search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
SUNRPC: Don't decode beyond the end of the RPC reply message
[linux-2.6.git] / net / sunrpc / xdr.c
blob5643feb6c6453e7965a047a76fd8bd3cf7157873
1 /*
2 * linux/net/sunrpc/xdr.c
3 *
4 * Generic XDR support.
5 *
6 * Copyright (C) 1995, 1996 Olaf Kirch <okir@monad.swb.de>
7 */
8
9 #include <linux/module.h>
10 #include <linux/slab.h>
11 #include <linux/types.h>
12 #include <linux/string.h>
13 #include <linux/kernel.h>
14 #include <linux/pagemap.h>
15 #include <linux/errno.h>
16 #include <linux/sunrpc/xdr.h>
17 #include <linux/sunrpc/msg_prot.h>
18
19 /*
20 * XDR functions for basic NFS types
21 */
22 __be32 *
23 xdr_encode_netobj(__be32 *p, const struct xdr_netobj *obj)
24 {
25 unsigned int quadlen = XDR_QUADLEN(obj->len);
26
27 p[quadlen] = 0; /* zero trailing bytes */
28 *p++ = cpu_to_be32(obj->len);
29 memcpy(p, obj->data, obj->len);
30 return p + XDR_QUADLEN(obj->len);
31 }
32 EXPORT_SYMBOL_GPL(xdr_encode_netobj);
33
34 __be32 *
35 xdr_decode_netobj(__be32 *p, struct xdr_netobj *obj)
36 {
37 unsigned int len;
38
39 if ((len = be32_to_cpu(*p++)) > XDR_MAX_NETOBJ)
40 return NULL;
41 obj->len = len;
42 obj->data = (u8 *) p;
43 return p + XDR_QUADLEN(len);
44 }
45 EXPORT_SYMBOL_GPL(xdr_decode_netobj);
46
47 /**
48 * xdr_encode_opaque_fixed - Encode fixed length opaque data
49 * @p: pointer to current position in XDR buffer.
50 * @ptr: pointer to data to encode (or NULL)
51 * @nbytes: size of data.
52 *
53 * Copy the array of data of length nbytes at ptr to the XDR buffer
54 * at position p, then align to the next 32-bit boundary by padding
55 * with zero bytes (see RFC1832).
56 * Note: if ptr is NULL, only the padding is performed.
57 *
58 * Returns the updated current XDR buffer position
59 *
60 */
61 __be32 *xdr_encode_opaque_fixed(__be32 *p, const void *ptr, unsigned int nbytes)
62 {
63 if (likely(nbytes != 0)) {
64 unsigned int quadlen = XDR_QUADLEN(nbytes);
65 unsigned int padding = (quadlen << 2) - nbytes;
66
67 if (ptr != NULL)
68 memcpy(p, ptr, nbytes);
69 if (padding != 0)
70 memset((char *)p + nbytes, 0, padding);
71 p += quadlen;
72 }
73 return p;
74 }
75 EXPORT_SYMBOL_GPL(xdr_encode_opaque_fixed);
76
77 /**
78 * xdr_encode_opaque - Encode variable length opaque data
79 * @p: pointer to current position in XDR buffer.
80 * @ptr: pointer to data to encode (or NULL)
81 * @nbytes: size of data.
