diff mbox series

[v1,07/42] NFSD: Update WRITE3arg decoder to use struct xdr_stream

Message ID 160986061812.5532.3122782251888690881.stgit@klimt.1015granger.net (mailing list archive)
State New
Headers show
Series Update NFSD XDR functions | expand

Commit Message

Chuck Lever Jan. 5, 2021, 3:30 p.m. UTC
As part of the update, open code that sanity-checks the size of the
data payload against the length of the RPC Call message has to be
re-implemented to use xdr_stream infrastructure.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
---
 fs/nfsd/nfs3xdr.c |   51 ++++++++++++++++++++-------------------------------
 1 file changed, 20 insertions(+), 31 deletions(-)

Comments

J. Bruce Fields Jan. 22, 2021, 6:47 p.m. UTC | #1
On Tue, Jan 05, 2021 at 10:30:18AM -0500, Chuck Lever wrote:
> As part of the update, open code that sanity-checks the size of the
> data payload against the length of the RPC Call message has to be
> re-implemented to use xdr_stream infrastructure.

I'm having a little trouble parsing that.  Did you mean "write code"?

--b.

> 
> Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
> ---
>  fs/nfsd/nfs3xdr.c |   51 ++++++++++++++++++++-------------------------------
>  1 file changed, 20 insertions(+), 31 deletions(-)
> 
> diff --git a/fs/nfsd/nfs3xdr.c b/fs/nfsd/nfs3xdr.c
> index ff98eae5db81..0aafb096de91 100644
> --- a/fs/nfsd/nfs3xdr.c
> +++ b/fs/nfsd/nfs3xdr.c
> @@ -405,52 +405,41 @@ nfs3svc_decode_readargs(struct svc_rqst *rqstp, __be32 *p)
>  int
>  nfs3svc_decode_writeargs(struct svc_rqst *rqstp, __be32 *p)
>  {
> +	struct xdr_stream *xdr = &rqstp->rq_arg_stream;
>  	struct nfsd3_writeargs *args = rqstp->rq_argp;
> -	unsigned int len, hdr, dlen;
>  	u32 max_blocksize = svc_max_payload(rqstp);
>  	struct kvec *head = rqstp->rq_arg.head;
>  	struct kvec *tail = rqstp->rq_arg.tail;
> +	size_t remaining;
>  
> -	p = decode_fh(p, &args->fh);
> -	if (!p)
> +	if (!svcxdr_decode_nfs_fh3(xdr, &args->fh))
>  		return 0;
> -	p = xdr_decode_hyper(p, &args->offset);
> -
> -	args->count = ntohl(*p++);
> -	args->stable = ntohl(*p++);
> -	len = args->len = ntohl(*p++);
> -	if ((void *)p > head->iov_base + head->iov_len)
> +	if (xdr_stream_decode_u64(xdr, &args->offset) < 0)
>  		return 0;
> -	/*
> -	 * The count must equal the amount of data passed.
> -	 */
> -	if (args->count != args->len)
> +	if (xdr_stream_decode_u32(xdr, &args->count) < 0)
> +		return 0;
> +	if (xdr_stream_decode_u32(xdr, &args->stable) < 0)
>  		return 0;
>  
> -	/*
> -	 * Check to make sure that we got the right number of
> -	 * bytes.
> -	 */
> -	hdr = (void*)p - head->iov_base;
> -	dlen = head->iov_len + rqstp->rq_arg.page_len + tail->iov_len - hdr;
> -	/*
> -	 * Round the length of the data which was specified up to
> -	 * the next multiple of XDR units and then compare that
> -	 * against the length which was actually received.
> -	 * Note that when RPCSEC/GSS (for example) is used, the
> -	 * data buffer can be padded so dlen might be larger
> -	 * than required.  It must never be smaller.
> -	 */
> -	if (dlen < XDR_QUADLEN(len)*4)
> +	/* opaque data */
> +	if (xdr_stream_decode_u32(xdr, &args->len) < 0)
>  		return 0;
>  
> +	/* request sanity */
> +	if (args->count != args->len)
> +		return 0;
> +	remaining = head->iov_len + rqstp->rq_arg.page_len + tail->iov_len;
> +	remaining -= xdr_stream_pos(xdr);
> +	if (remaining < xdr_align_size(args->len))
> +		return 0;
>  	if (args->count > max_blocksize) {
>  		args->count = max_blocksize;
> -		len = args->len = max_blocksize;
> +		args->len = max_blocksize;
>  	}
>  
> -	args->first.iov_base = (void *)p;
> -	args->first.iov_len = head->iov_len - hdr;
> +	args->first.iov_base = xdr->p;
> +	args->first.iov_len = head->iov_len - xdr_stream_pos(xdr);
> +
>  	return 1;
>  }
>  
>
Chuck Lever Jan. 22, 2021, 6:55 p.m. UTC | #2
> On Jan 22, 2021, at 1:47 PM, J. Bruce Fields <bfields@fieldses.org> wrote:
> 
> On Tue, Jan 05, 2021 at 10:30:18AM -0500, Chuck Lever wrote:
>> As part of the update, open code that sanity-checks the size of the
>> data payload against the length of the RPC Call message has to be
>> re-implemented to use xdr_stream infrastructure.
> 
> I'm having a little trouble parsing that.  Did you mean "write code"?

