diff options
author | Trond Myklebust <Trond.Myklebust@netapp.com> | 2009-08-19 18:21:52 -0400 |
---|---|---|
committer | Trond Myklebust <Trond.Myklebust@netapp.com> | 2009-08-19 18:21:52 -0400 |
commit | 6a396f67d2442e30150ffb5e1142dbb2f2181d3f (patch) | |
tree | 2ea4f3ab1d3766204a55ec26600b848ed3a7e8aa /fs/nfs/nfs4xdr.c | |
parent | f884dcaead5f17bf586ac5fe6a3ad07b5203616a (diff) | |
parent | cccddf4f5580131c9b963900e1d3400655e633cc (diff) |
Merge branch 'nfsv4_xdr_cleanups-for-2.6.32' into nfs-for-2.6.32
Conflicts:
fs/nfs/nfs4xdr.c
Diffstat (limited to 'fs/nfs/nfs4xdr.c')
-rw-r--r-- | fs/nfs/nfs4xdr.c | 1374 |
1 files changed, 810 insertions, 564 deletions
diff --git a/fs/nfs/nfs4xdr.c b/fs/nfs/nfs4xdr.c index e65cc2e650c8..cfc30d362f94 100644 --- a/fs/nfs/nfs4xdr.c +++ b/fs/nfs/nfs4xdr.c | |||
@@ -702,29 +702,12 @@ struct compound_hdr { | |||
702 | u32 minorversion; | 702 | u32 minorversion; |
703 | }; | 703 | }; |
704 | 704 | ||
705 | /* | 705 | static __be32 *reserve_space(struct xdr_stream *xdr, size_t nbytes) |
706 | * START OF "GENERIC" ENCODE ROUTINES. | 706 | { |
707 | * These may look a little ugly since they are imported from a "generic" | 707 | __be32 *p = xdr_reserve_space(xdr, nbytes); |
708 | * set of XDR encode/decode routines which are intended to be shared by | 708 | BUG_ON(!p); |
709 | * all of our NFSv4 implementations (OpenBSD, MacOS X...). | 709 | return p; |
710 | * | 710 | } |
711 | * If the pain of reading these is too great, it should be a straightforward | ||
712 | * task to translate them into Linux-specific versions which are more | ||
713 | * consistent with the style used in NFSv2/v3... | ||
714 | */ | ||
715 | #define WRITE32(n) *p++ = htonl(n) | ||
716 | #define WRITE64(n) do { \ | ||
717 | *p++ = htonl((uint32_t)((n) >> 32)); \ | ||
718 | *p++ = htonl((uint32_t)(n)); \ | ||
719 | } while (0) | ||
720 | #define WRITEMEM(ptr,nbytes) do { \ | ||
721 | p = xdr_encode_opaque_fixed(p, ptr, nbytes); \ | ||
722 | } while (0) | ||
723 | |||
724 | #define RESERVE_SPACE(nbytes) do { \ | ||
725 | p = xdr_reserve_space(xdr, nbytes); \ | ||
726 | BUG_ON(!p); \ | ||
727 | } while (0) | ||
728 | 711 | ||
729 | static void encode_string(struct xdr_stream *xdr, unsigned int len, const char *str) | 712 | static void encode_string(struct xdr_stream *xdr, unsigned int len, const char *str) |
730 | { | 713 | { |
@@ -749,12 +732,11 @@ static void encode_compound_hdr(struct xdr_stream *xdr, | |||
749 | 732 | ||
750 | dprintk("encode_compound: tag=%.*s\n", (int)hdr->taglen, hdr->tag); | 733 | dprintk("encode_compound: tag=%.*s\n", (int)hdr->taglen, hdr->tag); |
751 | BUG_ON(hdr->taglen > NFS4_MAXTAGLEN); | 734 | BUG_ON(hdr->taglen > NFS4_MAXTAGLEN); |
752 | RESERVE_SPACE(12+(XDR_QUADLEN(hdr->taglen)<<2)); | 735 | p = reserve_space(xdr, 4 + hdr->taglen + 8); |
753 | WRITE32(hdr->taglen); | 736 | p = xdr_encode_opaque(p, hdr->tag, hdr->taglen); |
754 | WRITEMEM(hdr->tag, hdr->taglen); | 737 | *p++ = cpu_to_be32(hdr->minorversion); |
755 | WRITE32(hdr->minorversion); | ||
756 | hdr->nops_p = p; | 738 | hdr->nops_p = p; |
757 | WRITE32(hdr->nops); | 739 | *p = cpu_to_be32(hdr->nops); |
758 | } | 740 | } |
759 | 741 | ||
760 | static void encode_nops(struct compound_hdr *hdr) | 742 | static void encode_nops(struct compound_hdr *hdr) |
@@ -829,55 +811,53 @@ static void encode_attrs(struct xdr_stream *xdr, const struct iattr *iap, const | |||
829 | len += 16; | 811 | len += 16; |
830 | else if (iap->ia_valid & ATTR_MTIME) | 812 | else if (iap->ia_valid & ATTR_MTIME) |
831 | len += 4; | 813 | len += 4; |
832 | RESERVE_SPACE(len); | 814 | p = reserve_space(xdr, len); |
833 | 815 | ||
834 | /* | 816 | /* |
835 | * We write the bitmap length now, but leave the bitmap and the attribute | 817 | * We write the bitmap length now, but leave the bitmap and the attribute |
836 | * buffer length to be backfilled at the end of this routine. | 818 | * buffer length to be backfilled at the end of this routine. |
837 | */ | 819 | */ |
838 | WRITE32(2); | 820 | *p++ = cpu_to_be32(2); |
839 | q = p; | 821 | q = p; |
840 | p += 3; | 822 | p += 3; |
841 | 823 | ||
842 | if (iap->ia_valid & ATTR_SIZE) { | 824 | if (iap->ia_valid & ATTR_SIZE) { |
843 | bmval0 |= FATTR4_WORD0_SIZE; | 825 | bmval0 |= FATTR4_WORD0_SIZE; |
844 | WRITE64(iap->ia_size); | 826 | p = xdr_encode_hyper(p, iap->ia_size); |
845 | } | 827 | } |
846 | if (iap->ia_valid & ATTR_MODE) { | 828 | if (iap->ia_valid & ATTR_MODE) { |
847 | bmval1 |= FATTR4_WORD1_MODE; | 829 | bmval1 |= FATTR4_WORD1_MODE; |
848 | WRITE32(iap->ia_mode & S_IALLUGO); | 830 | *p++ = cpu_to_be32(iap->ia_mode & S_IALLUGO); |
849 | } | 831 | } |
850 | if (iap->ia_valid & ATTR_UID) { | 832 | if (iap->ia_valid & ATTR_UID) { |
851 | bmval1 |= FATTR4_WORD1_OWNER; | 833 | bmval1 |= FATTR4_WORD1_OWNER; |
852 | WRITE32(owner_namelen); | 834 | p = xdr_encode_opaque(p, owner_name, owner_namelen); |
853 | WRITEMEM(owner_name, owner_namelen); | ||
854 | } | 835 | } |
855 | if (iap->ia_valid & ATTR_GID) { | 836 | if (iap->ia_valid & ATTR_GID) { |
856 | bmval1 |= FATTR4_WORD1_OWNER_GROUP; | 837 | bmval1 |= FATTR4_WORD1_OWNER_GROUP; |
857 | WRITE32(owner_grouplen); | 838 | p = xdr_encode_opaque(p, owner_group, owner_grouplen); |
858 | WRITEMEM(owner_group, owner_grouplen); | ||
859 | } | 839 | } |
860 | if (iap->ia_valid & ATTR_ATIME_SET) { | 840 | if (iap->ia_valid & ATTR_ATIME_SET) { |
861 | bmval1 |= FATTR4_WORD1_TIME_ACCESS_SET; | 841 | bmval1 |= FATTR4_WORD1_TIME_ACCESS_SET; |
862 | WRITE32(NFS4_SET_TO_CLIENT_TIME); | 842 | *p++ = cpu_to_be32(NFS4_SET_TO_CLIENT_TIME); |
863 | WRITE32(0); | 843 | *p++ = cpu_to_be32(0); |
864 | WRITE32(iap->ia_mtime.tv_sec); | 844 | *p++ = cpu_to_be32(iap->ia_mtime.tv_sec); |
865 | WRITE32(iap->ia_mtime.tv_nsec); | 845 | *p++ = cpu_to_be32(iap->ia_mtime.tv_nsec); |
866 | } | 846 | } |
867 | else if (iap->ia_valid & ATTR_ATIME) { | 847 | else if (iap->ia_valid & ATTR_ATIME) { |
868 | bmval1 |= FATTR4_WORD1_TIME_ACCESS_SET; | 848 | bmval1 |= FATTR4_WORD1_TIME_ACCESS_SET; |
869 | WRITE32(NFS4_SET_TO_SERVER_TIME); | 849 | *p++ = cpu_to_be32(NFS4_SET_TO_SERVER_TIME); |
870 | } | 850 | } |
871 | if (iap->ia_valid & ATTR_MTIME_SET) { | 851 | if (iap->ia_valid & ATTR_MTIME_SET) { |
872 | bmval1 |= FATTR4_WORD1_TIME_MODIFY_SET; | 852 | bmval1 |= FATTR4_WORD1_TIME_MODIFY_SET; |
873 | WRITE32(NFS4_SET_TO_CLIENT_TIME); | 853 | *p++ = cpu_to_be32(NFS4_SET_TO_CLIENT_TIME); |
874 | WRITE32(0); | 854 | *p++ = cpu_to_be32(0); |
875 | WRITE32(iap->ia_mtime.tv_sec); | 855 | *p++ = cpu_to_be32(iap->ia_mtime.tv_sec); |
876 | WRITE32(iap->ia_mtime.tv_nsec); | 856 | *p++ = cpu_to_be32(iap->ia_mtime.tv_nsec); |
877 | } | 857 | } |
878 | else if (iap->ia_valid & ATTR_MTIME) { | 858 | else if (iap->ia_valid & ATTR_MTIME) { |
879 | bmval1 |= FATTR4_WORD1_TIME_MODIFY_SET; | 859 | bmval1 |= FATTR4_WORD1_TIME_MODIFY_SET; |
880 | WRITE32(NFS4_SET_TO_SERVER_TIME); | 860 | *p++ = cpu_to_be32(NFS4_SET_TO_SERVER_TIME); |
881 | } | 861 | } |
882 | 862 | ||
883 | /* | 863 | /* |
@@ -891,7 +871,7 @@ static void encode_attrs(struct xdr_stream *xdr, const struct iattr *iap, const | |||
891 | len = (char *)p - (char *)q - 12; | 871 | len = (char *)p - (char *)q - 12; |
892 | *q++ = htonl(bmval0); | 872 | *q++ = htonl(bmval0); |
893 | *q++ = htonl(bmval1); | 873 | *q++ = htonl(bmval1); |
894 | *q++ = htonl(len); | 874 | *q = htonl(len); |
895 | 875 | ||
896 | /* out: */ | 876 | /* out: */ |
897 | } | 877 | } |
@@ -900,9 +880,9 @@ static void encode_access(struct xdr_stream *xdr, u32 access, struct compound_hd | |||
900 | { | 880 | { |
901 | __be32 *p; | 881 | __be32 *p; |
902 | 882 | ||
903 | RESERVE_SPACE(8); | 883 | p = reserve_space(xdr, 8); |
904 | WRITE32(OP_ACCESS); | 884 | *p++ = cpu_to_be32(OP_ACCESS); |
905 | WRITE32(access); | 885 | *p = cpu_to_be32(access); |
906 | hdr->nops++; | 886 | hdr->nops++; |
907 | hdr->replen += decode_access_maxsz; | 887 | hdr->replen += decode_access_maxsz; |
908 | } | 888 | } |
@@ -911,10 +891,10 @@ static void encode_close(struct xdr_stream *xdr, const struct nfs_closeargs *arg | |||
911 | { | 891 | { |
912 | __be32 *p; | 892 | __be32 *p; |
913 | 893 | ||
914 | RESERVE_SPACE(8+NFS4_STATEID_SIZE); | 894 | p = reserve_space(xdr, 8+NFS4_STATEID_SIZE); |
915 | WRITE32(OP_CLOSE); | 895 | *p++ = cpu_to_be32(OP_CLOSE); |
916 | WRITE32(arg->seqid->sequence->counter); | 896 | *p++ = cpu_to_be32(arg->seqid->sequence->counter); |
917 | WRITEMEM(arg->stateid->data, NFS4_STATEID_SIZE); | 897 | xdr_encode_opaque_fixed(p, arg->stateid->data, NFS4_STATEID_SIZE); |
918 | hdr->nops++; | 898 | hdr->nops++; |
919 | hdr->replen += decode_close_maxsz; | 899 | hdr->replen += decode_close_maxsz; |
920 | } | 900 | } |
@@ -923,10 +903,10 @@ static void encode_commit(struct xdr_stream *xdr, const struct nfs_writeargs *ar | |||
923 | { | 903 | { |
924 | __be32 *p; | 904 | __be32 *p; |
925 | 905 | ||
926 | RESERVE_SPACE(16); | 906 | p = reserve_space(xdr, 16); |
927 | WRITE32(OP_COMMIT); | 907 | *p++ = cpu_to_be32(OP_COMMIT); |
928 | WRITE64(args->offset); | 908 | p = xdr_encode_hyper(p, args->offset); |
929 | WRITE32(args->count); | 909 | *p = cpu_to_be32(args->count); |
930 | hdr->nops++; | 910 | hdr->nops++; |
931 | hdr->replen += decode_commit_maxsz; | 911 | hdr->replen += decode_commit_maxsz; |
932 | } | 912 | } |
@@ -935,30 +915,28 @@ static void encode_create(struct xdr_stream *xdr, const struct nfs4_create_arg * | |||
935 | { | 915 | { |
936 | __be32 *p; | 916 | __be32 *p; |
937 | 917 | ||
938 | RESERVE_SPACE(8); | 918 | p = reserve_space(xdr, 8); |
939 | WRITE32(OP_CREATE); | 919 | *p++ = cpu_to_be32(OP_CREATE); |
940 | WRITE32(create->ftype); | 920 | *p = cpu_to_be32(create->ftype); |
941 | 921 | ||
942 | switch (create->ftype) { | 922 | switch (create->ftype) { |
943 | case NF4LNK: | 923 | case NF4LNK: |
944 | RESERVE_SPACE(4); | 924 | p = reserve_space(xdr, 4); |
945 | WRITE32(create->u.symlink.len); | 925 | *p = cpu_to_be32(create->u.symlink.len); |
946 | xdr_write_pages(xdr, create->u.symlink.pages, 0, create->u.symlink.len); | 926 | xdr_write_pages(xdr, create->u.symlink.pages, 0, create->u.symlink.len); |
947 | break; | 927 | break; |
948 | 928 | ||
949 | case NF4BLK: case NF4CHR: | 929 | case NF4BLK: case NF4CHR: |
950 | RESERVE_SPACE(8); | 930 | p = reserve_space(xdr, 8); |
951 | WRITE32(create->u.device.specdata1); | 931 | *p++ = cpu_to_be32(create->u.device.specdata1); |
952 | WRITE32(create->u.device.specdata2); | 932 | *p = cpu_to_be32(create->u.device.specdata2); |
953 | break; | 933 | break; |
954 | 934 | ||
955 | default: | 935 | default: |
956 | break; | 936 | break; |
957 | } | 937 | } |
958 | 938 | ||
959 | RESERVE_SPACE(4 + create->name->len); | 939 | encode_string(xdr, create->name->len, create->name->name); |
960 | WRITE32(create->name->len); | ||
961 | WRITEMEM(create->name->name, create->name->len); | ||
962 | hdr->nops++; | 940 | hdr->nops++; |
963 | hdr->replen += decode_create_maxsz; | 941 | hdr->replen += decode_create_maxsz; |
964 | 942 | ||
@@ -969,10 +947,10 @@ static void encode_getattr_one(struct xdr_stream *xdr, uint32_t bitmap, struct c | |||
969 | { | 947 | { |
970 | __be32 *p; | 948 | __be32 *p; |
971 | 949 | ||
972 | RESERVE_SPACE(12); | 950 | p = reserve_space(xdr, 12); |
973 | WRITE32(OP_GETATTR); | 951 | *p++ = cpu_to_be32(OP_GETATTR); |
974 | WRITE32(1); | 952 | *p++ = cpu_to_be32(1); |
975 | WRITE32(bitmap); | 953 | *p = cpu_to_be32(bitmap); |
976 | hdr->nops++; | 954 | hdr->nops++; |
977 | hdr->replen += decode_getattr_maxsz; | 955 | hdr->replen += decode_getattr_maxsz; |
978 | } | 956 | } |
@@ -981,11 +959,11 @@ static void encode_getattr_two(struct xdr_stream *xdr, uint32_t bm0, uint32_t bm | |||
981 | { | 959 | { |
982 | __be32 *p; | 960 | __be32 *p; |
983 | 961 | ||
984 | RESERVE_SPACE(16); | 962 | p = reserve_space(xdr, 16); |
985 | WRITE32(OP_GETATTR); | 963 | *p++ = cpu_to_be32(OP_GETATTR); |
986 | WRITE32(2); | 964 | *p++ = cpu_to_be32(2); |
987 | WRITE32(bm0); | 965 | *p++ = cpu_to_be32(bm0); |
988 | WRITE32(bm1); | 966 | *p = cpu_to_be32(bm1); |
989 | hdr->nops++; | 967 | hdr->nops++; |
990 | hdr->replen += decode_getattr_maxsz; | 968 | hdr->replen += decode_getattr_maxsz; |
991 | } | 969 | } |
@@ -1012,8 +990,8 @@ static void encode_getfh(struct xdr_stream *xdr, struct compound_hdr *hdr) | |||
1012 | { | 990 | { |
1013 | __be32 *p; | 991 | __be32 *p; |
1014 | 992 | ||
1015 | RESERVE_SPACE(4); | 993 | p = reserve_space(xdr, 4); |
1016 | WRITE32(OP_GETFH); | 994 | *p = cpu_to_be32(OP_GETFH); |
1017 | hdr->nops++; | 995 | hdr->nops++; |
1018 | hdr->replen += decode_getfh_maxsz; | 996 | hdr->replen += decode_getfh_maxsz; |
1019 | } | 997 | } |
@@ -1022,10 +1000,9 @@ static void encode_link(struct xdr_stream *xdr, const struct qstr *name, struct | |||
1022 | { | 1000 | { |
1023 | __be32 *p; | 1001 | __be32 *p; |
1024 | 1002 | ||
1025 | RESERVE_SPACE(8 + name->len); | 1003 | p = reserve_space(xdr, 8 + name->len); |
1026 | WRITE32(OP_LINK); | 1004 | *p++ = cpu_to_be32(OP_LINK); |
1027 | WRITE32(name->len); | 1005 | xdr_encode_opaque(p, name->name, name->len); |
1028 | WRITEMEM(name->name, name->len); | ||
1029 | hdr->nops++; | 1006 | hdr->nops++; |
1030 | hdr->replen += decode_link_maxsz; | 1007 | hdr->replen += decode_link_maxsz; |
1031 | } | 1008 | } |
@@ -1052,27 +1029,27 @@ static void encode_lock(struct xdr_stream *xdr, const struct nfs_lock_args *args | |||
1052 | { | 1029 | { |
1053 | __be32 *p; | 1030 | __be32 *p; |
1054 | 1031 | ||
1055 | RESERVE_SPACE(32); | 1032 | p = reserve_space(xdr, 32); |
1056 | WRITE32(OP_LOCK); | 1033 | *p++ = cpu_to_be32(OP_LOCK); |
1057 | WRITE32(nfs4_lock_type(args->fl, args->block)); | 1034 | *p++ = cpu_to_be32(nfs4_lock_type(args->fl, args->block)); |
1058 | WRITE32(args->reclaim); | 1035 | *p++ = cpu_to_be32(args->reclaim); |
1059 | WRITE64(args->fl->fl_start); | 1036 | p = xdr_encode_hyper(p, args->fl->fl_start); |
1060 | WRITE64(nfs4_lock_length(args->fl)); | 1037 | p = xdr_encode_hyper(p, nfs4_lock_length(args->fl)); |
1061 | WRITE32(args->new_lock_owner); | 1038 | *p = cpu_to_be32(args->new_lock_owner); |
1062 | if (args->new_lock_owner){ | 1039 | if (args->new_lock_owner){ |
1063 | RESERVE_SPACE(4+NFS4_STATEID_SIZE+32); | 1040 | p = reserve_space(xdr, 4+NFS4_STATEID_SIZE+32); |
1064 | WRITE32(args->open_seqid->sequence->counter); | 1041 | *p++ = cpu_to_be32(args->open_seqid->sequence->counter); |
1065 | WRITEMEM(args->open_stateid->data, NFS4_STATEID_SIZE); | 1042 | p = xdr_encode_opaque_fixed(p, args->open_stateid->data, NFS4_STATEID_SIZE); |
1066 | WRITE32(args->lock_seqid->sequence->counter); | 1043 | *p++ = cpu_to_be32(args->lock_seqid->sequence->counter); |
1067 | WRITE64(args->lock_owner.clientid); | 1044 | p = xdr_encode_hyper(p, args->lock_owner.clientid); |
1068 | WRITE32(16); | 1045 | *p++ = cpu_to_be32(16); |
1069 | WRITEMEM("lock id:", 8); | 1046 | p = xdr_encode_opaque_fixed(p, "lock id:", 8); |
1070 | WRITE64(args->lock_owner.id); | 1047 | xdr_encode_hyper(p, args->lock_owner.id); |
1071 | } | 1048 | } |
1072 | else { | 1049 | else { |
1073 | RESERVE_SPACE(NFS4_STATEID_SIZE+4); | 1050 | p = reserve_space(xdr, NFS4_STATEID_SIZE+4); |
1074 | WRITEMEM(args->lock_stateid->data, NFS4_STATEID_SIZE); | 1051 | p = xdr_encode_opaque_fixed(p, args->lock_stateid->data, NFS4_STATEID_SIZE); |
1075 | WRITE32(args->lock_seqid->sequence->counter); | 1052 | *p = cpu_to_be32(args->lock_seqid->sequence->counter); |
1076 | } | 1053 | } |
1077 | hdr->nops++; | 1054 | hdr->nops++; |
1078 | hdr->replen += decode_lock_maxsz; | 1055 | hdr->replen += decode_lock_maxsz; |
@@ -1082,15 +1059,15 @@ static void encode_lockt(struct xdr_stream *xdr, const struct nfs_lockt_args *ar | |||
1082 | { | 1059 | { |
1083 | __be32 *p; | 1060 | __be32 *p; |
1084 | 1061 | ||
1085 | RESERVE_SPACE(52); | 1062 | p = reserve_space(xdr, 52); |
1086 | WRITE32(OP_LOCKT); | 1063 | *p++ = cpu_to_be32(OP_LOCKT); |
1087 | WRITE32(nfs4_lock_type(args->fl, 0)); | 1064 | *p++ = cpu_to_be32(nfs4_lock_type(args->fl, 0)); |
1088 | WRITE64(args->fl->fl_start); | 1065 | p = xdr_encode_hyper(p, args->fl->fl_start); |
1089 | WRITE64(nfs4_lock_length(args->fl)); | 1066 | p = xdr_encode_hyper(p, nfs4_lock_length(args->fl)); |
1090 | WRITE64(args->lock_owner.clientid); | 1067 | p = xdr_encode_hyper(p, args->lock_owner.clientid); |
1091 | WRITE32(16); | 1068 | *p++ = cpu_to_be32(16); |
1092 | WRITEMEM("lock id:", 8); | 1069 | p = xdr_encode_opaque_fixed(p, "lock id:", 8); |
