros in nfsd4_decode_free_stateid() Chuck Lever
2020-11-23 20:09 ` [PATCH v3 64/85] NFSD: Replace READ* macros in nfsd4_decode_getdeviceinfo() Chuck Lever
2020-11-23 20:09 ` [PATCH v3 65/85] NFSD: Replace READ* macros in nfsd4_decode_layoutcommit() Chuck Lever
2020-11-23 20:09 ` [PATCH v3 66/85] NFSD: Replace READ* macros in nfsd4_decode_layoutget() Chuck Lever
2020-11-23 20:09 ` [PATCH v3 67/85] NFSD: Replace READ* macros in nfsd4_decode_layoutreturn() Chuck Lever
2020-11-23 20:09 ` [PATCH v3 68/85] NFSD: Replace READ* macros in nfsd4_decode_secinfo_no_name() Chuck Lever
2020-11-23 20:10 ` [PATCH v3 69/85] NFSD: Replace READ* macros in nfsd4_decode_sequence() Chuck Lever
2020-11-23 20:10 ` [PATCH v3 70/85] NFSD: Replace READ* macros in nfsd4_decode_test_stateid() Chuck Lever
2020-11-23 20:10 ` [PATCH v3 71/85] NFSD: Replace READ* macros in nfsd4_decode_destroy_clientid() Chuck Lever
2020-11-23 20:10 ` [PATCH v3 72/85] NFSD: Replace READ* macros in nfsd4_decode_reclaim_complete() Chuck Lever
2020-11-23 20:10 ` [PATCH v3 73/85] NFSD: Replace READ* macros in nfsd4_decode_fallocate() Chuck Lever
2020-11-23 20:10 ` [PATCH v3 74/85] NFSD: Replace READ* macros in nfsd4_decode_nl4_server() Chuck Lever
2020-11-23 20:10 ` [PATCH v3 75/85] NFSD: Replace READ* macros in nfsd4_decode_copy() Chuck Lever
2020-11-23 20:10 ` [PATCH v3 76/85] NFSD: Replace READ* macros in nfsd4_decode_copy_notify() Chuck Lever
2020-11-23 20:10 ` [PATCH v3 77/85] NFSD: Replace READ* macros in nfsd4_decode_offload_status() Chuck Lever
2020-11-23 20:10 ` [PATCH v3 78/85] NFSD: Replace READ* macros in nfsd4_decode_seek() Chuck Lever
2020-11-23 20:10 ` [PATCH v3 79/85] NFSD: Replace READ* macros in nfsd4_decode_clone() Chuck Lever
2020-11-23 20:10 ` [PATCH v3 80/85] NFSD: Replace READ* macros in nfsd4_decode_xattr_name() Chuck Lever
2020-11-23 20:11 ` [PATCH v3 81/85] NFSD: Replace READ* macros in nfsd4_decode_setxattr() Chuck Lever
2020-11-23 20:11 ` [PATCH v3 82/85] NFSD: Replace READ* macros in nfsd4_decode_listxattrs() Chuck Lever
2020-11-23 20:11 ` [PATCH v3 83/85] NFSD: Make nfsd4_ops::opnum a u32 Chuck Lever
2020-11-23 20:11 ` [PATCH v3 84/85] NFSD: Replace READ* macros in nfsd4_decode_compound() Chuck Lever
2020-11-23 20:11 ` [PATCH v3 85/85] NFSD: Remove macros that are no longer used Chuck Lever

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=160616193897.51996.12609995444933822837.stgit@klimt.1015granger.net \
    --to=chuck.lever@oracle.com \
    --cc=linux-nfs@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Linux-NFS Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-nfs/0 linux-nfs/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-nfs linux-nfs/ https://lore.kernel.org/linux-nfs \
		linux-nfs@vger.kernel.org
	public-inbox-index linux-nfs

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-nfs


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git