8 files changed, 31 insertions, 64 deletions
diff --git a/fs/nfsd/nfs3proc.c b/fs/nfsd/nfs3proc.c
index 401289913130..61ef42c7b0a6 100644
--- a/fs/nfsd/nfs3proc.c
+++ b/fs/nfsd/nfs3proc.c
@@ -157,11 +157,7 @@ nfsd3_proc_read(struct svc_rqst *rqstp, struct nfsd3_readargs *argp,
         * 1 (status) + 22 (post_op_attr) + 1 (count) + 1 (eof)
         * + 1 (xdr opaque byte count) = 26
         */
+        resp->count = min(argp->count, max_blocksize);
-        resp->count = argp->count;
-        if (max_blocksize < resp->count)
-                resp->count = max_blocksize;
        svc_reserve_auth(rqstp, ((1 + NFS3_POST_OP_ATTR_WORDS + 3)<<2) + resp->count +4);
        fh_copy(&resp->fh, &argp->fh);
diff --git a/fs/nfsd/nfs3xdr.c b/fs/nfsd/nfs3xdr.c
index e6c01e80325e..39c5eb3ad33a 100644
--- a/fs/nfsd/nfs3xdr.c
+++ b/fs/nfsd/nfs3xdr.c
@@ -120,10 +120,7 @@ decode_sattr3(__be32 *p, struct iattr *iap)
                iap->ia_valid |= ATTR_SIZE;
                p = xdr_decode_hyper(p, &newsize);
-                if (newsize <= NFS_OFFSET_MAX)
+                iap->ia_size = min_t(u64, newsize, NFS_OFFSET_MAX);
-                        iap->ia_size = newsize;
-                else
-                        iap->ia_size = NFS_OFFSET_MAX;
        }
        if ((tmp = ntohl(*p++)) == 1) { /* set to server time */
                iap->ia_valid |= ATTR_ATIME;
@@ -338,10 +335,8 @@ nfs3svc_decode_readargs(struct svc_rqst *rqstp, __be32 *p,
                return 0;
        p = xdr_decode_hyper(p, &args->offset);
-        len = args->count = ntohl(*p++);
+        args->count = ntohl(*p++);
+        len = min(args->count, max_blocksize);
-        if (len > max_blocksize)
-                len = max_blocksize;
        /* set up the kvec */
        v=0;
@@ -349,7 +344,7 @@ nfs3svc_decode_readargs(struct svc_rqst *rqstp, __be32 *p,
                struct page *p = *(rqstp->rq_next_page++);
                rqstp->rq_vec[v].iov_base = page_address(p);
-                rqstp->rq_vec[v].iov_len = len < PAGE_SIZE? len : PAGE_SIZE;
+                rqstp->rq_vec[v].iov_len = min_t(unsigned int, len, PAGE_SIZE);
                len -= rqstp->rq_vec[v].iov_len;
                v++;
        }
@@ -484,9 +479,7 @@ nfs3svc_decode_symlinkargs(struct svc_rqst *rqstp, __be32 *p,
        }
        /* now copy next page if there is one */
        if (len && !avail && rqstp->rq_arg.page_len) {
-                avail = rqstp->rq_arg.page_len;
+                avail = min_t(unsigned int, rqstp->rq_arg.page_len, PAGE_SIZE);
-                if (avail > PAGE_SIZE)
-                        avail = PAGE_SIZE;
                old = page_address(rqstp->rq_arg.pages[0]);
        }
        while (len && avail && *old) {
@@ -571,10 +564,7 @@ nfs3svc_decode_readdirargs(struct svc_rqst *rqstp, __be32 *p,
        args->verf   = p; p += 2;
        args->dircount = ~0;
        args->count  = ntohl(*p++);
+        args->count  = min_t(u32, args->count, PAGE_SIZE);
-        if (args->count > PAGE_SIZE)
-                args->count = PAGE_SIZE;
        args->buffer = page_address(*(rqstp->rq_next_page++));
        return xdr_argsize_check(rqstp, p);
@@ -595,10 +585,7 @@ nfs3svc_decode_readdirplusargs(struct svc_rqst *rqstp, __be32 *p,
        args->dircount = ntohl(*p++);
        args->count    = ntohl(*p++);
-        len = (args->count > max_blocksize) ? max_blocksize :
+        len = args->count = min(args->count, max_blocksize);
-                                                  args->count;