82 *
83 * Returns the updated current XDR buffer position
84 */
85 __be32 *xdr_encode_opaque(__be32 *p, const void *ptr, unsigned int nbytes)
86 {
87 *p++ = cpu_to_be32(nbytes);
88 return xdr_encode_opaque_fixed(p, ptr, nbytes);
89 }
90 EXPORT_SYMBOL_GPL(xdr_encode_opaque);
91
92 __be32 *
93 xdr_encode_string(__be32 *p, const char *string)
94 {
95 return xdr_encode_array(p, string, strlen(string));
96 }
97 EXPORT_SYMBOL_GPL(xdr_encode_string);
98
99 __be32 *
100 xdr_decode_string_inplace(__be32 *p, char **sp,
101 unsigned int *lenp, unsigned int maxlen)
102 {
103 u32 len;
104
105 len = be32_to_cpu(*p++);
106 if (len > maxlen)
107 return NULL;
108 *lenp = len;
109 *sp = (char *) p;
110 return p + XDR_QUADLEN(len);
111 }
112 EXPORT_SYMBOL_GPL(xdr_decode_string_inplace);
113
114 /**
115 * xdr_terminate_string - '\0'-terminate a string residing in an xdr_buf
116 * @buf: XDR buffer where string resides
117 * @len: length of string, in bytes
118 *
119 */
120 void
121 xdr_terminate_string(struct xdr_buf *buf, const u32 len)
122 {
123 char *kaddr;
124
125 kaddr = kmap_atomic(buf->pages[0]);
126 kaddr[buf->page_base + len] = '\0';
127 kunmap_atomic(kaddr);
128 }
129 EXPORT_SYMBOL_GPL(xdr_terminate_string);
130
131 void
132 xdr_encode_pages(struct xdr_buf *xdr, struct page **pages, unsigned int base,
133 unsigned int len)
134 {
135 struct kvec *tail = xdr->tail;
136 u32 *p;
137
138 xdr->pages = pages;
139 xdr->page_base = base;
140 xdr->page_len = len;
141
142 p = (u32 *)xdr->head[0].iov_base + XDR_QUADLEN(xdr->head[0].iov_len);
143 tail->iov_base = p;
144 tail->iov_len = 0;
145
146 if (len & 3) {
147 unsigned int pad = 4 - (len & 3);
148
149 *p = 0;
150 tail->iov_base = (char *)p + (len & 3);
151 tail->iov_len = pad;
152 len += pad;
153 }
154 xdr->buflen += len;
155 xdr->len += len;
156 }
157 EXPORT_SYMBOL_GPL(xdr_encode_pages);
158
159 void
160 xdr_inline_pages(struct xdr_buf *xdr, unsigned int offset,
161 struct page **pages, unsigned int base, unsigned int len)
162 {
163 struct kvec *head = xdr->head;
164 struct kvec *tail = xdr->tail;
165 char *buf = (char *)head->iov_base;
166 unsigned int buflen = head->iov_len;
167
168 head->iov_len = offset;
169
170 xdr->pages = pages;
171 xdr->page_base = base;
172 xdr->page_len = len;
173
174 tail->iov_base = buf + offset;
175 tail->iov_len = buflen - offset;
176
177 xdr->buflen += len;
178 }
179 EXPORT_SYMBOL_GPL(xdr_inline_pages);
180
181 /*
182 * Helper routines for doing 'memmove' like operations on a struct xdr_buf
183 *
184 * _shift_data_right_pages
185 * @pages: vector of pages containing both the source and dest memory area.
186 * @pgto_base: page vector address of destination
187 * @pgfrom_base: page vector address of source
188 * @len: number of bytes to copy
189 *
190 * Note: the addresses pgto_base and pgfrom_base are both calculated in
191 * the same way:
192 * if a memory area starts at byte 'base' in page 'pages[i]',
193 * then its address is given as (i << PAGE_CACHE_SHIFT) + base
194 * Also note: pgfrom_base must be < pgto_base, but the memory areas
195 * they point to may overlap.
