Message ID | 53E2EE27.5010603@gmail.com (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
On Thu, Aug 07, 2014 at 11:10:31AM +0800, Kinglong Mee wrote: > After calling svc_reserve() with a small length, > nfsd does't treat it in svcxdr_init_encode(). > > So, when testing conflock, got message as, > > [ 970.127216] RPC request reserved 88 but used 116 rq_reserved should always be set no smaller than the maximum possible size of the reply, given everything we know about the request. So the bug is that rq_reserved was set to small. The risk of returning a reply larger than rq_reserved is a relatively rare deadlock, so I'd rather just stick to the log warning than convert it to a hard error. The solution in this case is to fix the incorrect estimate. --b. > > Signed-off-by: Kinglong Mee <kinglongmee@gmail.com> > --- > fs/nfsd/nfs4proc.c | 7 +++++-- > 1 file changed, 5 insertions(+), 2 deletions(-) > > diff --git a/fs/nfsd/nfs4proc.c b/fs/nfsd/nfs4proc.c > index 5e0dc52..084e46e 100644 > --- a/fs/nfsd/nfs4proc.c > +++ b/fs/nfsd/nfs4proc.c > @@ -1245,17 +1245,20 @@ static void svcxdr_init_encode(struct svc_rqst *rqstp, > struct xdr_stream *xdr = &resp->xdr; > struct xdr_buf *buf = &rqstp->rq_res; > struct kvec *head = buf->head; > + int tlen = 0; > > xdr->buf = buf; > xdr->iov = head; > xdr->p = head->iov_base + head->iov_len; > - xdr->end = head->iov_base + PAGE_SIZE - rqstp->rq_auth_slack; > + tlen = PAGE_SIZE - rqstp->rq_auth_slack; > + xdr->end = head->iov_base + min(tlen, rqstp->rq_reserved); > /* Tail and page_len should be zero at this point: */ > buf->len = buf->head[0].iov_len; > xdr->scratch.iov_len = 0; > xdr->page_ptr = buf->pages - 1; > - buf->buflen = PAGE_SIZE * (1 + rqstp->rq_page_end - buf->pages) > + tlen = PAGE_SIZE * (1 + rqstp->rq_page_end - buf->pages) > - rqstp->rq_auth_slack; > + buf->buflen = min(tlen, rqstp->rq_reserved); > } > > /* > -- > 1.9.3 > -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/fs/nfsd/nfs4proc.c b/fs/nfsd/nfs4proc.c index 5e0dc52..084e46e 100644 --- a/fs/nfsd/nfs4proc.c +++ b/fs/nfsd/nfs4proc.c @@ -1245,17 +1245,20 @@ static void svcxdr_init_encode(struct svc_rqst *rqstp, struct xdr_stream *xdr = &resp->xdr; struct xdr_buf *buf = &rqstp->rq_res; struct kvec *head = buf->head; + int tlen = 0; xdr->buf = buf; xdr->iov = head; xdr->p = head->iov_base + head->iov_len; - xdr->end = head->iov_base + PAGE_SIZE - rqstp->rq_auth_slack; + tlen = PAGE_SIZE - rqstp->rq_auth_slack; + xdr->end = head->iov_base + min(tlen, rqstp->rq_reserved); /* Tail and page_len should be zero at this point: */ buf->len = buf->head[0].iov_len; xdr->scratch.iov_len = 0; xdr->page_ptr = buf->pages - 1; - buf->buflen = PAGE_SIZE * (1 + rqstp->rq_page_end - buf->pages) + tlen = PAGE_SIZE * (1 + rqstp->rq_page_end - buf->pages) - rqstp->rq_auth_slack; + buf->buflen = min(tlen, rqstp->rq_reserved); } /*
After calling svc_reserve() with a small length, nfsd does't treat it in svcxdr_init_encode(). So, when testing conflock, got message as, [ 970.127216] RPC request reserved 88 but used 116 Signed-off-by: Kinglong Mee <kinglongmee@gmail.com> --- fs/nfsd/nfs4proc.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-)