1093 | WRITE64(args->lock_owner.id); | 1070 | xdr_encode_hyper(p, args->lock_owner.id); |
1094 | hdr->nops++; | 1071 | hdr->nops++; |
1095 | hdr->replen += decode_lockt_maxsz; | 1072 | hdr->replen += decode_lockt_maxsz; |
1096 | } | 1073 | } |
@@ -1099,13 +1076,13 @@ static void encode_locku(struct xdr_stream *xdr, const struct nfs_locku_args *ar | |||
1099 | { | 1076 | { |
1100 | __be32 *p; | 1077 | __be32 *p; |
1101 | 1078 | ||
1102 | RESERVE_SPACE(12+NFS4_STATEID_SIZE+16); | 1079 | p = reserve_space(xdr, 12+NFS4_STATEID_SIZE+16); |
1103 | WRITE32(OP_LOCKU); | 1080 | *p++ = cpu_to_be32(OP_LOCKU); |
1104 | WRITE32(nfs4_lock_type(args->fl, 0)); | 1081 | *p++ = cpu_to_be32(nfs4_lock_type(args->fl, 0)); |
1105 | WRITE32(args->seqid->sequence->counter); | 1082 | *p++ = cpu_to_be32(args->seqid->sequence->counter); |
1106 | WRITEMEM(args->stateid->data, NFS4_STATEID_SIZE); | 1083 | p = xdr_encode_opaque_fixed(p, args->stateid->data, NFS4_STATEID_SIZE); |
1107 | WRITE64(args->fl->fl_start); | 1084 | p = xdr_encode_hyper(p, args->fl->fl_start); |
1108 | WRITE64(nfs4_lock_length(args->fl)); | 1085 | xdr_encode_hyper(p, nfs4_lock_length(args->fl)); |
1109 | hdr->nops++; | 1086 | hdr->nops++; |
1110 | hdr->replen += decode_locku_maxsz; | 1087 | hdr->replen += decode_locku_maxsz; |
1111 | } | 1088 | } |
@@ -1115,10 +1092,9 @@ static void encode_lookup(struct xdr_stream *xdr, const struct qstr *name, struc | |||
1115 | int len = name->len; | 1092 | int len = name->len; |
1116 | __be32 *p; | 1093 | __be32 *p; |
1117 | 1094 | ||
1118 | RESERVE_SPACE(8 + len); | 1095 | p = reserve_space(xdr, 8 + len); |
1119 | WRITE32(OP_LOOKUP); | 1096 | *p++ = cpu_to_be32(OP_LOOKUP); |
1120 | WRITE32(len); | 1097 | xdr_encode_opaque(p, name->name, len); |
1121 | WRITEMEM(name->name, len); | ||
1122 | hdr->nops++; | 1098 | hdr->nops++; |
1123 | hdr->replen += decode_lookup_maxsz; | 1099 | hdr->replen += decode_lookup_maxsz; |
1124 | } | 1100 | } |
@@ -1127,21 +1103,21 @@ static void encode_share_access(struct xdr_stream *xdr, fmode_t fmode) | |||
1127 | { | 1103 | { |
1128 | __be32 *p; | 1104 | __be32 *p; |
1129 | 1105 | ||
1130 | RESERVE_SPACE(8); | 1106 | p = reserve_space(xdr, 8); |
1131 | switch (fmode & (FMODE_READ|FMODE_WRITE)) { | 1107 | switch (fmode & (FMODE_READ|FMODE_WRITE)) { |
1132 | case FMODE_READ: | 1108 | case FMODE_READ: |
1133 | WRITE32(NFS4_SHARE_ACCESS_READ); | 1109 | *p++ = cpu_to_be32(NFS4_SHARE_ACCESS_READ); |
1134 | break; | 1110 | break; |
1135 | case FMODE_WRITE: | 1111 | case FMODE_WRITE: |
1136 | WRITE32(NFS4_SHARE_ACCESS_WRITE); | 1112 | *p++ = cpu_to_be32(NFS4_SHARE_ACCESS_WRITE); |
1137 | break; | 1113 | break; |
1138 | case FMODE_READ|FMODE_WRITE: | 1114 | case FMODE_READ|FMODE_WRITE: |
1139 | WRITE32(NFS4_SHARE_ACCESS_BOTH); | 1115 | *p++ = cpu_to_be32(NFS4_SHARE_ACCESS_BOTH); |
1140 | break; | 1116 | break; |
1141 | default: | 1117 | default: |
1142 | WRITE32(0); | 1118 | *p++ = cpu_to_be32(0); |
1143 | } | 1119 | } |
1144 | WRITE32(0); /* for linux, share_deny = 0 always */ | 1120 | *p = cpu_to_be32(0); /* for linux, share_deny = 0 always */ |
1145 | } | 1121 | } |
1146 | 1122 | ||
1147 | static inline void encode_openhdr(struct xdr_stream *xdr, const struct nfs_openargs *arg) | 1123 | static inline void encode_openhdr(struct xdr_stream *xdr, const struct nfs_openargs *arg) |
@@ -1151,29 +1127,29 @@ static inline void encode_openhdr(struct xdr_stream *xdr, const struct nfs_opena | |||
1151 | * opcode 4, seqid 4, share_access 4, share_deny 4, clientid 8, ownerlen 4, | 1127 | * opcode 4, seqid 4, share_access 4, share_deny 4, clientid 8, ownerlen 4, |
1152 | * owner 4 = 32 | 1128 | * owner 4 = 32 |
1153 | */ | 1129 | */ |
1154 | RESERVE_SPACE(8); | 1130 | p = reserve_space(xdr, 8); |
1155 | WRITE32(OP_OPEN); | 1131 | *p++ = cpu_to_be32(OP_OPEN); |
1156 | WRITE32(arg->seqid->sequence->counter); | 1132 | *p = cpu_to_be32(arg->seqid->sequence->counter); |
1157 | encode_share_access(xdr, arg->fmode); | 1133 | encode_share_access(xdr, arg->fmode); |
1158 | RESERVE_SPACE(28); | 1134 | p = reserve_space(xdr, 28); |
1159 | WRITE64(arg->clientid); | 1135 | p = xdr_encode_hyper(p, arg->clientid); |
1160 | WRITE32(16); | 1136 | *p++ = cpu_to_be32(16); |
1161 | WRITEMEM("open id:", 8); | 1137 | p = xdr_encode_opaque_fixed(p, "open id:", 8); |
1162 | WRITE64(arg->id); | 1138 | xdr_encode_hyper(p, arg->id); |
1163 | } | 1139 | } |
1164 | 1140 | ||
1165 | static inline void encode_createmode(struct xdr_stream *xdr, const struct nfs_openargs *arg) | 1141 | static inline void encode_createmode(struct xdr_stream *xdr, const struct nfs_openargs *arg) |
1166 | { | 1142 | { |
1167 | __be32 *p; | 1143 | __be32 *p; |
1168 | 1144 | ||
1169 | RESERVE_SPACE(4); | 1145 | p = reserve_space(xdr, 4); |
1170 | switch(arg->open_flags & O_EXCL) { | 1146 | switch(arg->open_flags & O_EXCL) { |
1171 | case 0: | 1147 | case 0: |
1172 | WRITE32(NFS4_CREATE_UNCHECKED); | 1148 | *p = cpu_to_be32(NFS4_CREATE_UNCHECKED); |
1173 | encode_attrs(xdr, arg->u.attrs, arg->server); | 1149 | encode_attrs(xdr, arg->u.attrs, arg->server); |
1174 | break; | 1150 | break; |
1175 | default: | 1151 | default: |
1176 | WRITE32(NFS4_CREATE_EXCLUSIVE); | 1152 | *p = cpu_to_be32(NFS4_CREATE_EXCLUSIVE); |
1177 | encode_nfs4_verifier(xdr, &arg->u.verifier); | 1153 | encode_nfs4_verifier(xdr, &arg->u.verifier); |
1178 | } | 1154 | } |
1179 | } | 1155 | } |
@@ -1182,14 +1158,14 @@ static void encode_opentype(struct xdr_stream *xdr, const struct nfs_openargs *a | |||
1182 | { | 1158 | { |
1183 | __be32 *p; | 1159 | __be32 *p; |
1184 | 1160 | ||
1185 | RESERVE_SPACE(4); | 1161 | p = reserve_space(xdr, 4); |
1186 | switch (arg->open_flags & O_CREAT) { | 1162 | switch (arg->open_flags & O_CREAT) { |
1187 | case 0: | 1163 | case 0: |
1188 | WRITE32(NFS4_OPEN_NOCREATE); | 1164 | *p = cpu_to_be32(NFS4_OPEN_NOCREATE); |
1189 | break; | 1165 | break; |
1190 | default: | 1166 | default: |
1191 | BUG_ON(arg->claim != NFS4_OPEN_CLAIM_NULL); | 1167 | BUG_ON(arg->claim != NFS4_OPEN_CLAIM_NULL); |
1192 | WRITE32(NFS4_OPEN_CREATE); | 1168 | *p = cpu_to_be32(NFS4_OPEN_CREATE); |
1193 | encode_createmode(xdr, arg); | 1169 | encode_createmode(xdr, arg); |
1194 | } | 1170 | } |
1195 | } | 1171 | } |
@@ -1198,16 +1174,16 @@ static inline void encode_delegation_type(struct xdr_stream *xdr, fmode_t delega | |||
1198 | { | 1174 | { |
1199 | __be32 *p; | 1175 | __be32 *p; |
1200 | 1176 | ||
1201 | RESERVE_SPACE(4); | 1177 | p = reserve_space(xdr, 4); |
1202 | switch (delegation_type) { | 1178 | switch (delegation_type) { |
1203 | case 0: | 1179 | case 0: |
1204 | WRITE32(NFS4_OPEN_DELEGATE_NONE); | 1180 | *p = cpu_to_be32(NFS4_OPEN_DELEGATE_NONE); |
1205 | break; | 1181 | break; |
1206 | case FMODE_READ: | 1182 | case FMODE_READ: |
1207 | WRITE32(NFS4_OPEN_DELEGATE_READ); | 1183 | *p = cpu_to_be32(NFS4_OPEN_DELEGATE_READ); |
1208 | break; | 1184 | break; |
1209 | case FMODE_WRITE|FMODE_READ: | 1185 | case FMODE_WRITE|FMODE_READ: |
1210 | WRITE32(NFS4_OPEN_DELEGATE_WRITE); | 1186 | *p = cpu_to_be32(NFS4_OPEN_DELEGATE_WRITE); |
1211 | break; | 1187 | break; |
1212 | default: | 1188 | default: |
1213 | BUG(); | 1189 | BUG(); |
@@ -1218,8 +1194,8 @@ static inline void encode_claim_null(struct xdr_stream *xdr, const struct qstr * | |||
1218 | { | 1194 | { |
1219 | __be32 *p; | 1195 | __be32 *p; |
1220 | 1196 | ||
1221 | RESERVE_SPACE(4); | 1197 | p = reserve_space(xdr, 4); |
1222 | WRITE32(NFS4_OPEN_CLAIM_NULL); | 1198 | *p = cpu_to_be32(NFS4_OPEN_CLAIM_NULL); |
1223 | encode_string(xdr, name->len, name->name); | 1199 | encode_string(xdr, name->len, name->name); |
1224 | } | 1200 | } |
1225 | 1201 | ||
@@ -1227,8 +1203,8 @@ static inline void encode_claim_previous(struct xdr_stream *xdr, fmode_t type) | |||
1227 | { | 1203 | { |
1228 | __be32 *p; | 1204 | __be32 *p; |
1229 | 1205 | ||
1230 | RESERVE_SPACE(4); | 1206 | p = reserve_space(xdr, 4); |
1231 | WRITE32(NFS4_OPEN_CLAIM_PREVIOUS); | 1207 | *p = cpu_to_be32(NFS4_OPEN_CLAIM_PREVIOUS); |
1232 | encode_delegation_type(xdr, type); | 1208 | encode_delegation_type(xdr, type); |
1233 | } | 1209 | } |
1234 | 1210 | ||
@@ -1236,9 +1212,9 @@ static inline void encode_claim_delegate_cur(struct xdr_stream *xdr, const struc | |||
1236 | { | 1212 | { |
1237 | __be32 *p; | 1213 | __be32 *p; |
1238 | 1214 | ||
1239 | RESERVE_SPACE(4+NFS4_STATEID_SIZE); | 1215 | p = reserve_space(xdr, 4+NFS4_STATEID_SIZE); |
1240 | WRITE32(NFS4_OPEN_CLAIM_DELEGATE_CUR); | 1216 | *p++ = cpu_to_be32(NFS4_OPEN_CLAIM_DELEGATE_CUR); |
1241 | WRITEMEM(stateid->data, NFS4_STATEID_SIZE); | 1217 | xdr_encode_opaque_fixed(p, stateid->data, NFS4_STATEID_SIZE); |
1242 | encode_string(xdr, name->len, name->name); | 1218 | encode_string(xdr, name->len, name->name); |
1243 | } | 1219 | } |
1244 | 1220 | ||
@@ -1267,10 +1243,10 @@ static void encode_open_confirm(struct xdr_stream *xdr, const struct nfs_open_co | |||
1267 | { | 1243 | { |
1268 | __be32 *p; | 1244 | __be32 *p; |
1269 | 1245 | ||
1270 | RESERVE_SPACE(4+NFS4_STATEID_SIZE+4); | 1246 | p = reserve_space(xdr, 4+NFS4_STATEID_SIZE+4); |
1271 | WRITE32(OP_OPEN_CONFIRM); | 1247 | *p++ = cpu_to_be32(OP_OPEN_CONFIRM); |
1272 | WRITEMEM(arg->stateid->data, NFS4_STATEID_SIZE); | 1248 | p = xdr_encode_opaque_fixed(p, arg->stateid->data, NFS4_STATEID_SIZE); |
1273 | WRITE32(arg->seqid->sequence->counter); | 1249 | *p = cpu_to_be32(arg->seqid->sequence->counter); |
1274 | hdr->nops++; | 1250 | hdr->nops++; |
1275 | hdr->replen += decode_open_confirm_maxsz; | 1251 | hdr->replen += decode_open_confirm_maxsz; |
1276 | } | 1252 | } |
@@ -1279,10 +1255,10 @@ static void encode_open_downgrade(struct xdr_stream *xdr, const struct nfs_close | |||
1279 | { | 1255 | { |
1280 | __be32 *p; | 1256 | __be32 *p; |
1281 | 1257 | ||
1282 | RESERVE_SPACE(4+NFS4_STATEID_SIZE+4); | 1258 | p = reserve_space(xdr, 4+NFS4_STATEID_SIZE+4); |
1283 | WRITE32(OP_OPEN_DOWNGRADE); | 1259 | *p++ = cpu_to_be32(OP_OPEN_DOWNGRADE); |
1284 | WRITEMEM(arg->stateid->data, NFS4_STATEID_SIZE); | 1260 | p = xdr_encode_opaque_fixed(p, arg->stateid->data, NFS4_STATEID_SIZE); |
1285 | WRITE32(arg->seqid->sequence->counter); | 1261 | *p = cpu_to_be32(arg->seqid->sequence->counter); |
1286 | encode_share_access(xdr, arg->fmode); | 1262 | encode_share_access(xdr, arg->fmode); |
1287 | hdr->nops++; | 1263 | hdr->nops++; |
1288 | hdr->replen += decode_open_downgrade_maxsz; | 1264 | hdr->replen += decode_open_downgrade_maxsz; |
@@ -1294,10 +1270,9 @@ encode_putfh(struct xdr_stream *xdr, const struct nfs_fh *fh, struct compound_hd | |||
1294 | int len = fh->size; | 1270 | int len = fh->size; |
1295 | __be32 *p; | 1271 | __be32 *p; |
1296 | 1272 | ||
1297 | RESERVE_SPACE(8 + len); | 1273 | p = reserve_space(xdr, 8 + len); |
1298 | WRITE32(OP_PUTFH); | 1274 | *p++ = cpu_to_be32(OP_PUTFH); |
1299 | WRITE32(len); | 1275 | xdr_encode_opaque(p, fh->data, len); |
1300 | WRITEMEM(fh->data, len); | ||
1301 | hdr->nops++; | 1276 | hdr->nops++; |
1302 | hdr->replen += decode_putfh_maxsz; | 1277 | hdr->replen += decode_putfh_maxsz; |
1303 | } | 1278 | } |
@@ -1306,8 +1281,8 @@ static void encode_putrootfh(struct xdr_stream *xdr, struct compound_hdr *hdr) | |||
1306 | { | 1281 | { |
1307 | __be32 *p; | 1282 | __be32 *p; |
1308 | 1283 | ||
1309 | RESERVE_SPACE(4); | 1284 | p = reserve_space(xdr, 4); |
1310 | WRITE32(OP_PUTROOTFH); | 1285 | *p = cpu_to_be32(OP_PUTROOTFH); |
1311 | hdr->nops++; | 1286 | hdr->nops++; |
1312 | hdr->replen += decode_putrootfh_maxsz; | 1287 | hdr->replen += decode_putrootfh_maxsz; |
1313 | } | 1288 | } |
@@ -1317,26 +1292,26 @@ static void encode_stateid(struct xdr_stream *xdr, const struct nfs_open_context | |||
1317 | nfs4_stateid stateid; | 1292 | nfs4_stateid stateid; |
1318 | __be32 *p; | 1293 | __be32 *p; |
1319 | 1294 | ||
1320 | RESERVE_SPACE(NFS4_STATEID_SIZE); | 1295 | p = reserve_space(xdr, NFS4_STATEID_SIZE); |
1321 | if (ctx->state != NULL) { | 1296 | if (ctx->state != NULL) { |
1322 | nfs4_copy_stateid(&stateid, ctx->state, ctx->lockowner); | 1297 | nfs4_copy_stateid(&stateid, ctx->state, ctx->lockowner); |
1323 | WRITEMEM(stateid.data, NFS4_STATEID_SIZE); | 1298 | xdr_encode_opaque_fixed(p, stateid.data, NFS4_STATEID_SIZE); |
1324 | } else | 1299 | } else |
1325 | WRITEMEM(zero_stateid.data, NFS4_STATEID_SIZE); | 1300 | xdr_encode_opaque_fixed(p, zero_stateid.data, NFS4_STATEID_SIZE); |
1326 | } | 1301 | } |
1327 | 1302 | ||
1328 | static void encode_read(struct xdr_stream *xdr, const struct nfs_readargs *args, struct compound_hdr *hdr) | 1303 | static void encode_read(struct xdr_stream *xdr, const struct nfs_readargs *args, struct compound_hdr *hdr) |
1329 | { | 1304 | { |
1330 | __be32 *p; | 1305 | __be32 *p; |
1331 | 1306 | ||
1332 | RESERVE_SPACE(4); | 1307 | p = reserve_space(xdr, 4); |
1333 | WRITE32(OP_READ); | 1308 | *p = cpu_to_be32(OP_READ); |
1334 | 1309 | ||
1335 | encode_stateid(xdr, args->context); | 1310 | encode_stateid(xdr, args->context); |
1336 | 1311 | ||
1337 | RESERVE_SPACE(12); | 1312 | p = reserve_space(xdr, 12); |
1338 | WRITE64(args->offset); | 1313 | p = xdr_encode_hyper(p, args->offset); |
1339 | WRITE32(args->count); | 1314 | *p = cpu_to_be32(args->count); |
1340 | hdr->nops++; | 1315 | hdr->nops++; |
1341 | hdr->replen += decode_read_maxsz; | 1316 | hdr->replen += decode_read_maxsz; |
1342 | } | 1317 | } |
@@ -1349,20 +1324,20 @@ static void encode_readdir(struct xdr_stream *xdr, const struct nfs4_readdir_arg | |||
1349 | }; | 1324 | }; |
1350 | __be32 *p; | 1325 | __be32 *p; |
1351 | 1326 | ||
1352 | RESERVE_SPACE(12+NFS4_VERIFIER_SIZE+20); | 1327 | p = reserve_space(xdr, 12+NFS4_VERIFIER_SIZE+20); |
1353 | WRITE32(OP_READDIR); | 1328 | *p++ = cpu_to_be32(OP_READDIR); |
1354 | WRITE64(readdir->cookie); | 1329 | p = xdr_encode_hyper(p, readdir->cookie); |
1355 | WRITEMEM(readdir->verifier.data, NFS4_VERIFIER_SIZE); | 1330 | p = xdr_encode_opaque_fixed(p, readdir->verifier.data, NFS4_VERIFIER_SIZE); |
1356 | WRITE32(readdir->count >> 1); /* We're not doing readdirplus */ | 1331 | *p++ = cpu_to_be32(readdir->count >> 1); /* We're not doing readdirplus */ |
1357 | WRITE32(readdir->count); | 1332 | *p++ = cpu_to_be32(readdir->count); |
1358 | WRITE32(2); | 1333 | *p++ = cpu_to_be32(2); |
1359 | /* Switch to mounted_on_fileid if the server supports it */ | 1334 | /* Switch to mounted_on_fileid if the server supports it */ |
1360 | if (readdir->bitmask[1] & FATTR4_WORD1_MOUNTED_ON_FILEID) | 1335 | if (readdir->bitmask[1] & FATTR4_WORD1_MOUNTED_ON_FILEID) |
1361 | attrs[0] &= ~FATTR4_WORD0_FILEID; | 1336 | attrs[0] &= ~FATTR4_WORD0_FILEID; |
1362 | else | 1337 | else |
1363 | attrs[1] &= ~FATTR4_WORD1_MOUNTED_ON_FILEID; | 1338 | attrs[1] &= ~FATTR4_WORD1_MOUNTED_ON_FILEID; |
1364 | WRITE32(attrs[0] & readdir->bitmask[0]); | 1339 | *p++ = cpu_to_be32(attrs[0] & readdir->bitmask[0]); |
1365 | WRITE32(attrs[1] & readdir->bitmask[1]); | 1340 | *p = cpu_to_be32(attrs[1] & readdir->bitmask[1]); |
1366 | hdr->nops++; | 1341 | hdr->nops++; |
1367 | hdr->replen += decode_readdir_maxsz; | 1342 | hdr->replen += decode_readdir_maxsz; |
1368 | dprintk("%s: cookie = %Lu, verifier = %08x:%08x, bitmap = %08x:%08x\n", | 1343 | dprintk("%s: cookie = %Lu, verifier = %08x:%08x, bitmap = %08x:%08x\n", |
@@ -1378,8 +1353,8 @@ static void encode_readlink(struct xdr_stream *xdr, const struct nfs4_readlink * | |||
1378 | { | 1353 | { |
1379 | __be32 *p; | 1354 | __be32 *p; |
1380 | 1355 | ||
1381 | RESERVE_SPACE(4); | 1356 | p = reserve_space(xdr, 4); |
1382 | WRITE32(OP_READLINK); | 1357 | *p = cpu_to_be32(OP_READLINK); |
1383 | hdr->nops++; | 1358 | hdr->nops++; |
1384 | hdr->replen += decode_readlink_maxsz; | 1359 | hdr->replen += decode_readlink_maxsz; |
1385 | } | 1360 | } |
@@ -1388,10 +1363,9 @@ static void encode_remove(struct xdr_stream *xdr, const struct qstr *name, struc | |||
1388 | { | 1363 | { |
1389 | __be32 *p; | 1364 | __be32 *p; |
1390 | 1365 | ||
1391 | RESERVE_SPACE(8 + name->len); | 1366 | p = reserve_space(xdr, 8 + name->len); |
1392 | WRITE32(OP_REMOVE); | 1367 | *p++ = cpu_to_be32(OP_REMOVE); |
1393 | WRITE32(name->len); | 1368 | xdr_encode_opaque(p, name->name, name->len); |
1394 | WRITEMEM(name->name, name->len); | ||
1395 | hdr->nops++; | 1369 | hdr->nops++; |
1396 | hdr->replen += decode_remove_maxsz; | 1370 | hdr->replen += decode_remove_maxsz; |
1397 | } | 1371 | } |
