/* * Decode READ reply */ static int nfs_xdr_readres(struct rpc_rqst *req, u32 *p, struct nfs_readres *res) { struct kvec *iov = req->rq_rcv_buf.head; int status, count, recvd, hdrlen; if ((status = ntohl(*p++))) return -nfs_stat_to_errno(status); p = xdr_decode_fattr(p, res->fattr); count = ntohl(*p++); res->eof = 0; hdrlen = (u8 *) p - (u8 *) iov->iov_base; if (iov->iov_len < hdrlen) { printk(KERN_WARNING "NFS: READ reply header overflowed:" "length %d > %Zu\n", hdrlen, iov->iov_len); return -errno_NFSERR_IO; } else if (iov->iov_len != hdrlen) { dprintk("NFS: READ header is short. iovec will be shifted.\n"); xdr_shift_buf(&req->rq_rcv_buf, iov->iov_len - hdrlen); } recvd = req->rq_rcv_buf.len - hdrlen; if (count > recvd) { printk(KERN_WARNING "NFS: server cheating in read reply: " "count %d > recvd %d\n", count, recvd); count = recvd; } dprintk("RPC: readres OK count %d\n", count); if (count < res->count) res->count = count; return count; }
/* * Decode READLINK reply */ static int nfs_xdr_readlinkres(struct rpc_rqst *req, u32 *p, void *dummy) { struct xdr_buf *rcvbuf = &req->rq_rcv_buf; struct iovec *iov = rcvbuf->head; unsigned int hdrlen; u32 *strlen, len; char *string; int status; if ((status = ntohl(*p++))) return -nfs_stat_to_errno(status); hdrlen = (u8 *) p - (u8 *) iov->iov_base; if (iov->iov_len > hdrlen) { dprintk("NFS: READLINK header is short. iovec will be shifted.\n"); xdr_shift_buf(rcvbuf, iov->iov_len - hdrlen); } strlen = (u32*)kmap_atomic(rcvbuf->pages[0], KM_USER0); /* Convert length of symlink */ len = ntohl(*strlen); if (len >= rcvbuf->page_len - sizeof(u32) || len > NFS2_MAXPATHLEN) { dprintk("NFS: READLINK server returned giant symlink!\n"); kunmap_atomic(strlen, KM_USER0); return -ENAMETOOLONG; } *strlen = len; /* NULL terminate the string we got */ string = (char *)(strlen + 1); string[len] = 0; kunmap_atomic(strlen, KM_USER0); return 0; }
/* * Decode the result of a readdir call. * We're not really decoding anymore, we just leave the buffer untouched * and only check that it is syntactically correct. * The real decoding happens in nfs_decode_entry below, called directly * from nfs_readdir for each entry. */ static int nfs_xdr_readdirres(struct rpc_rqst *req, __be32 *p, void *dummy) { struct xdr_buf *rcvbuf = &req->rq_rcv_buf; struct kvec *iov = rcvbuf->head; struct page **page; size_t hdrlen; unsigned int pglen, recvd; int status; if ((status = ntohl(*p++))) return nfs_stat_to_errno(status); hdrlen = (u8 *) p - (u8 *) iov->iov_base; if (iov->iov_len < hdrlen) { dprintk("NFS: READDIR reply header overflowed:" "length %Zu > %Zu\n", hdrlen, iov->iov_len); return -errno_NFSERR_IO; } else if (iov->iov_len != hdrlen) { dprintk("NFS: READDIR header is short. iovec will be shifted.\n"); xdr_shift_buf(rcvbuf, iov->iov_len - hdrlen); } pglen = rcvbuf->page_len; recvd = rcvbuf->len - hdrlen; if (pglen > recvd) pglen = recvd; page = rcvbuf->pages; return pglen; }
static int nfs_xdr_readlinkres(struct rpc_rqst *req, __be32 *p, void *dummy) { struct xdr_buf *rcvbuf = &req->rq_rcv_buf; struct kvec *iov = rcvbuf->head; size_t hdrlen; u32 len, recvd; char *kaddr; int status; if ((status = ntohl(*p++))) return nfs_stat_to_errno(status); /* Convert length of symlink */ len = ntohl(*p++); if (len >= rcvbuf->page_len) { dprintk("nfs: server returned giant symlink!\n"); return -ENAMETOOLONG; } hdrlen = (u8 *) p - (u8 *) iov->iov_base; if (iov->iov_len < hdrlen) { dprintk("NFS: READLINK reply header overflowed:" "length %Zu > %Zu\n", hdrlen, iov->iov_len); return -errno_NFSERR_IO; } else if (iov->iov_len != hdrlen) { dprintk("NFS: READLINK header is short. iovec will be shifted.\n"); xdr_shift_buf(rcvbuf, iov->iov_len - hdrlen); } recvd = req->rq_rcv_buf.len - hdrlen; if (recvd < len) { dprintk("NFS: server cheating in readlink reply: " "count %u > recvd %u\n", len, recvd); return -EIO; } /* NULL terminate the string we got */ kaddr = (char *)kmap_atomic(rcvbuf->pages[0], KM_USER0); kaddr[len+rcvbuf->page_base] = '\0'; kunmap_atomic(kaddr, KM_USER0); return 0; }
