Re: [PATCH 1/2] pnfs/blocklayout: validate volume indices and limit recursion depth

Next message: Nikhil Nagarkar: "[PATCH] power: reset: ltc2952: remove global ltc2952_data structure"
Previous message: Al Viro: "Re: [BUG] KASAN: slab-use-after-free in link_path_walk"
In reply to: Werner Kasselman: "[PATCH 1/2] pnfs/blocklayout: validate volume indices and limit recursion depth"
Next in thread: Werner Kasselman: "[PATCH 2/2] pnfs/blocklayout: cap total parse operations in volume topology"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Christoph Hellwig

Date: Thu Apr 23 2026 - 01:16:59 EST

On Tue, Apr 21, 2026 at 10:03:42AM +0000, Werner Kasselman wrote:
> #define PNFS_BLOCK_MAX_UUIDS 4
> #define PNFS_BLOCK_MAX_DEVICES 64
> +#define PNFS_BLOCK_MAX_DEPTH 16

I think we can and should reduce the nesting depth. The only really
useful nesting is mirroring + striping or concatenation. Giving a little
extra slack is fine, but I think 4 (or 8 if you insist) should be
enough,

> + int depth, gfp_t gfp_mask);

unsigned?

> default:
> @@ -559,6 +581,9 @@ bl_alloc_deviceid_node(struct nfs_server *server, struct pnfs_device *pdev,
> goto out_free_scratch;
> nr_volumes = be32_to_cpup(p++);
>
> + if (nr_volumes <= 0)
> + goto out_free_scratch;

nr_volumes should be siwtched to an unsigned value, as it is over
the wire.

Otherwise looks good, thanks a lot!