@@ -1400,14 +1374,10 @@ static void encode_rename(struct xdr_stream *xdr, const struct qstr *oldname, co | |||
1400 | { | 1374 | { |
1401 | __be32 *p; | 1375 | __be32 *p; |
1402 | 1376 | ||
1403 | RESERVE_SPACE(8 + oldname->len); | 1377 | p = reserve_space(xdr, 4); |
1404 | WRITE32(OP_RENAME); | 1378 | *p = cpu_to_be32(OP_RENAME); |
1405 | WRITE32(oldname->len); | 1379 | encode_string(xdr, oldname->len, oldname->name); |
1406 | WRITEMEM(oldname->name, oldname->len); | 1380 | encode_string(xdr, newname->len, newname->name); |
1407 | |||
1408 | RESERVE_SPACE(4 + newname->len); | ||
1409 | WRITE32(newname->len); | ||
1410 | WRITEMEM(newname->name, newname->len); | ||
1411 | hdr->nops++; | 1381 | hdr->nops++; |
1412 | hdr->replen += decode_rename_maxsz; | 1382 | hdr->replen += decode_rename_maxsz; |
1413 | } | 1383 | } |
@@ -1416,9 +1386,9 @@ static void encode_renew(struct xdr_stream *xdr, const struct nfs_client *client | |||
1416 | { | 1386 | { |
1417 | __be32 *p; | 1387 | __be32 *p; |
1418 | 1388 | ||
1419 | RESERVE_SPACE(12); | 1389 | p = reserve_space(xdr, 12); |
1420 | WRITE32(OP_RENEW); | 1390 | *p++ = cpu_to_be32(OP_RENEW); |
1421 | WRITE64(client_stateid->cl_clientid); | 1391 | xdr_encode_hyper(p, client_stateid->cl_clientid); |
1422 | hdr->nops++; | 1392 | hdr->nops++; |
1423 | hdr->replen += decode_renew_maxsz; | 1393 | hdr->replen += decode_renew_maxsz; |
1424 | } | 1394 | } |
@@ -1428,8 +1398,8 @@ encode_restorefh(struct xdr_stream *xdr, struct compound_hdr *hdr) | |||
1428 | { | 1398 | { |
1429 | __be32 *p; | 1399 | __be32 *p; |
1430 | 1400 | ||
1431 | RESERVE_SPACE(4); | 1401 | p = reserve_space(xdr, 4); |
1432 | WRITE32(OP_RESTOREFH); | 1402 | *p = cpu_to_be32(OP_RESTOREFH); |
1433 | hdr->nops++; | 1403 | hdr->nops++; |
1434 | hdr->replen += decode_restorefh_maxsz; | 1404 | hdr->replen += decode_restorefh_maxsz; |
1435 | } | 1405 | } |
@@ -1439,16 +1409,16 @@ encode_setacl(struct xdr_stream *xdr, struct nfs_setaclargs *arg, struct compoun | |||
1439 | { | 1409 | { |
1440 | __be32 *p; | 1410 | __be32 *p; |
1441 | 1411 | ||
1442 | RESERVE_SPACE(4+NFS4_STATEID_SIZE); | 1412 | p = reserve_space(xdr, 4+NFS4_STATEID_SIZE); |
1443 | WRITE32(OP_SETATTR); | 1413 | *p++ = cpu_to_be32(OP_SETATTR); |
1444 | WRITEMEM(zero_stateid.data, NFS4_STATEID_SIZE); | 1414 | xdr_encode_opaque_fixed(p, zero_stateid.data, NFS4_STATEID_SIZE); |
1445 | RESERVE_SPACE(2*4); | 1415 | p = reserve_space(xdr, 2*4); |
1446 | WRITE32(1); | 1416 | *p++ = cpu_to_be32(1); |
1447 | WRITE32(FATTR4_WORD0_ACL); | 1417 | *p = cpu_to_be32(FATTR4_WORD0_ACL); |
1448 | if (arg->acl_len % 4) | 1418 | if (arg->acl_len % 4) |
1449 | return -EINVAL; | 1419 | return -EINVAL; |
1450 | RESERVE_SPACE(4); | 1420 | p = reserve_space(xdr, 4); |
1451 | WRITE32(arg->acl_len); | 1421 | *p = cpu_to_be32(arg->acl_len); |
1452 | xdr_write_pages(xdr, arg->acl_pages, arg->acl_pgbase, arg->acl_len); | 1422 | xdr_write_pages(xdr, arg->acl_pages, arg->acl_pgbase, arg->acl_len); |
1453 | hdr->nops++; | 1423 | hdr->nops++; |
1454 | hdr->replen += decode_setacl_maxsz; | 1424 | hdr->replen += decode_setacl_maxsz; |
@@ -1460,8 +1430,8 @@ encode_savefh(struct xdr_stream *xdr, struct compound_hdr *hdr) | |||
1460 | { | 1430 | { |
1461 | __be32 *p; | 1431 | __be32 *p; |
1462 | 1432 | ||
1463 | RESERVE_SPACE(4); | 1433 | p = reserve_space(xdr, 4); |
1464 | WRITE32(OP_SAVEFH); | 1434 | *p = cpu_to_be32(OP_SAVEFH); |
1465 | hdr->nops++; | 1435 | hdr->nops++; |
1466 | hdr->replen += decode_savefh_maxsz; | 1436 | hdr->replen += decode_savefh_maxsz; |
1467 | } | 1437 | } |
@@ -1470,9 +1440,9 @@ static void encode_setattr(struct xdr_stream *xdr, const struct nfs_setattrargs | |||
1470 | { | 1440 | { |
1471 | __be32 *p; | 1441 | __be32 *p; |
1472 | 1442 | ||
1473 | RESERVE_SPACE(4+NFS4_STATEID_SIZE); | 1443 | p = reserve_space(xdr, 4+NFS4_STATEID_SIZE); |
1474 | WRITE32(OP_SETATTR); | 1444 | *p++ = cpu_to_be32(OP_SETATTR); |
1475 | WRITEMEM(arg->stateid.data, NFS4_STATEID_SIZE); | 1445 | xdr_encode_opaque_fixed(p, arg->stateid.data, NFS4_STATEID_SIZE); |
1476 | hdr->nops++; | 1446 | hdr->nops++; |
1477 | hdr->replen += decode_setattr_maxsz; | 1447 | hdr->replen += decode_setattr_maxsz; |
1478 | encode_attrs(xdr, arg->iap, server); | 1448 | encode_attrs(xdr, arg->iap, server); |
@@ -1482,17 +1452,17 @@ static void encode_setclientid(struct xdr_stream *xdr, const struct nfs4_setclie | |||
1482 | { | 1452 | { |
1483 | __be32 *p; | 1453 | __be32 *p; |
1484 | 1454 | ||
1485 | RESERVE_SPACE(4 + NFS4_VERIFIER_SIZE); | 1455 | p = reserve_space(xdr, 4 + NFS4_VERIFIER_SIZE); |
1486 | WRITE32(OP_SETCLIENTID); | 1456 | *p++ = cpu_to_be32(OP_SETCLIENTID); |
1487 | WRITEMEM(setclientid->sc_verifier->data, NFS4_VERIFIER_SIZE); | 1457 | xdr_encode_opaque_fixed(p, setclientid->sc_verifier->data, NFS4_VERIFIER_SIZE); |
1488 | 1458 | ||
1489 | encode_string(xdr, setclientid->sc_name_len, setclientid->sc_name); | 1459 | encode_string(xdr, setclientid->sc_name_len, setclientid->sc_name); |
1490 | RESERVE_SPACE(4); | 1460 | p = reserve_space(xdr, 4); |
1491 | WRITE32(setclientid->sc_prog); | 1461 | *p = cpu_to_be32(setclientid->sc_prog); |
1492 | encode_string(xdr, setclientid->sc_netid_len, setclientid->sc_netid); | 1462 | encode_string(xdr, setclientid->sc_netid_len, setclientid->sc_netid); |
1493 | encode_string(xdr, setclientid->sc_uaddr_len, setclientid->sc_uaddr); | 1463 | encode_string(xdr, setclientid->sc_uaddr_len, setclientid->sc_uaddr); |
1494 | RESERVE_SPACE(4); | 1464 | p = reserve_space(xdr, 4); |
1495 | WRITE32(setclientid->sc_cb_ident); | 1465 | *p = cpu_to_be32(setclientid->sc_cb_ident); |
1496 | hdr->nops++; | 1466 | hdr->nops++; |
1497 | hdr->replen += decode_setclientid_maxsz; | 1467 | hdr->replen += decode_setclientid_maxsz; |
1498 | } | 1468 | } |
@@ -1501,10 +1471,10 @@ static void encode_setclientid_confirm(struct xdr_stream *xdr, const struct nfs_ | |||
1501 | { | 1471 | { |
1502 | __be32 *p; | 1472 | __be32 *p; |
1503 | 1473 | ||
1504 | RESERVE_SPACE(12 + NFS4_VERIFIER_SIZE); | 1474 | p = reserve_space(xdr, 12 + NFS4_VERIFIER_SIZE); |
1505 | WRITE32(OP_SETCLIENTID_CONFIRM); | 1475 | *p++ = cpu_to_be32(OP_SETCLIENTID_CONFIRM); |
1506 | WRITE64(client_state->cl_clientid); | 1476 | p = xdr_encode_hyper(p, client_state->cl_clientid); |
1507 | WRITEMEM(client_state->cl_confirm.data, NFS4_VERIFIER_SIZE); | 1477 | xdr_encode_opaque_fixed(p, client_state->cl_confirm.data, NFS4_VERIFIER_SIZE); |
1508 | hdr->nops++; | 1478 | hdr->nops++; |
1509 | hdr->replen += decode_setclientid_confirm_maxsz; | 1479 | hdr->replen += decode_setclientid_confirm_maxsz; |
1510 | } | 1480 | } |
@@ -1513,15 +1483,15 @@ static void encode_write(struct xdr_stream *xdr, const struct nfs_writeargs *arg | |||
1513 | { | 1483 | { |
1514 | __be32 *p; | 1484 | __be32 *p; |
1515 | 1485 | ||
1516 | RESERVE_SPACE(4); | 1486 | p = reserve_space(xdr, 4); |
1517 | WRITE32(OP_WRITE); | 1487 | *p = cpu_to_be32(OP_WRITE); |
1518 | 1488 | ||
1519 | encode_stateid(xdr, args->context); | 1489 | encode_stateid(xdr, args->context); |
1520 | 1490 | ||
1521 | RESERVE_SPACE(16); | 1491 | p = reserve_space(xdr, 16); |
1522 | WRITE64(args->offset); | 1492 | p = xdr_encode_hyper(p, args->offset); |
1523 | WRITE32(args->stable); | 1493 | *p++ = cpu_to_be32(args->stable); |
1524 | WRITE32(args->count); | 1494 | *p = cpu_to_be32(args->count); |
1525 | 1495 | ||
1526 | xdr_write_pages(xdr, args->pages, args->pgbase, args->count); | 1496 | xdr_write_pages(xdr, args->pages, args->pgbase, args->count); |
1527 | hdr->nops++; | 1497 | hdr->nops++; |
@@ -1532,10 +1502,10 @@ static void encode_delegreturn(struct xdr_stream *xdr, const nfs4_stateid *state | |||
1532 | { | 1502 | { |
1533 | __be32 *p; | 1503 | __be32 *p; |
1534 | 1504 | ||
1535 | RESERVE_SPACE(4+NFS4_STATEID_SIZE); | 1505 | p = reserve_space(xdr, 4+NFS4_STATEID_SIZE); |
1536 | 1506 | ||
1537 | WRITE32(OP_DELEGRETURN); | 1507 | *p++ = cpu_to_be32(OP_DELEGRETURN); |
1538 | WRITEMEM(stateid->data, NFS4_STATEID_SIZE); | 1508 | xdr_encode_opaque_fixed(p, stateid->data, NFS4_STATEID_SIZE); |
1539 | hdr->nops++; | 1509 | hdr->nops++; |
1540 | hdr->replen += decode_delegreturn_maxsz; | 1510 | hdr->replen += decode_delegreturn_maxsz; |
1541 | } | 1511 | } |
@@ -1548,16 +1518,16 @@ static void encode_exchange_id(struct xdr_stream *xdr, | |||
1548 | { | 1518 | { |
1549 | __be32 *p; | 1519 | __be32 *p; |
1550 | 1520 | ||
1551 | RESERVE_SPACE(4 + sizeof(args->verifier->data)); | 1521 | p = reserve_space(xdr, 4 + sizeof(args->verifier->data)); |
1552 | WRITE32(OP_EXCHANGE_ID); | 1522 | *p++ = cpu_to_be32(OP_EXCHANGE_ID); |
1553 | WRITEMEM(args->verifier->data, sizeof(args->verifier->data)); | 1523 | xdr_encode_opaque_fixed(p, args->verifier->data, sizeof(args->verifier->data)); |
1554 | 1524 | ||
1555 | encode_string(xdr, args->id_len, args->id); | 1525 | encode_string(xdr, args->id_len, args->id); |
1556 | 1526 | ||
1557 | RESERVE_SPACE(12); | 1527 | p = reserve_space(xdr, 12); |
1558 | WRITE32(args->flags); | 1528 | *p++ = cpu_to_be32(args->flags); |
1559 | WRITE32(0); /* zero length state_protect4_a */ | 1529 | *p++ = cpu_to_be32(0); /* zero length state_protect4_a */ |
1560 | WRITE32(0); /* zero length implementation id array */ | 1530 | *p = cpu_to_be32(0); /* zero length implementation id array */ |
1561 | hdr->nops++; | 1531 | hdr->nops++; |
1562 | hdr->replen += decode_exchange_id_maxsz; | 1532 | hdr->replen += decode_exchange_id_maxsz; |
1563 | } | 1533 | } |
@@ -1571,55 +1541,43 @@ static void encode_create_session(struct xdr_stream *xdr, | |||
1571 | uint32_t len; | 1541 | uint32_t len; |
1572 | struct nfs_client *clp = args->client; | 1542 | struct nfs_client *clp = args->client; |
1573 | 1543 | ||
1574 | RESERVE_SPACE(4); | 1544 | len = scnprintf(machine_name, sizeof(machine_name), "%s", |
1575 | WRITE32(OP_CREATE_SESSION); | 1545 | clp->cl_ipaddr); |
1576 | |||
1577 | RESERVE_SPACE(8); | ||
1578 | WRITE64(clp->cl_ex_clid); | ||
1579 | 1546 | ||
1580 | RESERVE_SPACE(8); | 1547 | p = reserve_space(xdr, 20 + 2*28 + 20 + len + 12); |
1581 | WRITE32(clp->cl_seqid); /*Sequence id */ | 1548 | *p++ = cpu_to_be32(OP_CREATE_SESSION); |
1582 | WRITE32(args->flags); /*flags */ | 1549 | p = xdr_encode_hyper(p, clp->cl_ex_clid); |
1550 | *p++ = cpu_to_be32(clp->cl_seqid); /*Sequence id */ | ||
1551 | *p++ = cpu_to_be32(args->flags); /*flags */ | ||
1583 | 1552 | ||
1584 | RESERVE_SPACE(2*28); /* 2 channel_attrs */ | ||
1585 | /* Fore Channel */ | 1553 | /* Fore Channel */ |
1586 | WRITE32(args->fc_attrs.headerpadsz); /* header padding size */ | 1554 | *p++ = cpu_to_be32(args->fc_attrs.headerpadsz); /* header padding size */ |
1587 | WRITE32(args->fc_attrs.max_rqst_sz); /* max req size */ | 1555 | *p++ = cpu_to_be32(args->fc_attrs.max_rqst_sz); /* max req size */ |
1588 | WRITE32(args->fc_attrs.max_resp_sz); /* max resp size */ | 1556 | *p++ = cpu_to_be32(args->fc_attrs.max_resp_sz); /* max resp size */ |
1589 | WRITE32(args->fc_attrs.max_resp_sz_cached); /* Max resp sz cached */ | 1557 | *p++ = cpu_to_be32(args->fc_attrs.max_resp_sz_cached); /* Max resp sz cached */ |
1590 | WRITE32(args->fc_attrs.max_ops); /* max operations */ | 1558 | *p++ = cpu_to_be32(args->fc_attrs.max_ops); /* max operations */ |
1591 | WRITE32(args->fc_attrs.max_reqs); /* max requests */ | 1559 | *p++ = cpu_to_be32(args->fc_attrs.max_reqs); /* max requests */ |
1592 | WRITE32(0); /* rdmachannel_attrs */ | 1560 | *p++ = cpu_to_be32(0); /* rdmachannel_attrs */ |
1593 | 1561 | ||
1594 | /* Back Channel */ | 1562 | /* Back Channel */ |
1595 | WRITE32(args->fc_attrs.headerpadsz); /* header padding size */ | 1563 | *p++ = cpu_to_be32(args->fc_attrs.headerpadsz); /* header padding size */ |
1596 | WRITE32(args->bc_attrs.max_rqst_sz); /* max req size */ | 1564 | *p++ = cpu_to_be32(args->bc_attrs.max_rqst_sz); /* max req size */ |
1597 | WRITE32(args->bc_attrs.max_resp_sz); /* max resp size */ | 1565 | *p++ = cpu_to_be32(args->bc_attrs.max_resp_sz); /* max resp size */ |
1598 | WRITE32(args->bc_attrs.max_resp_sz_cached); /* Max resp sz cached */ | 1566 | *p++ = cpu_to_be32(args->bc_attrs.max_resp_sz_cached); /* Max resp sz cached */ |
1599 | WRITE32(args->bc_attrs.max_ops); /* max operations */ | 1567 | *p++ = cpu_to_be32(args->bc_attrs.max_ops); /* max operations */ |
1600 | WRITE32(args->bc_attrs.max_reqs); /* max requests */ | 1568 | *p++ = cpu_to_be32(args->bc_attrs.max_reqs); /* max requests */ |
1601 | WRITE32(0); /* rdmachannel_attrs */ | 1569 | *p++ = cpu_to_be32(0); /* rdmachannel_attrs */ |
1602 | 1570 | ||
1603 | RESERVE_SPACE(4); | 1571 | *p++ = cpu_to_be32(args->cb_program); /* cb_program */ |
1604 | WRITE32(args->cb_program); /* cb_program */ | 1572 | *p++ = cpu_to_be32(1); |
1605 | 1573 | *p++ = cpu_to_be32(RPC_AUTH_UNIX); /* auth_sys */ | |
1606 | RESERVE_SPACE(4); /* # of security flavors */ | ||
1607 | WRITE32(1); | ||
1608 | |||
1609 | RESERVE_SPACE(4); | ||
1610 | WRITE32(RPC_AUTH_UNIX); /* auth_sys */ | ||
1611 | 1574 | ||
1612 | /* authsys_parms rfc1831 */ | 1575 | /* authsys_parms rfc1831 */ |
1613 | RESERVE_SPACE(4); | 1576 | *p++ = cpu_to_be32((u32)clp->cl_boot_time.tv_nsec); /* stamp */ |
1614 | WRITE32((u32)clp->cl_boot_time.tv_nsec); /* stamp */ | 1577 | p = xdr_encode_opaque(p, machine_name, len); |
1615 | len = scnprintf(machine_name, sizeof(machine_name), "%s", | 1578 | *p++ = cpu_to_be32(0); /* UID */ |
1616 | clp->cl_ipaddr); | 1579 | *p++ = cpu_to_be32(0); /* GID */ |
1617 | RESERVE_SPACE(16 + len); | 1580 | *p = cpu_to_be32(0); /* No more gids */ |
1618 | WRITE32(len); | ||
1619 | WRITEMEM(machine_name, len); | ||
1620 | WRITE32(0); /* UID */ | ||
1621 | WRITE32(0); /* GID */ | ||
1622 | WRITE32(0); /* No more gids */ | ||
1623 | hdr->nops++; | 1581 | hdr->nops++; |
1624 | hdr->replen += decode_create_session_maxsz; | 1582 | hdr->replen += decode_create_session_maxsz; |
1625 | } | 1583 | } |
@@ -1629,9 +1587,9 @@ static void encode_destroy_session(struct xdr_stream *xdr, | |||
1629 | struct compound_hdr *hdr) | 1587 | struct compound_hdr *hdr) |
1630 | { | 1588 | { |
1631 | __be32 *p; | 1589 | __be32 *p; |
1632 | RESERVE_SPACE(4 + NFS4_MAX_SESSIONID_LEN); | 1590 | p = reserve_space(xdr, 4 + NFS4_MAX_SESSIONID_LEN); |
1633 | WRITE32(OP_DESTROY_SESSION); | 1591 | *p++ = cpu_to_be32(OP_DESTROY_SESSION); |
1634 | WRITEMEM(session->sess_id.data, NFS4_MAX_SESSIONID_LEN); | 1592 | xdr_encode_opaque_fixed(p, session->sess_id.data, NFS4_MAX_SESSIONID_LEN); |
1635 | hdr->nops++; | 1593 | hdr->nops++; |
1636 | hdr->replen += decode_destroy_session_maxsz; | 1594 | hdr->replen += decode_destroy_session_maxsz; |
1637 | } | 1595 | } |
@@ -1655,8 +1613,8 @@ static void encode_sequence(struct xdr_stream *xdr, | |||
1655 | WARN_ON(args->sa_slotid == NFS4_MAX_SLOT_TABLE); | 1613 | WARN_ON(args->sa_slotid == NFS4_MAX_SLOT_TABLE); |
1656 | slot = tp->slots + args->sa_slotid; | 1614 | slot = tp->slots + args->sa_slotid; |
1657 | 1615 | ||
1658 | RESERVE_SPACE(4); | 1616 | p = reserve_space(xdr, 4 + NFS4_MAX_SESSIONID_LEN + 16); |
1659 | WRITE32(OP_SEQUENCE); | 1617 | *p++ = cpu_to_be32(OP_SEQUENCE); |
1660 | 1618 | ||
1661 | /* | 1619 | /* |
1662 | * Sessionid + seqid + slotid + max slotid + cache_this | 1620 | * Sessionid + seqid + slotid + max slotid + cache_this |
@@ -1670,12 +1628,11 @@ static void encode_sequence(struct xdr_stream *xdr, | |||
1670 | ((u32 *)session->sess_id.data)[3], | 1628 | ((u32 *)session->sess_id.data)[3], |
1671 | slot->seq_nr, args->sa_slotid, | 1629 | slot->seq_nr, args->sa_slotid, |
1672 | tp->highest_used_slotid, args->sa_cache_this); | 1630 | tp->highest_used_slotid, args->sa_cache_this); |
1673 | RESERVE_SPACE(NFS4_MAX_SESSIONID_LEN + 16); | 1631 | p = xdr_encode_opaque_fixed(p, session->sess_id.data, NFS4_MAX_SESSIONID_LEN); |
1674 | WRITEMEM(session->sess_id.data, NFS4_MAX_SESSIONID_LEN); | 1632 | *p++ = cpu_to_be32(slot->seq_nr); |
1675 | WRITE32(slot->seq_nr); | 1633 | *p++ = cpu_to_be32(args->sa_slotid); |
1676 | WRITE32(args->sa_slotid); | 1634 | *p++ = cpu_to_be32(tp->highest_used_slotid); |
1677 | WRITE32(tp->highest_used_slotid); | 1635 | *p = cpu_to_be32(args->sa_cache_this); |
1678 | WRITE32(args->sa_cache_this); | ||
1679 | hdr->nops++; | 1636 | hdr->nops++; |
1680 | hdr->replen += decode_sequence_maxsz; | 1637 | hdr->replen += decode_sequence_maxsz; |
1681 | #endif /* CONFIG_NFS_V4_1 */ | 1638 | #endif /* CONFIG_NFS_V4_1 */ |
@@ -2466,68 +2423,53 @@ static int nfs4_xdr_enc_get_lease_time(struct rpc_rqst *req, uint32_t *p, | |||
