Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit a5cddc88 authored by J. Bruce Fields's avatar J. Bruce Fields
Browse files

nfsd4: better reservation of head space for krb5 



RPC_MAX_AUTH_SIZE is scattered around several places.  Better to set it
once in the auth code, where this kind of estimate should be made.  And
while we're at it we can leave it zero when we're not using krb5i or
krb5p.

Signed-off-by: default avatarJ. Bruce Fields <bfields@redhat.com>
parent d05d5744

fs/nfsd/nfs4proc.c

+2 −2
Original line number Diff line number Diff line
@@ -1261,13 +1261,13 @@ static void svcxdr_init_encode(struct svc_rqst *rqstp, 
	xdr->buf = buf;

	xdr->iov = head;

	xdr->p   = head->iov_base + head->iov_len;

	xdr->end = head->iov_base + PAGE_SIZE - 2 * RPC_MAX_AUTH_SIZE;

	xdr->end = head->iov_base + PAGE_SIZE - rqstp->rq_auth_slack;

	/* Tail and page_len should be zero at this point: */

	buf->len = buf->head[0].iov_len;

	xdr->scratch.iov_len = 0;

	xdr->page_ptr = buf->pages;

	buf->buflen = PAGE_SIZE * (1 + rqstp->rq_page_end - buf->pages)

		- 2 * RPC_MAX_AUTH_SIZE;

		- rqstp->rq_auth_slack;

}



/*

fs/nfsd/nfs4state.c

+1 −1
Original line number Diff line number Diff line
@@ -2288,7 +2288,7 @@ nfsd4_sequence(struct svc_rqst *rqstp, 
			session->se_fchannel.maxresp_sz;

	status = (seq->cachethis) ? nfserr_rep_too_big_to_cache :

				    nfserr_rep_too_big;

	if (xdr_restrict_buflen(xdr, buflen - 2 * RPC_MAX_AUTH_SIZE))

	if (xdr_restrict_buflen(xdr, buflen - rqstp->rq_auth_slack))

		goto out_put_session;

	svc_reserve(rqstp, buflen);

fs/nfsd/nfs4xdr.c

+3 −2
Original line number Diff line number Diff line
@@ -1611,7 +1611,8 @@ nfsd4_decode_compound(struct nfsd4_compoundargs *argp) 
	DECODE_HEAD;

	struct nfsd4_op *op;

	bool cachethis = false;

	int max_reply = 2 * RPC_MAX_AUTH_SIZE + 8; /* opcnt, status */

	int auth_slack= argp->rqstp->rq_auth_slack;

	int max_reply = auth_slack + 8; /* opcnt, status */

	int readcount = 0;

	int readbytes = 0;

	int i;
@@ -1677,7 +1678,7 @@ nfsd4_decode_compound(struct nfsd4_compoundargs *argp) 
	svc_reserve(argp->rqstp, max_reply + readbytes);

	argp->rqstp->rq_cachetype = cachethis ? RC_REPLBUFF : RC_NOCACHE;



	if (readcount > 1 || max_reply > PAGE_SIZE - 2*RPC_MAX_AUTH_SIZE)

	if (readcount > 1 || max_reply > PAGE_SIZE - auth_slack)

		argp->rqstp->rq_splice_ok = false;



	DECODE_TAIL;

include/linux/sunrpc/svc.h

+5 −6
Original line number Diff line number Diff line
@@ -260,7 +260,10 @@ struct svc_rqst { 
	void *			rq_argp;	/* decoded arguments */

	void *			rq_resp;	/* xdr'd results */

	void *			rq_auth_data;	/* flavor-specific data */



	int			rq_auth_slack;	/* extra space xdr code

						 * should leave in head

						 * for krb5i, krb5p.

						 */

	int			rq_reserved;	/* space on socket outq

						 * reserved for this request

						 */
@@ -456,11 +459,7 @@ char * svc_print_addr(struct svc_rqst *, char *, size_t); 
 */

static inline void svc_reserve_auth(struct svc_rqst *rqstp, int space)

{

	int added_space = 0;



	if (rqstp->rq_authop->flavour)

		added_space = RPC_MAX_AUTH_SIZE;

	svc_reserve(rqstp, space + added_space);

	svc_reserve(rqstp, space + rqstp->rq_auth_slack);

}



#endif /* SUNRPC_SVC_H */

net/sunrpc/auth_gss/svcauth_gss.c

+2 −0
Original line number Diff line number Diff line
@@ -1503,6 +1503,7 @@ svcauth_gss_accept(struct svc_rqst *rqstp, __be32 *authp) 
			if (unwrap_integ_data(rqstp, &rqstp->rq_arg,

					gc->gc_seq, rsci->mechctx))

				goto garbage_args;

			rqstp->rq_auth_slack = RPC_MAX_AUTH_SIZE;

			break;

		case RPC_GSS_SVC_PRIVACY:

			/* placeholders for length and seq. number: */
@@ -1511,6 +1512,7 @@ svcauth_gss_accept(struct svc_rqst *rqstp, __be32 *authp) 
			if (unwrap_priv_data(rqstp, &rqstp->rq_arg,

					gc->gc_seq, rsci->mechctx))

				goto garbage_args;

			rqstp->rq_auth_slack = RPC_MAX_AUTH_SIZE * 2;

			break;

		default:

			goto auth_err;