196 */
197 static void
198 _shift_data_right_pages(struct page **pages, size_t pgto_base,
199 size_t pgfrom_base, size_t len)
200 {
201 struct page **pgfrom, **pgto;
202 char *vfrom, *vto;
203 size_t copy;
204
205 BUG_ON(pgto_base <= pgfrom_base);
206
207 pgto_base += len;
208 pgfrom_base += len;
209
210 pgto = pages + (pgto_base >> PAGE_CACHE_SHIFT);
211 pgfrom = pages + (pgfrom_base >> PAGE_CACHE_SHIFT);
212
213 pgto_base &= ~PAGE_CACHE_MASK;
214 pgfrom_base &= ~PAGE_CACHE_MASK;
215
216 do {
217 /* Are any pointers crossing a page boundary? */
218 if (pgto_base == 0) {
219 pgto_base = PAGE_CACHE_SIZE;
220 pgto--;
221 }
222 if (pgfrom_base == 0) {
223 pgfrom_base = PAGE_CACHE_SIZE;
224 pgfrom--;
225 }
226
227 copy = len;
228 if (copy > pgto_base)
229 copy = pgto_base;
230 if (copy > pgfrom_base)
231 copy = pgfrom_base;
232 pgto_base -= copy;
233 pgfrom_base -= copy;
234
235 vto = kmap_atomic(*pgto);
236 vfrom = kmap_atomic(*pgfrom);
237 memmove(vto + pgto_base, vfrom + pgfrom_base, copy);
238 flush_dcache_page(*pgto);
239 kunmap_atomic(vfrom);
240 kunmap_atomic(vto);
241
242 } while ((len -= copy) != 0);
243 }
244
245 /*
246 * _copy_to_pages
247 * @pages: array of pages
248 * @pgbase: page vector address of destination
249 * @p: pointer to source data
250 * @len: length
251 *
252 * Copies data from an arbitrary memory location into an array of pages
253 * The copy is assumed to be non-overlapping.
254 */
255 static void
256 _copy_to_pages(struct page **pages, size_t pgbase, const char *p, size_t len)
257 {
258 struct page **pgto;
259 char *vto;
260 size_t copy;
261
262 pgto = pages + (pgbase >> PAGE_CACHE_SHIFT);
263 pgbase &= ~PAGE_CACHE_MASK;
264
265 for (;;) {
266 copy = PAGE_CACHE_SIZE - pgbase;
267 if (copy > len)
268 copy = len;
269
270 vto = kmap_atomic(*pgto);
271 memcpy(vto + pgbase, p, copy);
272 kunmap_atomic(vto);
273
274 len -= copy;
275 if (len == 0)
276 break;
277
278 pgbase += copy;
279 if (pgbase == PAGE_CACHE_SIZE) {
280 flush_dcache_page(*pgto);
281 pgbase = 0;
282 pgto++;
283 }
284 p += copy;
285 }
286 flush_dcache_page(*pgto);
287 }
288
289 /*
290 * _copy_from_pages
291 * @p: pointer to destination
292 * @pages: array of pages
293 * @pgbase: offset of source data
294 * @len: length
295 *
296 * Copies data into an arbitrary memory location from an array of pages
297 * The copy is assumed to be non-overlapping.
298 */
299 void
300 _copy_from_pages(char *p, struct page **pages, size_t pgbase, size_t len)
301 {
302 struct page **pgfrom;
303 char *vfrom;
304 size_t copy;
305
306 pgfrom = pages + (pgbase >> PAGE_CACHE_SHIFT);
307 pgbase &= ~PAGE_CACHE_MASK;
308
309 do {
310 copy = PAGE_CACHE_SIZE - pgbase;
311 if (copy > len)
312 copy = len;
313
314 vfrom = kmap_atomic(*pgfrom);
315 memcpy(p, vfrom + pgbase, copy);
316 kunmap_atomic(vfrom);
317
318 pgbase += copy;
319 if (pgbase == PAGE_CACHE_SIZE) {
320 pgbase = 0;
321 pgfrom++;
322 }
323 p += copy;
324
325 } while ((len -= copy) != 0);
326 }
327 EXPORT_SYMBOL_GPL(_copy_from_pages);
328
329 /*
330 * xdr_shrink_bufhead
331 * @buf: xdr_buf
332 * @len: bytes to remove from buf->head[0]
333 *
334 * Shrinks XDR buffer's header kvec buf->head[0] by
335 * 'len' bytes. The extra data is not lost, but is instead
336 * moved into the inlined pages and/or the tail.