2466 | } | 2423 | } |
2467 | #endif /* CONFIG_NFS_V4_1 */ | 2424 | #endif /* CONFIG_NFS_V4_1 */ |
2468 | 2425 | ||
2469 | /* | 2426 | static void print_overflow_msg(const char *func, const struct xdr_stream *xdr) |
2470 | * START OF "GENERIC" DECODE ROUTINES. | 2427 | { |
2471 | * These may look a little ugly since they are imported from a "generic" | 2428 | dprintk("nfs: %s: prematurely hit end of receive buffer. " |
2472 | * set of XDR encode/decode routines which are intended to be shared by | 2429 | "Remaining buffer length is %tu words.\n", |
2473 | * all of our NFSv4 implementations (OpenBSD, MacOS X...). | 2430 | func, xdr->end - xdr->p); |
2474 | * | 2431 | } |
2475 | * If the pain of reading these is too great, it should be a straightforward | ||
2476 | * task to translate them into Linux-specific versions which are more | ||
2477 | * consistent with the style used in NFSv2/v3... | ||
2478 | */ | ||
2479 | #define READ32(x) (x) = ntohl(*p++) | ||
2480 | #define READ64(x) do { \ | ||
2481 | (x) = (u64)ntohl(*p++) << 32; \ | ||
2482 | (x) |= ntohl(*p++); \ | ||
2483 | } while (0) | ||
2484 | #define READTIME(x) do { \ | ||
2485 | p++; \ | ||
2486 | (x.tv_sec) = ntohl(*p++); \ | ||
2487 | (x.tv_nsec) = ntohl(*p++); \ | ||
2488 | } while (0) | ||
2489 | #define COPYMEM(x,nbytes) do { \ | ||
2490 | memcpy((x), p, nbytes); \ | ||
2491 | p += XDR_QUADLEN(nbytes); \ | ||
2492 | } while (0) | ||
2493 | |||
2494 | #define READ_BUF(nbytes) do { \ | ||
2495 | p = xdr_inline_decode(xdr, nbytes); \ | ||
2496 | if (unlikely(!p)) { \ | ||
2497 | dprintk("nfs: %s: prematurely hit end of receive" \ | ||
2498 | " buffer\n", __func__); \ | ||
2499 | dprintk("nfs: %s: xdr->p=%p, bytes=%u, xdr->end=%p\n", \ | ||
2500 | __func__, xdr->p, nbytes, xdr->end); \ | ||
2501 | return -EIO; \ | ||
2502 | } \ | ||
2503 | } while (0) | ||
2504 | 2432 | ||
2505 | static int decode_opaque_inline(struct xdr_stream *xdr, unsigned int *len, char **string) | 2433 | static int decode_opaque_inline(struct xdr_stream *xdr, unsigned int *len, char **string) |
2506 | { | 2434 | { |
2507 | __be32 *p; | 2435 | __be32 *p; |
2508 | 2436 | ||
2509 | READ_BUF(4); | 2437 | p = xdr_inline_decode(xdr, 4); |
2510 | READ32(*len); | 2438 | if (unlikely(!p)) |
2511 | READ_BUF(*len); | 2439 | goto out_overflow; |
2440 | *len = be32_to_cpup(p); | ||
2441 | p = xdr_inline_decode(xdr, *len); | ||
2442 | if (unlikely(!p)) | ||
2443 | goto out_overflow; | ||
2512 | *string = (char *)p; | 2444 | *string = (char *)p; |
2513 | return 0; | 2445 | return 0; |
2446 | out_overflow: | ||
2447 | print_overflow_msg(__func__, xdr); | ||
2448 | return -EIO; | ||
2514 | } | 2449 | } |
2515 | 2450 | ||
2516 | static int decode_compound_hdr(struct xdr_stream *xdr, struct compound_hdr *hdr) | 2451 | static int decode_compound_hdr(struct xdr_stream *xdr, struct compound_hdr *hdr) |
2517 | { | 2452 | { |
2518 | __be32 *p; | 2453 | __be32 *p; |
2519 | 2454 | ||
2520 | READ_BUF(8); | 2455 | p = xdr_inline_decode(xdr, 8); |
2521 | READ32(hdr->status); | 2456 | if (unlikely(!p)) |
2522 | READ32(hdr->taglen); | 2457 | goto out_overflow; |
2458 | hdr->status = be32_to_cpup(p++); | ||
2459 | hdr->taglen = be32_to_cpup(p); | ||
2523 | 2460 | ||
2524 | READ_BUF(hdr->taglen + 4); | 2461 | p = xdr_inline_decode(xdr, hdr->taglen + 4); |
2462 | if (unlikely(!p)) | ||
2463 | goto out_overflow; | ||
2525 | hdr->tag = (char *)p; | 2464 | hdr->tag = (char *)p; |
2526 | p += XDR_QUADLEN(hdr->taglen); | 2465 | p += XDR_QUADLEN(hdr->taglen); |
2527 | READ32(hdr->nops); | 2466 | hdr->nops = be32_to_cpup(p); |
2528 | if (unlikely(hdr->nops < 1)) | 2467 | if (unlikely(hdr->nops < 1)) |
2529 | return nfs4_stat_to_errno(hdr->status); | 2468 | return nfs4_stat_to_errno(hdr->status); |
2530 | return 0; | 2469 | return 0; |
2470 | out_overflow: | ||
2471 | print_overflow_msg(__func__, xdr); | ||
2472 | return -EIO; | ||
2531 | } | 2473 | } |
2532 | 2474 | ||
2533 | static int decode_op_hdr(struct xdr_stream *xdr, enum nfs_opnum4 expected) | 2475 | static int decode_op_hdr(struct xdr_stream *xdr, enum nfs_opnum4 expected) |
@@ -2536,18 +2478,23 @@ static int decode_op_hdr(struct xdr_stream *xdr, enum nfs_opnum4 expected) | |||
2536 | uint32_t opnum; | 2478 | uint32_t opnum; |
2537 | int32_t nfserr; | 2479 | int32_t nfserr; |
2538 | 2480 | ||
2539 | READ_BUF(8); | 2481 | p = xdr_inline_decode(xdr, 8); |
2540 | READ32(opnum); | 2482 | if (unlikely(!p)) |
2483 | goto out_overflow; | ||
2484 | opnum = be32_to_cpup(p++); | ||
2541 | if (opnum != expected) { | 2485 | if (opnum != expected) { |
2542 | dprintk("nfs: Server returned operation" | 2486 | dprintk("nfs: Server returned operation" |
2543 | " %d but we issued a request for %d\n", | 2487 | " %d but we issued a request for %d\n", |
2544 | opnum, expected); | 2488 | opnum, expected); |
2545 | return -EIO; | 2489 | return -EIO; |
2546 | } | 2490 | } |
2547 | READ32(nfserr); | 2491 | nfserr = be32_to_cpup(p); |
2548 | if (nfserr != NFS_OK) | 2492 | if (nfserr != NFS_OK) |
2549 | return nfs4_stat_to_errno(nfserr); | 2493 | return nfs4_stat_to_errno(nfserr); |
2550 | return 0; | 2494 | return 0; |
2495 | out_overflow: | ||
2496 | print_overflow_msg(__func__, xdr); | ||
2497 | return -EIO; | ||
2551 | } | 2498 | } |
2552 | 2499 | ||
2553 | /* Dummy routine */ | 2500 | /* Dummy routine */ |
@@ -2557,8 +2504,11 @@ static int decode_ace(struct xdr_stream *xdr, void *ace, struct nfs_client *clp) | |||
2557 | unsigned int strlen; | 2504 | unsigned int strlen; |
2558 | char *str; | 2505 | char *str; |
2559 | 2506 | ||
2560 | READ_BUF(12); | 2507 | p = xdr_inline_decode(xdr, 12); |
2561 | return decode_opaque_inline(xdr, &strlen, &str); | 2508 | if (likely(p)) |
2509 | return decode_opaque_inline(xdr, &strlen, &str); | ||
2510 | print_overflow_msg(__func__, xdr); | ||
2511 | return -EIO; | ||
2562 | } | 2512 | } |
2563 | 2513 | ||
2564 | static int decode_attr_bitmap(struct xdr_stream *xdr, uint32_t *bitmap) | 2514 | static int decode_attr_bitmap(struct xdr_stream *xdr, uint32_t *bitmap) |
@@ -2566,27 +2516,39 @@ static int decode_attr_bitmap(struct xdr_stream *xdr, uint32_t *bitmap) | |||
2566 | uint32_t bmlen; | 2516 | uint32_t bmlen; |
2567 | __be32 *p; | 2517 | __be32 *p; |
2568 | 2518 | ||
2569 | READ_BUF(4); | 2519 | p = xdr_inline_decode(xdr, 4); |
2570 | READ32(bmlen); | 2520 | if (unlikely(!p)) |
2521 | goto out_overflow; | ||
2522 | bmlen = be32_to_cpup(p); | ||
2571 | 2523 | ||
2572 | bitmap[0] = bitmap[1] = 0; | 2524 | bitmap[0] = bitmap[1] = 0; |
2573 | READ_BUF((bmlen << 2)); | 2525 | p = xdr_inline_decode(xdr, (bmlen << 2)); |
2526 | if (unlikely(!p)) | ||
2527 | goto out_overflow; | ||
2574 | if (bmlen > 0) { | 2528 | if (bmlen > 0) { |
2575 | READ32(bitmap[0]); | 2529 | bitmap[0] = be32_to_cpup(p++); |
2576 | if (bmlen > 1) | 2530 | if (bmlen > 1) |
2577 | READ32(bitmap[1]); | 2531 | bitmap[1] = be32_to_cpup(p); |
2578 | } | 2532 | } |
2579 | return 0; | 2533 | return 0; |
2534 | out_overflow: | ||
2535 | print_overflow_msg(__func__, xdr); | ||
2536 | return -EIO; | ||
2580 | } | 2537 | } |
2581 | 2538 | ||
2582 | static inline int decode_attr_length(struct xdr_stream *xdr, uint32_t *attrlen, __be32 **savep) | 2539 | static inline int decode_attr_length(struct xdr_stream *xdr, uint32_t *attrlen, __be32 **savep) |
2583 | { | 2540 | { |
2584 | __be32 *p; | 2541 | __be32 *p; |
2585 | 2542 | ||
2586 | READ_BUF(4); | 2543 | p = xdr_inline_decode(xdr, 4); |
2587 | READ32(*attrlen); | 2544 | if (unlikely(!p)) |
2545 | goto out_overflow; | ||
2546 | *attrlen = be32_to_cpup(p); | ||
2588 | *savep = xdr->p; | 2547 | *savep = xdr->p; |
2589 | return 0; | 2548 | return 0; |
2549 | out_overflow: | ||
2550 | print_overflow_msg(__func__, xdr); | ||
2551 | return -EIO; | ||
2590 | } | 2552 | } |
2591 | 2553 | ||
2592 | static int decode_attr_supported(struct xdr_stream *xdr, uint32_t *bitmap, uint32_t *bitmask) | 2554 | static int decode_attr_supported(struct xdr_stream *xdr, uint32_t *bitmap, uint32_t *bitmask) |
@@ -2609,8 +2571,10 @@ static int decode_attr_type(struct xdr_stream *xdr, uint32_t *bitmap, uint32_t * | |||
2609 | if (unlikely(bitmap[0] & (FATTR4_WORD0_TYPE - 1U))) | 2571 | if (unlikely(bitmap[0] & (FATTR4_WORD0_TYPE - 1U))) |
2610 | return -EIO; | 2572 | return -EIO; |
2611 | if (likely(bitmap[0] & FATTR4_WORD0_TYPE)) { | 2573 | if (likely(bitmap[0] & FATTR4_WORD0_TYPE)) { |
2612 | READ_BUF(4); | 2574 | p = xdr_inline_decode(xdr, 4); |
2613 | READ32(*type); | 2575 | if (unlikely(!p)) |
2576 | goto out_overflow; | ||
2577 | *type = be32_to_cpup(p); | ||
2614 | if (*type < NF4REG || *type > NF4NAMEDATTR) { | 2578 | if (*type < NF4REG || *type > NF4NAMEDATTR) { |
2615 | dprintk("%s: bad type %d\n", __func__, *type); | 2579 | dprintk("%s: bad type %d\n", __func__, *type); |
2616 | return -EIO; | 2580 | return -EIO; |
@@ -2620,6 +2584,9 @@ static int decode_attr_type(struct xdr_stream *xdr, uint32_t *bitmap, uint32_t * | |||
2620 | } | 2584 | } |
2621 | dprintk("%s: type=0%o\n", __func__, nfs_type2fmt[*type]); | 2585 | dprintk("%s: type=0%o\n", __func__, nfs_type2fmt[*type]); |
2622 | return ret; | 2586 | return ret; |
2587 | out_overflow: | ||
2588 | print_overflow_msg(__func__, xdr); | ||
2589 | return -EIO; | ||
2623 | } | 2590 | } |
2624 | 2591 | ||
2625 | static int decode_attr_change(struct xdr_stream *xdr, uint32_t *bitmap, uint64_t *change) | 2592 | static int decode_attr_change(struct xdr_stream *xdr, uint32_t *bitmap, uint64_t *change) |
@@ -2631,14 +2598,19 @@ static int decode_attr_change(struct xdr_stream *xdr, uint32_t *bitmap, uint64_t | |||
2631 | if (unlikely(bitmap[0] & (FATTR4_WORD0_CHANGE - 1U))) | 2598 | if (unlikely(bitmap[0] & (FATTR4_WORD0_CHANGE - 1U))) |
2632 | return -EIO; | 2599 | return -EIO; |
2633 | if (likely(bitmap[0] & FATTR4_WORD0_CHANGE)) { | 2600 | if (likely(bitmap[0] & FATTR4_WORD0_CHANGE)) { |
2634 | READ_BUF(8); | 2601 | p = xdr_inline_decode(xdr, 8); |
2635 | READ64(*change); | 2602 | if (unlikely(!p)) |
2603 | goto out_overflow; | ||
2604 | xdr_decode_hyper(p, change); | ||
2636 | bitmap[0] &= ~FATTR4_WORD0_CHANGE; | 2605 | bitmap[0] &= ~FATTR4_WORD0_CHANGE; |
2637 | ret = NFS_ATTR_FATTR_CHANGE; | 2606 | ret = NFS_ATTR_FATTR_CHANGE; |
2638 | } | 2607 | } |
2639 | dprintk("%s: change attribute=%Lu\n", __func__, | 2608 | dprintk("%s: change attribute=%Lu\n", __func__, |
2640 | (unsigned long long)*change); | 2609 | (unsigned long long)*change); |
2641 | return ret; | 2610 | return ret; |
2611 | out_overflow: | ||
2612 | print_overflow_msg(__func__, xdr); | ||
2613 | return -EIO; | ||
2642 | } | 2614 | } |
2643 | 2615 | ||
2644 | static int decode_attr_size(struct xdr_stream *xdr, uint32_t *bitmap, uint64_t *size) | 2616 | static int decode_attr_size(struct xdr_stream *xdr, uint32_t *bitmap, uint64_t *size) |
@@ -2650,13 +2622,18 @@ static int decode_attr_size(struct xdr_stream *xdr, uint32_t *bitmap, uint64_t * | |||
2650 | if (unlikely(bitmap[0] & (FATTR4_WORD0_SIZE - 1U))) | 2622 | if (unlikely(bitmap[0] & (FATTR4_WORD0_SIZE - 1U))) |
2651 | return -EIO; | 2623 | return -EIO; |
2652 | if (likely(bitmap[0] & FATTR4_WORD0_SIZE)) { | 2624 | if (likely(bitmap[0] & FATTR4_WORD0_SIZE)) { |
2653 | READ_BUF(8); | 2625 | p = xdr_inline_decode(xdr, 8); |
2654 | READ64(*size); | 2626 | if (unlikely(!p)) |
2627 | goto out_overflow; | ||
2628 | xdr_decode_hyper(p, size); | ||
2655 | bitmap[0] &= ~FATTR4_WORD0_SIZE; | 2629 | bitmap[0] &= ~FATTR4_WORD0_SIZE; |
2656 | ret = NFS_ATTR_FATTR_SIZE; | 2630 | ret = NFS_ATTR_FATTR_SIZE; |
2657 | } | 2631 | } |
2658 | dprintk("%s: file size=%Lu\n", __func__, (unsigned long long)*size); | 2632 | dprintk("%s: file size=%Lu\n", __func__, (unsigned long long)*size); |
2659 | return ret; | 2633 | return ret; |
2634 | out_overflow: | ||
2635 | print_overflow_msg(__func__, xdr); | ||
2636 | return -EIO; | ||
2660 | } | 2637 | } |
2661 | 2638 | ||
2662 | static int decode_attr_link_support(struct xdr_stream *xdr, uint32_t *bitmap, uint32_t *res) | 2639 | static int decode_attr_link_support(struct xdr_stream *xdr, uint32_t *bitmap, uint32_t *res) |
@@ -2667,12 +2644,17 @@ static int decode_attr_link_support(struct xdr_stream *xdr, uint32_t *bitmap, ui | |||
2667 | if (unlikely(bitmap[0] & (FATTR4_WORD0_LINK_SUPPORT - 1U))) | 2644 | if (unlikely(bitmap[0] & (FATTR4_WORD0_LINK_SUPPORT - 1U))) |
2668 | return -EIO; | 2645 | return -EIO; |
2669 | if (likely(bitmap[0] & FATTR4_WORD0_LINK_SUPPORT)) { | 2646 | if (likely(bitmap[0] & FATTR4_WORD0_LINK_SUPPORT)) { |
2670 | READ_BUF(4); | 2647 | p = xdr_inline_decode(xdr, 4); |
2671 | READ32(*res); | 2648 | if (unlikely(!p)) |
2649 | goto out_overflow; | ||
2650 | *res = be32_to_cpup(p); | ||
2672 | bitmap[0] &= ~FATTR4_WORD0_LINK_SUPPORT; | 2651 | bitmap[0] &= ~FATTR4_WORD0_LINK_SUPPORT; |
2673 | } | 2652 | } |
2674 | dprintk("%s: link support=%s\n", __func__, *res == 0 ? "false" : "true"); | 2653 | dprintk("%s: link support=%s\n", __func__, *res == 0 ? "false" : "true"); |
2675 | return 0; | 2654 | return 0; |
2655 | out_overflow: | ||
2656 | print_overflow_msg(__func__, xdr); | ||
2657 | return -EIO; | ||
2676 | } | 2658 | } |
2677 | 2659 | ||
2678 | static int decode_attr_symlink_support(struct xdr_stream *xdr, uint32_t *bitmap, uint32_t *res) | 2660 | static int decode_attr_symlink_support(struct xdr_stream *xdr, uint32_t *bitmap, uint32_t *res) |
@@ -2683,12 +2665,17 @@ static int decode_attr_symlink_support(struct xdr_stream *xdr, uint32_t *bitmap, | |||
2683 | if (unlikely(bitmap[0] & (FATTR4_WORD0_SYMLINK_SUPPORT - 1U))) | 2665 | if (unlikely(bitmap[0] & (FATTR4_WORD0_SYMLINK_SUPPORT - 1U))) |
2684 | return -EIO; | 2666 | return -EIO; |
2685 | if (likely(bitmap[0] & FATTR4_WORD0_SYMLINK_SUPPORT)) { | 2667 | if (likely(bitmap[0] & FATTR4_WORD0_SYMLINK_SUPPORT)) { |
2686 | READ_BUF(4); | 2668 | p = xdr_inline_decode(xdr, 4); |
2687 | READ32(*res); | 2669 | if (unlikely(!p)) |
2670 | goto out_overflow; | ||
2671 | *res = be32_to_cpup(p); | ||
2688 | bitmap[0] &= ~FATTR4_WORD0_SYMLINK_SUPPORT; | 2672 | bitmap[0] &= ~FATTR4_WORD0_SYMLINK_SUPPORT; |
2689 | } | 2673 | } |
2690 | dprintk("%s: symlink support=%s\n", __func__, *res == 0 ? "false" : "true"); | 2674 | dprintk("%s: symlink support=%s\n", __func__, *res == 0 ? "false" : "true"); |
2691 | return 0; | 2675 | return 0; |
2676 | out_overflow: | ||
2677 | print_overflow_msg(__func__, xdr); | ||
2678 | return -EIO; | ||
2692 | } | 2679 | } |
2693 | 2680 | ||
2694 | static int decode_attr_fsid(struct xdr_stream *xdr, uint32_t *bitmap, struct nfs_fsid *fsid) | 2681 | static int decode_attr_fsid(struct xdr_stream *xdr, uint32_t *bitmap, struct nfs_fsid *fsid) |
@@ -2701,9 +2688,11 @@ static int decode_attr_fsid(struct xdr_stream *xdr, uint32_t *bitmap, struct nfs | |||
2701 | if (unlikely(bitmap[0] & (FATTR4_WORD0_FSID - 1U))) | 2688 | if (unlikely(bitmap[0] & (FATTR4_WORD0_FSID - 1U))) |
2702 | return -EIO; | 2689 | return -EIO; |
2703 | if (likely(bitmap[0] & FATTR4_WORD0_FSID)) { | 2690 | if (likely(bitmap[0] & FATTR4_WORD0_FSID)) { |
2704 | READ_BUF(16); | 2691 | p = xdr_inline_decode(xdr, 16); |
2705 | READ64(fsid->major); | 2692 | if (unlikely(!p)) |
2706 | READ64(fsid->minor); | 2693 | goto out_overflow; |
2694 | p = xdr_decode_hyper(p, &fsid->major); | ||
2695 | xdr_decode_hyper(p, &fsid->minor); | ||
2707 | bitmap[0] &= ~FATTR4_WORD0_FSID; | 2696 | bitmap[0] &= ~FATTR4_WORD0_FSID; |
2708 | ret = NFS_ATTR_FATTR_FSID; | 2697 | ret = NFS_ATTR_FATTR_FSID; |
2709 | } | 2698 | } |
@@ -2711,6 +2700,9 @@ static int decode_attr_fsid(struct xdr_stream *xdr, uint32_t *bitmap, struct nfs | |||
2711 | (unsigned long long)fsid->major, | 2700 | (unsigned long long)fsid->major, |
2712 | (unsigned long long)fsid->minor); | 2701 | (unsigned long long)fsid->minor); |
2713 | return ret; | 2702 | return ret; |
2703 | out_overflow: | ||
2704 | print_overflow_msg(__func__, xdr); | ||
2705 | return -EIO; | ||
2714 | } | 2706 | } |
2715 | 2707 | ||
2716 | static int decode_attr_lease_time(struct xdr_stream *xdr, uint32_t *bitmap, uint32_t *res) | 2708 | static int decode_attr_lease_time(struct xdr_stream *xdr, uint32_t *bitmap, uint32_t *res) |
@@ -2721,12 +2713,17 @@ static int decode_attr_lease_time(struct xdr_stream *xdr, uint32_t *bitmap, uint | |||
2721 | if (unlikely(bitmap[0] & (FATTR4_WORD0_LEASE_TIME - 1U))) | 2713 | if (unlikely(bitmap[0] & (FATTR4_WORD0_LEASE_TIME - 1U))) |
2722 | return -EIO; | 2714 | return -EIO; |
