On 03/28/2016 04:43 AM, Denis V. Lunev wrote: > From: Pavel Borzenkov <pborzenkov@...2319...> > > There is a loophole in the protocol that allows a client to send TRIM > request even if support for it wasn't negotiated with the server. State > explicitly that the client MUST NOT send such command without prior > successful negotiation. > > Signed-off-by: Pavel Borzenkov <pborzenkov@...2319...> > Reviewed-by: Roman Kagan <rkagan@...2319...> > Signed-off-by: Denis V. Lunev <den@...2317...> > CC: Wouter Verhelst <w@...112...> > CC: Eric Blake <eblake@...696...> > CC: Alex Bligh <alex@...872...> > --- > doc/proto.md | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/doc/proto.md b/doc/proto.md > index 6d1cb34..d54ed19 100644 > --- a/doc/proto.md > +++ b/doc/proto.md > @@ -471,6 +471,9 @@ The following request types exist: > about the contents of the export affected by this command, until > overwriting it again with `NBD_CMD_WRITE`. > > + A client MUST NOT send a trim request unless `NBD_FLAG_SEND_TRIM` > + was set in the export flags field. > + Do we also want to mention that the server SHOULD fail with EINVAL if the client sends it anyway, and similarly if NBD_CMD_FLUSH was sent without the appropriate export flag (but that the client should not rely on that particular failure)? But as this is a strict improvement, Reviewed-by: Eric Blake <eblake@...696...> -- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org
Attachment:
signature.asc
Description: OpenPGP digital signature