nfs_nfsdserv.c: Add sanity check for layout commit cnt
ClosedPublic
Actions

Authored by rmacklem on Oct 25 2025, 8:17 PM.

Details

Reviewers

emaste
markj

Commits

rG1a679fb90796: nfs_nfsdserv.c: Add a sanity check for layout commit cnt

Summary

If a client were to send a LayoutCommit (seldom
used and only for a pNFS server) with a bogus
cnt, there could be problems with a malloc() call
that uses it.

This patch adds a sanity check for the cnt. Note
that RFC8881 does not specify any upper bound
on the cnt.

Test Plan

Not tested. To do so would require a pNFS server
configuration and a broken client.

Diff Detail

Repository

rG FreeBSD src repository

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

rmacklem created this revision.Oct 25 2025, 8:17 PM

Herald added a subscriber: imp. · View Herald TranscriptOct 25 2025, 8:17 PM

rmacklem requested review of this revision.Oct 25 2025, 8:17 PM

markj accepted this revision.Oct 27 2025, 1:26 PM

markj added inline comments.

sys/fs/nfsserver/nfs_nfsdserv.c
5154	Many of these parameters are unused. Is it deliberate that you pass them all here?

This revision is now accepted and ready to land.Oct 27 2025, 1:26 PM

rmacklem added inline comments.Oct 27 2025, 1:39 PM

sys/fs/nfsserver/nfs_nfsdserv.c
5154	Yes. You could call them "someday, maybe". How these might be used by future Layout types is anyone's guess. For example, the current Flex Files layout implementations do not do striping (and as such the offsets and sizes don't mean much of anything) but the RFC describes striping and someone just committed patches to the Linux client to support striping (presumably for some future server).