From nobody Thu Nov 13 09:11:47 2025
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=quarantine dis=none)  header.from=crudebyte.com
ARC-Seal: i=1; a=rsa-sha256; t=1578962472; cv=none;
	d=zohomail.com; s=zohoarc;
	b=NkNliRNdMXknfOpKq22fNd3ODG+UtR1DKkWzgaij1OQH/es8SDv/+6iO8TZR3IhwAtkDuZQScicqLvQ5RcylA7i30S1t+Y5sBLmfdRvwBx3RVRaDxopxzus8M8wcSOjtegWdrUDlkX2HcX1UzYl5i7Cl1BjtOKMQm6slRvoPW1I=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1578962472;
 h=Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:Message-ID:References:Sender:Subject:To;
	bh=+Myfkq98Clr2ORtfWNQein9mN5wHBp4bIQMl85shDKw=;
	b=Xb6TytGzlSFyb0RGVZFAO3n5rBYFqNApZdn6WlKR2d7uEMCBOIZ1XFFD6/eTzGeepPvrO3kEiVfuVLOhFh4IozL4kfV5I0UZ0uWHYMiIa2VrJCLSeNqAhsqbaYlaCmogPnZcIXjhyNexvxFnHtzq0sbQci8DNzSR/FyGB9lUlF4=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<qemu_oss@crudebyte.com> (p=quarantine dis=none)
 header.from=<qemu_oss@crudebyte.com>
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1578962472891818.5400668416246;
 Mon, 13 Jan 2020 16:41:12 -0800 (PST)
Received: from localhost ([::1]:57554 helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces+importer=patchew.org@nongnu.org>)
	id 1irAGd-0000q3-OC
	for importer@patchew.org; Mon, 13 Jan 2020 19:41:11 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10]:35389)
 by lists.gnu.org with esmtp (Exim 4.90_1)
 (envelope-from
 <49ff399635ccfd21858b15417a398df362ff0b90@lizzy.crudebyte.com>)
 id 1irAFS-0007Qf-7r
 for qemu-devel@nongnu.org; Mon, 13 Jan 2020 19:39:59 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from
 <49ff399635ccfd21858b15417a398df362ff0b90@lizzy.crudebyte.com>)
 id 1irAFR-0004ax-4B
 for qemu-devel@nongnu.org; Mon, 13 Jan 2020 19:39:58 -0500
Received: from lizzy.crudebyte.com ([91.194.90.13]:58501)
 by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32)
 (Exim 4.71)
 (envelope-from
 <49ff399635ccfd21858b15417a398df362ff0b90@lizzy.crudebyte.com>)
 id 1irAFQ-0003nl-UA
 for qemu-devel@nongnu.org; Mon, 13 Jan 2020 19:39:57 -0500
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
 d=crudebyte.com; s=lizzy; h=Cc:To:Subject:Date:From:References:In-Reply-To:
 Message-Id:Content-Type:Content-Transfer-Encoding:MIME-Version:Content-ID:
 Content-Description; bh=+Myfkq98Clr2ORtfWNQein9mN5wHBp4bIQMl85shDKw=; b=R8Jv4
 GqnRIHxyFLv+BjMrQnD054U+toPSm2aqHP0bgsO2m7C8QVmy4XErA80rxYZxAgoZuyVrgFpz8oMY+
 Y67fxwEdKIXjJSERfAmNyamAQjdIL1vuwr63psK2togayyCoJXBO1arm53nzGUHo4INxT+afglLMK
 f4kYYDeAGafaW6FNofxkPOU6ZfWzj9kLZfLBJEwLBVPxCszkjSvLP0z9nHoHxrtGn6hHVXmRLBARu
 PD7VNHmte081vFOi/OK60ixiHQVbv1lXXnDQuf+FcA0VScCL862ky5NWr5a7yGoCiGoFjNxwke0rt
 iAPwRiC2LgkVg4jhXCR1vCfT5/pCw==;
Message-Id: 
 <49ff399635ccfd21858b15417a398df362ff0b90.1578957500.git.qemu_oss@crudebyte.com>
In-Reply-To: <cover.1578957500.git.qemu_oss@crudebyte.com>
References: <cover.1578957500.git.qemu_oss@crudebyte.com>
From: Christian Schoenebeck <qemu_oss@crudebyte.com>
Date: Mon, 13 Jan 2020 23:21:04 +0100
Subject: [PATCH v3 02/11] 9pfs: require msize >= 4096
To: qemu-devel@nongnu.org
Cc: Greg Kurz <groug@kaod.org>
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
 [fuzzy]
X-Received-From: 91.194.90.13
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: "Qemu-devel" <qemu-devel-bounces+importer=patchew.org@nongnu.org>
X-ZohoMail-DKIM: pass (identity @crudebyte.com)
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"

