Re: [PATCH 06/19] nfsd: Check private request size before submitting a SCSI request

2017-05-26 Thread bfie...@fieldses.org 
On Fri, May 26, 2017 at 08:10:03AM +0200, h...@lst.de wrote:
> On Thu, May 25, 2017 at 08:19:47PM +, Bart Van Assche wrote:
> > On Thu, 2017-05-25 at 14:48 -0400, J . Bruce Fields wrote:
> > > On Thu, May 25, 2017 at 11:43:14AM -0700, Bart Van Assche wrote:
> > > > Since using scsi_req() is only allowed against request queues for
> > > > which struct scsi_request is the first member of their private
> > > > request data, refuse to submit SCSI commands against a queue for
> > > > which this is not the case.
> > > 
> > > Is it possible we could catch this earlier and avoid giving out the
> > > layout in the first place?
> > 
> > Hello Christoph,
> > 
> > According to what I see in commit 8650b8a05850 you are the author of this
> > code? Can the blk_queue_scsi_pdu(q) test fail in 
> > nfsd4_scsi_identify_device()?
> 
> If the user explicitly asked for a scsi layout export of a non-scsi
> device it can.
> 
> > If so, can nfsd4_layout_verify() be modified in such a way that it prevents
> > that nfsd4_scsi_proc_getdeviceinfo() is ever called for a non-SCSI queue?
> > Can you recommend an approach?
> 
> Not easily.  The only thing we could do is an export time check, that
> would refuse the scsi layout export if the device is not capable.
> 
> I can look into that, but it will take some time so for now I think we
> should go ahead with your series.

Fine by me.--b.

Re: [PATCH 06/19] nfsd: Check private request size before submitting a SCSI request

2017-05-26 Thread h...@lst.de 
On Thu, May 25, 2017 at 08:19:47PM +, Bart Van Assche wrote:
> On Thu, 2017-05-25 at 14:48 -0400, J . Bruce Fields wrote:
> > On Thu, May 25, 2017 at 11:43:14AM -0700, Bart Van Assche wrote:
> > > Since using scsi_req() is only allowed against request queues for
> > > which struct scsi_request is the first member of their private
> > > request data, refuse to submit SCSI commands against a queue for
> > > which this is not the case.
> > 
> > Is it possible we could catch this earlier and avoid giving out the
> > layout in the first place?
> 
> Hello Christoph,
> 
> According to what I see in commit 8650b8a05850 you are the author of this
> code? Can the blk_queue_scsi_pdu(q) test fail in nfsd4_scsi_identify_device()?

If the user explicitly asked for a scsi layout export of a non-scsi
device it can.

> If so, can nfsd4_layout_verify() be modified in such a way that it prevents
> that nfsd4_scsi_proc_getdeviceinfo() is ever called for a non-SCSI queue?
> Can you recommend an approach?

Not easily.  The only thing we could do is an export time check, that
would refuse the scsi layout export if the device is not capable.

I can look into that, but it will take some time so for now I think we
should go ahead with your series.

Re: [PATCH 06/19] nfsd: Check private request size before submitting a SCSI request

2017-05-26 Thread Christoph Hellwig 
Looks fine,

Reviewed-by: Christoph Hellwig

Re: [PATCH 06/19] nfsd: Check private request size before submitting a SCSI request

2017-05-25 Thread Bart Van Assche 
On Thu, 2017-05-25 at 14:48 -0400, J . Bruce Fields wrote:
> On Thu, May 25, 2017 at 11:43:14AM -0700, Bart Van Assche wrote:
> > Since using scsi_req() is only allowed against request queues for
> > which struct scsi_request is the first member of their private
> > request data, refuse to submit SCSI commands against a queue for
> > which this is not the case.
> 
> Is it possible we could catch this earlier and avoid giving out the
> layout in the first place?

Hello Christoph,

According to what I see in commit 8650b8a05850 you are the author of this
code? Can the blk_queue_scsi_pdu(q) test fail in nfsd4_scsi_identify_device()?
If so, can nfsd4_layout_verify() be modified in such a way that it prevents
that nfsd4_scsi_proc_getdeviceinfo() is ever called for a non-SCSI queue?
Can you recommend an approach?

Thanks,

Bart.

Re: [PATCH 06/19] nfsd: Check private request size before submitting a SCSI request

2017-05-25 Thread J . Bruce Fields 
On Thu, May 25, 2017 at 11:43:14AM -0700, Bart Van Assche wrote:
> Since using scsi_req() is only allowed against request queues for
> which struct scsi_request is the first member of their private
> request data, refuse to submit SCSI commands against a queue for
> which this is not the case.

Is it possible we could catch this earlier and avoid giving out the
layout in the first place?

--b.

> 
> References: commit 82ed4db499b8 ("block: split scsi_request out of struct 
> request")
> Signed-off-by: Bart Van Assche 
> Reviewed-by: Hannes Reinecke 
> Cc: J. Bruce Fields 
> Cc: Jeff Layton 
> Cc: Jens Axboe 
> Cc: Christoph Hellwig 
> Cc: Omar Sandoval 
> Cc: linux-...@vger.kernel.org
> Cc: linux-block@vger.kernel.org
> ---
>  fs/nfsd/blocklayout.c | 3 +++
>  1 file changed, 3 insertions(+)
> 
> diff --git a/fs/nfsd/blocklayout.c b/fs/nfsd/blocklayout.c
> index fb5213afc854..38e14cf7e74a 100644
> --- a/fs/nfsd/blocklayout.c
> +++ b/fs/nfsd/blocklayout.c
> @@ -219,6 +219,9 @@ static int nfsd4_scsi_identify_device(struct block_device 
> *bdev,
>   u8 *buf, *d, type, assoc;
>   int error;
>  
> + if (WARN_ON_ONCE(!blk_queue_scsi_pdu(q)))
> + return -EINVAL;
> +
>   buf = kzalloc(bufflen, GFP_KERNEL);
>   if (!buf)
>   return -ENOMEM;
> -- 
> 2.12.2

[PATCH 06/19] nfsd: Check private request size before submitting a SCSI request

2017-05-25 Thread Bart Van Assche 
Since using scsi_req() is only allowed against request queues for
which struct scsi_request is the first member of their private
request data, refuse to submit SCSI commands against a queue for
which this is not the case.

References: commit 82ed4db499b8 ("block: split scsi_request out of struct 
request")
Signed-off-by: Bart Van Assche 
Reviewed-by: Hannes Reinecke 
Cc: J. Bruce Fields 
Cc: Jeff Layton 
Cc: Jens Axboe 
Cc: Christoph Hellwig 
Cc: Omar Sandoval 
Cc: linux-...@vger.kernel.org
Cc: linux-block@vger.kernel.org
---
 fs/nfsd/blocklayout.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/fs/nfsd/blocklayout.c b/fs/nfsd/blocklayout.c
index fb5213afc854..38e14cf7e74a 100644
--- a/fs/nfsd/blocklayout.c
+++ b/fs/nfsd/blocklayout.c
@@ -219,6 +219,9 @@ static int nfsd4_scsi_identify_device(struct block_device 
*bdev,
u8 *buf, *d, type, assoc;
int error;
 
+   if (WARN_ON_ONCE(!blk_queue_scsi_pdu(q)))
+   return -EINVAL;
+
buf = kzalloc(bufflen, GFP_KERNEL);
if (!buf)
return -ENOMEM;
-- 
2.12.2