-        args->count = len;
        while (len > 0) {
                struct page *p = *(rqstp->rq_next_page++);
                if (!args->buffer)
@@ -913,8 +900,7 @@ encode_entry(struct readdir_cd *ccd, const char *name, int namlen,
         */
        /* truncate filename if too long */
-        if (namlen > NFS3_MAXNAMLEN)
+        namlen = min(namlen, NFS3_MAXNAMLEN);
-                namlen = NFS3_MAXNAMLEN;
        slen = XDR_QUADLEN(namlen);
        elen = slen + NFS3_ENTRY_BAGGAGE
diff --git a/fs/nfsd/nfs4proc.c b/fs/nfsd/nfs4proc.c
index 6851b003f2a4..baa3803f0811 100644
--- a/fs/nfsd/nfs4proc.c
+++ b/fs/nfsd/nfs4proc.c
@@ -1529,21 +1529,17 @@ static inline u32 nfsd4_read_rsize(struct svc_rqst *rqstp, struct nfsd4_op *op)
        u32 maxcount = 0, rlen = 0;
        maxcount = svc_max_payload(rqstp);
-        rlen = op->u.read.rd_length;
+        rlen = min(op->u.read.rd_length, maxcount);
-        if (rlen > maxcount)
-                rlen = maxcount;
        return (op_encode_hdr_size + 2 + XDR_QUADLEN(rlen)) * sizeof(__be32);
 }
 static inline u32 nfsd4_readdir_rsize(struct svc_rqst *rqstp, struct nfsd4_op *op)
 {
-        u32 maxcount = svc_max_payload(rqstp);
+        u32 maxcount = 0, rlen = 0;
-        u32 rlen = op->u.readdir.rd_maxcount;
-        if (rlen > maxcount)
+        maxcount = svc_max_payload(rqstp);
-                rlen = maxcount;
+        rlen = min(op->u.readdir.rd_maxcount, maxcount);
        return (op_encode_hdr_size + op_encode_verifier_maxsz +
                XDR_QUADLEN(rlen)) * sizeof(__be32);
diff --git a/fs/nfsd/nfs4xdr.c b/fs/nfsd/nfs4xdr.c
index 83baf2bfe9e9..30913c83ccb0 100644
--- a/fs/nfsd/nfs4xdr.c
+++ b/fs/nfsd/nfs4xdr.c
@@ -3134,9 +3134,7 @@ static __be32 nfsd4_encode_readv(struct nfsd4_compoundres *resp,
        len = maxcount;
        v = 0;
-        thislen = (void *)xdr->end - (void *)xdr->p;
+        thislen = min(len, ((void *)xdr->end - (void *)xdr->p));
-        if (len < thislen)
-                thislen = len;
        p = xdr_reserve_space(xdr, (thislen+3)&~3);
        WARN_ON_ONCE(!p);
        resp->rqstp->rq_vec[v].iov_base = p;
@@ -3203,10 +3201,8 @@ nfsd4_encode_read(struct nfsd4_compoundres *resp, __be32 nfserr,
        xdr_commit_encode(xdr);
        maxcount = svc_max_payload(resp->rqstp);
-        if (maxcount > xdr->buf->buflen - xdr->buf->len)
+        maxcount = min_t(unsigned long, maxcount, (xdr->buf->buflen - xdr->buf->len));
-                maxcount = xdr->buf->buflen - xdr->buf->len;
+        maxcount = min_t(unsigned long, maxcount, read->rd_length);
-        if (maxcount > read->rd_length)
-                maxcount = read->rd_length;
        if (!read->rd_filp) {
                err = nfsd_get_tmp_read_open(resp->rqstp, read->rd_fhp,
diff --git a/fs/nfsd/nfsctl.c b/fs/nfsd/nfsctl.c
index 51844048937f..6a6f65cc8b34 100644
--- a/fs/nfsd/nfsctl.c
+++ b/fs/nfsd/nfsctl.c
@@ -369,8 +369,7 @@ static ssize_t write_filehandle(struct file *file, char *buf, size_t size)
        if (maxsize < NFS_FHSIZE)
                return -EINVAL;
-        if (maxsize > NFS3_FHSIZE)
+        maxsize = min(maxsize, NFS3_FHSIZE);
-                maxsize = NFS3_FHSIZE;
        if (qword_get(&mesg, mesg, size)>0)
                return -EINVAL;
@@ -871,10 +870,8 @@ static ssize_t write_maxblksize(struct file *file, char *buf, size_t size)
                /* force bsize into allowed range and
                 * required alignment.