2723 | if (likely(bitmap[0] & FATTR4_WORD0_LEASE_TIME)) { | 2715 | if (likely(bitmap[0] & FATTR4_WORD0_LEASE_TIME)) { |
2724 | READ_BUF(4); | 2716 | p = xdr_inline_decode(xdr, 4); |
2725 | READ32(*res); | 2717 | if (unlikely(!p)) |
2718 | goto out_overflow; | ||
2719 | *res = be32_to_cpup(p); | ||
2726 | bitmap[0] &= ~FATTR4_WORD0_LEASE_TIME; | 2720 | bitmap[0] &= ~FATTR4_WORD0_LEASE_TIME; |
2727 | } | 2721 | } |
2728 | dprintk("%s: file size=%u\n", __func__, (unsigned int)*res); | 2722 | dprintk("%s: file size=%u\n", __func__, (unsigned int)*res); |
2729 | return 0; | 2723 | return 0; |
2724 | out_overflow: | ||
2725 | print_overflow_msg(__func__, xdr); | ||
2726 | return -EIO; | ||
2730 | } | 2727 | } |
2731 | 2728 | ||
2732 | static int decode_attr_aclsupport(struct xdr_stream *xdr, uint32_t *bitmap, uint32_t *res) | 2729 | static int decode_attr_aclsupport(struct xdr_stream *xdr, uint32_t *bitmap, uint32_t *res) |
@@ -2737,12 +2734,17 @@ static int decode_attr_aclsupport(struct xdr_stream *xdr, uint32_t *bitmap, uint | |||
2737 | if (unlikely(bitmap[0] & (FATTR4_WORD0_ACLSUPPORT - 1U))) | 2734 | if (unlikely(bitmap[0] & (FATTR4_WORD0_ACLSUPPORT - 1U))) |
2738 | return -EIO; | 2735 | return -EIO; |
2739 | if (likely(bitmap[0] & FATTR4_WORD0_ACLSUPPORT)) { | 2736 | if (likely(bitmap[0] & FATTR4_WORD0_ACLSUPPORT)) { |
2740 | READ_BUF(4); | 2737 | p = xdr_inline_decode(xdr, 4); |
2741 | READ32(*res); | 2738 | if (unlikely(!p)) |
2739 | goto out_overflow; | ||
2740 | *res = be32_to_cpup(p); | ||
2742 | bitmap[0] &= ~FATTR4_WORD0_ACLSUPPORT; | 2741 | bitmap[0] &= ~FATTR4_WORD0_ACLSUPPORT; |
2743 | } | 2742 | } |
2744 | dprintk("%s: ACLs supported=%u\n", __func__, (unsigned int)*res); | 2743 | dprintk("%s: ACLs supported=%u\n", __func__, (unsigned int)*res); |
2745 | return 0; | 2744 | return 0; |
2745 | out_overflow: | ||
2746 | print_overflow_msg(__func__, xdr); | ||
2747 | return -EIO; | ||
2746 | } | 2748 | } |
2747 | 2749 | ||
2748 | static int decode_attr_fileid(struct xdr_stream *xdr, uint32_t *bitmap, uint64_t *fileid) | 2750 | static int decode_attr_fileid(struct xdr_stream *xdr, uint32_t *bitmap, uint64_t *fileid) |
@@ -2754,13 +2756,18 @@ static int decode_attr_fileid(struct xdr_stream *xdr, uint32_t *bitmap, uint64_t | |||
2754 | if (unlikely(bitmap[0] & (FATTR4_WORD0_FILEID - 1U))) | 2756 | if (unlikely(bitmap[0] & (FATTR4_WORD0_FILEID - 1U))) |
2755 | return -EIO; | 2757 | return -EIO; |
2756 | if (likely(bitmap[0] & FATTR4_WORD0_FILEID)) { | 2758 | if (likely(bitmap[0] & FATTR4_WORD0_FILEID)) { |
2757 | READ_BUF(8); | 2759 | p = xdr_inline_decode(xdr, 8); |
2758 | READ64(*fileid); | 2760 | if (unlikely(!p)) |
2761 | goto out_overflow; | ||
2762 | xdr_decode_hyper(p, fileid); | ||
2759 | bitmap[0] &= ~FATTR4_WORD0_FILEID; | 2763 | bitmap[0] &= ~FATTR4_WORD0_FILEID; |
2760 | ret = NFS_ATTR_FATTR_FILEID; | 2764 | ret = NFS_ATTR_FATTR_FILEID; |
2761 | } | 2765 | } |
2762 | dprintk("%s: fileid=%Lu\n", __func__, (unsigned long long)*fileid); | 2766 | dprintk("%s: fileid=%Lu\n", __func__, (unsigned long long)*fileid); |
2763 | return ret; | 2767 | return ret; |
2768 | out_overflow: | ||
2769 | print_overflow_msg(__func__, xdr); | ||
2770 | return -EIO; | ||
2764 | } | 2771 | } |
2765 | 2772 | ||
2766 | static int decode_attr_mounted_on_fileid(struct xdr_stream *xdr, uint32_t *bitmap, uint64_t *fileid) | 2773 | static int decode_attr_mounted_on_fileid(struct xdr_stream *xdr, uint32_t *bitmap, uint64_t *fileid) |
@@ -2772,13 +2779,18 @@ static int decode_attr_mounted_on_fileid(struct xdr_stream *xdr, uint32_t *bitma | |||
2772 | if (unlikely(bitmap[1] & (FATTR4_WORD1_MOUNTED_ON_FILEID - 1U))) | 2779 | if (unlikely(bitmap[1] & (FATTR4_WORD1_MOUNTED_ON_FILEID - 1U))) |
2773 | return -EIO; | 2780 | return -EIO; |
2774 | if (likely(bitmap[1] & FATTR4_WORD1_MOUNTED_ON_FILEID)) { | 2781 | if (likely(bitmap[1] & FATTR4_WORD1_MOUNTED_ON_FILEID)) { |
2775 | READ_BUF(8); | 2782 | p = xdr_inline_decode(xdr, 8); |
2776 | READ64(*fileid); | 2783 | if (unlikely(!p)) |
2784 | goto out_overflow; | ||
2785 | xdr_decode_hyper(p, fileid); | ||
2777 | bitmap[1] &= ~FATTR4_WORD1_MOUNTED_ON_FILEID; | 2786 | bitmap[1] &= ~FATTR4_WORD1_MOUNTED_ON_FILEID; |
2778 | ret = NFS_ATTR_FATTR_FILEID; | 2787 | ret = NFS_ATTR_FATTR_FILEID; |
2779 | } | 2788 | } |
2780 | dprintk("%s: fileid=%Lu\n", __func__, (unsigned long long)*fileid); | 2789 | dprintk("%s: fileid=%Lu\n", __func__, (unsigned long long)*fileid); |
2781 | return ret; | 2790 | return ret; |
2791 | out_overflow: | ||
2792 | print_overflow_msg(__func__, xdr); | ||
2793 | return -EIO; | ||
2782 | } | 2794 | } |
2783 | 2795 | ||
2784 | static int decode_attr_files_avail(struct xdr_stream *xdr, uint32_t *bitmap, uint64_t *res) | 2796 | static int decode_attr_files_avail(struct xdr_stream *xdr, uint32_t *bitmap, uint64_t *res) |
@@ -2790,12 +2802,17 @@ static int decode_attr_files_avail(struct xdr_stream *xdr, uint32_t *bitmap, uin | |||
2790 | if (unlikely(bitmap[0] & (FATTR4_WORD0_FILES_AVAIL - 1U))) | 2802 | if (unlikely(bitmap[0] & (FATTR4_WORD0_FILES_AVAIL - 1U))) |
2791 | return -EIO; | 2803 | return -EIO; |
2792 | if (likely(bitmap[0] & FATTR4_WORD0_FILES_AVAIL)) { | 2804 | if (likely(bitmap[0] & FATTR4_WORD0_FILES_AVAIL)) { |
2793 | READ_BUF(8); | 2805 | p = xdr_inline_decode(xdr, 8); |
2794 | READ64(*res); | 2806 | if (unlikely(!p)) |
2807 | goto out_overflow; | ||
2808 | xdr_decode_hyper(p, res); | ||
2795 | bitmap[0] &= ~FATTR4_WORD0_FILES_AVAIL; | 2809 | bitmap[0] &= ~FATTR4_WORD0_FILES_AVAIL; |
2796 | } | 2810 | } |
2797 | dprintk("%s: files avail=%Lu\n", __func__, (unsigned long long)*res); | 2811 | dprintk("%s: files avail=%Lu\n", __func__, (unsigned long long)*res); |
2798 | return status; | 2812 | return status; |
2813 | out_overflow: | ||
2814 | print_overflow_msg(__func__, xdr); | ||
2815 | return -EIO; | ||
2799 | } | 2816 | } |
2800 | 2817 | ||
2801 | static int decode_attr_files_free(struct xdr_stream *xdr, uint32_t *bitmap, uint64_t *res) | 2818 | static int decode_attr_files_free(struct xdr_stream *xdr, uint32_t *bitmap, uint64_t *res) |
@@ -2807,12 +2824,17 @@ static int decode_attr_files_free(struct xdr_stream *xdr, uint32_t *bitmap, uint | |||
2807 | if (unlikely(bitmap[0] & (FATTR4_WORD0_FILES_FREE - 1U))) | 2824 | if (unlikely(bitmap[0] & (FATTR4_WORD0_FILES_FREE - 1U))) |
2808 | return -EIO; | 2825 | return -EIO; |
2809 | if (likely(bitmap[0] & FATTR4_WORD0_FILES_FREE)) { | 2826 | if (likely(bitmap[0] & FATTR4_WORD0_FILES_FREE)) { |
2810 | READ_BUF(8); | 2827 | p = xdr_inline_decode(xdr, 8); |
2811 | READ64(*res); | 2828 | if (unlikely(!p)) |
2829 | goto out_overflow; | ||
2830 | xdr_decode_hyper(p, res); | ||
2812 | bitmap[0] &= ~FATTR4_WORD0_FILES_FREE; | 2831 | bitmap[0] &= ~FATTR4_WORD0_FILES_FREE; |
2813 | } | 2832 | } |
2814 | dprintk("%s: files free=%Lu\n", __func__, (unsigned long long)*res); | 2833 | dprintk("%s: files free=%Lu\n", __func__, (unsigned long long)*res); |
2815 | return status; | 2834 | return status; |
2835 | out_overflow: | ||
2836 | print_overflow_msg(__func__, xdr); | ||
2837 | return -EIO; | ||
2816 | } | 2838 | } |
2817 | 2839 | ||
2818 | static int decode_attr_files_total(struct xdr_stream *xdr, uint32_t *bitmap, uint64_t *res) | 2840 | static int decode_attr_files_total(struct xdr_stream *xdr, uint32_t *bitmap, uint64_t *res) |
@@ -2824,12 +2846,17 @@ static int decode_attr_files_total(struct xdr_stream *xdr, uint32_t *bitmap, uin | |||
2824 | if (unlikely(bitmap[0] & (FATTR4_WORD0_FILES_TOTAL - 1U))) | 2846 | if (unlikely(bitmap[0] & (FATTR4_WORD0_FILES_TOTAL - 1U))) |
2825 | return -EIO; | 2847 | return -EIO; |
2826 | if (likely(bitmap[0] & FATTR4_WORD0_FILES_TOTAL)) { | 2848 | if (likely(bitmap[0] & FATTR4_WORD0_FILES_TOTAL)) { |
2827 | READ_BUF(8); | 2849 | p = xdr_inline_decode(xdr, 8); |
2828 | READ64(*res); | 2850 | if (unlikely(!p)) |
2851 | goto out_overflow; | ||
2852 | xdr_decode_hyper(p, res); | ||
2829 | bitmap[0] &= ~FATTR4_WORD0_FILES_TOTAL; | 2853 | bitmap[0] &= ~FATTR4_WORD0_FILES_TOTAL; |
2830 | } | 2854 | } |
2831 | dprintk("%s: files total=%Lu\n", __func__, (unsigned long long)*res); | 2855 | dprintk("%s: files total=%Lu\n", __func__, (unsigned long long)*res); |
2832 | return status; | 2856 | return status; |
2857 | out_overflow: | ||
2858 | print_overflow_msg(__func__, xdr); | ||
2859 | return -EIO; | ||
2833 | } | 2860 | } |
2834 | 2861 | ||
2835 | static int decode_pathname(struct xdr_stream *xdr, struct nfs4_pathname *path) | 2862 | static int decode_pathname(struct xdr_stream *xdr, struct nfs4_pathname *path) |
@@ -2838,8 +2865,10 @@ static int decode_pathname(struct xdr_stream *xdr, struct nfs4_pathname *path) | |||
2838 | __be32 *p; | 2865 | __be32 *p; |
2839 | int status = 0; | 2866 | int status = 0; |
2840 | 2867 | ||
2841 | READ_BUF(4); | 2868 | p = xdr_inline_decode(xdr, 4); |
2842 | READ32(n); | 2869 | if (unlikely(!p)) |
2870 | goto out_overflow; | ||
2871 | n = be32_to_cpup(p); | ||
2843 | if (n == 0) | 2872 | if (n == 0) |
2844 | goto root_path; | 2873 | goto root_path; |
2845 | dprintk("path "); | 2874 | dprintk("path "); |
@@ -2873,6 +2902,9 @@ out_eio: | |||
2873 | dprintk(" status %d", status); | 2902 | dprintk(" status %d", status); |
2874 | status = -EIO; | 2903 | status = -EIO; |
2875 | goto out; | 2904 | goto out; |
2905 | out_overflow: | ||
2906 | print_overflow_msg(__func__, xdr); | ||
2907 | return -EIO; | ||
2876 | } | 2908 | } |
2877 | 2909 | ||
2878 | static int decode_attr_fs_locations(struct xdr_stream *xdr, uint32_t *bitmap, struct nfs4_fs_locations *res) | 2910 | static int decode_attr_fs_locations(struct xdr_stream *xdr, uint32_t *bitmap, struct nfs4_fs_locations *res) |
@@ -2890,8 +2922,10 @@ static int decode_attr_fs_locations(struct xdr_stream *xdr, uint32_t *bitmap, st | |||
2890 | status = decode_pathname(xdr, &res->fs_path); | 2922 | status = decode_pathname(xdr, &res->fs_path); |
2891 | if (unlikely(status != 0)) | 2923 | if (unlikely(status != 0)) |
2892 | goto out; | 2924 | goto out; |
2893 | READ_BUF(4); | 2925 | p = xdr_inline_decode(xdr, 4); |
2894 | READ32(n); | 2926 | if (unlikely(!p)) |
2927 | goto out_overflow; | ||
2928 | n = be32_to_cpup(p); | ||
2895 | if (n <= 0) | 2929 | if (n <= 0) |
2896 | goto out_eio; | 2930 | goto out_eio; |
2897 | res->nlocations = 0; | 2931 | res->nlocations = 0; |
@@ -2899,8 +2933,10 @@ static int decode_attr_fs_locations(struct xdr_stream *xdr, uint32_t *bitmap, st | |||
2899 | u32 m; | 2933 | u32 m; |
2900 | struct nfs4_fs_location *loc = &res->locations[res->nlocations]; | 2934 | struct nfs4_fs_location *loc = &res->locations[res->nlocations]; |
2901 | 2935 | ||
2902 | READ_BUF(4); | 2936 | p = xdr_inline_decode(xdr, 4); |
2903 | READ32(m); | 2937 | if (unlikely(!p)) |
2938 | goto out_overflow; | ||
2939 | m = be32_to_cpup(p); | ||
2904 | 2940 | ||
2905 | loc->nservers = 0; | 2941 | loc->nservers = 0; |
2906 | dprintk("%s: servers ", __func__); | 2942 | dprintk("%s: servers ", __func__); |
@@ -2939,6 +2975,8 @@ static int decode_attr_fs_locations(struct xdr_stream *xdr, uint32_t *bitmap, st | |||
2939 | out: | 2975 | out: |
2940 | dprintk("%s: fs_locations done, error = %d\n", __func__, status); | 2976 | dprintk("%s: fs_locations done, error = %d\n", __func__, status); |
2941 | return status; | 2977 | return status; |
2978 | out_overflow: | ||
2979 | print_overflow_msg(__func__, xdr); | ||
2942 | out_eio: | 2980 | out_eio: |
2943 | status = -EIO; | 2981 | status = -EIO; |
2944 | goto out; | 2982 | goto out; |
@@ -2953,12 +2991,17 @@ static int decode_attr_maxfilesize(struct xdr_stream *xdr, uint32_t *bitmap, uin | |||
2953 | if (unlikely(bitmap[0] & (FATTR4_WORD0_MAXFILESIZE - 1U))) | 2991 | if (unlikely(bitmap[0] & (FATTR4_WORD0_MAXFILESIZE - 1U))) |
2954 | return -EIO; | 2992 | return -EIO; |
2955 | if (likely(bitmap[0] & FATTR4_WORD0_MAXFILESIZE)) { | 2993 | if (likely(bitmap[0] & FATTR4_WORD0_MAXFILESIZE)) { |
2956 | READ_BUF(8); | 2994 | p = xdr_inline_decode(xdr, 8); |
2957 | READ64(*res); | 2995 | if (unlikely(!p)) |
2996 | goto out_overflow; | ||
2997 | xdr_decode_hyper(p, res); | ||
2958 | bitmap[0] &= ~FATTR4_WORD0_MAXFILESIZE; | 2998 | bitmap[0] &= ~FATTR4_WORD0_MAXFILESIZE; |
2959 | } | 2999 | } |
2960 | dprintk("%s: maxfilesize=%Lu\n", __func__, (unsigned long long)*res); | 3000 | dprintk("%s: maxfilesize=%Lu\n", __func__, (unsigned long long)*res); |
2961 | return status; | 3001 | return status; |
3002 | out_overflow: | ||
3003 | print_overflow_msg(__func__, xdr); | ||
3004 | return -EIO; | ||
2962 | } | 3005 | } |
2963 | 3006 | ||
2964 | static int decode_attr_maxlink(struct xdr_stream *xdr, uint32_t *bitmap, uint32_t *maxlink) | 3007 | static int decode_attr_maxlink(struct xdr_stream *xdr, uint32_t *bitmap, uint32_t *maxlink) |
@@ -2970,12 +3013,17 @@ static int decode_attr_maxlink(struct xdr_stream *xdr, uint32_t *bitmap, uint32_ | |||
2970 | if (unlikely(bitmap[0] & (FATTR4_WORD0_MAXLINK - 1U))) | 3013 | if (unlikely(bitmap[0] & (FATTR4_WORD0_MAXLINK - 1U))) |
2971 | return -EIO; | 3014 | return -EIO; |
2972 | if (likely(bitmap[0] & FATTR4_WORD0_MAXLINK)) { | 3015 | if (likely(bitmap[0] & FATTR4_WORD0_MAXLINK)) { |
2973 | READ_BUF(4); | 3016 | p = xdr_inline_decode(xdr, 4); |
2974 | READ32(*maxlink); | 3017 | if (unlikely(!p)) |
3018 | goto out_overflow; | ||
3019 | *maxlink = be32_to_cpup(p); | ||
2975 | bitmap[0] &= ~FATTR4_WORD0_MAXLINK; | 3020 | bitmap[0] &= ~FATTR4_WORD0_MAXLINK; |
2976 | } | 3021 | } |
2977 | dprintk("%s: maxlink=%u\n", __func__, *maxlink); | 3022 | dprintk("%s: maxlink=%u\n", __func__, *maxlink); |
2978 | return status; | 3023 | return status; |
3024 | out_overflow: | ||
3025 | print_overflow_msg(__func__, xdr); | ||
3026 | return -EIO; | ||
2979 | } | 3027 | } |
2980 | 3028 | ||
2981 | static int decode_attr_maxname(struct xdr_stream *xdr, uint32_t *bitmap, uint32_t *maxname) | 3029 | static int decode_attr_maxname(struct xdr_stream *xdr, uint32_t *bitmap, uint32_t *maxname) |
@@ -2987,12 +3035,17 @@ static int decode_attr_maxname(struct xdr_stream *xdr, uint32_t *bitmap, uint32_ | |||
2987 | if (unlikely(bitmap[0] & (FATTR4_WORD0_MAXNAME - 1U))) | 3035 | if (unlikely(bitmap[0] & (FATTR4_WORD0_MAXNAME - 1U))) |
2988 | return -EIO; | 3036 | return -EIO; |
2989 | if (likely(bitmap[0] & FATTR4_WORD0_MAXNAME)) { | 3037 | if (likely(bitmap[0] & FATTR4_WORD0_MAXNAME)) { |
2990 | READ_BUF(4); | 3038 | p = xdr_inline_decode(xdr, 4); |
2991 | READ32(*maxname); | 3039 | if (unlikely(!p)) |
3040 | goto out_overflow; | ||
3041 | *maxname = be32_to_cpup(p); | ||
2992 | bitmap[0] &= ~FATTR4_WORD0_MAXNAME; | 3042 | bitmap[0] &= ~FATTR4_WORD0_MAXNAME; |
2993 | } | 3043 | } |
2994 | dprintk("%s: maxname=%u\n", __func__, *maxname); | 3044 | dprintk("%s: maxname=%u\n", __func__, *maxname); |
2995 | return status; | 3045 | return status; |
3046 | out_overflow: | ||
3047 | print_overflow_msg(__func__, xdr); | ||
3048 | return -EIO; | ||
2996 | } | 3049 | } |
2997 | 3050 | ||
2998 | static int decode_attr_maxread(struct xdr_stream *xdr, uint32_t *bitmap, uint32_t *res) | 3051 | static int decode_attr_maxread(struct xdr_stream *xdr, uint32_t *bitmap, uint32_t *res) |
@@ -3005,8 +3058,10 @@ static int decode_attr_maxread(struct xdr_stream *xdr, uint32_t *bitmap, uint32_ | |||
3005 | return -EIO; | 3058 | return -EIO; |
3006 | if (likely(bitmap[0] & FATTR4_WORD0_MAXREAD)) { | 3059 | if (likely(bitmap[0] & FATTR4_WORD0_MAXREAD)) { |
3007 | uint64_t maxread; | 3060 | uint64_t maxread; |
3008 | READ_BUF(8); | 3061 | p = xdr_inline_decode(xdr, 8); |
3009 | READ64(maxread); | 3062 | if (unlikely(!p)) |
3063 | goto out_overflow; | ||
3064 | xdr_decode_hyper(p, &maxread); | ||
3010 | if (maxread > 0x7FFFFFFF) | 3065 | if (maxread > 0x7FFFFFFF) |
3011 | maxread = 0x7FFFFFFF; | 3066 | maxread = 0x7FFFFFFF; |
3012 | *res = (uint32_t)maxread; | 3067 | *res = (uint32_t)maxread; |
@@ -3014,6 +3069,9 @@ static int decode_attr_maxread(struct xdr_stream *xdr, uint32_t *bitmap, uint32_ | |||
3014 | } | 3069 | } |
3015 | dprintk("%s: maxread=%lu\n", __func__, (unsigned long)*res); | 3070 | dprintk("%s: maxread=%lu\n", __func__, (unsigned long)*res); |
3016 | return status; | 3071 | return status; |
3072 | out_overflow: | ||
3073 | print_overflow_msg(__func__, xdr); | ||
3074 | return -EIO; | ||
3017 | } | 3075 | } |
3018 | 3076 | ||
