diff options
| author | Jeff Layton <jlayton@redhat.com> | 2011-01-20 13:36:51 -0500 |
|---|---|---|
| committer | Steve French <sfrench@us.ibm.com> | 2011-01-20 16:46:29 -0500 |
| commit | 690c522fa5a62825af880775e3ef1e55755667b2 (patch) | |
| tree | ff953bba1050b54cc9be452a599ac1faf580c3b7 /fs/cifs/cifssmb.c | |
| parent | aae62fdb6b9a6605abdea7370c4a0e005e6c1cd7 (diff) | |
cifs: use get/put_unaligned functions to access ByteCount
It's possible that when we access the ByteCount that the alignment
will be off. Most CPUs deal with that transparently, but there's
usually some performance impact. Some CPUs raise an exception on
unaligned accesses.
Fix this by accessing the byte count using the get_unaligned and
put_unaligned inlined functions. While we're at it, fix the types
of some of the variables that end up getting returns from these
functions.
Acked-by: Pavel Shilovsky <piastryyy@gmail.com>
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
Diffstat (limited to 'fs/cifs/cifssmb.c')
| -rw-r--r-- | fs/cifs/cifssmb.c | 14 |
1 files changed, 5 insertions, 9 deletions
diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c index 5b1f6637f161..39cec0d9cd1b 100644 --- a/fs/cifs/cifssmb.c +++ b/fs/cifs/cifssmb.c | |||
| @@ -333,7 +333,6 @@ static int validate_t2(struct smb_t2_rsp *pSMB) | |||
| 333 | { | 333 | { |
| 334 | int rc = -EINVAL; | 334 | int rc = -EINVAL; |
| 335 | int total_size; | 335 | int total_size; |
| 336 | char *pBCC; | ||
| 337 | 336 | ||
| 338 | /* check for plausible wct, bcc and t2 data and parm sizes */ | 337 | /* check for plausible wct, bcc and t2 data and parm sizes */ |
| 339 | /* check for parm and data offset going beyond end of smb */ | 338 | /* check for parm and data offset going beyond end of smb */ |
| @@ -346,13 +345,9 @@ static int validate_t2(struct smb_t2_rsp *pSMB) | |||
| 346 | if (total_size < 512) { | 345 | if (total_size < 512) { |
| 347 | total_size += | 346 | total_size += |
| 348 | le16_to_cpu(pSMB->t2_rsp.DataCount); | 347 | le16_to_cpu(pSMB->t2_rsp.DataCount); |
| 349 | /* BCC le converted in SendReceive */ | 348 | if (total_size <= get_bcc(&pSMB->hdr) && |
| 350 | pBCC = (pSMB->hdr.WordCount * 2) + | 349 | total_size < |
| 351 | sizeof(struct smb_hdr) + | 350 | CIFSMaxBufSize + MAX_CIFS_HDR_SIZE) { |
| 352 | (char *)pSMB; | ||
| 353 | if ((total_size <= (*(u16 *)pBCC)) && | ||
| 354 | (total_size < | ||
| 355 | CIFSMaxBufSize+MAX_CIFS_HDR_SIZE)) { | ||
| 356 | return 0; | 351 | return 0; |
| 357 | } | 352 | } |
| 358 | } | 353 | } |
| @@ -362,6 +357,7 @@ static int validate_t2(struct smb_t2_rsp *pSMB) | |||
| 362 | sizeof(struct smb_t2_rsp) + 16); | 357 | sizeof(struct smb_t2_rsp) + 16); |
| 363 | return rc; | 358 | return rc; |
| 364 | } | 359 | } |
| 360 | |||
| 365 | int | 361 | int |
| 366 | CIFSSMBNegotiate(unsigned int xid, struct cifsSesInfo *ses) | 362 | CIFSSMBNegotiate(unsigned int xid, struct cifsSesInfo *ses) |
| 367 | { | 363 | { |
| @@ -5609,7 +5605,7 @@ QAllEAsRetry: | |||
| 5609 | } | 5605 | } |
| 5610 | 5606 | ||
| 5611 | /* make sure list_len doesn't go past end of SMB */ | 5607 | /* make sure list_len doesn't go past end of SMB */ |
| 5612 | end_of_smb = (char *)pByteArea(&pSMBr->hdr) + BCC(&pSMBr->hdr); | 5608 | end_of_smb = (char *)pByteArea(&pSMBr->hdr) + get_bcc(&pSMBr->hdr); |
| 5613 | if ((char *)ea_response_data + list_len > end_of_smb) { | 5609 | if ((char *)ea_response_data + list_len > end_of_smb) { |
| 5614 | cFYI(1, "EA list appears to go beyond SMB"); | 5610 | cFYI(1, "EA list appears to go beyond SMB"); |
| 5615 | rc = -EIO; | 5611 | rc = -EIO; |