A client establishes a session by sending a Tversion request along with
a 'msize' parameter which client uses to suggest server a maximum
message size ever to be used for communication (for both requests and
replies) between client and server during that session. If client
suggests a 'msize' smaller than 4096 then deny session by server
immediately with an error response (Rlerror for "9P2000.L" clients or
Rerror for "9P2000.u" clients) instead of replying with Rversion.

Introduction of a minimum msize is required to prevent issues in
responses to numerous individual request types. For instance with a
msize of < P9_IOHDRSZ no useful operations would be possible at all.
Furthermore there are some responses which are not allowed by the 9p
protocol to be truncated like e.g. Rreadlink which may yield up to
a size of PATH_MAX which is usually 4096. Hence this size was chosen
as min. msize for server, which is already the minimum msize of the
Linux kernel's 9pfs client. By forcing a min. msize already at
session start (when handling Tversion) we don't have to check for a
minimum msize on a per request type basis later on during session,
which would be much harder and more error prone to maintain.

This is a user visible change which should be documented as such
(i.e. in public QEMU release changelog).

Signed-off-by: Christian Schoenebeck <qemu_oss@crudebyte.com>
Reviewed-by: Greg Kurz <groug@kaod.org>
---
 hw/9pfs/9p.c | 12 ++++++++++++
 hw/9pfs/9p.h | 11 +++++++++++
 2 files changed, 23 insertions(+)

diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c
index 520177f40c..a5fbe821d4 100644
--- a/hw/9pfs/9p.c
+++ b/hw/9pfs/9p.c
@@ -1363,8 +1363,20 @@ static void coroutine_fn v9fs_version(void *opaque)
         s->proto_version =3D V9FS_PROTO_2000L;
     } else {
         v9fs_string_sprintf(&version, "unknown");
+        /* skip min. msize check, reporting invalid version has priority */
+        goto marshal;
     }
=20
+    if (s->msize < P9_MIN_MSIZE) {
+        err =3D -EMSGSIZE;
+        error_report(
+            "9pfs: Client requested msize < minimum msize ("
+            stringify(P9_MIN_MSIZE) ") supported by this server."
+        );
+        goto out;
+    }
+
+marshal:
     err =3D pdu_marshal(pdu, offset, "ds", s->msize, &version);
     if (err < 0) {
         goto out;
diff --git a/hw/9pfs/9p.h b/hw/9pfs/9p.h
index 3904f82901..6fffe44f5a 100644
--- a/hw/9pfs/9p.h
+++ b/hw/9pfs/9p.h
@@ -100,6 +100,17 @@ typedef enum P9ProtoVersion {
     V9FS_PROTO_2000L =3D 0x02,
 } P9ProtoVersion;
=20
+/**
+ * @brief Minimum message size supported by this 9pfs server.
+ *
+ * A client establishes a session by sending a Tversion request along with=
 a
+ * 'msize' parameter which suggests the server a maximum message size ever=
 to be
+ * used for communication (for both requests and replies) between client a=
nd
+ * server during that session. If client suggests a 'msize' smaller than t=
his
+ * value then session is denied by server with an error response.
+ */
+#define P9_MIN_MSIZE    4096
+
 #define P9_NOTAG    UINT16_MAX
 #define P9_NOFID    UINT32_MAX
 #define P9_MAXWELEM 16
--=20
2.20.1