Skip to content

Commit a8095f7

Browse files
author
J. Bruce Fields
committed
nfsd4: size-checking cleanup
Better variable name, some comments, etc. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
1 parent ea8d772 commit a8095f7

File tree

2 files changed

+21
-17
lines changed

2 files changed

+21
-17
lines changed

fs/nfsd/nfs4proc.c

Lines changed: 6 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1279,7 +1279,6 @@ nfsd4_proc_compound(struct svc_rqst *rqstp,
12791279
struct nfsd4_compound_state *cstate = &resp->cstate;
12801280
struct svc_fh *current_fh = &cstate->current_fh;
12811281
struct svc_fh *save_fh = &cstate->save_fh;
1282-
u32 plen = 0;
12831282
__be32 status;
12841283

12851284
svcxdr_init_encode(rqstp, resp);
@@ -1349,9 +1348,13 @@ nfsd4_proc_compound(struct svc_rqst *rqstp,
13491348

13501349
/* If op is non-idempotent */
13511350
if (opdesc->op_flags & OP_MODIFIES_SOMETHING) {
1352-
plen = opdesc->op_rsize_bop(rqstp, op);
13531351
/*
1354-
* If there's still another operation, make sure
1352+
* Don't execute this op if we couldn't encode a
1353+
* succesful reply:
1354+
*/
1355+
u32 plen = opdesc->op_rsize_bop(rqstp, op);
1356+
/*
1357+
* Plus if there's another operation, make sure
13551358
* we'll have space to at least encode an error:
13561359
*/
13571360
if (resp->opcnt < args->opcnt)

fs/nfsd/nfs4xdr.c

Lines changed: 15 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -3739,35 +3739,36 @@ static nfsd4_enc nfsd4_enc_ops[] = {
37393739
};
37403740

37413741
/*
3742-
* Calculate the total amount of memory that the compound response has taken
3743-
* after encoding the current operation with pad.
3742+
* Calculate whether we still have space to encode repsize bytes.
3743+
* There are two considerations:
3744+
* - For NFS versions >=4.1, the size of the reply must stay within
3745+
* session limits
3746+
* - For all NFS versions, we must stay within limited preallocated
3747+
* buffer space.
37443748
*
3745-
* pad: if operation is non-idempotent, pad was calculate by op_rsize_bop()
3746-
* which was specified at nfsd4_operation, else pad is zero.
3747-
*
3748-
* Compare this length to the session se_fmaxresp_sz and se_fmaxresp_cached.
3749-
*
3750-
* Our se_fmaxresp_cached will always be a multiple of PAGE_SIZE, and so
3751-
* will be at least a page and will therefore hold the xdr_buf head.
3749+
* This is called before the operation is processed, so can only provide
3750+
* an upper estimate. For some nonidempotent operations (such as
3751+
* getattr), it's not necessarily a problem if that estimate is wrong,
3752+
* as we can fail it after processing without significant side effects.
37523753
*/
3753-
__be32 nfsd4_check_resp_size(struct nfsd4_compoundres *resp, u32 pad)
3754+
__be32 nfsd4_check_resp_size(struct nfsd4_compoundres *resp, u32 respsize)
37543755
{
37553756
struct xdr_buf *buf = &resp->rqstp->rq_res;
37563757
struct nfsd4_session *session = resp->cstate.session;
3757-
struct nfsd4_slot *slot = resp->cstate.slot;
37583758
int slack_bytes = (char *)resp->xdr.end - (char *)resp->xdr.p;
37593759

37603760
if (nfsd4_has_session(&resp->cstate)) {
3761+
struct nfsd4_slot *slot = resp->cstate.slot;
37613762

3762-
if (buf->len + pad > session->se_fchannel.maxresp_sz)
3763+
if (buf->len + respsize > session->se_fchannel.maxresp_sz)
37633764
return nfserr_rep_too_big;
37643765

37653766
if ((slot->sl_flags & NFSD4_SLOT_CACHETHIS) &&
3766-
buf->len + pad > session->se_fchannel.maxresp_cached)
3767+
buf->len + respsize > session->se_fchannel.maxresp_cached)
37673768
return nfserr_rep_too_big_to_cache;
37683769
}
37693770

3770-
if (pad > slack_bytes) {
3771+
if (respsize > slack_bytes) {
37713772
WARN_ON_ONCE(nfsd4_has_session(&resp->cstate));
37723773
return nfserr_resource;
37733774
}

0 commit comments

Comments
 (0)