                 */
-                if (bsize < 1024)
+                bsize = max_t(int, bsize, 1024);
-                        bsize = 1024;
+                bsize = min_t(int, bsize, NFSSVC_MAXBLKSIZE);
-                if (bsize > NFSSVC_MAXBLKSIZE)
-                        bsize = NFSSVC_MAXBLKSIZE;
                bsize &= ~(1024-1);
                mutex_lock(&nfsd_mutex);
                if (nn->nfsd_serv) {
diff --git a/fs/nfsd/nfssvc.c b/fs/nfsd/nfssvc.c
index 1879e43f2868..209474174fe4 100644
--- a/fs/nfsd/nfssvc.c
+++ b/fs/nfsd/nfssvc.c
@@ -469,8 +469,7 @@ int nfsd_set_nrthreads(int n, int *nthreads, struct net *net)
        /* enforce a global maximum number of threads */
        tot = 0;
        for (i = 0; i < n; i++) {
-                if (nthreads[i] > NFSD_MAXSERVS)
+                nthreads[i] = min(nthreads[i], NFSD_MAXSERVS);
-                        nthreads[i] = NFSD_MAXSERVS;
                tot += nthreads[i];
        }
        if (tot > NFSD_MAXSERVS) {
@@ -519,11 +518,11 @@ nfsd_svc(int nrservs, struct net *net)
        mutex_lock(&nfsd_mutex);
        dprintk("nfsd: creating service\n");
-        if (nrservs <= 0)
-                nrservs = 0;
+        nrservs = max(nrservs, 0);
-        if (nrservs > NFSD_MAXSERVS)
+        nrservs = min(nrservs, NFSD_MAXSERVS);
-                nrservs = NFSD_MAXSERVS;
        error = 0;
        if (nrservs == 0 && nn->nfsd_serv == NULL)
                goto out;
diff --git a/fs/nfsd/nfsxdr.c b/fs/nfsd/nfsxdr.c
index 1ac306b769df..412d7061f9e5 100644
--- a/fs/nfsd/nfsxdr.c
+++ b/fs/nfsd/nfsxdr.c
@@ -257,8 +257,7 @@ nfssvc_decode_readargs(struct svc_rqst *rqstp, __be32 *p,
        len = args->count     = ntohl(*p++);
        p++; /* totalcount - unused */
-        if (len > NFSSVC_MAXBLKSIZE_V2)
+        len = min_t(unsigned int, len, NFSSVC_MAXBLKSIZE_V2);
-                len = NFSSVC_MAXBLKSIZE_V2;
        /* set up somewhere to store response.