337 */
338 static void
339 xdr_shrink_bufhead(struct xdr_buf *buf, size_t len)
340 {
341 struct kvec *head, *tail;
342 size_t copy, offs;
343 unsigned int pglen = buf->page_len;
344
345 tail = buf->tail;
346 head = buf->head;
347 BUG_ON (len > head->iov_len);
348
349 /* Shift the tail first */
350 if (tail->iov_len != 0) {
351 if (tail->iov_len > len) {
352 copy = tail->iov_len - len;
353 memmove((char *)tail->iov_base + len,
354 tail->iov_base, copy);
355 }
356 /* Copy from the inlined pages into the tail */
357 copy = len;
358 if (copy > pglen)
359 copy = pglen;
360 offs = len - copy;
361 if (offs >= tail->iov_len)
362 copy = 0;
363 else if (copy > tail->iov_len - offs)
364 copy = tail->iov_len - offs;
365 if (copy != 0)
366 _copy_from_pages((char *)tail->iov_base + offs,
367 buf->pages,
368 buf->page_base + pglen + offs - len,
369 copy);
370 /* Do we also need to copy data from the head into the tail ? */
371 if (len > pglen) {
372 offs = copy = len - pglen;
373 if (copy > tail->iov_len)
374 copy = tail->iov_len;
375 memcpy(tail->iov_base,
376 (char *)head->iov_base +
377 head->iov_len - offs,
378 copy);
379 }
380 }
381 /* Now handle pages */
382 if (pglen != 0) {
383 if (pglen > len)
384 _shift_data_right_pages(buf->pages,
385 buf->page_base + len,
386 buf->page_base,
387 pglen - len);
388 copy = len;
389 if (len > pglen)
390 copy = pglen;
391 _copy_to_pages(buf->pages, buf->page_base,
392 (char *)head->iov_base + head->iov_len - len,
393 copy);
394 }
395 head->iov_len -= len;
396 buf->buflen -= len;
397 /* Have we truncated the message? */
398 if (buf->len > buf->buflen)
399 buf->len = buf->buflen;
400 }
401
402 /*
403 * xdr_shrink_pagelen
404 * @buf: xdr_buf
405 * @len: bytes to remove from buf->pages
406 *
407 * Shrinks XDR buffer's page array buf->pages by
408 * 'len' bytes. The extra data is not lost, but is instead
409 * moved into the tail.
410 */
411 static void
412 xdr_shrink_pagelen(struct xdr_buf *buf, size_t len)
413 {
414 struct kvec *tail;
415 size_t copy;
416 unsigned int pglen = buf->page_len;
417 unsigned int tailbuf_len;
418
419 tail = buf->tail;
420 BUG_ON (len > pglen);
421
422 tailbuf_len = buf->buflen - buf->head->iov_len - buf->page_len;
423
424 /* Shift the tail first */
425 if (tailbuf_len != 0) {
426 unsigned int free_space = tailbuf_len - tail->iov_len;
427
428 if (len < free_space)
429 free_space = len;
430 tail->iov_len += free_space;
431
432 copy = len;
433 if (tail->iov_len > len) {
434 char *p = (char *)tail->iov_base + len;
435 memmove(p, tail->iov_base, tail->iov_len - len);
436 } else
437 copy = tail->iov_len;
438 /* Copy from the inlined pages into the tail */
439 _copy_from_pages((char *)tail->iov_base,
440 buf->pages, buf->page_base + pglen - len,
441 copy);
442 }
443 buf->page_len -= len;
444 buf->buflen -= len;
445 /* Have we truncated the message? */
446 if (buf->len > buf->buflen)
447 buf->len = buf->buflen;
448 }
449
450 void
451 xdr_shift_buf(struct xdr_buf *buf, size_t len)
452 {
453 xdr_shrink_bufhead(buf, len);
454 }
455 EXPORT_SYMBOL_GPL(xdr_shift_buf);
456
457 /**
458 * xdr_init_encode - Initialize a struct xdr_stream for sending data.
