Hi Dan!
NFS server patches should be sent to me these days.
$ scripts/get_maintainer.pl fs/nfsd
Chuck Lever <chuck.lever@xxxxxxxxxx> (supporter:KERNEL NFSD, SUNRPC, AND LOCKD SERVERS)
linux-nfs@xxxxxxxxxxxxxxx (open list:KERNEL NFSD, SUNRPC, AND LOCKD SERVERS)
linux-kernel@xxxxxxxxxxxxxxx (open list)
> On Jan 21, 2022, at 1:50 PM, Dan Aloni <dan.aloni@xxxxxxxxxxxx> wrote:
>
> Due to change 8cfb9015280d ("NFS: Always provide aligned buffers to the
> RPC read layers"), a read of 0xfff is aligned up to server rsize of
> 0x1000.
>
> As a result, in a test where the server has a file of size
> 0x7fffffffffffffff, and the client tries to read from the offset
> 0x7ffffffffffff000, the read causes loff_t overflow in the server and it
> returns an NFS code of EINVAL to the client. The client as a result
> indefinitely retries the request.
An infinite loop in this case is a client bug.
Section 3.3.6 of RFC 1813 permits the NFSv3 READ procedure
to return NFS3ERR_INVAL. The READ entry in Table 6 of RFC
5661 permits the NFSv4 READ operation to return
NFS4ERR_INVAL.
Was the client side fix for this issue rejected?
> This fixes the issue at server side by trimming reads past NFS_OFFSET_MAX.
It's OK for the server to return a short READ in this case,
so I will indeed consider a change to make that happen. But
see below for comments specific to this patch.
> Fixes: 8cfb9015280d ("NFS: Always provide aligned buffers to the RPC read layers")
> Signed-off-by: Dan Aloni <dan.aloni@xxxxxxxxxxxx>
> ---
> fs/nfsd/vfs.c | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/fs/nfsd/vfs.c b/fs/nfsd/vfs.c
> index 738d564ca4ce..754f4e9ff4a2 100644
> --- a/fs/nfsd/vfs.c
> +++ b/fs/nfsd/vfs.c
> @@ -1046,6 +1046,10 @@ __be32 nfsd_read(struct svc_rqst *rqstp, struct svc_fh *fhp,
> __be32 err;
>
> trace_nfsd_read_start(rqstp, fhp, offset, *count);
> +
> + if (unlikely(offset + *count > NFS_OFFSET_MAX))
> + *count = NFS_OFFSET_MAX - offset;
Can @offset ever be larger than NFS_OFFSET_MAX?
Does this check have any effect on NFSv4 READ operations?
> +
> err = nfsd_file_acquire(rqstp, fhp, NFSD_MAY_READ, &nf);
> if (err)
> return err;
> --
> 2.23.0
>
--
Chuck Lever