         * We take pages, put them on reslist and include in iovec
@@ -268,7 +267,7 @@ nfssvc_decode_readargs(struct svc_rqst *rqstp, __be32 *p,
                struct page *p = *(rqstp->rq_next_page++);
                rqstp->rq_vec[v].iov_base = page_address(p);
-                rqstp->rq_vec[v].iov_len = len < PAGE_SIZE?len:PAGE_SIZE;
+                rqstp->rq_vec[v].iov_len = min_t(unsigned int, len, PAGE_SIZE);
                len -= rqstp->rq_vec[v].iov_len;
                v++;
        }
@@ -400,9 +399,7 @@ nfssvc_decode_readdirargs(struct svc_rqst *rqstp, __be32 *p,
                return 0;
        args->cookie = ntohl(*p++);
        args->count  = ntohl(*p++);
-        if (args->count > PAGE_SIZE)
+        args->count  = min_t(u32, args->count, PAGE_SIZE);
-                args->count = PAGE_SIZE;
        args->buffer = page_address(*(rqstp->rq_next_page++));
        return xdr_argsize_check(rqstp, p);
@@ -516,10 +513,11 @@ nfssvc_encode_entry(void *ccdv, const char *name,
        }
        if (cd->offset)
                *cd->offset = htonl(offset);
-        if (namlen > NFS2_MAXNAMLEN)
-                namlen = NFS2_MAXNAMLEN;/* truncate filename */
+        /* truncate filename */
+        namlen = min(namlen, NFS2_MAXNAMLEN);
        slen = XDR_QUADLEN(namlen);
        if ((buflen = cd->buflen - slen - 4) < 0) {
                cd->common.err = nfserr_toosmall;
                return -EINVAL;
diff --git a/fs/nfsd/vfs.c b/fs/nfsd/vfs.c
index 140c496f612c..7498099b382f 100644
--- a/fs/nfsd/vfs.c
+++ b/fs/nfsd/vfs.c
@@ -2093,8 +2093,7 @@ nfsd_racache_init(int cache_size)
        if (raparm_hash[0].pb_head)
                return 0;
        nperbucket = DIV_ROUND_UP(cache_size, RAPARM_HASH_SIZE);
-        if (nperbucket < 2)
+        nperbucket = max(2, nperbucket);
-                nperbucket = 2;
        cache_size = nperbucket * RAPARM_HASH_SIZE;
        dprintk("nfsd: allocating %d readahead buffers.\n", cache_size);

diff --git a/fs/nfsd/nfs3proc.c b/fs/nfsd/nfs3proc.c index 401289913130..61ef42c7b0a6 100644 --- a/fs/nfsd/nfs3proc.c +++ b/fs/nfsd/nfs3proc.c
@@ -157,11 +157,7 @@ nfsd3_proc_read(struct svc_rqst rqstp, struct nfsd3_readargs argp,
157	* 1 (status) + 22 (post_op_attr) + 1 (count) + 1 (eof)	157	* 1 (status) + 22 (post_op_attr) + 1 (count) + 1 (eof)
158	* + 1 (xdr opaque byte count) = 26	158	* + 1 (xdr opaque byte count) = 26
159	*/	159	*/
160		160	resp->count = min(argp->count, max_blocksize);
161	resp->count = argp->count;
162	if (max_blocksize < resp->count)
163	resp->count = max_blocksize;
164
165	svc_reserve_auth(rqstp, ((1 + NFS3_POST_OP_ATTR_WORDS + 3)<<2) + resp->count +4);	161	svc_reserve_auth(rqstp, ((1 + NFS3_POST_OP_ATTR_WORDS + 3)<<2) + resp->count +4);
166		162
167	fh_copy(&resp->fh, &argp->fh);	163	fh_copy(&resp->fh, &argp->fh);


diff --git a/fs/nfsd/nfs3xdr.c b/fs/nfsd/nfs3xdr.c index e6c01e80325e..39c5eb3ad33a 100644 --- a/fs/nfsd/nfs3xdr.c +++ b/fs/nfsd/nfs3xdr.c
@@ -120,10 +120,7 @@ decode_sattr3(__be32 p, struct iattr iap)
120		120
121	iap->ia_valid \|= ATTR_SIZE;	121	iap->ia_valid \|= ATTR_SIZE;