3019 | static int decode_attr_maxwrite(struct xdr_stream *xdr, uint32_t *bitmap, uint32_t *res) | 3077 | static int decode_attr_maxwrite(struct xdr_stream *xdr, uint32_t *bitmap, uint32_t *res) |
@@ -3026,8 +3084,10 @@ static int decode_attr_maxwrite(struct xdr_stream *xdr, uint32_t *bitmap, uint32 | |||
3026 | return -EIO; | 3084 | return -EIO; |
3027 | if (likely(bitmap[0] & FATTR4_WORD0_MAXWRITE)) { | 3085 | if (likely(bitmap[0] & FATTR4_WORD0_MAXWRITE)) { |
3028 | uint64_t maxwrite; | 3086 | uint64_t maxwrite; |
3029 | READ_BUF(8); | 3087 | p = xdr_inline_decode(xdr, 8); |
3030 | READ64(maxwrite); | 3088 | if (unlikely(!p)) |
3089 | goto out_overflow; | ||
3090 | xdr_decode_hyper(p, &maxwrite); | ||
3031 | if (maxwrite > 0x7FFFFFFF) | 3091 | if (maxwrite > 0x7FFFFFFF) |
3032 | maxwrite = 0x7FFFFFFF; | 3092 | maxwrite = 0x7FFFFFFF; |
3033 | *res = (uint32_t)maxwrite; | 3093 | *res = (uint32_t)maxwrite; |
@@ -3035,6 +3095,9 @@ static int decode_attr_maxwrite(struct xdr_stream *xdr, uint32_t *bitmap, uint32 | |||
3035 | } | 3095 | } |
3036 | dprintk("%s: maxwrite=%lu\n", __func__, (unsigned long)*res); | 3096 | dprintk("%s: maxwrite=%lu\n", __func__, (unsigned long)*res); |
3037 | return status; | 3097 | return status; |
3098 | out_overflow: | ||
3099 | print_overflow_msg(__func__, xdr); | ||
3100 | return -EIO; | ||
3038 | } | 3101 | } |
3039 | 3102 | ||
3040 | static int decode_attr_mode(struct xdr_stream *xdr, uint32_t *bitmap, umode_t *mode) | 3103 | static int decode_attr_mode(struct xdr_stream *xdr, uint32_t *bitmap, umode_t *mode) |
@@ -3047,14 +3110,19 @@ static int decode_attr_mode(struct xdr_stream *xdr, uint32_t *bitmap, umode_t *m | |||
3047 | if (unlikely(bitmap[1] & (FATTR4_WORD1_MODE - 1U))) | 3110 | if (unlikely(bitmap[1] & (FATTR4_WORD1_MODE - 1U))) |
3048 | return -EIO; | 3111 | return -EIO; |
3049 | if (likely(bitmap[1] & FATTR4_WORD1_MODE)) { | 3112 | if (likely(bitmap[1] & FATTR4_WORD1_MODE)) { |
3050 | READ_BUF(4); | 3113 | p = xdr_inline_decode(xdr, 4); |
3051 | READ32(tmp); | 3114 | if (unlikely(!p)) |
3115 | goto out_overflow; | ||
3116 | tmp = be32_to_cpup(p); | ||
3052 | *mode = tmp & ~S_IFMT; | 3117 | *mode = tmp & ~S_IFMT; |
3053 | bitmap[1] &= ~FATTR4_WORD1_MODE; | 3118 | bitmap[1] &= ~FATTR4_WORD1_MODE; |
3054 | ret = NFS_ATTR_FATTR_MODE; | 3119 | ret = NFS_ATTR_FATTR_MODE; |
3055 | } | 3120 | } |
3056 | dprintk("%s: file mode=0%o\n", __func__, (unsigned int)*mode); | 3121 | dprintk("%s: file mode=0%o\n", __func__, (unsigned int)*mode); |
3057 | return ret; | 3122 | return ret; |
3123 | out_overflow: | ||
3124 | print_overflow_msg(__func__, xdr); | ||
3125 | return -EIO; | ||
3058 | } | 3126 | } |
3059 | 3127 | ||
3060 | static int decode_attr_nlink(struct xdr_stream *xdr, uint32_t *bitmap, uint32_t *nlink) | 3128 | static int decode_attr_nlink(struct xdr_stream *xdr, uint32_t *bitmap, uint32_t *nlink) |
@@ -3066,13 +3134,18 @@ static int decode_attr_nlink(struct xdr_stream *xdr, uint32_t *bitmap, uint32_t | |||
3066 | if (unlikely(bitmap[1] & (FATTR4_WORD1_NUMLINKS - 1U))) | 3134 | if (unlikely(bitmap[1] & (FATTR4_WORD1_NUMLINKS - 1U))) |
3067 | return -EIO; | 3135 | return -EIO; |
3068 | if (likely(bitmap[1] & FATTR4_WORD1_NUMLINKS)) { | 3136 | if (likely(bitmap[1] & FATTR4_WORD1_NUMLINKS)) { |
3069 | READ_BUF(4); | 3137 | p = xdr_inline_decode(xdr, 4); |
3070 | READ32(*nlink); | 3138 | if (unlikely(!p)) |
3139 | goto out_overflow; | ||
3140 | *nlink = be32_to_cpup(p); | ||
3071 | bitmap[1] &= ~FATTR4_WORD1_NUMLINKS; | 3141 | bitmap[1] &= ~FATTR4_WORD1_NUMLINKS; |
3072 | ret = NFS_ATTR_FATTR_NLINK; | 3142 | ret = NFS_ATTR_FATTR_NLINK; |
3073 | } | 3143 | } |
3074 | dprintk("%s: nlink=%u\n", __func__, (unsigned int)*nlink); | 3144 | dprintk("%s: nlink=%u\n", __func__, (unsigned int)*nlink); |
3075 | return ret; | 3145 | return ret; |
3146 | out_overflow: | ||
3147 | print_overflow_msg(__func__, xdr); | ||
3148 | return -EIO; | ||
3076 | } | 3149 | } |
3077 | 3150 | ||
3078 | static int decode_attr_owner(struct xdr_stream *xdr, uint32_t *bitmap, | 3151 | static int decode_attr_owner(struct xdr_stream *xdr, uint32_t *bitmap, |
@@ -3086,9 +3159,13 @@ static int decode_attr_owner(struct xdr_stream *xdr, uint32_t *bitmap, | |||
3086 | if (unlikely(bitmap[1] & (FATTR4_WORD1_OWNER - 1U))) | 3159 | if (unlikely(bitmap[1] & (FATTR4_WORD1_OWNER - 1U))) |
3087 | return -EIO; | 3160 | return -EIO; |
3088 | if (likely(bitmap[1] & FATTR4_WORD1_OWNER)) { | 3161 | if (likely(bitmap[1] & FATTR4_WORD1_OWNER)) { |
3089 | READ_BUF(4); | 3162 | p = xdr_inline_decode(xdr, 4); |
3090 | READ32(len); | 3163 | if (unlikely(!p)) |
3091 | READ_BUF(len); | 3164 | goto out_overflow; |
3165 | len = be32_to_cpup(p); | ||
3166 | p = xdr_inline_decode(xdr, len); | ||
3167 | if (unlikely(!p)) | ||
3168 | goto out_overflow; | ||
3092 | if (!may_sleep) { | 3169 | if (!may_sleep) { |
3093 | /* do nothing */ | 3170 | /* do nothing */ |
3094 | } else if (len < XDR_MAX_NETOBJ) { | 3171 | } else if (len < XDR_MAX_NETOBJ) { |
@@ -3104,6 +3181,9 @@ static int decode_attr_owner(struct xdr_stream *xdr, uint32_t *bitmap, | |||
3104 | } | 3181 | } |
3105 | dprintk("%s: uid=%d\n", __func__, (int)*uid); | 3182 | dprintk("%s: uid=%d\n", __func__, (int)*uid); |
3106 | return ret; | 3183 | return ret; |
3184 | out_overflow: | ||
3185 | print_overflow_msg(__func__, xdr); | ||
3186 | return -EIO; | ||
3107 | } | 3187 | } |
3108 | 3188 | ||
3109 | static int decode_attr_group(struct xdr_stream *xdr, uint32_t *bitmap, | 3189 | static int decode_attr_group(struct xdr_stream *xdr, uint32_t *bitmap, |
@@ -3117,9 +3197,13 @@ static int decode_attr_group(struct xdr_stream *xdr, uint32_t *bitmap, | |||
3117 | if (unlikely(bitmap[1] & (FATTR4_WORD1_OWNER_GROUP - 1U))) | 3197 | if (unlikely(bitmap[1] & (FATTR4_WORD1_OWNER_GROUP - 1U))) |
3118 | return -EIO; | 3198 | return -EIO; |
3119 | if (likely(bitmap[1] & FATTR4_WORD1_OWNER_GROUP)) { | 3199 | if (likely(bitmap[1] & FATTR4_WORD1_OWNER_GROUP)) { |
3120 | READ_BUF(4); | 3200 | p = xdr_inline_decode(xdr, 4); |
3121 | READ32(len); | 3201 | if (unlikely(!p)) |
3122 | READ_BUF(len); | 3202 | goto out_overflow; |
3203 | len = be32_to_cpup(p); | ||
3204 | p = xdr_inline_decode(xdr, len); | ||
3205 | if (unlikely(!p)) | ||
3206 | goto out_overflow; | ||
3123 | if (!may_sleep) { | 3207 | if (!may_sleep) { |
3124 | /* do nothing */ | 3208 | /* do nothing */ |
3125 | } else if (len < XDR_MAX_NETOBJ) { | 3209 | } else if (len < XDR_MAX_NETOBJ) { |
@@ -3135,6 +3219,9 @@ static int decode_attr_group(struct xdr_stream *xdr, uint32_t *bitmap, | |||
3135 | } | 3219 | } |
3136 | dprintk("%s: gid=%d\n", __func__, (int)*gid); | 3220 | dprintk("%s: gid=%d\n", __func__, (int)*gid); |
3137 | return ret; | 3221 | return ret; |
3222 | out_overflow: | ||
3223 | print_overflow_msg(__func__, xdr); | ||
3224 | return -EIO; | ||
3138 | } | 3225 | } |
3139 | 3226 | ||
3140 | static int decode_attr_rdev(struct xdr_stream *xdr, uint32_t *bitmap, dev_t *rdev) | 3227 | static int decode_attr_rdev(struct xdr_stream *xdr, uint32_t *bitmap, dev_t *rdev) |
@@ -3149,9 +3236,11 @@ static int decode_attr_rdev(struct xdr_stream *xdr, uint32_t *bitmap, dev_t *rde | |||
3149 | if (likely(bitmap[1] & FATTR4_WORD1_RAWDEV)) { | 3236 | if (likely(bitmap[1] & FATTR4_WORD1_RAWDEV)) { |
3150 | dev_t tmp; | 3237 | dev_t tmp; |
3151 | 3238 | ||
3152 | READ_BUF(8); | 3239 | p = xdr_inline_decode(xdr, 8); |
3153 | READ32(major); | 3240 | if (unlikely(!p)) |
3154 | READ32(minor); | 3241 | goto out_overflow; |
3242 | major = be32_to_cpup(p++); | ||
3243 | minor = be32_to_cpup(p); | ||
3155 | tmp = MKDEV(major, minor); | 3244 | tmp = MKDEV(major, minor); |
3156 | if (MAJOR(tmp) == major && MINOR(tmp) == minor) | 3245 | if (MAJOR(tmp) == major && MINOR(tmp) == minor) |
3157 | *rdev = tmp; | 3246 | *rdev = tmp; |
@@ -3160,6 +3249,9 @@ static int decode_attr_rdev(struct xdr_stream *xdr, uint32_t *bitmap, dev_t *rde | |||
3160 | } | 3249 | } |
3161 | dprintk("%s: rdev=(0x%x:0x%x)\n", __func__, major, minor); | 3250 | dprintk("%s: rdev=(0x%x:0x%x)\n", __func__, major, minor); |
3162 | return ret; | 3251 | return ret; |
3252 | out_overflow: | ||
3253 | print_overflow_msg(__func__, xdr); | ||
3254 | return -EIO; | ||
3163 | } | 3255 | } |
3164 | 3256 | ||
3165 | static int decode_attr_space_avail(struct xdr_stream *xdr, uint32_t *bitmap, uint64_t *res) | 3257 | static int decode_attr_space_avail(struct xdr_stream *xdr, uint32_t *bitmap, uint64_t *res) |
@@ -3171,12 +3263,17 @@ static int decode_attr_space_avail(struct xdr_stream *xdr, uint32_t *bitmap, uin | |||
3171 | if (unlikely(bitmap[1] & (FATTR4_WORD1_SPACE_AVAIL - 1U))) | 3263 | if (unlikely(bitmap[1] & (FATTR4_WORD1_SPACE_AVAIL - 1U))) |
3172 | return -EIO; | 3264 | return -EIO; |
3173 | if (likely(bitmap[1] & FATTR4_WORD1_SPACE_AVAIL)) { | 3265 | if (likely(bitmap[1] & FATTR4_WORD1_SPACE_AVAIL)) { |
3174 | READ_BUF(8); | 3266 | p = xdr_inline_decode(xdr, 8); |
3175 | READ64(*res); | 3267 | if (unlikely(!p)) |
3268 | goto out_overflow; | ||
3269 | xdr_decode_hyper(p, res); | ||
3176 | bitmap[1] &= ~FATTR4_WORD1_SPACE_AVAIL; | 3270 | bitmap[1] &= ~FATTR4_WORD1_SPACE_AVAIL; |
3177 | } | 3271 | } |
3178 | dprintk("%s: space avail=%Lu\n", __func__, (unsigned long long)*res); | 3272 | dprintk("%s: space avail=%Lu\n", __func__, (unsigned long long)*res); |
3179 | return status; | 3273 | return status; |
3274 | out_overflow: | ||
3275 | print_overflow_msg(__func__, xdr); | ||
3276 | return -EIO; | ||
3180 | } | 3277 | } |
3181 | 3278 | ||
3182 | static int decode_attr_space_free(struct xdr_stream *xdr, uint32_t *bitmap, uint64_t *res) | 3279 | static int decode_attr_space_free(struct xdr_stream *xdr, uint32_t *bitmap, uint64_t *res) |
@@ -3188,12 +3285,17 @@ static int decode_attr_space_free(struct xdr_stream *xdr, uint32_t *bitmap, uint | |||
3188 | if (unlikely(bitmap[1] & (FATTR4_WORD1_SPACE_FREE - 1U))) | 3285 | if (unlikely(bitmap[1] & (FATTR4_WORD1_SPACE_FREE - 1U))) |
3189 | return -EIO; | 3286 | return -EIO; |
3190 | if (likely(bitmap[1] & FATTR4_WORD1_SPACE_FREE)) { | 3287 | if (likely(bitmap[1] & FATTR4_WORD1_SPACE_FREE)) { |
3191 | READ_BUF(8); | 3288 | p = xdr_inline_decode(xdr, 8); |
3192 | READ64(*res); | 3289 | if (unlikely(!p)) |
3290 | goto out_overflow; | ||
3291 | xdr_decode_hyper(p, res); | ||
3193 | bitmap[1] &= ~FATTR4_WORD1_SPACE_FREE; | 3292 | bitmap[1] &= ~FATTR4_WORD1_SPACE_FREE; |
3194 | } | 3293 | } |
3195 | dprintk("%s: space free=%Lu\n", __func__, (unsigned long long)*res); | 3294 | dprintk("%s: space free=%Lu\n", __func__, (unsigned long long)*res); |
3196 | return status; | 3295 | return status; |
3296 | out_overflow: | ||
3297 | print_overflow_msg(__func__, xdr); | ||
3298 | return -EIO; | ||
3197 | } | 3299 | } |
3198 | 3300 | ||
3199 | static int decode_attr_space_total(struct xdr_stream *xdr, uint32_t *bitmap, uint64_t *res) | 3301 | static int decode_attr_space_total(struct xdr_stream *xdr, uint32_t *bitmap, uint64_t *res) |
@@ -3205,12 +3307,17 @@ static int decode_attr_space_total(struct xdr_stream *xdr, uint32_t *bitmap, uin | |||
3205 | if (unlikely(bitmap[1] & (FATTR4_WORD1_SPACE_TOTAL - 1U))) | 3307 | if (unlikely(bitmap[1] & (FATTR4_WORD1_SPACE_TOTAL - 1U))) |
3206 | return -EIO; | 3308 | return -EIO; |
3207 | if (likely(bitmap[1] & FATTR4_WORD1_SPACE_TOTAL)) { | 3309 | if (likely(bitmap[1] & FATTR4_WORD1_SPACE_TOTAL)) { |
3208 | READ_BUF(8); | 3310 | p = xdr_inline_decode(xdr, 8); |
3209 | READ64(*res); | 3311 | if (unlikely(!p)) |
3312 | goto out_overflow; | ||
3313 | xdr_decode_hyper(p, res); | ||
3210 | bitmap[1] &= ~FATTR4_WORD1_SPACE_TOTAL; | 3314 | bitmap[1] &= ~FATTR4_WORD1_SPACE_TOTAL; |
3211 | } | 3315 | } |
3212 | dprintk("%s: space total=%Lu\n", __func__, (unsigned long long)*res); | 3316 | dprintk("%s: space total=%Lu\n", __func__, (unsigned long long)*res); |
3213 | return status; | 3317 | return status; |
3318 | out_overflow: | ||
3319 | print_overflow_msg(__func__, xdr); | ||
3320 | return -EIO; | ||
3214 | } | 3321 | } |
3215 | 3322 | ||
3216 | static int decode_attr_space_used(struct xdr_stream *xdr, uint32_t *bitmap, uint64_t *used) | 3323 | static int decode_attr_space_used(struct xdr_stream *xdr, uint32_t *bitmap, uint64_t *used) |
@@ -3222,14 +3329,19 @@ static int decode_attr_space_used(struct xdr_stream *xdr, uint32_t *bitmap, uint | |||
3222 | if (unlikely(bitmap[1] & (FATTR4_WORD1_SPACE_USED - 1U))) | 3329 | if (unlikely(bitmap[1] & (FATTR4_WORD1_SPACE_USED - 1U))) |
3223 | return -EIO; | 3330 | return -EIO; |
3224 | if (likely(bitmap[1] & FATTR4_WORD1_SPACE_USED)) { | 3331 | if (likely(bitmap[1] & FATTR4_WORD1_SPACE_USED)) { |
3225 | READ_BUF(8); | 3332 | p = xdr_inline_decode(xdr, 8); |
3226 | READ64(*used); | 3333 | if (unlikely(!p)) |
3334 | goto out_overflow; | ||
3335 | xdr_decode_hyper(p, used); | ||
3227 | bitmap[1] &= ~FATTR4_WORD1_SPACE_USED; | 3336 | bitmap[1] &= ~FATTR4_WORD1_SPACE_USED; |
3228 | ret = NFS_ATTR_FATTR_SPACE_USED; | 3337 | ret = NFS_ATTR_FATTR_SPACE_USED; |
3229 | } | 3338 | } |
3230 | dprintk("%s: space used=%Lu\n", __func__, | 3339 | dprintk("%s: space used=%Lu\n", __func__, |
3231 | (unsigned long long)*used); | 3340 | (unsigned long long)*used); |
3232 | return ret; | 3341 | return ret; |
3342 | out_overflow: | ||
3343 | print_overflow_msg(__func__, xdr); | ||
3344 | return -EIO; | ||
3233 | } | 3345 | } |
3234 | 3346 | ||
3235 | static int decode_attr_time(struct xdr_stream *xdr, struct timespec *time) | 3347 | static int decode_attr_time(struct xdr_stream *xdr, struct timespec *time) |
@@ -3238,12 +3350,17 @@ static int decode_attr_time(struct xdr_stream *xdr, struct timespec *time) | |||
3238 | uint64_t sec; | 3350 | uint64_t sec; |
3239 | uint32_t nsec; | 3351 | uint32_t nsec; |
3240 | 3352 | ||
3241 | READ_BUF(12); | 3353 | p = xdr_inline_decode(xdr, 12); |
3242 | READ64(sec); | 3354 | if (unlikely(!p)) |
3243 | READ32(nsec); | 3355 | goto out_overflow; |
3356 | p = xdr_decode_hyper(p, &sec); | ||
3357 | nsec = be32_to_cpup(p); | ||
3244 | time->tv_sec = (time_t)sec; | 3358 | time->tv_sec = (time_t)sec; |
3245 | time->tv_nsec = (long)nsec; | 3359 | time->tv_nsec = (long)nsec; |
3246 | return 0; | 3360 | return 0; |
3361 | out_overflow: | ||
3362 | print_overflow_msg(__func__, xdr); | ||
3363 | return -EIO; | ||
3247 | } | 3364 | } |
3248 | 3365 | ||
3249 | static int decode_attr_time_access(struct xdr_stream *xdr, uint32_t *bitmap, struct timespec *time) | 3366 | static int decode_attr_time_access(struct xdr_stream *xdr, uint32_t *bitmap, struct timespec *time) |
@@ -3321,11 +3438,16 @@ static int decode_change_info(struct xdr_stream *xdr, struct nfs4_change_info *c | |||
3321 | { | 3438 | { |
3322 | __be32 *p; | 3439 | __be32 *p; |
3323 | 3440 | ||
3324 | READ_BUF(20); | 3441 | p = xdr_inline_decode(xdr, 20); |
3325 | READ32(cinfo->atomic); | 3442 | if (unlikely(!p)) |
3326 | READ64(cinfo->before); | 3443 | goto out_overflow; |
3327 | READ64(cinfo->after); | 3444 | cinfo->atomic = be32_to_cpup(p++); |
3445 | p = xdr_decode_hyper(p, &cinfo->before); | ||
3446 | xdr_decode_hyper(p, &cinfo->after); | ||
3328 | return 0; | 3447 | return 0; |
3448 | out_overflow: | ||
3449 | print_overflow_msg(__func__, xdr); | ||
3450 | return -EIO; | ||
3329 | } | 3451 | } |
3330 | 3452 | ||
3331 | static int decode_access(struct xdr_stream *xdr, struct nfs4_accessres *access) | 3453 | static int decode_access(struct xdr_stream *xdr, struct nfs4_accessres *access) |
@@ -3337,40 +3459,62 @@ static int decode_access(struct xdr_stream *xdr, struct nfs4_accessres *access) | |||
3337 | status = decode_op_hdr(xdr, OP_ACCESS); | 3459 | status = decode_op_hdr(xdr, OP_ACCESS); |
3338 | if (status) | 3460 | if (status) |
3339 | return status; | 3461 | return status; |
3340 | READ_BUF(8); | 3462 | p = xdr_inline_decode(xdr, 8); |
3341 | READ32(supp); | 3463 | if (unlikely(!p)) |
3342 | READ32(acc); | 3464 | goto out_overflow; |
3465 | supp = be32_to_cpup(p++); | ||
3466 | acc = be32_to_cpup(p); | ||
3343 | access->supported = supp; | 3467 | access->supported = supp; |
3344 | access->access = acc; | 3468 | access->access = acc; |
3345 | return 0; | 3469 | return 0; |
3470 | out_overflow: | ||
3471 | print_overflow_msg(__func__, xdr); | ||
3472 | return -EIO; | ||
3346 | } | 3473 | } |
3347 | 3474 | ||
3348 | static int decode_close(struct xdr_stream *xdr, struct nfs_closeres *res) | 3475 | static int decode_opaque_fixed(struct xdr_stream *xdr, void *buf, size_t len) |
3349 | { | 3476 | { |
3350 | __be32 *p; | 3477 | __be32 *p; |
