From: Christoph Hellwig Date: Thu, 21 Aug 2014 16:09:29 +0000 (-0500) Subject: pnfs/blocklayout: correctly decrement extent length X-Git-Tag: firefly_0821_release~176^2~3012^2~52 X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=921b81a8cd5a4acc2a009778d13eedd377362c4c;p=firefly-linux-kernel-4.4.55.git pnfs/blocklayout: correctly decrement extent length When we do non-page sized reads we can underflow the extent_length variable and read incorrect data. Fix the extent_length calculation and change to defensive <= checks for the extent length in the read and write path. Signed-off-by: Christoph Hellwig Signed-off-by: Trond Myklebust --- diff --git a/fs/nfs/blocklayout/blocklayout.c b/fs/nfs/blocklayout/blocklayout.c index 5427ae766f06..87a633d03507 100644 --- a/fs/nfs/blocklayout/blocklayout.c +++ b/fs/nfs/blocklayout/blocklayout.c @@ -272,7 +272,7 @@ bl_read_pagelist(struct nfs_pgio_header *hdr) isect = (sector_t) (f_offset >> SECTOR_SHIFT); /* Code assumes extents are page-aligned */ for (i = pg_index; i < hdr->page_array.npages; i++) { - if (!extent_length) { + if (extent_length <= 0) { /* We've used up the previous extent */ bl_put_extent(be); bl_put_extent(cow_read); @@ -303,6 +303,7 @@ bl_read_pagelist(struct nfs_pgio_header *hdr) f_offset += pg_len; bytes_left -= pg_len; isect += (pg_offset >> SECTOR_SHIFT); + extent_length -= (pg_offset >> SECTOR_SHIFT); } else { pg_offset = 0; pg_len = PAGE_CACHE_SIZE; @@ -333,7 +334,7 @@ bl_read_pagelist(struct nfs_pgio_header *hdr) } } isect += (pg_len >> SECTOR_SHIFT); - extent_length -= PAGE_CACHE_SECTORS; + extent_length -= (pg_len >> SECTOR_SHIFT); } if ((isect << SECTOR_SHIFT) >= header->inode->i_size) { hdr->res.eof = 1; @@ -797,7 +798,7 @@ next_page: /* Middle pages */ pg_index = header->args.pgbase >> PAGE_CACHE_SHIFT; for (i = pg_index; i < header->page_array.npages; i++) { - if (!extent_length) { + if (extent_length <= 0) { /* We've used up the previous extent */ bl_put_extent(be); bl_put_extent(cow_read);