122	p = xdr_decode_hyper(p, &newsize);	122	p = xdr_decode_hyper(p, &newsize);
123	if (newsize <= NFS_OFFSET_MAX)	123	iap->ia_size = min_t(u64, newsize, NFS_OFFSET_MAX);
124	iap->ia_size = newsize;
125	else
126	iap->ia_size = NFS_OFFSET_MAX;
127	}	124	}
128	if ((tmp = ntohl(p++)) == 1) { / set to server time */	125	if ((tmp = ntohl(p++)) == 1) { / set to server time */
129	iap->ia_valid \|= ATTR_ATIME;	126	iap->ia_valid \|= ATTR_ATIME;
@@ -338,10 +335,8 @@ nfs3svc_decode_readargs(struct svc_rqst rqstp, __be32 p,
338	return 0;	335	return 0;
339	p = xdr_decode_hyper(p, &args->offset);	336	p = xdr_decode_hyper(p, &args->offset);
340		337
341	len = args->count = ntohl(*p++);	338	args->count = ntohl(*p++);
342		339	len = min(args->count, max_blocksize);
343	if (len > max_blocksize)
344	len = max_blocksize;
345		340
346	/* set up the kvec */	341	/* set up the kvec */
347	v=0;	342	v=0;
@@ -349,7 +344,7 @@ nfs3svc_decode_readargs(struct svc_rqst rqstp, __be32 p,
349	struct page p = (rqstp->rq_next_page++);	344	struct page p = (rqstp->rq_next_page++);
350		345
351	rqstp->rq_vec[v].iov_base = page_address(p);	346	rqstp->rq_vec[v].iov_base = page_address(p);
352	rqstp->rq_vec[v].iov_len = len < PAGE_SIZE? len : PAGE_SIZE;	347	rqstp->rq_vec[v].iov_len = min_t(unsigned int, len, PAGE_SIZE);
353	len -= rqstp->rq_vec[v].iov_len;	348	len -= rqstp->rq_vec[v].iov_len;
354	v++;	349	v++;
355	}	350	}
@@ -484,9 +479,7 @@ nfs3svc_decode_symlinkargs(struct svc_rqst rqstp, __be32 p,
484	}	479	}
485	/* now copy next page if there is one */	480	/* now copy next page if there is one */
486	if (len && !avail && rqstp->rq_arg.page_len) {	481	if (len && !avail && rqstp->rq_arg.page_len) {
487	avail = rqstp->rq_arg.page_len;	482	avail = min_t(unsigned int, rqstp->rq_arg.page_len, PAGE_SIZE);
488	if (avail > PAGE_SIZE)
489	avail = PAGE_SIZE;
490	old = page_address(rqstp->rq_arg.pages[0]);	483	old = page_address(rqstp->rq_arg.pages[0]);
491	}	484	}
492	while (len && avail && *old) {	485	while (len && avail && *old) {
@@ -571,10 +564,7 @@ nfs3svc_decode_readdirargs(struct svc_rqst rqstp, __be32 p,
571	args->verf = p; p += 2;	564	args->verf = p; p += 2;
572	args->dircount = ~0;	565	args->dircount = ~0;
573	args->count = ntohl(*p++);	566	args->count = ntohl(*p++);
574		567	args->count = min_t(u32, args->count, PAGE_SIZE);
575	if (args->count > PAGE_SIZE)
576	args->count = PAGE_SIZE;
577
578	args->buffer = page_address(*(rqstp->rq_next_page++));	568	args->buffer = page_address(*(rqstp->rq_next_page++));
579		569
580	return xdr_argsize_check(rqstp, p);	570	return xdr_argsize_check(rqstp, p);
@@ -595,10 +585,7 @@ nfs3svc_decode_readdirplusargs(struct svc_rqst rqstp, __be32 p,
595	args->dircount = ntohl(*p++);	585	args->dircount = ntohl(*p++);
596	args->count = ntohl(*p++);	586	args->count = ntohl(*p++);
597		587
598	len = (args->count > max_blocksize) ? max_blocksize :	588	len = args->count = min(args->count, max_blocksize);
599	args->count;
600	args->count = len;
601
602	while (len > 0) {	589	while (len > 0) {
603	struct page p = (rqstp->rq_next_page++);	590	struct page p = (rqstp->rq_next_page++);
604	if (!args->buffer)	591	if (!args->buffer)