3478 | |||
3479 | p = xdr_inline_decode(xdr, len); | ||
3480 | if (likely(p)) { | ||
3481 | memcpy(buf, p, len); | ||
3482 | return 0; | ||
3483 | } | ||
3484 | print_overflow_msg(__func__, xdr); | ||
3485 | return -EIO; | ||
3486 | } | ||
3487 | |||
3488 | static int decode_stateid(struct xdr_stream *xdr, nfs4_stateid *stateid) | ||
3489 | { | ||
3490 | return decode_opaque_fixed(xdr, stateid->data, NFS4_STATEID_SIZE); | ||
3491 | } | ||
3492 | |||
3493 | static int decode_close(struct xdr_stream *xdr, struct nfs_closeres *res) | ||
3494 | { | ||
3351 | int status; | 3495 | int status; |
3352 | 3496 | ||
3353 | status = decode_op_hdr(xdr, OP_CLOSE); | 3497 | status = decode_op_hdr(xdr, OP_CLOSE); |
3354 | if (status != -EIO) | 3498 | if (status != -EIO) |
3355 | nfs_increment_open_seqid(status, res->seqid); | 3499 | nfs_increment_open_seqid(status, res->seqid); |
3356 | if (status) | 3500 | if (!status) |
3357 | return status; | 3501 | status = decode_stateid(xdr, &res->stateid); |
3358 | READ_BUF(NFS4_STATEID_SIZE); | 3502 | return status; |
3359 | COPYMEM(res->stateid.data, NFS4_STATEID_SIZE); | 3503 | } |
3360 | return 0; | 3504 | |
3505 | static int decode_verifier(struct xdr_stream *xdr, void *verifier) | ||
3506 | { | ||
3507 | return decode_opaque_fixed(xdr, verifier, 8); | ||
3361 | } | 3508 | } |
3362 | 3509 | ||
3363 | static int decode_commit(struct xdr_stream *xdr, struct nfs_writeres *res) | 3510 | static int decode_commit(struct xdr_stream *xdr, struct nfs_writeres *res) |
3364 | { | 3511 | { |
3365 | __be32 *p; | ||
3366 | int status; | 3512 | int status; |
3367 | 3513 | ||
3368 | status = decode_op_hdr(xdr, OP_COMMIT); | 3514 | status = decode_op_hdr(xdr, OP_COMMIT); |
3369 | if (status) | 3515 | if (!status) |
3370 | return status; | 3516 | status = decode_verifier(xdr, res->verf->verifier); |
3371 | READ_BUF(8); | 3517 | return status; |
3372 | COPYMEM(res->verf->verifier, 8); | ||
3373 | return 0; | ||
3374 | } | 3518 | } |
3375 | 3519 | ||
3376 | static int decode_create(struct xdr_stream *xdr, struct nfs4_change_info *cinfo) | 3520 | static int decode_create(struct xdr_stream *xdr, struct nfs4_change_info *cinfo) |
@@ -3384,10 +3528,16 @@ static int decode_create(struct xdr_stream *xdr, struct nfs4_change_info *cinfo) | |||
3384 | return status; | 3528 | return status; |
3385 | if ((status = decode_change_info(xdr, cinfo))) | 3529 | if ((status = decode_change_info(xdr, cinfo))) |
3386 | return status; | 3530 | return status; |
3387 | READ_BUF(4); | 3531 | p = xdr_inline_decode(xdr, 4); |
3388 | READ32(bmlen); | 3532 | if (unlikely(!p)) |
3389 | READ_BUF(bmlen << 2); | 3533 | goto out_overflow; |
3390 | return 0; | 3534 | bmlen = be32_to_cpup(p); |
3535 | p = xdr_inline_decode(xdr, bmlen << 2); | ||
3536 | if (likely(p)) | ||
3537 | return 0; | ||
3538 | out_overflow: | ||
3539 | print_overflow_msg(__func__, xdr); | ||
3540 | return -EIO; | ||
3391 | } | 3541 | } |
3392 | 3542 | ||
3393 | static int decode_server_caps(struct xdr_stream *xdr, struct nfs4_server_caps_res *res) | 3543 | static int decode_server_caps(struct xdr_stream *xdr, struct nfs4_server_caps_res *res) |
@@ -3642,14 +3792,21 @@ static int decode_getfh(struct xdr_stream *xdr, struct nfs_fh *fh) | |||
3642 | if (status) | 3792 | if (status) |
3643 | return status; | 3793 | return status; |
3644 | 3794 | ||
3645 | READ_BUF(4); | 3795 | p = xdr_inline_decode(xdr, 4); |
3646 | READ32(len); | 3796 | if (unlikely(!p)) |
3797 | goto out_overflow; | ||
3798 | len = be32_to_cpup(p); | ||
3647 | if (len > NFS4_FHSIZE) | 3799 | if (len > NFS4_FHSIZE) |
3648 | return -EIO; | 3800 | return -EIO; |
3649 | fh->size = len; | 3801 | fh->size = len; |
3650 | READ_BUF(len); | 3802 | p = xdr_inline_decode(xdr, len); |
3651 | COPYMEM(fh->data, len); | 3803 | if (unlikely(!p)) |
3804 | goto out_overflow; | ||
3805 | memcpy(fh->data, p, len); | ||
3652 | return 0; | 3806 | return 0; |
3807 | out_overflow: | ||
3808 | print_overflow_msg(__func__, xdr); | ||
3809 | return -EIO; | ||
3653 | } | 3810 | } |
3654 | 3811 | ||
3655 | static int decode_link(struct xdr_stream *xdr, struct nfs4_change_info *cinfo) | 3812 | static int decode_link(struct xdr_stream *xdr, struct nfs4_change_info *cinfo) |
@@ -3671,10 +3828,12 @@ static int decode_lock_denied (struct xdr_stream *xdr, struct file_lock *fl) | |||
3671 | __be32 *p; | 3828 | __be32 *p; |
3672 | uint32_t namelen, type; | 3829 | uint32_t namelen, type; |
3673 | 3830 | ||
3674 | READ_BUF(32); | 3831 | p = xdr_inline_decode(xdr, 32); |
3675 | READ64(offset); | 3832 | if (unlikely(!p)) |
3676 | READ64(length); | 3833 | goto out_overflow; |
3677 | READ32(type); | 3834 | p = xdr_decode_hyper(p, &offset); |
3835 | p = xdr_decode_hyper(p, &length); | ||
3836 | type = be32_to_cpup(p++); | ||
3678 | if (fl != NULL) { | 3837 | if (fl != NULL) { |
3679 | fl->fl_start = (loff_t)offset; | 3838 | fl->fl_start = (loff_t)offset; |
3680 | fl->fl_end = fl->fl_start + (loff_t)length - 1; | 3839 | fl->fl_end = fl->fl_start + (loff_t)length - 1; |
@@ -3685,23 +3844,27 @@ static int decode_lock_denied (struct xdr_stream *xdr, struct file_lock *fl) | |||
3685 | fl->fl_type = F_RDLCK; | 3844 | fl->fl_type = F_RDLCK; |
3686 | fl->fl_pid = 0; | 3845 | fl->fl_pid = 0; |
3687 | } | 3846 | } |
3688 | READ64(clientid); | 3847 | p = xdr_decode_hyper(p, &clientid); |
3689 | READ32(namelen); | 3848 | namelen = be32_to_cpup(p); |
3690 | READ_BUF(namelen); | 3849 | p = xdr_inline_decode(xdr, namelen); |
3691 | return -NFS4ERR_DENIED; | 3850 | if (likely(p)) |
3851 | return -NFS4ERR_DENIED; | ||
3852 | out_overflow: | ||
3853 | print_overflow_msg(__func__, xdr); | ||
3854 | return -EIO; | ||
3692 | } | 3855 | } |
3693 | 3856 | ||
3694 | static int decode_lock(struct xdr_stream *xdr, struct nfs_lock_res *res) | 3857 | static int decode_lock(struct xdr_stream *xdr, struct nfs_lock_res *res) |
3695 | { | 3858 | { |
3696 | __be32 *p; | ||
3697 | int status; | 3859 | int status; |
3698 | 3860 | ||
3699 | status = decode_op_hdr(xdr, OP_LOCK); | 3861 | status = decode_op_hdr(xdr, OP_LOCK); |
3700 | if (status == -EIO) | 3862 | if (status == -EIO) |
3701 | goto out; | 3863 | goto out; |
3702 | if (status == 0) { | 3864 | if (status == 0) { |
3703 | READ_BUF(NFS4_STATEID_SIZE); | 3865 | status = decode_stateid(xdr, &res->stateid); |
3704 | COPYMEM(res->stateid.data, NFS4_STATEID_SIZE); | 3866 | if (unlikely(status)) |
3867 | goto out; | ||
3705 | } else if (status == -NFS4ERR_DENIED) | 3868 | } else if (status == -NFS4ERR_DENIED) |
3706 | status = decode_lock_denied(xdr, NULL); | 3869 | status = decode_lock_denied(xdr, NULL); |
3707 | if (res->open_seqid != NULL) | 3870 | if (res->open_seqid != NULL) |
@@ -3722,16 +3885,13 @@ static int decode_lockt(struct xdr_stream *xdr, struct nfs_lockt_res *res) | |||
3722 | 3885 | ||
3723 | static int decode_locku(struct xdr_stream *xdr, struct nfs_locku_res *res) | 3886 | static int decode_locku(struct xdr_stream *xdr, struct nfs_locku_res *res) |
3724 | { | 3887 | { |
3725 | __be32 *p; | ||
3726 | int status; | 3888 | int status; |
3727 | 3889 | ||
3728 | status = decode_op_hdr(xdr, OP_LOCKU); | 3890 | status = decode_op_hdr(xdr, OP_LOCKU); |
3729 | if (status != -EIO) | 3891 | if (status != -EIO) |
3730 | nfs_increment_lock_seqid(status, res->seqid); | 3892 | nfs_increment_lock_seqid(status, res->seqid); |
3731 | if (status == 0) { | 3893 | if (status == 0) |
3732 | READ_BUF(NFS4_STATEID_SIZE); | 3894 | status = decode_stateid(xdr, &res->stateid); |
3733 | COPYMEM(res->stateid.data, NFS4_STATEID_SIZE); | ||
3734 | } | ||
3735 | return status; | 3895 | return status; |
3736 | } | 3896 | } |
3737 | 3897 | ||
@@ -3746,34 +3906,46 @@ static int decode_space_limit(struct xdr_stream *xdr, u64 *maxsize) | |||
3746 | __be32 *p; | 3906 | __be32 *p; |
3747 | uint32_t limit_type, nblocks, blocksize; | 3907 | uint32_t limit_type, nblocks, blocksize; |
3748 | 3908 | ||
3749 | READ_BUF(12); | 3909 | p = xdr_inline_decode(xdr, 12); |
3750 | READ32(limit_type); | 3910 | if (unlikely(!p)) |
3911 | goto out_overflow; | ||
3912 | limit_type = be32_to_cpup(p++); | ||
3751 | switch (limit_type) { | 3913 | switch (limit_type) { |
3752 | case 1: | 3914 | case 1: |
3753 | READ64(*maxsize); | 3915 | xdr_decode_hyper(p, maxsize); |
3754 | break; | 3916 | break; |
3755 | case 2: | 3917 | case 2: |
3756 | READ32(nblocks); | 3918 | nblocks = be32_to_cpup(p++); |
3757 | READ32(blocksize); | 3919 | blocksize = be32_to_cpup(p); |
3758 | *maxsize = (uint64_t)nblocks * (uint64_t)blocksize; | 3920 | *maxsize = (uint64_t)nblocks * (uint64_t)blocksize; |
3759 | } | 3921 | } |
3760 | return 0; | 3922 | return 0; |
3923 | out_overflow: | ||
3924 | print_overflow_msg(__func__, xdr); | ||
3925 | return -EIO; | ||
3761 | } | 3926 | } |
3762 | 3927 | ||
3763 | static int decode_delegation(struct xdr_stream *xdr, struct nfs_openres *res) | 3928 | static int decode_delegation(struct xdr_stream *xdr, struct nfs_openres *res) |
3764 | { | 3929 | { |
3765 | __be32 *p; | 3930 | __be32 *p; |
3766 | uint32_t delegation_type; | 3931 | uint32_t delegation_type; |
3932 | int status; | ||
3767 | 3933 | ||
3768 | READ_BUF(4); | 3934 | p = xdr_inline_decode(xdr, 4); |
3769 | READ32(delegation_type); | 3935 | if (unlikely(!p)) |
3936 | goto out_overflow; | ||
3937 | delegation_type = be32_to_cpup(p); | ||
3770 | if (delegation_type == NFS4_OPEN_DELEGATE_NONE) { | 3938 | if (delegation_type == NFS4_OPEN_DELEGATE_NONE) { |
3771 | res->delegation_type = 0; | 3939 | res->delegation_type = 0; |
3772 | return 0; | 3940 | return 0; |
3773 | } | 3941 | } |
3774 | READ_BUF(NFS4_STATEID_SIZE+4); | 3942 | status = decode_stateid(xdr, &res->delegation); |
3775 | COPYMEM(res->delegation.data, NFS4_STATEID_SIZE); | 3943 | if (unlikely(status)) |
3776 | READ32(res->do_recall); | 3944 | return status; |
3945 | p = xdr_inline_decode(xdr, 4); | ||
3946 | if (unlikely(!p)) | ||
3947 | goto out_overflow; | ||
3948 | res->do_recall = be32_to_cpup(p); | ||
3777 | 3949 | ||
3778 | switch (delegation_type) { | 3950 | switch (delegation_type) { |
3779 | case NFS4_OPEN_DELEGATE_READ: | 3951 | case NFS4_OPEN_DELEGATE_READ: |
@@ -3785,6 +3957,9 @@ static int decode_delegation(struct xdr_stream *xdr, struct nfs_openres *res) | |||
3785 | return -EIO; | 3957 | return -EIO; |
3786 | } | 3958 | } |
3787 | return decode_ace(xdr, NULL, res->server->nfs_client); | 3959 | return decode_ace(xdr, NULL, res->server->nfs_client); |
3960 | out_overflow: | ||
3961 | print_overflow_msg(__func__, xdr); | ||
3962 | return -EIO; | ||
3788 | } | 3963 | } |
3789 | 3964 | ||
3790 | static int decode_open(struct xdr_stream *xdr, struct nfs_openres *res) | 3965 | static int decode_open(struct xdr_stream *xdr, struct nfs_openres *res) |
@@ -3796,23 +3971,27 @@ static int decode_open(struct xdr_stream *xdr, struct nfs_openres *res) | |||
3796 | status = decode_op_hdr(xdr, OP_OPEN); | 3971 | status = decode_op_hdr(xdr, OP_OPEN); |
3797 | if (status != -EIO) | 3972 | if (status != -EIO) |
3798 | nfs_increment_open_seqid(status, res->seqid); | 3973 | nfs_increment_open_seqid(status, res->seqid); |
3799 | if (status) | 3974 | if (!status) |
3975 | status = decode_stateid(xdr, &res->stateid); | ||
3976 | if (unlikely(status)) | ||
3800 | return status; | 3977 | return status; |
3801 | READ_BUF(NFS4_STATEID_SIZE); | ||
3802 | COPYMEM(res->stateid.data, NFS4_STATEID_SIZE); | ||
3803 | 3978 | ||
3804 | decode_change_info(xdr, &res->cinfo); | 3979 | decode_change_info(xdr, &res->cinfo); |
3805 | 3980 | ||
3806 | READ_BUF(8); | 3981 | p = xdr_inline_decode(xdr, 8); |
3807 | READ32(res->rflags); | 3982 | if (unlikely(!p)) |
3808 | READ32(bmlen); | 3983 | goto out_overflow; |
3984 | res->rflags = be32_to_cpup(p++); | ||
3985 | bmlen = be32_to_cpup(p); | ||
3809 | if (bmlen > 10) | 3986 | if (bmlen > 10) |
3810 | goto xdr_error; | 3987 | goto xdr_error; |
3811 | 3988 | ||
3812 | READ_BUF(bmlen << 2); | 3989 | p = xdr_inline_decode(xdr, bmlen << 2); |
3990 | if (unlikely(!p)) | ||
3991 | goto out_overflow; | ||
3813 | savewords = min_t(uint32_t, bmlen, NFS4_BITMAP_SIZE); | 3992 | savewords = min_t(uint32_t, bmlen, NFS4_BITMAP_SIZE); |
3814 | for (i = 0; i < savewords; ++i) | 3993 | for (i = 0; i < savewords; ++i) |
3815 | READ32(res->attrset[i]); | 3994 | res->attrset[i] = be32_to_cpup(p++); |
3816 | for (; i < NFS4_BITMAP_SIZE; i++) | 3995 | for (; i < NFS4_BITMAP_SIZE; i++) |
3817 | res->attrset[i] = 0; | 3996 | res->attrset[i] = 0; |
3818 | 3997 | ||
@@ -3820,36 +3999,33 @@ static int decode_open(struct xdr_stream *xdr, struct nfs_openres *res) | |||
3820 | xdr_error: | 3999 | xdr_error: |
3821 | dprintk("%s: Bitmap too large! Length = %u\n", __func__, bmlen); | 4000 | dprintk("%s: Bitmap too large! Length = %u\n", __func__, bmlen); |
3822 | return -EIO; | 4001 | return -EIO; |
4002 | out_overflow: | ||
4003 | print_overflow_msg(__func__, xdr); | ||
4004 | return -EIO; | ||
3823 | } | 4005 | } |
3824 | 4006 | ||
3825 | static int decode_open_confirm(struct xdr_stream *xdr, struct nfs_open_confirmres *res) | 4007 | static int decode_open_confirm(struct xdr_stream *xdr, struct nfs_open_confirmres *res) |
3826 | { | 4008 | { |
3827 | __be32 *p; | ||
3828 | int status; | 4009 | int status; |
3829 | 4010 | ||
3830 | status = decode_op_hdr(xdr, OP_OPEN_CONFIRM); | 4011 | status = decode_op_hdr(xdr, OP_OPEN_CONFIRM); |
3831 | if (status != -EIO) | 4012 | if (status != -EIO) |
3832 | nfs_increment_open_seqid(status, res->seqid); | 4013 | nfs_increment_open_seqid(status, res->seqid); |
3833 | if (status) | 4014 | if (!status) |
3834 | return status; | 4015 | status = decode_stateid(xdr, &res->stateid); |
3835 | READ_BUF(NFS4_STATEID_SIZE); | 4016 | return status; |
3836 | COPYMEM(res->stateid.data, NFS4_STATEID_SIZE); | ||
3837 | return 0; | ||
3838 | } | 4017 | } |
3839 | 4018 | ||
3840 | static int decode_open_downgrade(struct xdr_stream *xdr, struct nfs_closeres *res) | 4019 | static int decode_open_downgrade(struct xdr_stream *xdr, struct nfs_closeres *res) |
3841 | { | 4020 | { |
3842 | __be32 *p; | ||
3843 | int status; | 4021 | int status; |
3844 | 4022 | ||
3845 | status = decode_op_hdr(xdr, OP_OPEN_DOWNGRADE); | 4023 | status = decode_op_hdr(xdr, OP_OPEN_DOWNGRADE); |
3846 | if (status != -EIO) | 4024 | if (status != -EIO) |
3847 | nfs_increment_open_seqid(status, res->seqid); | 4025 | nfs_increment_open_seqid(status, res->seqid); |
3848 | if (status) | 4026 | if (!status) |
3849 | return status; | 4027 | status = decode_stateid(xdr, &res->stateid); |
3850 | READ_BUF(NFS4_STATEID_SIZE); | 4028 | return status; |
3851 | COPYMEM(res->stateid.data, NFS4_STATEID_SIZE); | ||
3852 | return 0; | ||
3853 | } | 4029 | } |
3854 | 4030 | ||
3855 | static int decode_putfh(struct xdr_stream *xdr) | 4031 | static int decode_putfh(struct xdr_stream *xdr) |
@@ -3872,9 +4048,11 @@ static int decode_read(struct xdr_stream *xdr, struct rpc_rqst *req, struct nfs_ | |||
3872 | status = decode_op_hdr(xdr, OP_READ); | 4048 | status = decode_op_hdr(xdr, OP_READ); |
3873 | if (status) | 4049 | if (status) |
3874 | return status; | 4050 | return status; |
3875 | READ_BUF(8); | 4051 | p = xdr_inline_decode(xdr, 8); |
3876 | READ32(eof); | 4052 | if (unlikely(!p)) |
3877 | READ32(count); | 4053 | goto out_overflow; |
4054 | eof = be32_to_cpup(p++); | ||
4055 | count = be32_to_cpup(p); | ||
3878 | hdrlen = (u8 *) p - (u8 *) iov->iov_base; | 4056 | hdrlen = (u8 *) p - (u8 *) iov->iov_base; |
3879 | recvd = req->rq_rcv_buf.len - hdrlen; | 4057 | recvd = req->rq_rcv_buf.len - hdrlen; |
3880 | if (count > recvd) { | 4058 | if (count > recvd) { |
@@ -3887,6 +4065,9 @@ static int decode_read(struct xdr_stream *xdr, struct rpc_rqst *req, struct nfs_ | |||
3887 | res->eof = eof; | 4065 | res->eof = eof; |
3888 | res->count = count; | 4066 | res->count = count; |
3889 | return 0; | 4067 | return 0; |
4068 | out_overflow: | ||
4069 | print_overflow_msg(__func__, xdr); | ||
4070 | return -EIO; | ||
3890 | } | 4071 | } |
3891 | 4072 | ||
3892 | static int decode_readdir(struct xdr_stream *xdr, struct rpc_rqst *req, struct nfs4_readdir_res *readdir) | 4073 | static int decode_readdir(struct xdr_stream *xdr, struct rpc_rqst *req, struct nfs4_readdir_res *readdir) |
@@ -3901,17 +4082,17 @@ static int decode_readdir(struct xdr_stream *xdr, struct rpc_rqst *req, struct n | |||
3901 | int status; | 4082 | int status; |
3902 | 4083 | ||
