From patchwork Thu Mar 31 21:20:22 2016
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Eric Blake <eblake@redhat.com>
X-Patchwork-Id: 8718691
Return-Path: 
 <qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org>
X-Original-To: patchwork-qemu-devel@patchwork.kernel.org
Delivered-To: patchwork-parsemail@patchwork1.web.kernel.org
Received: from mail.kernel.org (mail.kernel.org [198.145.29.136])
	by patchwork1.web.kernel.org (Postfix) with ESMTP id BD8DA9F36E
	for <patchwork-qemu-devel@patchwork.kernel.org>;
	Thu, 31 Mar 2016 21:24:17 +0000 (UTC)
Received: from mail.kernel.org (localhost [127.0.0.1])
	by mail.kernel.org (Postfix) with ESMTP id 250A22034B
	for <patchwork-qemu-devel@patchwork.kernel.org>;
	Thu, 31 Mar 2016 21:24:17 +0000 (UTC)
Received: from lists.gnu.org (lists.gnu.org [208.118.235.17])
	(using TLSv1 with cipher AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mail.kernel.org (Postfix) with ESMTPS id 78564202F0
	for <patchwork-qemu-devel@patchwork.kernel.org>;
	Thu, 31 Mar 2016 21:24:16 +0000 (UTC)
Received: from localhost ([::1]:34502 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71) (envelope-from
	<qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org>)
	id 1alk4d-0003zA-Sc for patchwork-qemu-devel@patchwork.kernel.org;
	Thu, 31 Mar 2016 17:24:15 -0400
Received: from eggs.gnu.org ([2001:4830:134:3::10]:40771)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <eblake@redhat.com>) id 1alk3D-0001ls-MM
	for qemu-devel@nongnu.org; Thu, 31 Mar 2016 17:22:50 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <eblake@redhat.com>) id 1alk3A-0000c0-GP
	for qemu-devel@nongnu.org; Thu, 31 Mar 2016 17:22:47 -0400
Received: from resqmta-po-06v.sys.comcast.net ([96.114.154.165]:35944)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <eblake@redhat.com>) id 1alk3A-0000bZ-Ca
	for qemu-devel@nongnu.org; Thu, 31 Mar 2016 17:22:44 -0400
Received: from resomta-po-09v.sys.comcast.net ([96.114.154.233])
	by comcast with SMTP
	id lk10arX8L9sFTlk1Dasxj8; Thu, 31 Mar 2016 21:20:43 +0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcast.net;
	s=q20140121; t=1459459243;
	bh=V8ZHzNaj3kHvDc++FDg3WgqQX1x+pmBMqr/7/g0L/So=;
	h=Received:Received:From:To:Subject:Date:Message-Id;
	b=BINj0egKV0m7tzTPjk1WVBLbQ2iTIEu6Nkk+YANcj4VtG3k8lNglF96walgrNLiTa
	f9J8P1C4/pc4nIONMLYD1evhUSr46VK/ST8WTgSKK/Tgz+Gz84cOiGEgyTkKpkkyDo
	HDy9457epaM0FraZ91UKQ5e784Rlr+274L+t1t9Oz4BUz6RCU9zKnqpDXyLWY4SQgQ
	r2NKCtD33S5F5IAcm4yDtZkk7BSTHEOXPmId9lGv72apxZmcuzHh/qn0suf5zEMZ4o
	e0b+bDH3JXJuw0fsCHNjQWQbmpdTiH49ecStbaRRoF2nVWleTCGsUFGQ73+GFivnmb
	vLD8YcDLeqnhw==
Received: from red.redhat.com ([24.10.254.122])
	by resomta-po-09v.sys.comcast.net with comcast
	id clLN1s00K2fD5rL01lLi0l; Thu, 31 Mar 2016 21:20:43 +0000
From: Eric Blake <eblake@redhat.com>
To: qemu-devel@nongnu.org
Date: Thu, 31 Mar 2016 15:20:22 -0600
Message-Id: <1459459222-8637-4-git-send-email-eblake@redhat.com>
X-Mailer: git-send-email 2.5.5
In-Reply-To: <1459459222-8637-1-git-send-email-eblake@redhat.com>
References: <1459459222-8637-1-git-send-email-eblake@redhat.com>
X-detected-operating-system: by eggs.gnu.org: Genre and OS details not
	recognized.
X-Received-From: 96.114.154.165
Cc: Paolo Bonzini <pbonzini@redhat.com>
Subject: [Qemu-devel] [PATCH 3/3] nbd: Reject unknown request flags
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: 
 qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org
Sender: 
 qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org
X-Spam-Status: No, score=-6.8 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_HI, T_DKIM_INVALID,
	UNPARSEABLE_RELAY autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org
X-Virus-Scanned: ClamAV using ClamSMTP

The NBD protocol says that clients should not send a command flag
that has not been negotiated (whether by the client requesting an
option during a handshake, or because we advertise support for the
flag in response to NBD_OPT_EXPORT_NAME), and that servers should
reject invalid flags with EINVAL.  We were silently ignoring the
flags instead.  The client can't rely on our behavior, since it is
their fault for passing the bad flag in the first place, but it's
better to be robust up front than to possibly behave differently
than the client was expecting with the attempted flag.

Signed-off-by: Eric Blake <eblake@redhat.com>
---
 nbd/server.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/nbd/server.c b/nbd/server.c
index a590773..31bd9c5 100644
--- a/nbd/server.c
+++ b/nbd/server.c
@@ -974,6 +974,10 @@ static ssize_t nbd_co_receive_request(NBDRequest *req, struct nbd_request *reque
         goto out;
     }

+    if (request->flags & ~NBD_CMD_FLAG_FUA) {
+        LOG("unsupported flags (got 0x%x)", request->flags);
+        return -EINVAL;
+    }
     if ((request->from + request->len) < request->from) {
         LOG("integer overflow detected! "
             "you're probably being attacked");