@@ -913,8 +900,7 @@ encode_entry(struct readdir_cd ccd, const char name, int namlen,
913	*/	900	*/
914		901
915	/* truncate filename if too long */	902	/* truncate filename if too long */
916	if (namlen > NFS3_MAXNAMLEN)	903	namlen = min(namlen, NFS3_MAXNAMLEN);
917	namlen = NFS3_MAXNAMLEN;
918		904
919	slen = XDR_QUADLEN(namlen);	905	slen = XDR_QUADLEN(namlen);
920	elen = slen + NFS3_ENTRY_BAGGAGE	906	elen = slen + NFS3_ENTRY_BAGGAGE


diff --git a/fs/nfsd/nfs4proc.c b/fs/nfsd/nfs4proc.c index 6851b003f2a4..baa3803f0811 100644 --- a/fs/nfsd/nfs4proc.c +++ b/fs/nfsd/nfs4proc.c
@@ -1529,21 +1529,17 @@ static inline u32 nfsd4_read_rsize(struct svc_rqst rqstp, struct nfsd4_op op)
1529	u32 maxcount = 0, rlen = 0;	1529	u32 maxcount = 0, rlen = 0;
1530		1530
1531	maxcount = svc_max_payload(rqstp);	1531	maxcount = svc_max_payload(rqstp);
1532	rlen = op->u.read.rd_length;	1532	rlen = min(op->u.read.rd_length, maxcount);
1533
1534	if (rlen > maxcount)
1535	rlen = maxcount;
1536		1533
1537	return (op_encode_hdr_size + 2 + XDR_QUADLEN(rlen)) * sizeof(__be32);	1534	return (op_encode_hdr_size + 2 + XDR_QUADLEN(rlen)) * sizeof(__be32);
1538	}	1535	}
1539		1536
1540	static inline u32 nfsd4_readdir_rsize(struct svc_rqst rqstp, struct nfsd4_op op)	1537	static inline u32 nfsd4_readdir_rsize(struct svc_rqst rqstp, struct nfsd4_op op)
1541	{	1538	{
1542	u32 maxcount = svc_max_payload(rqstp);	1539	u32 maxcount = 0, rlen = 0;
1543	u32 rlen = op->u.readdir.rd_maxcount;
1544		1540
1545	if (rlen > maxcount)	1541	maxcount = svc_max_payload(rqstp);
1546	rlen = maxcount;	1542	rlen = min(op->u.readdir.rd_maxcount, maxcount);
1547		1543
1548	return (op_encode_hdr_size + op_encode_verifier_maxsz +	1544	return (op_encode_hdr_size + op_encode_verifier_maxsz +
1549	XDR_QUADLEN(rlen)) * sizeof(__be32);	1545	XDR_QUADLEN(rlen)) * sizeof(__be32);


diff --git a/fs/nfsd/nfs4xdr.c b/fs/nfsd/nfs4xdr.c index 83baf2bfe9e9..30913c83ccb0 100644 --- a/fs/nfsd/nfs4xdr.c +++ b/fs/nfsd/nfs4xdr.c
@@ -3134,9 +3134,7 @@ static __be32 nfsd4_encode_readv(struct nfsd4_compoundres *resp,
3134	len = maxcount;	3134	len = maxcount;
3135	v = 0;	3135	v = 0;
3136		3136
3137	thislen = (void )xdr->end - (void )xdr->p;	3137	thislen = min(len, ((void )xdr->end - (void )xdr->p));
3138	if (len < thislen)
3139	thislen = len;
3140	p = xdr_reserve_space(xdr, (thislen+3)&~3);	3138	p = xdr_reserve_space(xdr, (thislen+3)&~3);
3141	WARN_ON_ONCE(!p);	3139	WARN_ON_ONCE(!p);
3142	resp->rqstp->rq_vec[v].iov_base = p;	3140	resp->rqstp->rq_vec[v].iov_base = p;
@@ -3203,10 +3201,8 @@ nfsd4_encode_read(struct nfsd4_compoundres *resp, __be32 nfserr,
3203	xdr_commit_encode(xdr);	3201	xdr_commit_encode(xdr);
3204		3202
3205	maxcount = svc_max_payload(resp->rqstp);	3203	maxcount = svc_max_payload(resp->rqstp);
3206	if (maxcount > xdr->buf->buflen - xdr->buf->len)	3204	maxcount = min_t(unsigned long, maxcount, (xdr->buf->buflen - xdr->buf->len));
3207	maxcount = xdr->buf->buflen - xdr->buf->len;	3205	maxcount = min_t(unsigned long, maxcount, read->rd_length);
3208	if (maxcount > read->rd_length)
3209	maxcount = read->rd_length;
3210		3206