459 * @xdr: pointer to xdr_stream struct
460 * @buf: pointer to XDR buffer in which to encode data
461 * @p: current pointer inside XDR buffer
462 *
463 * Note: at the moment the RPC client only passes the length of our
464 * scratch buffer in the xdr_buf's header kvec. Previously this
465 * meant we needed to call xdr_adjust_iovec() after encoding the
466 * data. With the new scheme, the xdr_stream manages the details
467 * of the buffer length, and takes care of adjusting the kvec
468 * length for us.
469 */
470 void xdr_init_encode(struct xdr_stream *xdr, struct xdr_buf *buf, __be32 *p)
471 {
472 struct kvec *iov = buf->head;
473 int scratch_len = buf->buflen - buf->page_len - buf->tail[0].iov_len;
474
475 BUG_ON(scratch_len < 0);
476 xdr->buf = buf;
477 xdr->iov = iov;
478 xdr->p = (__be32 *)((char *)iov->iov_base + iov->iov_len);
479 xdr->end = (__be32 *)((char *)iov->iov_base + scratch_len);
480 BUG_ON(iov->iov_len > scratch_len);
481
482 if (p != xdr->p && p != NULL) {
483 size_t len;
484
485 BUG_ON(p < xdr->p || p > xdr->end);
486 len = (char *)p - (char *)xdr->p;
487 xdr->p = p;
488 buf->len += len;
489 iov->iov_len += len;
490 }
491 }
492 EXPORT_SYMBOL_GPL(xdr_init_encode);
493
494 /**
495 * xdr_reserve_space - Reserve buffer space for sending
496 * @xdr: pointer to xdr_stream
497 * @nbytes: number of bytes to reserve
498 *
499 * Checks that we have enough buffer space to encode 'nbytes' more
500 * bytes of data. If so, update the total xdr_buf length, and
501 * adjust the length of the current kvec.
502 */
503 __be32 * xdr_reserve_space(struct xdr_stream *xdr, size_t nbytes)
504 {
505 __be32 *p = xdr->p;
506 __be32 *q;
507
508 /* align nbytes on the next 32-bit boundary */
509 nbytes += 3;
510 nbytes &= ~3;
511 q = p + (nbytes >> 2);
512 if (unlikely(q > xdr->end || q < p))
513 return NULL;
514 xdr->p = q;
515 xdr->iov->iov_len += nbytes;
516 xdr->buf->len += nbytes;
517 return p;
518 }
519 EXPORT_SYMBOL_GPL(xdr_reserve_space);
520
521 /**
522 * xdr_write_pages - Insert a list of pages into an XDR buffer for sending
523 * @xdr: pointer to xdr_stream
524 * @pages: list of pages
525 * @base: offset of first byte
526 * @len: length of data in bytes
527 *
528 */
529 void xdr_write_pages(struct xdr_stream *xdr, struct page **pages, unsigned int base,
530 unsigned int len)
531 {
532 struct xdr_buf *buf = xdr->buf;
533 struct kvec *iov = buf->tail;
534 buf->pages = pages;
535 buf->page_base = base;
536 buf->page_len = len;
537
538 iov->iov_base = (char *)xdr->p;
539 iov->iov_len = 0;
540 xdr->iov = iov;
541
542 if (len & 3) {
543 unsigned int pad = 4 - (len & 3);
544
545 BUG_ON(xdr->p >= xdr->end);
546 iov->iov_base = (char *)xdr->p + (len & 3);
547 iov->iov_len += pad;
548 len += pad;
549 *xdr->p++ = 0;
550 }
551 buf->buflen += len;
552 buf->len += len;
553 }
554 EXPORT_SYMBOL_GPL(xdr_write_pages);
555
556 static void xdr_set_iov(struct xdr_stream *xdr, struct kvec *iov,
557 unsigned int len)
558 {
559 if (len > iov->iov_len)
560 len = iov->iov_len;
561 xdr->p = (__be32*)iov->iov_base;
562 xdr->end = (__be32*)(iov->iov_base + len);
563 xdr->iov = iov;
564 xdr->page_ptr = NULL;
565 }
566