The WRITE payload size sanity-checking code has to be re-implemented.


> --b.
> 
>> 
>> Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
>> ---
>> fs/nfsd/nfs3xdr.c |   51 ++++++++++++++++++++-------------------------------
>> 1 file changed, 20 insertions(+), 31 deletions(-)
>> 
>> diff --git a/fs/nfsd/nfs3xdr.c b/fs/nfsd/nfs3xdr.c
>> index ff98eae5db81..0aafb096de91 100644
>> --- a/fs/nfsd/nfs3xdr.c
>> +++ b/fs/nfsd/nfs3xdr.c
>> @@ -405,52 +405,41 @@ nfs3svc_decode_readargs(struct svc_rqst *rqstp, __be32 *p)
>> int
>> nfs3svc_decode_writeargs(struct svc_rqst *rqstp, __be32 *p)
>> {
>> +	struct xdr_stream *xdr = &rqstp->rq_arg_stream;
>> 	struct nfsd3_writeargs *args = rqstp->rq_argp;
>> -	unsigned int len, hdr, dlen;
>> 	u32 max_blocksize = svc_max_payload(rqstp);
>> 	struct kvec *head = rqstp->rq_arg.head;
>> 	struct kvec *tail = rqstp->rq_arg.tail;
>> +	size_t remaining;
>> 
>> -	p = decode_fh(p, &args->fh);
>> -	if (!p)
>> +	if (!svcxdr_decode_nfs_fh3(xdr, &args->fh))
>> 		return 0;
>> -	p = xdr_decode_hyper(p, &args->offset);
>> -
>> -	args->count = ntohl(*p++);
>> -	args->stable = ntohl(*p++);
>> -	len = args->len = ntohl(*p++);
>> -	if ((void *)p > head->iov_base + head->iov_len)
>> +	if (xdr_stream_decode_u64(xdr, &args->offset) < 0)
>> 		return 0;
>> -	/*
>> -	 * The count must equal the amount of data passed.
>> -	 */
>> -	if (args->count != args->len)
>> +	if (xdr_stream_decode_u32(xdr, &args->count) < 0)
>> +		return 0;
>> +	if (xdr_stream_decode_u32(xdr, &args->stable) < 0)
>> 		return 0;
>> 
>> -	/*
>> -	 * Check to make sure that we got the right number of
>> -	 * bytes.
>> -	 */
>> -	hdr = (void*)p - head->iov_base;
>> -	dlen = head->iov_len + rqstp->rq_arg.page_len + tail->iov_len - hdr;
>> -	/*
>> -	 * Round the length of the data which was specified up to
>> -	 * the next multiple of XDR units and then compare that
>> -	 * against the length which was actually received.
>> -	 * Note that when RPCSEC/GSS (for example) is used, the
>> -	 * data buffer can be padded so dlen might be larger
>> -	 * than required.  It must never be smaller.
>> -	 */
>> -	if (dlen < XDR_QUADLEN(len)*4)
>> +	/* opaque data */
>> +	if (xdr_stream_decode_u32(xdr, &args->len) < 0)
>> 		return 0;
>> 
>> +	/* request sanity */
>> +	if (args->count != args->len)
>> +		return 0;
>> +	remaining = head->iov_len + rqstp->rq_arg.page_len + tail->iov_len;
>> +	remaining -= xdr_stream_pos(xdr);
>> +	if (remaining < xdr_align_size(args->len))
>> +		return 0;
>> 	if (args->count > max_blocksize) {
>> 		args->count = max_blocksize;
>> -		len = args->len = max_blocksize;
>> +		args->len = max_blocksize;
>> 	}
>> 
>> -	args->first.iov_base = (void *)p;
>> -	args->first.iov_len = head->iov_len - hdr;
>> +	args->first.iov_base = xdr->p;
>> +	args->first.iov_len = head->iov_len - xdr_stream_pos(xdr);
>> +
>> 	return 1;
>> }
>> 
>> 