/* * Decode the result of a readdir call. * We're not really decoding anymore, we just leave the buffer untouched * and only check that it is syntactically correct. * The real decoding happens in nfs_decode_entry below, called directly * from nfs_readdir for each entry. */ static int nfs_xdr_readdirres(struct rpc_rqst *req, u32 *p, void *dummy) { struct xdr_buf *rcvbuf = &req->rq_rcv_buf; struct kvec *iov = rcvbuf->head; struct page **page; int hdrlen, recvd; int status, nr; unsigned int len, pglen; u32 *end, *entry, *kaddr; if ((status = ntohl(*p++))) return -nfs_stat_to_errno(status); hdrlen = (u8 *) p - (u8 *) iov->iov_base; if (iov->iov_len < hdrlen) { printk(KERN_WARNING "NFS: READDIR reply header overflowed:" "length %d > %Zu\n", hdrlen, iov->iov_len); return -errno_NFSERR_IO; } else if (iov->iov_len != hdrlen) { dprintk("NFS: READDIR header is short. iovec will be shifted.\n"); xdr_shift_buf(rcvbuf, iov->iov_len - hdrlen); } pglen = rcvbuf->page_len; recvd = rcvbuf->len - hdrlen; if (pglen > recvd) pglen = recvd; page = rcvbuf->pages; kaddr = p = (u32 *)kmap_atomic(*page, KM_USER0); end = (u32 *)((char *)p + pglen); entry = p; for (nr = 0; *p++; nr++) { if (p + 2 > end) goto short_pkt; p++; /* fileid */ len = ntohl(*p++); p += XDR_QUADLEN(len) + 1; /* name plus cookie */ if (len > NFS2_MAXNAMLEN) { printk(KERN_WARNING "NFS: giant filename in readdir (len 0x%x)!\n", len); goto err_unmap; } if (p + 2 > end) goto short_pkt; entry = p; } if (!nr && (entry[0] != 0 || entry[1] == 0)) goto short_pkt; out: kunmap_atomic(kaddr, KM_USER0); return nr; short_pkt: entry[0] = entry[1] = 0; /* truncate listing ? */ if (!nr) { printk(KERN_NOTICE "NFS: readdir reply truncated!\n"); entry[1] = 1; } goto out; err_unmap: nr = -errno_NFSERR_IO; goto out; }
static int nfs_xdr_readdirres(struct rpc_rqst *req, __be32 *p, void *dummy) { struct xdr_buf *rcvbuf = &req->rq_rcv_buf; struct kvec *iov = rcvbuf->head; struct page **page; size_t hdrlen; unsigned int pglen, recvd; u32 len; int status, nr = 0; __be32 *end, *entry, *kaddr; if ((status = ntohl(*p++))) return nfs_stat_to_errno(status); hdrlen = (u8 *) p - (u8 *) iov->iov_base; if (iov->iov_len < hdrlen) { dprintk("NFS: READDIR reply header overflowed:" "length %Zu > %Zu\n", hdrlen, iov->iov_len); return -errno_NFSERR_IO; } else if (iov->iov_len != hdrlen) { dprintk("NFS: READDIR header is short. iovec will be shifted.\n"); xdr_shift_buf(rcvbuf, iov->iov_len - hdrlen); } pglen = rcvbuf->page_len; recvd = rcvbuf->len - hdrlen; if (pglen > recvd) pglen = recvd; page = rcvbuf->pages; kaddr = p = kmap_atomic(*page, KM_USER0); end = (__be32 *)((char *)p + pglen); entry = p; /* Make sure the packet actually has a value_follows and EOF entry */ if ((entry + 1) > end) goto short_pkt; for (; *p++; nr++) { if (p + 2 > end) goto short_pkt; p++; /* fileid */ len = ntohl(*p++); p += XDR_QUADLEN(len) + 1; /* name plus cookie */ if (len > NFS2_MAXNAMLEN) { dprintk("NFS: giant filename in readdir (len 0x%x)!\n", len); goto err_unmap; } if (p + 2 > end) goto short_pkt; entry = p; } /* * Apparently some server sends responses that are a valid size, but * contain no entries, and have value_follows==0 and EOF==0. For * those, just set the EOF marker. */ if (!nr && entry[1] == 0) { dprintk("NFS: readdir reply truncated!\n"); entry[1] = 1; } out: kunmap_atomic(kaddr, KM_USER0); return nr; short_pkt: /* * When we get a short packet there are 2 possibilities. We can * return an error, or fix up the response to look like a valid * response and return what we have so far. If there are no * entries and the packet was short, then return -EIO. If there * are valid entries in the response, return them and pretend that * the call was successful, but incomplete. The caller can retry the * readdir starting at the last cookie. */ entry[0] = entry[1] = 0; if (!nr) nr = -errno_NFSERR_IO; goto out; err_unmap: nr = -errno_NFSERR_IO; goto out; }