567 static int xdr_set_page_base(struct xdr_stream *xdr,
568 unsigned int base, unsigned int len)
569 {
570 unsigned int pgnr;
571 unsigned int maxlen;
572 unsigned int pgoff;
573 unsigned int pgend;
574 void *kaddr;
575
576 maxlen = xdr->buf->page_len;
577 if (base >= maxlen)
578 return -EINVAL;
579 maxlen -= base;
580 if (len > maxlen)
581 len = maxlen;
582
583 base += xdr->buf->page_base;
584
585 pgnr = base >> PAGE_SHIFT;
586 xdr->page_ptr = &xdr->buf->pages[pgnr];
587 kaddr = page_address(*xdr->page_ptr);
588
589 pgoff = base & ~PAGE_MASK;
590 xdr->p = (__be32*)(kaddr + pgoff);
591
592 pgend = pgoff + len;
593 if (pgend > PAGE_SIZE)
594 pgend = PAGE_SIZE;
595 xdr->end = (__be32*)(kaddr + pgend);
596 xdr->iov = NULL;
597 return 0;
598 }
599
600 static void xdr_set_next_page(struct xdr_stream *xdr)
601 {
602 unsigned int newbase;
603
604 newbase = (1 + xdr->page_ptr - xdr->buf->pages) << PAGE_SHIFT;
605 newbase -= xdr->buf->page_base;
606
607 if (xdr_set_page_base(xdr, newbase, PAGE_SIZE) < 0)
608 xdr_set_iov(xdr, xdr->buf->tail, xdr->buf->len);
609 }
610
611 static bool xdr_set_next_buffer(struct xdr_stream *xdr)
612 {
613 if (xdr->page_ptr != NULL)
614 xdr_set_next_page(xdr);
615 else if (xdr->iov == xdr->buf->head) {
616 if (xdr_set_page_base(xdr, 0, PAGE_SIZE) < 0)
617 xdr_set_iov(xdr, xdr->buf->tail, xdr->buf->len);
618 }
619 return xdr->p != xdr->end;
620 }
621
622 /**
623 * xdr_init_decode - Initialize an xdr_stream for decoding data.
624 * @xdr: pointer to xdr_stream struct
625 * @buf: pointer to XDR buffer from which to decode data
626 * @p: current pointer inside XDR buffer
627 */
628 void xdr_init_decode(struct xdr_stream *xdr, struct xdr_buf *buf, __be32 *p)
629 {
630 xdr->buf = buf;
631 xdr->scratch.iov_base = NULL;
632 xdr->scratch.iov_len = 0;
633 xdr->nwords = XDR_QUADLEN(buf->len);
634 if (buf->head[0].iov_len != 0)
635 xdr_set_iov(xdr, buf->head, buf->len);
636 else if (buf->page_len != 0)
637 xdr_set_page_base(xdr, 0, buf->len);
638 if (p != NULL && p > xdr->p && xdr->end >= p) {
639 xdr->nwords -= p - xdr->p;
640 xdr->p = p;
641 }
642 }
643 EXPORT_SYMBOL_GPL(xdr_init_decode);
644
645 /**
646 * xdr_init_decode - Initialize an xdr_stream for decoding data.
647 * @xdr: pointer to xdr_stream struct
648 * @buf: pointer to XDR buffer from which to decode data
649 * @pages: list of pages to decode into
650 * @len: length in bytes of buffer in pages
651 */
652 void xdr_init_decode_pages(struct xdr_stream *xdr, struct xdr_buf *buf,
653 struct page **pages, unsigned int len)
654 {
655 memset(buf, 0, sizeof(*buf));
656 buf->pages = pages;
657 buf->page_len = len;
658 buf->buflen = len;
659 buf->len = len;
660 xdr_init_decode(xdr, buf, NULL);
661 }
662 EXPORT_SYMBOL_GPL(xdr_init_decode_pages);
663
664 static __be32 * __xdr_inline_decode(struct xdr_stream *xdr, size_t nbytes)
665 {
666 unsigned int nwords = XDR_QUADLEN(nbytes);
667 __be32 *p = xdr->p;
668 __be32 *q = p + nwords;
669
670 if (unlikely(nwords > xdr->nwords || q > xdr->end || q < p))
671 return NULL;
672 xdr->p = q;
673 xdr->nwords -= nwords;
674 return p;
675 }
676
677 /**
678 * xdr_set_scratch_buffer - Attach a scratch buffer for decoding data.
