[ENBD] ENBD on 2.4.x

[jona@orac.ensor.org]

Hi again.

Could somebody sanity check me here?  I'm still looking at issues
with 2.4.x and ENBD and wanted to see how the Kernel module
makes sure it doesn't merge requests to the point that it would
overrun the client's buffer during a 'get_req' call (I suspect that
I'm getting a SEGV in the ioctl(fd, MY_NBD_GET_REQ, 1000) call).

I see that the Kernel module tries to keep that from happening
by looking at 'buf_sectors', but something still seems to be
going wrong.

At line 1468 in nbd.c (kernel module), I added the following 
test and warning if the kernel module tries to write a larger buffer
than the user has allocated.  I'm not sure how 'request.len' is
getting so big, but I got the warning when I tried to run my 'mke2fs' on
the block device.

       if (request.len > NBD_MAX_SECTORS*512+1000) {
               NBD_ALERT("Warning!  Want to write something larger than my buff\
er %i\n", request.len);
       }
       else {
       size = copy_to_user_from_req(req,
               (char*)user+sizeof (struct nbd_request), request.len);

        // PTB we have been tracking where to write to in the buffer
        buflen += size;
       }

Log dump:

Mar 15 18:40:04 jarney kernel: NBD #3481[0]: init_module registered device at major 43
Mar 15 18:40:18 jarney kernel: NBD #1892[0]: nbd_set_sock device nda not signed yet!
Mar 15 18:40:27 jarney kernel: NBD #1469[0]: nbd_get_req Warning!  Want to write something larger than my buffer 131072

It would seem that we would want to do one of the following:
	a) Make sure the request NEVER gets bigger than NBD_MAX_SECTORS
	b) Break up large requests to the client daemon and inform it
	that it only got a partial.

The first is probably the simplest, but I'm not sure how we can
limit the size of requests.

Ideas?

-Jon A.