3903 | status = decode_op_hdr(xdr, OP_READDIR); | 4084 | status = decode_op_hdr(xdr, OP_READDIR); |
3904 | if (status) | 4085 | if (!status) |
4086 | status = decode_verifier(xdr, readdir->verifier.data); | ||
4087 | if (unlikely(status)) | ||
3905 | return status; | 4088 | return status; |
3906 | READ_BUF(8); | ||
3907 | COPYMEM(readdir->verifier.data, 8); | ||
3908 | dprintk("%s: verifier = %08x:%08x\n", | 4089 | dprintk("%s: verifier = %08x:%08x\n", |
3909 | __func__, | 4090 | __func__, |
3910 | ((u32 *)readdir->verifier.data)[0], | 4091 | ((u32 *)readdir->verifier.data)[0], |
3911 | ((u32 *)readdir->verifier.data)[1]); | 4092 | ((u32 *)readdir->verifier.data)[1]); |
3912 | 4093 | ||
3913 | 4094 | ||
3914 | hdrlen = (char *) p - (char *) iov->iov_base; | 4095 | hdrlen = (char *) xdr->p - (char *) iov->iov_base; |
3915 | recvd = rcvbuf->len - hdrlen; | 4096 | recvd = rcvbuf->len - hdrlen; |
3916 | if (pglen > recvd) | 4097 | if (pglen > recvd) |
3917 | pglen = recvd; | 4098 | pglen = recvd; |
@@ -3999,8 +4180,10 @@ static int decode_readlink(struct xdr_stream *xdr, struct rpc_rqst *req) | |||
3999 | return status; | 4180 | return status; |
4000 | 4181 | ||
4001 | /* Convert length of symlink */ | 4182 | /* Convert length of symlink */ |
4002 | READ_BUF(4); | 4183 | p = xdr_inline_decode(xdr, 4); |
4003 | READ32(len); | 4184 | if (unlikely(!p)) |
4185 | goto out_overflow; | ||
4186 | len = be32_to_cpup(p); | ||
4004 | if (len >= rcvbuf->page_len || len <= 0) { | 4187 | if (len >= rcvbuf->page_len || len <= 0) { |
4005 | dprintk("nfs: server returned giant symlink!\n"); | 4188 | dprintk("nfs: server returned giant symlink!\n"); |
4006 | return -ENAMETOOLONG; | 4189 | return -ENAMETOOLONG; |
@@ -4024,6 +4207,9 @@ static int decode_readlink(struct xdr_stream *xdr, struct rpc_rqst *req) | |||
4024 | kaddr[len+rcvbuf->page_base] = '\0'; | 4207 | kaddr[len+rcvbuf->page_base] = '\0'; |
4025 | kunmap_atomic(kaddr, KM_USER0); | 4208 | kunmap_atomic(kaddr, KM_USER0); |
4026 | return 0; | 4209 | return 0; |
4210 | out_overflow: | ||
4211 | print_overflow_msg(__func__, xdr); | ||
4212 | return -EIO; | ||
4027 | } | 4213 | } |
4028 | 4214 | ||
4029 | static int decode_remove(struct xdr_stream *xdr, struct nfs4_change_info *cinfo) | 4215 | static int decode_remove(struct xdr_stream *xdr, struct nfs4_change_info *cinfo) |
@@ -4121,10 +4307,16 @@ static int decode_setattr(struct xdr_stream *xdr) | |||
4121 | status = decode_op_hdr(xdr, OP_SETATTR); | 4307 | status = decode_op_hdr(xdr, OP_SETATTR); |
4122 | if (status) | 4308 | if (status) |
4123 | return status; | 4309 | return status; |
4124 | READ_BUF(4); | 4310 | p = xdr_inline_decode(xdr, 4); |
4125 | READ32(bmlen); | 4311 | if (unlikely(!p)) |
4126 | READ_BUF(bmlen << 2); | 4312 | goto out_overflow; |
4127 | return 0; | 4313 | bmlen = be32_to_cpup(p); |
4314 | p = xdr_inline_decode(xdr, bmlen << 2); | ||
4315 | if (likely(p)) | ||
4316 | return 0; | ||
4317 | out_overflow: | ||
4318 | print_overflow_msg(__func__, xdr); | ||
4319 | return -EIO; | ||
4128 | } | 4320 | } |
4129 | 4321 | ||
4130 | static int decode_setclientid(struct xdr_stream *xdr, struct nfs_client *clp) | 4322 | static int decode_setclientid(struct xdr_stream *xdr, struct nfs_client *clp) |
@@ -4133,35 +4325,50 @@ static int decode_setclientid(struct xdr_stream *xdr, struct nfs_client *clp) | |||
4133 | uint32_t opnum; | 4325 | uint32_t opnum; |
4134 | int32_t nfserr; | 4326 | int32_t nfserr; |
4135 | 4327 | ||
4136 | READ_BUF(8); | 4328 | p = xdr_inline_decode(xdr, 8); |
4137 | READ32(opnum); | 4329 | if (unlikely(!p)) |
4330 | goto out_overflow; | ||
4331 | opnum = be32_to_cpup(p++); | ||
4138 | if (opnum != OP_SETCLIENTID) { | 4332 | if (opnum != OP_SETCLIENTID) { |
4139 | dprintk("nfs: decode_setclientid: Server returned operation" | 4333 | dprintk("nfs: decode_setclientid: Server returned operation" |
4140 | " %d\n", opnum); | 4334 | " %d\n", opnum); |
4141 | return -EIO; | 4335 | return -EIO; |
4142 | } | 4336 | } |
4143 | READ32(nfserr); | 4337 | nfserr = be32_to_cpup(p); |
4144 | if (nfserr == NFS_OK) { | 4338 | if (nfserr == NFS_OK) { |
4145 | READ_BUF(8 + NFS4_VERIFIER_SIZE); | 4339 | p = xdr_inline_decode(xdr, 8 + NFS4_VERIFIER_SIZE); |
4146 | READ64(clp->cl_clientid); | 4340 | if (unlikely(!p)) |
4147 | COPYMEM(clp->cl_confirm.data, NFS4_VERIFIER_SIZE); | 4341 | goto out_overflow; |
4342 | p = xdr_decode_hyper(p, &clp->cl_clientid); | ||
4343 | memcpy(clp->cl_confirm.data, p, NFS4_VERIFIER_SIZE); | ||
4148 | } else if (nfserr == NFSERR_CLID_INUSE) { | 4344 | } else if (nfserr == NFSERR_CLID_INUSE) { |
4149 | uint32_t len; | 4345 | uint32_t len; |
4150 | 4346 | ||
4151 | /* skip netid string */ | 4347 | /* skip netid string */ |
4152 | READ_BUF(4); | 4348 | p = xdr_inline_decode(xdr, 4); |
4153 | READ32(len); | 4349 | if (unlikely(!p)) |
4154 | READ_BUF(len); | 4350 | goto out_overflow; |
4351 | len = be32_to_cpup(p); | ||
4352 | p = xdr_inline_decode(xdr, len); | ||
4353 | if (unlikely(!p)) | ||
4354 | goto out_overflow; | ||
4155 | 4355 | ||
4156 | /* skip uaddr string */ | 4356 | /* skip uaddr string */ |
4157 | READ_BUF(4); | 4357 | p = xdr_inline_decode(xdr, 4); |
4158 | READ32(len); | 4358 | if (unlikely(!p)) |
4159 | READ_BUF(len); | 4359 | goto out_overflow; |
4360 | len = be32_to_cpup(p); | ||
4361 | p = xdr_inline_decode(xdr, len); | ||
4362 | if (unlikely(!p)) | ||
4363 | goto out_overflow; | ||
4160 | return -NFSERR_CLID_INUSE; | 4364 | return -NFSERR_CLID_INUSE; |
4161 | } else | 4365 | } else |
4162 | return nfs4_stat_to_errno(nfserr); | 4366 | return nfs4_stat_to_errno(nfserr); |
4163 | 4367 | ||
4164 | return 0; | 4368 | return 0; |
4369 | out_overflow: | ||
4370 | print_overflow_msg(__func__, xdr); | ||
4371 | return -EIO; | ||
4165 | } | 4372 | } |
4166 | 4373 | ||
4167 | static int decode_setclientid_confirm(struct xdr_stream *xdr) | 4374 | static int decode_setclientid_confirm(struct xdr_stream *xdr) |
@@ -4178,11 +4385,16 @@ static int decode_write(struct xdr_stream *xdr, struct nfs_writeres *res) | |||
4178 | if (status) | 4385 | if (status) |
4179 | return status; | 4386 | return status; |
4180 | 4387 | ||
4181 | READ_BUF(16); | 4388 | p = xdr_inline_decode(xdr, 16); |
4182 | READ32(res->count); | 4389 | if (unlikely(!p)) |
4183 | READ32(res->verf->committed); | 4390 | goto out_overflow; |
4184 | COPYMEM(res->verf->verifier, 8); | 4391 | res->count = be32_to_cpup(p++); |
4392 | res->verf->committed = be32_to_cpup(p++); | ||
4393 | memcpy(res->verf->verifier, p, 8); | ||
4185 | return 0; | 4394 | return 0; |
4395 | out_overflow: | ||
4396 | print_overflow_msg(__func__, xdr); | ||
4397 | return -EIO; | ||
4186 | } | 4398 | } |
4187 | 4399 | ||
4188 | static int decode_delegreturn(struct xdr_stream *xdr) | 4400 | static int decode_delegreturn(struct xdr_stream *xdr) |
@@ -4196,6 +4408,7 @@ static int decode_exchange_id(struct xdr_stream *xdr, | |||
4196 | { | 4408 | { |
4197 | __be32 *p; | 4409 | __be32 *p; |
4198 | uint32_t dummy; | 4410 | uint32_t dummy; |
4411 | char *dummy_str; | ||
4199 | int status; | 4412 | int status; |
4200 | struct nfs_client *clp = res->client; | 4413 | struct nfs_client *clp = res->client; |
4201 | 4414 | ||
@@ -4203,36 +4416,45 @@ static int decode_exchange_id(struct xdr_stream *xdr, | |||
4203 | if (status) | 4416 | if (status) |
4204 | return status; | 4417 | return status; |
4205 | 4418 | ||
4206 | READ_BUF(8); | 4419 | p = xdr_inline_decode(xdr, 8); |
4207 | READ64(clp->cl_ex_clid); | 4420 | if (unlikely(!p)) |
4208 | READ_BUF(12); | 4421 | goto out_overflow; |
4209 | READ32(clp->cl_seqid); | 4422 | xdr_decode_hyper(p, &clp->cl_ex_clid); |
4210 | READ32(clp->cl_exchange_flags); | 4423 | p = xdr_inline_decode(xdr, 12); |
4424 | if (unlikely(!p)) | ||
4425 | goto out_overflow; | ||
4426 | clp->cl_seqid = be32_to_cpup(p++); | ||
4427 | clp->cl_exchange_flags = be32_to_cpup(p++); | ||
4211 | 4428 | ||
4212 | /* We ask for SP4_NONE */ | 4429 | /* We ask for SP4_NONE */ |
4213 | READ32(dummy); | 4430 | dummy = be32_to_cpup(p); |
4214 | if (dummy != SP4_NONE) | 4431 | if (dummy != SP4_NONE) |
4215 | return -EIO; | 4432 | return -EIO; |
4216 | 4433 | ||
4217 | /* Throw away minor_id */ | 4434 | /* Throw away minor_id */ |
4218 | READ_BUF(8); | 4435 | p = xdr_inline_decode(xdr, 8); |
4436 | if (unlikely(!p)) | ||
4437 | goto out_overflow; | ||
4219 | 4438 | ||
4220 | /* Throw away Major id */ | 4439 | /* Throw away Major id */ |
4221 | READ_BUF(4); | 4440 | status = decode_opaque_inline(xdr, &dummy, &dummy_str); |
4222 | READ32(dummy); | 4441 | if (unlikely(status)) |
4223 | READ_BUF(dummy); | 4442 | return status; |
4224 | 4443 | ||
4225 | /* Throw away server_scope */ | 4444 | /* Throw away server_scope */ |
4226 | READ_BUF(4); | 4445 | status = decode_opaque_inline(xdr, &dummy, &dummy_str); |
4227 | READ32(dummy); | 4446 | if (unlikely(status)) |
4228 | READ_BUF(dummy); | 4447 | return status; |
4229 | 4448 | ||
4230 | /* Throw away Implementation id array */ | 4449 | /* Throw away Implementation id array */ |
4231 | READ_BUF(4); | 4450 | status = decode_opaque_inline(xdr, &dummy, &dummy_str); |
4232 | READ32(dummy); | 4451 | if (unlikely(status)) |
4233 | READ_BUF(dummy); | 4452 | return status; |
4234 | 4453 | ||
4235 | return 0; | 4454 | return 0; |
4455 | out_overflow: | ||
4456 | print_overflow_msg(__func__, xdr); | ||
4457 | return -EIO; | ||
4236 | } | 4458 | } |
4237 | 4459 | ||
4238 | static int decode_chan_attrs(struct xdr_stream *xdr, | 4460 | static int decode_chan_attrs(struct xdr_stream *xdr, |
@@ -4241,22 +4463,35 @@ static int decode_chan_attrs(struct xdr_stream *xdr, | |||
4241 | __be32 *p; | 4463 | __be32 *p; |
4242 | u32 nr_attrs; | 4464 | u32 nr_attrs; |
4243 | 4465 | ||
4244 | READ_BUF(28); | 4466 | p = xdr_inline_decode(xdr, 28); |
4245 | READ32(attrs->headerpadsz); | 4467 | if (unlikely(!p)) |
4246 | READ32(attrs->max_rqst_sz); | 4468 | goto out_overflow; |
4247 | READ32(attrs->max_resp_sz); | 4469 | attrs->headerpadsz = be32_to_cpup(p++); |
4248 | READ32(attrs->max_resp_sz_cached); | 4470 | attrs->max_rqst_sz = be32_to_cpup(p++); |
4249 | READ32(attrs->max_ops); | 4471 | attrs->max_resp_sz = be32_to_cpup(p++); |
4250 | READ32(attrs->max_reqs); | 4472 | attrs->max_resp_sz_cached = be32_to_cpup(p++); |
4251 | READ32(nr_attrs); | 4473 | attrs->max_ops = be32_to_cpup(p++); |
4474 | attrs->max_reqs = be32_to_cpup(p++); | ||
4475 | nr_attrs = be32_to_cpup(p); | ||
4252 | if (unlikely(nr_attrs > 1)) { | 4476 | if (unlikely(nr_attrs > 1)) { |
4253 | printk(KERN_WARNING "%s: Invalid rdma channel attrs count %u\n", | 4477 | printk(KERN_WARNING "%s: Invalid rdma channel attrs count %u\n", |
4254 | __func__, nr_attrs); | 4478 | __func__, nr_attrs); |
4255 | return -EINVAL; | 4479 | return -EINVAL; |
4256 | } | 4480 | } |
4257 | if (nr_attrs == 1) | 4481 | if (nr_attrs == 1) { |
4258 | READ_BUF(4); /* skip rdma_attrs */ | 4482 | p = xdr_inline_decode(xdr, 4); /* skip rdma_attrs */ |
4483 | if (unlikely(!p)) | ||
4484 | goto out_overflow; | ||
4485 | } | ||
4259 | return 0; | 4486 | return 0; |
4487 | out_overflow: | ||
4488 | print_overflow_msg(__func__, xdr); | ||
4489 | return -EIO; | ||
4490 | } | ||
4491 | |||
4492 | static int decode_sessionid(struct xdr_stream *xdr, struct nfs4_sessionid *sid) | ||
4493 | { | ||
4494 | return decode_opaque_fixed(xdr, sid->data, NFS4_MAX_SESSIONID_LEN); | ||
4260 | } | 4495 | } |
4261 | 4496 | ||
4262 | static int decode_create_session(struct xdr_stream *xdr, | 4497 | static int decode_create_session(struct xdr_stream *xdr, |
@@ -4268,24 +4503,26 @@ static int decode_create_session(struct xdr_stream *xdr, | |||
4268 | struct nfs4_session *session = clp->cl_session; | 4503 | struct nfs4_session *session = clp->cl_session; |
4269 | 4504 | ||
4270 | status = decode_op_hdr(xdr, OP_CREATE_SESSION); | 4505 | status = decode_op_hdr(xdr, OP_CREATE_SESSION); |
4271 | 4506 | if (!status) | |
4272 | if (status) | 4507 | status = decode_sessionid(xdr, &session->sess_id); |
4508 | if (unlikely(status)) | ||
4273 | return status; | 4509 | return status; |
4274 | 4510 | ||
4275 | /* sessionid */ | ||
4276 | READ_BUF(NFS4_MAX_SESSIONID_LEN); | ||
4277 | COPYMEM(&session->sess_id, NFS4_MAX_SESSIONID_LEN); | ||
4278 | |||
4279 | /* seqid, flags */ | 4511 | /* seqid, flags */ |
4280 | READ_BUF(8); | 4512 | p = xdr_inline_decode(xdr, 8); |
4281 | READ32(clp->cl_seqid); | 4513 | if (unlikely(!p)) |
4282 | READ32(session->flags); | 4514 | goto out_overflow; |
4515 | clp->cl_seqid = be32_to_cpup(p++); | ||
4516 | session->flags = be32_to_cpup(p); | ||
4283 | 4517 | ||
4284 | /* Channel attributes */ | 4518 | /* Channel attributes */ |
4285 | status = decode_chan_attrs(xdr, &session->fc_attrs); | 4519 | status = decode_chan_attrs(xdr, &session->fc_attrs); |
4286 | if (!status) | 4520 | if (!status) |
4287 | status = decode_chan_attrs(xdr, &session->bc_attrs); | 4521 | status = decode_chan_attrs(xdr, &session->bc_attrs); |
4288 | return status; | 4522 | return status; |
4523 | out_overflow: | ||
4524 | print_overflow_msg(__func__, xdr); | ||
4525 | return -EIO; | ||
4289 | } | 4526 | } |
4290 | 4527 | ||
4291 | static int decode_destroy_session(struct xdr_stream *xdr, void *dummy) | 4528 | static int decode_destroy_session(struct xdr_stream *xdr, void *dummy) |
@@ -4309,7 +4546,9 @@ static int decode_sequence(struct xdr_stream *xdr, | |||
4309 | return 0; | 4546 | return 0; |
4310 | 4547 | ||
4311 | status = decode_op_hdr(xdr, OP_SEQUENCE); | 4548 | status = decode_op_hdr(xdr, OP_SEQUENCE); |
4312 | if (status) | 4549 | if (!status) |
4550 | status = decode_sessionid(xdr, &id); | ||
4551 | if (unlikely(status)) | ||
4313 | goto out_err; | 4552 | goto out_err; |
4314 | 4553 | ||
4315 | /* | 4554 | /* |
@@ -4318,36 +4557,43 @@ static int decode_sequence(struct xdr_stream *xdr, | |||
4318 | */ | 4557 | */ |
4319 | status = -ESERVERFAULT; | 4558 | status = -ESERVERFAULT; |
4320 | 4559 | ||
4321 | slot = &res->sr_session->fc_slot_table.slots[res->sr_slotid]; | ||
4322 | READ_BUF(NFS4_MAX_SESSIONID_LEN + 20); | ||
4323 | COPYMEM(id.data, NFS4_MAX_SESSIONID_LEN); | ||
4324 | if (memcmp(id.data, res->sr_session->sess_id.data, | 4560 | if (memcmp(id.data, res->sr_session->sess_id.data, |
4325 | NFS4_MAX_SESSIONID_LEN)) { | 4561 | NFS4_MAX_SESSIONID_LEN)) { |
4326 | dprintk("%s Invalid session id\n", __func__); | 4562 | dprintk("%s Invalid session id\n", __func__); |
4327 | goto out_err; | 4563 | goto out_err; |
4328 | } | 4564 | } |
4565 | |||
4566 | p = xdr_inline_decode(xdr, 20); | ||
4567 | if (unlikely(!p)) | ||
4568 | goto out_overflow; | ||
4569 | |||
4329 | /* seqid */ | 4570 | /* seqid */ |
4330 | READ32(dummy); | 4571 | slot = &res->sr_session->fc_slot_table.slots[res->sr_slotid]; |
4572 | dummy = be32_to_cpup(p++); | ||
4331 | if (dummy != slot->seq_nr) { | 4573 | if (dummy != slot->seq_nr) { |
4332 | dprintk("%s Invalid sequence number\n", __func__); | 4574 | dprintk("%s Invalid sequence number\n", __func__); |
4333 | goto out_err; | 4575 | goto out_err; |
4334 | } | 4576 | } |
4335 | /* slot id */ | 4577 | /* slot id */ |
4336 | READ32(dummy); | 4578 | dummy = be32_to_cpup(p++); |
4337 | if (dummy != res->sr_slotid) { | 4579 | if (dummy != res->sr_slotid) { |
4338 | dprintk("%s Invalid slot id\n", __func__); | 4580 | dprintk("%s Invalid slot id\n", __func__); |
4339 | goto out_err; | 4581 | goto out_err; |
4340 | } | 4582 | } |
4341 | /* highest slot id - currently not processed */ | 4583 | /* highest slot id - currently not processed */ |
4342 | READ32(dummy); | 4584 | dummy = be32_to_cpup(p++); |
4343 | /* target highest slot id - currently not processed */ | 4585 | /* target highest slot id - currently not processed */ |
4344 | READ32(dummy); | 4586 | dummy = be32_to_cpup(p++); |
4345 | /* result flags - currently not processed */ | 4587 | /* result flags - currently not processed */ |
4346 | READ32(dummy); | 4588 | dummy = be32_to_cpup(p); |
4347 | status = 0; | 4589 | status = 0; |
4348 | out_err: | 4590 | out_err: |
4349 | res->sr_status = status; | 4591 | res->sr_status = status; |
4350 | return status; | 4592 | return status; |
4593 | out_overflow: | ||
4594 | print_overflow_msg(__func__, xdr); | ||
4595 | status = -EIO; | ||
4596 | goto out_err; | ||
4351 | #else /* CONFIG_NFS_V4_1 */ | 4597 | #else /* CONFIG_NFS_V4_1 */ |
4352 | return 0; | 4598 | return 0; |
4353 | #endif /* CONFIG_NFS_V4_1 */ | 4599 | #endif /* CONFIG_NFS_V4_1 */ |