From patchwork Wed Apr 27 02:41:26 2011 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "J. Bruce Fields" X-Patchwork-Id: 735231 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by demeter1.kernel.org (8.14.4/8.14.3) with ESMTP id p3R2fwt7017819 for ; Wed, 27 Apr 2011 02:41:58 GMT Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1758163Ab1D0Cln (ORCPT ); Tue, 26 Apr 2011 22:41:43 -0400 Received: from fieldses.org ([174.143.236.118]:34419 "EHLO fieldses.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1758081Ab1D0Cl2 (ORCPT ); Tue, 26 Apr 2011 22:41:28 -0400 Received: from bfields by fieldses.org with local (Exim 4.72) (envelope-from ) id 1QEugw-0007RM-VO; Tue, 26 Apr 2011 22:41:26 -0400 Date: Tue, 26 Apr 2011 22:41:26 -0400 From: "J. Bruce Fields" To: Mi Jinlong Cc: NFS Subject: Re: [PATCH] nfsd41: compare request's opcnt with session's maxops at nfsd4_sequence Message-ID: <20110427024126.GB26541@fieldses.org> References: <4DB76CE6.9080404@cn.fujitsu.com> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <4DB76CE6.9080404@cn.fujitsu.com> User-Agent: Mutt/1.5.20 (2009-06-14) Sender: linux-nfs-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-nfs@vger.kernel.org X-Greylist: IP, sender and recipient auto-whitelisted, not delayed by milter-greylist-4.2.6 (demeter1.kernel.org [140.211.167.41]); Wed, 27 Apr 2011 02:41:59 +0000 (UTC) On Wed, Apr 27, 2011 at 09:09:58AM +0800, Mi Jinlong wrote: > Make sure nfs server can distinguish request contains more ops > than channel allowed. Yes, sequence looks like a reasonable op to catch this error. The spec doesn't care as far as I can tell (and it's a buggy-client case, so why should it), and we already check that any compound not starting with a sequence has only one op. > Signed-off-by: Mi Jinlong > --- > fs/nfsd/nfs4state.c | 5 +++++ > 1 files changed, 5 insertions(+), 0 deletions(-) > > diff --git a/fs/nfsd/nfs4state.c b/fs/nfsd/nfs4state.c > index fbde6f7..4f9fc68 100644 > --- a/fs/nfsd/nfs4state.c > +++ b/fs/nfsd/nfs4state.c > @@ -1749,6 +1749,11 @@ nfsd4_sequence(struct svc_rqst *rqstp, > if (!session) > goto out; > > + status = nfserr_too_many_ops; > + if (((struct nfsd4_compoundargs *)rqstp->rq_argp)->opcnt > Kind of a cumbersome construction, though. Eh, maybe overkill, but how about this?: --b. commit d5eee1629fb9d3a55e5793d156026248c14cb46c Author: Mi Jinlong Date: Wed Apr 27 09:09:58 2011 +0800 nfsd41: compare request's opcnt with session's maxops at nfsd4_sequence Make sure nfs server errors out if request contains more ops than channel allows. Signed-off-by: Mi Jinlong [bfields@redhat.com: use helper function] Signed-off-by: J. Bruce Fields --- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/fs/nfsd/nfs4state.c b/fs/nfsd/nfs4state.c index fbde6f7..487ba47 100644 --- a/fs/nfsd/nfs4state.c +++ b/fs/nfsd/nfs4state.c @@ -1721,6 +1721,13 @@ static void nfsd4_sequence_check_conn(struct nfsd4_conn *new, struct nfsd4_sessi return; } +static bool nfsd4_session_too_many_ops(struct svc_rqst *rqstp, struct nfsd4_session *session) +{ + struct nfsd4_compoundargs *args = rqstp->rq_argp; + + return args->opcnt > session->se_fchannel.maxops; +} + __be32 nfsd4_sequence(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, @@ -1749,6 +1756,10 @@ nfsd4_sequence(struct svc_rqst *rqstp, if (!session) goto out; + status = nfserr_too_many_ops; + if (nfsd4_session_too_many_ops(rqstp, session)) + goto out; + status = nfserr_badslot; if (seq->slotid >= session->se_fchannel.maxreqs) goto out;