3211	if (!read->rd_filp) {	3207	if (!read->rd_filp) {
3212	err = nfsd_get_tmp_read_open(resp->rqstp, read->rd_fhp,	3208	err = nfsd_get_tmp_read_open(resp->rqstp, read->rd_fhp,


diff --git a/fs/nfsd/nfsctl.c b/fs/nfsd/nfsctl.c index 51844048937f..6a6f65cc8b34 100644 --- a/fs/nfsd/nfsctl.c +++ b/fs/nfsd/nfsctl.c
@@ -369,8 +369,7 @@ static ssize_t write_filehandle(struct file file, char buf, size_t size)
369		369
370	if (maxsize < NFS_FHSIZE)	370	if (maxsize < NFS_FHSIZE)
371	return -EINVAL;	371	return -EINVAL;
372	if (maxsize > NFS3_FHSIZE)	372	maxsize = min(maxsize, NFS3_FHSIZE);
373	maxsize = NFS3_FHSIZE;
374		373
375	if (qword_get(&mesg, mesg, size)>0)	374	if (qword_get(&mesg, mesg, size)>0)
376	return -EINVAL;	375	return -EINVAL;
@@ -871,10 +870,8 @@ static ssize_t write_maxblksize(struct file file, char buf, size_t size)
871	/* force bsize into allowed range and	870	/* force bsize into allowed range and
872	* required alignment.	871	* required alignment.
873	*/	872	*/
874	if (bsize < 1024)	873	bsize = max_t(int, bsize, 1024);
875	bsize = 1024;	874	bsize = min_t(int, bsize, NFSSVC_MAXBLKSIZE);
876	if (bsize > NFSSVC_MAXBLKSIZE)
877	bsize = NFSSVC_MAXBLKSIZE;
878	bsize &= ~(1024-1);	875	bsize &= ~(1024-1);
879	mutex_lock(&nfsd_mutex);	876	mutex_lock(&nfsd_mutex);
880	if (nn->nfsd_serv) {	877	if (nn->nfsd_serv) {


diff --git a/fs/nfsd/nfssvc.c b/fs/nfsd/nfssvc.c index 1879e43f2868..209474174fe4 100644 --- a/fs/nfsd/nfssvc.c +++ b/fs/nfsd/nfssvc.c
@@ -469,8 +469,7 @@ int nfsd_set_nrthreads(int n, int nthreads, struct net net)
469	/* enforce a global maximum number of threads */	469	/* enforce a global maximum number of threads */
470	tot = 0;	470	tot = 0;
471	for (i = 0; i < n; i++) {	471	for (i = 0; i < n; i++) {
472	if (nthreads[i] > NFSD_MAXSERVS)	472	nthreads[i] = min(nthreads[i], NFSD_MAXSERVS);
473	nthreads[i] = NFSD_MAXSERVS;
474	tot += nthreads[i];	473	tot += nthreads[i];
475	}	474	}
476	if (tot > NFSD_MAXSERVS) {	475	if (tot > NFSD_MAXSERVS) {
@@ -519,11 +518,11 @@ nfsd_svc(int nrservs, struct net *net)
519		518
520	mutex_lock(&nfsd_mutex);	519	mutex_lock(&nfsd_mutex);
521	dprintk("nfsd: creating service\n");	520	dprintk("nfsd: creating service\n");
522	if (nrservs <= 0)	521
523	nrservs = 0;	522	nrservs = max(nrservs, 0);
524	if (nrservs > NFSD_MAXSERVS)	523	nrservs = min(nrservs, NFSD_MAXSERVS);
525	nrservs = NFSD_MAXSERVS;
526	error = 0;	524	error = 0;
		525
527	if (nrservs == 0 && nn->nfsd_serv == NULL)	526	if (nrservs == 0 && nn->nfsd_serv == NULL)
528	goto out;	527	goto out;
529		528


diff --git a/fs/nfsd/nfsxdr.c b/fs/nfsd/nfsxdr.c index 1ac306b769df..412d7061f9e5 100644 --- a/fs/nfsd/nfsxdr.c +++ b/fs/nfsd/nfsxdr.c
@@ -257,8 +257,7 @@ nfssvc_decode_readargs(struct svc_rqst rqstp, __be32 p,
257	len = args->count = ntohl(*p++);	257	len = args->count = ntohl(*p++);
258	p++; /* totalcount - unused */	258	p++; /* totalcount - unused */
259		259
260	if (len > NFSSVC_MAXBLKSIZE_V2)	260	len = min_t(unsigned int, len, NFSSVC_MAXBLKSIZE_V2);
261	len = NFSSVC_MAXBLKSIZE_V2;
262		261
263	/* set up somewhere to store response.	262	/* set up somewhere to store response.