679 * @xdr: pointer to xdr_stream struct
680 * @buf: pointer to an empty buffer
681 * @buflen: size of 'buf'
682 *
683 * The scratch buffer is used when decoding from an array of pages.
684 * If an xdr_inline_decode() call spans across page boundaries, then
685 * we copy the data into the scratch buffer in order to allow linear
686 * access.
687 */
688 void xdr_set_scratch_buffer(struct xdr_stream *xdr, void *buf, size_t buflen)
689 {
690 xdr->scratch.iov_base = buf;
691 xdr->scratch.iov_len = buflen;
692 }
693 EXPORT_SYMBOL_GPL(xdr_set_scratch_buffer);
694
695 static __be32 *xdr_copy_to_scratch(struct xdr_stream *xdr, size_t nbytes)
696 {
697 __be32 *p;
698 void *cpdest = xdr->scratch.iov_base;
699 size_t cplen = (char *)xdr->end - (char *)xdr->p;
700
701 if (nbytes > xdr->scratch.iov_len)
702 return NULL;
703 memcpy(cpdest, xdr->p, cplen);
704 cpdest += cplen;
705 nbytes -= cplen;
706 if (!xdr_set_next_buffer(xdr))
707 return NULL;
708 p = __xdr_inline_decode(xdr, nbytes);
709 if (p == NULL)
710 return NULL;
711 memcpy(cpdest, p, nbytes);
712 return xdr->scratch.iov_base;
713 }
714
715 /**
716 * xdr_inline_decode - Retrieve XDR data to decode
717 * @xdr: pointer to xdr_stream struct
718 * @nbytes: number of bytes of data to decode
719 *
720 * Check if the input buffer is long enough to enable us to decode
721 * 'nbytes' more bytes of data starting at the current position.
722 * If so return the current pointer, then update the current
723 * pointer position.
724 */
725 __be32 * xdr_inline_decode(struct xdr_stream *xdr, size_t nbytes)
726 {
727 __be32 *p;
728
729 if (nbytes == 0)
730 return xdr->p;
731 if (xdr->p == xdr->end && !xdr_set_next_buffer(xdr))
732 return NULL;
733 p = __xdr_inline_decode(xdr, nbytes);
734 if (p != NULL)
735 return p;
736 return xdr_copy_to_scratch(xdr, nbytes);
737 }
738 EXPORT_SYMBOL_GPL(xdr_inline_decode);
739
740 /**
741 * xdr_read_pages - Ensure page-based XDR data to decode is aligned at current pointer position
742 * @xdr: pointer to xdr_stream struct
743 * @len: number of bytes of page data
744 *
745 * Moves data beyond the current pointer position from the XDR head[] buffer
746 * into the page list. Any data that lies beyond current position + "len"
747 * bytes is moved into the XDR tail[].
748 */
749 void xdr_read_pages(struct xdr_stream *xdr, unsigned int len)
750 {
751 struct xdr_buf *buf = xdr->buf;
752 struct kvec *iov;
753 ssize_t shift;
754 unsigned int nwords = XDR_QUADLEN(len);
755 unsigned int end;
756 int padding;
757
758 if (xdr->nwords == 0)
759 return;
760 if (nwords > xdr->nwords) {
761 nwords = xdr->nwords;
762 len = nwords << 2;
763 }
764 /* Realign pages to current pointer position */
765 iov = buf->head;
766 shift = iov->iov_len + (char *)iov->iov_base - (char *)xdr->p;
767 if (shift > 0)
768 xdr_shrink_bufhead(buf, shift);
769
770 /* Truncate page data and move it into the tail */
771 if (buf->page_len > len)
772 xdr_shrink_pagelen(buf, buf->page_len - len);
773 padding = (nwords << 2) - len;
774 xdr->iov = iov = buf->tail;
775 /* Compute remaining message length. */
776 end = iov->iov_len;
777 shift = buf->buflen - buf->len;
778 if (end > shift + padding)
779 end -= shift;
780 else
781 end = padding;
782 /*
783 * Position current pointer at beginning of tail, and
784 * set remaining message length.
