On Sun, May 11, 2014 at 10:37:27PM -0700, Christoph Hellwig wrote: > On Sun, May 11, 2014 at 04:52:09PM -0400, J. Bruce Fields wrote: > > From: "J. Bruce Fields" <bfields@xxxxxxxxxx> > > > > Currently if the nfs-level part of a reply would be too large, we'll > > return an error to the client. But if the nfs-level part fits and > > leaves no room for krb5p or krb5i stuff, then we just drop the request > > entirely. > > > > That's no good. Instead, reserve some slack space at the end of the > > buffer and make sure we fail outright if we'd come close. > > > > The slack space here is a massive overstimate of what's required, we > > should probably try for a tighter limit at some point. > > Don't we know the rpc auth scheme at this point and can at least > avoid it for non-krb setups? Yes. At the end of this series we have RPC_MAX_AUTH_SIZE scattered around in a few different places. Rather than have each place have some flavor-specific logic I think I'd like the auth code to set an rq_auth_slack field in the struct svc_rqst for code like this to use. --b. -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
