nfsd: let nfsd_symlink assume null-terminated data

[firefly-linux-kernel-4.4.55.git] / fs / nfsd / nfs4proc.c

diff --git a/fs/nfsd/nfs4proc.c b/fs/nfsd/nfs4proc.c
index f3f048724ac7151d4d89d76a2b44b940b2e0f1d4..7aa83bf34fa980a8bbdda261881afca2a64aaf9b 100644 (file)
--- a/fs/nfsd/nfs4proc.c
+++ b/fs/nfsd/nfs4proc.c
@@ -581,8 +581,12 @@ static void gen_boot_verifier(nfs4_verifier *verifier, struct net *net)
        __be32 verf[2];
        struct nfsd_net *nn = net_generic(net, nfsd_net_id);
 
-       verf[0] = (__be32)nn->nfssvc_boot.tv_sec;
-       verf[1] = (__be32)nn->nfssvc_boot.tv_usec;
+       /*
+        * This is opaque to client, so no need to byte-swap. Use
+        * __force to keep sparse happy
+        */
+       verf[0] = (__force __be32)nn->nfssvc_boot.tv_sec;
+       verf[1] = (__force __be32)nn->nfssvc_boot.tv_usec;
        memcpy(verifier->data, verf, sizeof(verifier->data));
 }
 
@@ -617,18 +621,9 @@ nfsd4_create(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
 
        switch (create->cr_type) {
        case NF4LNK:
-               /* ugh! we have to null-terminate the linktext, or
-                * vfs_symlink() will choke.  it is always safe to
-                * null-terminate by brute force, since at worst we
-                * will overwrite the first byte of the create namelen
-                * in the XDR buffer, which has already been extracted
-                * during XDR decode.
-                */
-               create->cr_linkname[create->cr_linklen] = 0;
-
                status = nfsd_symlink(rqstp, &cstate->current_fh,
                                      create->cr_name, create->cr_namelen,
-                                     create->cr_linkname, create->cr_linklen,
+                                     create->cr_linkname,
                                      &resfh, &create->cr_iattr);
                break;