diff options
| author | Chuck Lever <chuck.lever@oracle.com> | 2023-05-18 13:45:43 -0400 |
|---|---|---|
| committer | Chuck Lever <chuck.lever@oracle.com> | 2023-06-11 16:37:40 -0400 |
| commit | ba21e20b309564c64761f4953db4456ec8c4e49c (patch) | |
| tree | 8d46670b899f4af8b19ec1a5ed856b7ce6f373eb /rust/alloc | |
| parent | 82078b9895bd46ce69b4a73e2da40e7e2202fdb5 (diff) | |
NFSD: Use svcxdr_encode_opaque_pages() in nfsd4_encode_splice_read()
Commit 15b23ef5d348 ("nfsd4: fix corruption of NFSv4 read data")
encountered exactly the same issue: after a splice read, a
filesystem-owned page is left in rq_pages[]; the symptoms are the
same as described there.
If the computed number of pages in nfsd4_encode_splice_read() is not
exactly the same as the actual number of pages that were consumed by
nfsd_splice_actor() (say, because of a bug) then hilarity ensues.
Instead of recomputing the page offset based on the size of the
payload, use rq_next_page, which is already properly updated by
nfsd_splice_actor(), to cause svc_rqst_release_pages() to operate
correctly in every instance.
This is a defensive change since we believe that after commit
27c934dd8832 ("nfsd: don't replace page in rq_pages if it's a
continuation of last page") has been applied, there are no known
opportunities for nfsd_splice_actor() to screw up. So I'm not
marking it for stable backport.
Reported-by: Andy Zlotek <andy.zlotek@oracle.com>
Suggested-by: Calum Mackay <calum.mackay@oracle.com>
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Diffstat (limited to 'rust/alloc')
0 files changed, 0 insertions, 0 deletions