On 03/28/2016 04:43 AM, Denis V. Lunev wrote: > From: Pavel Borzenkov <pborzen...@virtuozzo.com> > > There is a loophole in the protocol that allows a client to send TRIM > request even if support for it wasn't negotiated with the server. State > explicitly that the client MUST NOT send such command without prior > successful negotiation. > > Signed-off-by: Pavel Borzenkov <pborzen...@virtuozzo.com> > Reviewed-by: Roman Kagan <rka...@virtuozzo.com> > Signed-off-by: Denis V. Lunev <d...@openvz.org> > CC: Wouter Verhelst <w...@uter.be> > CC: Eric Blake <ebl...@redhat.com> > CC: Alex Bligh <a...@alex.org.uk> > --- > doc/proto.md | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/doc/proto.md b/doc/proto.md > index 6d1cb34..d54ed19 100644 > --- a/doc/proto.md > +++ b/doc/proto.md > @@ -471,6 +471,9 @@ The following request types exist: > about the contents of the export affected by this command, until > overwriting it again with `NBD_CMD_WRITE`. > > + A client MUST NOT send a trim request unless `NBD_FLAG_SEND_TRIM` > + was set in the export flags field. > +
Do we also want to mention that the server SHOULD fail with EINVAL if the client sends it anyway, and similarly if NBD_CMD_FLUSH was sent without the appropriate export flag (but that the client should not rely on that particular failure)? But as this is a strict improvement, Reviewed-by: Eric Blake <ebl...@redhat.com> -- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org
signature.asc
Description: OpenPGP digital signature