From: Olga Kornievskaia <olga.kornievskaia@gmail.com> To: trond.myklebust@hammerspace.com, anna.schumaker@netapp.com, viro@zeniv.linux.org.uk, smfrench@gmail.com, miklos@szeredi.hu Cc: linux-nfs@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-cifs@vger.kernel.org, linux-unionfs@vger.kernel.org Subject: [PATCH v8 02/11] NFS: validity check for source offset in copy_file_range Date: Thu, 1 Nov 2018 12:45:14 -0400 [thread overview] Message-ID: <20181101164523.41812-3-olga.kornievskaia@gmail.com> (raw) In-Reply-To: <20181101164523.41812-1-olga.kornievskaia@gmail.com> From: Olga Kornievskaia <kolga@netapp.com> copy_file_range() man page mandates that EINVAL is returned if the specified range is beyond the end of the file but currently does not enforce it. NFS RFC 7832 states that "if the source offset or the source offset plus count is greater than the size of the source file, the operation MUST fail with NFS4ERR_INVAL." >From the NFS community discussion from earlier on https://www.spinics.net/lists/linux-nfs/msg62627.html in was thought that offset plus count should instead be a short read. In this patch only proposing to enforce the offset check: Input source offset can not be beyond the end of the file. Future work in VFS might perform the arguments checks and we can remove this check. Signed-off-by: Olga Kornievskaia <kolga@netapp.com> --- fs/nfs/nfs4file.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/fs/nfs/nfs4file.c b/fs/nfs/nfs4file.c index 5a73c90..7838bdf 100644 --- a/fs/nfs/nfs4file.c +++ b/fs/nfs/nfs4file.c @@ -135,6 +135,9 @@ static ssize_t nfs4_copy_file_range(struct file *file_in, loff_t pos_in, { ssize_t ret; + if (pos_in >= i_size_read(file_inode(file_in))) + return -EINVAL; + if (file_inode(file_in)->i_sb != file_inode(file_out)->i_sb) return -EXDEV; -- 1.8.3.1
WARNING: multiple messages have this Message-ID (diff)
From: Olga Kornievskaia <olga.kornievskaia@gmail.com> To: trond.myklebust@hammerspace.com, anna.schumaker@netapp.com, viro@zeniv.linux.org.uk, smfrench@gmail.com, miklos@szeredi.hu Cc: linux-nfs@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-cifs@vger.kernel.org, linux-unionfs@vger.kernel.org Subject: [PATCH v8 02/11] NFS: validity check for source offset in copy_file_range Date: Thu, 1 Nov 2018 12:45:14 -0400 [thread overview] Message-ID: <20181101164523.41812-3-olga.kornievskaia@gmail.com> (raw) In-Reply-To: <20181101164523.41812-1-olga.kornievskaia@gmail.com> From: Olga Kornievskaia <kolga@netapp.com> copy_file_range() man page mandates that EINVAL is returned if the specified range is beyond the end of the file but currently does not enforce it. NFS RFC 7832 states that "if the source offset or the source offset plus count is greater than the size of the source file, the operation MUST fail with NFS4ERR_INVAL." From the NFS community discussion from earlier on https://www.spinics.net/lists/linux-nfs/msg62627.html in was thought that offset plus count should instead be a short read. In this patch only proposing to enforce the offset check: Input source offset can not be beyond the end of the file. Future work in VFS might perform the arguments checks and we can remove this check. Signed-off-by: Olga Kornievskaia <kolga@netapp.com> --- fs/nfs/nfs4file.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/fs/nfs/nfs4file.c b/fs/nfs/nfs4file.c index 5a73c90..7838bdf 100644 --- a/fs/nfs/nfs4file.c +++ b/fs/nfs/nfs4file.c @@ -135,6 +135,9 @@ static ssize_t nfs4_copy_file_range(struct file *file_in, loff_t pos_in, { ssize_t ret; + if (pos_in >= i_size_read(file_inode(file_in))) + return -EINVAL; + if (file_inode(file_in)->i_sb != file_inode(file_out)->i_sb) return -EXDEV; -- 1.8.3.1
next prev parent reply other threads:[~2018-11-01 16:45 UTC|newest] Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top 2018-11-01 16:45 [PATCH v8 00/11] client-side support for "inter" SSC copy Olga Kornievskaia 2018-11-01 16:45 ` [PATCH v8 01/11] VFS: move cross device copy_file_range() check into filesystems Olga Kornievskaia 2018-11-01 16:45 ` Olga Kornievskaia [this message] 2018-11-01 16:45 ` [PATCH v8 02/11] NFS: validity check for source offset in copy_file_range Olga Kornievskaia 2018-11-01 16:45 ` [PATCH v8 03/11] NFS NFSD: defining nl4_servers structure needed by both Olga Kornievskaia 2018-11-01 16:45 ` [PATCH v8 04/11] NFS: add COPY_NOTIFY operation Olga Kornievskaia 2018-11-01 16:45 ` [PATCH v8 05/11] NFS: add ca_source_server<> to COPY Olga Kornievskaia 2018-11-01 16:45 ` [PATCH v8 06/11] NFS: also send OFFLOAD_CANCEL to source server Olga Kornievskaia 2018-11-01 16:45 ` [PATCH v8 07/11] NFS: inter ssc open Olga Kornievskaia 2018-11-01 16:45 ` [PATCH v8 08/11] NFS: skip recovery of copy open on dest server Olga Kornievskaia 2018-11-01 16:45 ` [PATCH v8 09/11] NFS: for "inter" copy treat ESTALE as ENOTSUPP Olga Kornievskaia 2018-11-01 16:45 ` [PATCH v8 10/11] NFS: COPY handle ERR_OFFLOAD_DENIED Olga Kornievskaia 2018-11-01 16:45 ` [PATCH v8 11/11] NFS: replace cross device check in copy_file_range Olga Kornievskaia
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20181101164523.41812-3-olga.kornievskaia@gmail.com \ --to=olga.kornievskaia@gmail.com \ --cc=anna.schumaker@netapp.com \ --cc=linux-cifs@vger.kernel.org \ --cc=linux-fsdevel@vger.kernel.org \ --cc=linux-nfs@vger.kernel.org \ --cc=linux-unionfs@vger.kernel.org \ --cc=miklos@szeredi.hu \ --cc=smfrench@gmail.com \ --cc=trond.myklebust@hammerspace.com \ --cc=viro@zeniv.linux.org.uk \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.