projects
/
firefly-linux-kernel-4.4.55.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
[firefly-linux-kernel-4.4.55.git]
/
fs
/
dlm
/
midcomms.c
diff --git
a/fs/dlm/midcomms.c
b/fs/dlm/midcomms.c
index e69926e984db3f07565aa052335e49151bd489d5..f3396c622aecc04ef371ccf9cb3baed23b110c55 100644
(file)
--- a/
fs/dlm/midcomms.c
+++ b/
fs/dlm/midcomms.c
@@
-61,9
+61,9
@@
int dlm_process_incoming_buffer(int nodeid, const void *base,
union {
unsigned char __buf[DLM_INBUF_LEN];
/* this is to force proper alignment on some arches */
union {
unsigned char __buf[DLM_INBUF_LEN];
/* this is to force proper alignment on some arches */
-
struct dlm_header dlm
;
+
union dlm_packet p
;
} __tmp;
} __tmp;
-
struct dlm_header *msg = &__tmp.dlm
;
+
union dlm_packet *p = &__tmp.p
;
int ret = 0;
int err = 0;
uint16_t msglen;
int ret = 0;
int err = 0;
uint16_t msglen;
@@
-75,15
+75,22
@@
int dlm_process_incoming_buffer(int nodeid, const void *base,
message may wrap around the end of the buffer back to the
start, so we need to use a temp buffer and copy_from_cb. */
message may wrap around the end of the buffer back to the
start, so we need to use a temp buffer and copy_from_cb. */
- copy_from_cb(
msg
, base, offset, sizeof(struct dlm_header),
+ copy_from_cb(
p
, base, offset, sizeof(struct dlm_header),
limit);
limit);
- msglen = le16_to_cpu(
msg->
h_length);
- lockspace =
msg->
h_lockspace;
+ msglen = le16_to_cpu(
p->header.
h_length);
+ lockspace =
p->header.
h_lockspace;
err = -EINVAL;
if (msglen < sizeof(struct dlm_header))
break;
err = -EINVAL;
if (msglen < sizeof(struct dlm_header))
break;
+ if (p->header.h_cmd == DLM_MSG) {
+ if (msglen < sizeof(struct dlm_message))
+ break;
+ } else {
+ if (msglen < sizeof(struct dlm_rcom))
+ break;
+ }
err = -E2BIG;
if (msglen > dlm_config.ci_buffer_size) {
log_print("message size %d from %d too big, buf len %d",
err = -E2BIG;
if (msglen > dlm_config.ci_buffer_size) {
log_print("message size %d from %d too big, buf len %d",
@@
-104,26
+111,26
@@
int dlm_process_incoming_buffer(int nodeid, const void *base,
in the buffer on the stack (which should work for most
ordinary messages). */
in the buffer on the stack (which should work for most
ordinary messages). */
- if (msglen >
DLM_INBUF_LEN && msg == &__tmp.dlm
) {
-
msg = kmalloc(dlm_config.ci_buffer_size, GFP_KERNEL
);
- if (
msg
== NULL)
+ if (msglen >
sizeof(__tmp) && p == &__tmp.p
) {
+
p = kmalloc(dlm_config.ci_buffer_size, GFP_NOFS
);
+ if (
p
== NULL)
return ret;
}
return ret;
}
- copy_from_cb(
msg
, base, offset, msglen, limit);
+ copy_from_cb(
p
, base, offset, msglen, limit);
- BUG_ON(lockspace !=
msg->
h_lockspace);
+ BUG_ON(lockspace !=
p->header.
h_lockspace);
ret += msglen;
offset += msglen;
offset &= (limit - 1);
len -= msglen;
ret += msglen;
offset += msglen;
offset &= (limit - 1);
len -= msglen;
- dlm_receive_buffer(
msg
, nodeid);
+ dlm_receive_buffer(
p
, nodeid);
}
}
- if (
msg != &__tmp.dlm
)
- kfree(
msg
);
+ if (
p != &__tmp.p
)
+ kfree(
p
);
return err ? err : ret;
}
return err ? err : ret;
}