--
Chuck Lever
diff mbox series

Patch

diff --git a/fs/nfsd/nfs3xdr.c b/fs/nfsd/nfs3xdr.c
index ff98eae5db81..0aafb096de91 100644
--- a/fs/nfsd/nfs3xdr.c
+++ b/fs/nfsd/nfs3xdr.c
@@ -405,52 +405,41 @@  nfs3svc_decode_readargs(struct svc_rqst *rqstp, __be32 *p)
 int
 nfs3svc_decode_writeargs(struct svc_rqst *rqstp, __be32 *p)
 {
+	struct xdr_stream *xdr = &rqstp->rq_arg_stream;
 	struct nfsd3_writeargs *args = rqstp->rq_argp;
-	unsigned int len, hdr, dlen;
 	u32 max_blocksize = svc_max_payload(rqstp);
 	struct kvec *head = rqstp->rq_arg.head;
 	struct kvec *tail = rqstp->rq_arg.tail;
+	size_t remaining;
 
-	p = decode_fh(p, &args->fh);
-	if (!p)
+	if (!svcxdr_decode_nfs_fh3(xdr, &args->fh))
 		return 0;
-	p = xdr_decode_hyper(p, &args->offset);
-
-	args->count = ntohl(*p++);
-	args->stable = ntohl(*p++);
-	len = args->len = ntohl(*p++);
-	if ((void *)p > head->iov_base + head->iov_len)
+	if (xdr_stream_decode_u64(xdr, &args->offset) < 0)
 		return 0;
-	/*
-	 * The count must equal the amount of data passed.
-	 */
-	if (args->count != args->len)
+	if (xdr_stream_decode_u32(xdr, &args->count) < 0)
+		return 0;
+	if (xdr_stream_decode_u32(xdr, &args->stable) < 0)
 		return 0;
 
-	/*
-	 * Check to make sure that we got the right number of
-	 * bytes.
-	 */
-	hdr = (void*)p - head->iov_base;
-	dlen = head->iov_len + rqstp->rq_arg.page_len + tail->iov_len - hdr;
-	/*
-	 * Round the length of the data which was specified up to
-	 * the next multiple of XDR units and then compare that
-	 * against the length which was actually received.
-	 * Note that when RPCSEC/GSS (for example) is used, the
-	 * data buffer can be padded so dlen might be larger
-	 * than required.  It must never be smaller.
-	 */
-	if (dlen < XDR_QUADLEN(len)*4)
+	/* opaque data */
+	if (xdr_stream_decode_u32(xdr, &args->len) < 0)
 		return 0;
 
+	/* request sanity */
+	if (args->count != args->len)
+		return 0;
+	remaining = head->iov_len + rqstp->rq_arg.page_len + tail->iov_len;
+	remaining -= xdr_stream_pos(xdr);
+	if (remaining < xdr_align_size(args->len))
+		return 0;
 	if (args->count > max_blocksize) {
 		args->count = max_blocksize;
-		len = args->len = max_blocksize;
+		args->len = max_blocksize;
 	}
 
-	args->first.iov_base = (void *)p;
-	args->first.iov_len = head->iov_len - hdr;
+	args->first.iov_base = xdr->p;
+	args->first.iov_len = head->iov_len - xdr_stream_pos(xdr);
+
 	return 1;
 }