diff options
Diffstat (limited to 'fs/nfsd')
| -rw-r--r-- | fs/nfsd/nfs4proc.c | 4 | ||||
| -rw-r--r-- | fs/nfsd/nfs4state.c | 2 | ||||
| -rw-r--r-- | fs/nfsd/nfs4xdr.c | 5 |
3 files changed, 6 insertions, 5 deletions
diff --git a/fs/nfsd/nfs4proc.c b/fs/nfsd/nfs4proc.c index 2d786b813c7e..16e71d033ea5 100644 --- a/fs/nfsd/nfs4proc.c +++ b/fs/nfsd/nfs4proc.c | |||
| @@ -1261,13 +1261,13 @@ static void svcxdr_init_encode(struct svc_rqst *rqstp, | |||
| 1261 | xdr->buf = buf; | 1261 | xdr->buf = buf; |
| 1262 | xdr->iov = head; | 1262 | xdr->iov = head; |
| 1263 | xdr->p = head->iov_base + head->iov_len; | 1263 | xdr->p = head->iov_base + head->iov_len; |
| 1264 | xdr->end = head->iov_base + PAGE_SIZE - 2 * RPC_MAX_AUTH_SIZE; | 1264 | xdr->end = head->iov_base + PAGE_SIZE - rqstp->rq_auth_slack; |
| 1265 | /* Tail and page_len should be zero at this point: */ | 1265 | /* Tail and page_len should be zero at this point: */ |
| 1266 | buf->len = buf->head[0].iov_len; | 1266 | buf->len = buf->head[0].iov_len; |
| 1267 | xdr->scratch.iov_len = 0; | 1267 | xdr->scratch.iov_len = 0; |
| 1268 | xdr->page_ptr = buf->pages; | 1268 | xdr->page_ptr = buf->pages; |
| 1269 | buf->buflen = PAGE_SIZE * (1 + rqstp->rq_page_end - buf->pages) | 1269 | buf->buflen = PAGE_SIZE * (1 + rqstp->rq_page_end - buf->pages) |
| 1270 | - 2 * RPC_MAX_AUTH_SIZE; | 1270 | - rqstp->rq_auth_slack; |
| 1271 | } | 1271 | } |
| 1272 | 1272 | ||
| 1273 | /* | 1273 | /* |
diff --git a/fs/nfsd/nfs4state.c b/fs/nfsd/nfs4state.c index 62b882dc48ec..d0a016a502be 100644 --- a/fs/nfsd/nfs4state.c +++ b/fs/nfsd/nfs4state.c | |||
| @@ -2288,7 +2288,7 @@ nfsd4_sequence(struct svc_rqst *rqstp, | |||
| 2288 | session->se_fchannel.maxresp_sz; | 2288 | session->se_fchannel.maxresp_sz; |
| 2289 | status = (seq->cachethis) ? nfserr_rep_too_big_to_cache : | 2289 | status = (seq->cachethis) ? nfserr_rep_too_big_to_cache : |
| 2290 | nfserr_rep_too_big; | 2290 | nfserr_rep_too_big; |
| 2291 | if (xdr_restrict_buflen(xdr, buflen - 2 * RPC_MAX_AUTH_SIZE)) | 2291 | if (xdr_restrict_buflen(xdr, buflen - rqstp->rq_auth_slack)) |
| 2292 | goto out_put_session; | 2292 | goto out_put_session; |
| 2293 | svc_reserve(rqstp, buflen); | 2293 | svc_reserve(rqstp, buflen); |
| 2294 | 2294 | ||
diff --git a/fs/nfsd/nfs4xdr.c b/fs/nfsd/nfs4xdr.c index 3e347a1caec4..470fe8998c9b 100644 --- a/fs/nfsd/nfs4xdr.c +++ b/fs/nfsd/nfs4xdr.c | |||
| @@ -1611,7 +1611,8 @@ nfsd4_decode_compound(struct nfsd4_compoundargs *argp) | |||
| 1611 | DECODE_HEAD; | 1611 | DECODE_HEAD; |
| 1612 | struct nfsd4_op *op; | 1612 | struct nfsd4_op *op; |
| 1613 | bool cachethis = false; | 1613 | bool cachethis = false; |
| 1614 | int max_reply = 2 * RPC_MAX_AUTH_SIZE + 8; /* opcnt, status */ | 1614 | int auth_slack= argp->rqstp->rq_auth_slack; |
| 1615 | int max_reply = auth_slack + 8; /* opcnt, status */ | ||
| 1615 | int readcount = 0; | 1616 | int readcount = 0; |
| 1616 | int readbytes = 0; | 1617 | int readbytes = 0; |
| 1617 | int i; | 1618 | int i; |
| @@ -1677,7 +1678,7 @@ nfsd4_decode_compound(struct nfsd4_compoundargs *argp) | |||
| 1677 | svc_reserve(argp->rqstp, max_reply + readbytes); | 1678 | svc_reserve(argp->rqstp, max_reply + readbytes); |
| 1678 | argp->rqstp->rq_cachetype = cachethis ? RC_REPLBUFF : RC_NOCACHE; | 1679 | argp->rqstp->rq_cachetype = cachethis ? RC_REPLBUFF : RC_NOCACHE; |
| 1679 | 1680 | ||
| 1680 | if (readcount > 1 || max_reply > PAGE_SIZE - 2*RPC_MAX_AUTH_SIZE) | 1681 | if (readcount > 1 || max_reply > PAGE_SIZE - auth_slack) |
| 1681 | argp->rqstp->rq_splice_ok = false; | 1682 | argp->rqstp->rq_splice_ok = false; |
| 1682 | 1683 | ||
| 1683 | DECODE_TAIL; | 1684 | DECODE_TAIL; |