264	* We take pages, put them on reslist and include in iovec	263	* We take pages, put them on reslist and include in iovec
@@ -268,7 +267,7 @@ nfssvc_decode_readargs(struct svc_rqst rqstp, __be32 p,
268	struct page p = (rqstp->rq_next_page++);	267	struct page p = (rqstp->rq_next_page++);
269		268
270	rqstp->rq_vec[v].iov_base = page_address(p);	269	rqstp->rq_vec[v].iov_base = page_address(p);
271	rqstp->rq_vec[v].iov_len = len < PAGE_SIZE?len:PAGE_SIZE;	270	rqstp->rq_vec[v].iov_len = min_t(unsigned int, len, PAGE_SIZE);
272	len -= rqstp->rq_vec[v].iov_len;	271	len -= rqstp->rq_vec[v].iov_len;
273	v++;	272	v++;
274	}	273	}
@@ -400,9 +399,7 @@ nfssvc_decode_readdirargs(struct svc_rqst rqstp, __be32 p,
400	return 0;	399	return 0;
401	args->cookie = ntohl(*p++);	400	args->cookie = ntohl(*p++);
402	args->count = ntohl(*p++);	401	args->count = ntohl(*p++);
403	if (args->count > PAGE_SIZE)	402	args->count = min_t(u32, args->count, PAGE_SIZE);
404	args->count = PAGE_SIZE;
405
406	args->buffer = page_address(*(rqstp->rq_next_page++));	403	args->buffer = page_address(*(rqstp->rq_next_page++));
407		404
408	return xdr_argsize_check(rqstp, p);	405	return xdr_argsize_check(rqstp, p);
@@ -516,10 +513,11 @@ nfssvc_encode_entry(void ccdv, const char name,
516	}	513	}
517	if (cd->offset)	514	if (cd->offset)
518	*cd->offset = htonl(offset);	515	*cd->offset = htonl(offset);
519	if (namlen > NFS2_MAXNAMLEN)
520	namlen = NFS2_MAXNAMLEN;/* truncate filename */
521		516
		517	/* truncate filename */
		518	namlen = min(namlen, NFS2_MAXNAMLEN);
522	slen = XDR_QUADLEN(namlen);	519	slen = XDR_QUADLEN(namlen);
		520
523	if ((buflen = cd->buflen - slen - 4) < 0) {	521	if ((buflen = cd->buflen - slen - 4) < 0) {
524	cd->common.err = nfserr_toosmall;	522	cd->common.err = nfserr_toosmall;
525	return -EINVAL;	523	return -EINVAL;


diff --git a/fs/nfsd/vfs.c b/fs/nfsd/vfs.c index 140c496f612c..7498099b382f 100644 --- a/fs/nfsd/vfs.c +++ b/fs/nfsd/vfs.c
@@ -2093,8 +2093,7 @@ nfsd_racache_init(int cache_size)
2093	if (raparm_hash[0].pb_head)	2093	if (raparm_hash[0].pb_head)
2094	return 0;	2094	return 0;
2095	nperbucket = DIV_ROUND_UP(cache_size, RAPARM_HASH_SIZE);	2095	nperbucket = DIV_ROUND_UP(cache_size, RAPARM_HASH_SIZE);
2096	if (nperbucket < 2)	2096	nperbucket = max(2, nperbucket);
2097	nperbucket = 2;
2098	cache_size = nperbucket * RAPARM_HASH_SIZE;	2097	cache_size = nperbucket * RAPARM_HASH_SIZE;
2099		2098
2100	dprintk("nfsd: allocating %d readahead buffers.\n", cache_size);	2099	dprintk("nfsd: allocating %d readahead buffers.\n", cache_size);