https://jira.whamcloud.com This file is an XML representation of an issue en-us 9.4.14 940014 05-12-2023 https://jira.whamcloud.com/browse/LU-2714 Lustre <p>Recent HSM patches seem to blindly trust incoming network data.<br/> Examples include mdt_hsm_action handling of the action list where we blindly trust number of items supplied without testing against provided buffer sizes, also allocating buffers not using OBD_ALLOC_LARGE which provides somewaht easy DoS avenue.<br/> Another example is mdt_hsm_request handling of hr_itemcount.<br/> I suspect there are more cases like this in other patches.</p> <p>Additionally sanity max values for all those item counts should be added in client side ioctl handlers to avoid easy local DoS avenues.</p> LU-2714

HSM: add sanity checks for incoming RPCs

Technical task LU-2061 Blocker Closed Fixed John Hammond Oleg Drokin MB Wed, 30 Jan 2013 18:14:11 +0000 Thu, 7 Mar 2013 13:39:09 +0000 Thu, 7 Mar 2013 13:38:56 +0000 Lustre 2.4.0 Lustre 2.4.0 0 5 <p>John</p> <p>Could you please look into this one?</p> <p>Thanks</p> <p>Peter</p> <p>Oleg, can you suggest a reasonable upper limit on the amount of memory that the MDT allocate to serve a single HSM request?</p> <p>Also to make sure that I understand correctly, are you referring to master here? There are indeed some issues in master's hsm handlers, but if I look at mdt_hsm_action() then the allocations are all statically sized.</p> <p>Please see <a href="http://review.whamcloud.com/5507" class="external-link" target="_blank" rel="nofollow noopener">http://review.whamcloud.com/5507</a>.</p> <p>Patch landed.</p> Development Rank 1|hzvi9r: Rank (Obsolete) 6609