785 */
786 xdr->p = (__be32 *)((char *)iov->iov_base + padding);
787 xdr->end = (__be32 *)((char *)iov->iov_base + end);
788 xdr->page_ptr = NULL;
789 xdr->nwords = XDR_QUADLEN(end - padding);
790 }
791 EXPORT_SYMBOL_GPL(xdr_read_pages);
792
793 /**
794 * xdr_enter_page - decode data from the XDR page
795 * @xdr: pointer to xdr_stream struct
796 * @len: number of bytes of page data
797 *
798 * Moves data beyond the current pointer position from the XDR head[] buffer
799 * into the page list. Any data that lies beyond current position + "len"
800 * bytes is moved into the XDR tail[]. The current pointer is then
801 * repositioned at the beginning of the first XDR page.
802 */
803 void xdr_enter_page(struct xdr_stream *xdr, unsigned int len)
804 {
805 xdr_read_pages(xdr, len);
806 /*
807 * Position current pointer at beginning of tail, and
808 * set remaining message length.
809 */
810 xdr_set_page_base(xdr, 0, len);
811 xdr->nwords += XDR_QUADLEN(xdr->buf->page_len);
812 }
813 EXPORT_SYMBOL_GPL(xdr_enter_page);
814
815 static struct kvec empty_iov = {.iov_base = NULL, .iov_len = 0};
816
817 void
818 xdr_buf_from_iov(struct kvec *iov, struct xdr_buf *buf)
819 {
820 buf->head[0] = *iov;
821 buf->tail[0] = empty_iov;
822 buf->page_len = 0;
823 buf->buflen = buf->len = iov->iov_len;
824 }
825 EXPORT_SYMBOL_GPL(xdr_buf_from_iov);
826
827 /* Sets subbuf to the portion of buf of length len beginning base bytes
828 * from the start of buf. Returns -1 if base of length are out of bounds. */
829 int
830 xdr_buf_subsegment(struct xdr_buf *buf, struct xdr_buf *subbuf,
831 unsigned int base, unsigned int len)
832 {
833 subbuf->buflen = subbuf->len = len;
834 if (base < buf->head[0].iov_len) {
835 subbuf->head[0].iov_base = buf->head[0].iov_base + base;
836 subbuf->head[0].iov_len = min_t(unsigned int, len,
837 buf->head[0].iov_len - base);
838 len -= subbuf->head[0].iov_len;
839 base = 0;
840 } else {
841 subbuf->head[0].iov_base = NULL;
842 subbuf->head[0].iov_len = 0;
843 base -= buf->head[0].iov_len;
844 }
845
846 if (base < buf->page_len) {
847 subbuf->page_len = min(buf->page_len - base, len);
848 base += buf->page_base;
849 subbuf->page_base = base & ~PAGE_CACHE_MASK;
850 subbuf->pages = &buf->pages[base >> PAGE_CACHE_SHIFT];
851 len -= subbuf->page_len;
852 base = 0;
853 } else {
854 base -= buf->page_len;
855 subbuf->page_len = 0;
856 }
857
858 if (base < buf->tail[0].iov_len) {
859 subbuf->tail[0].iov_base = buf->tail[0].iov_base + base;
860 subbuf->tail[0].iov_len = min_t(unsigned int, len,
861 buf->tail[0].iov_len - base);
862 len -= subbuf->tail[0].iov_len;
863 base = 0;
864 } else {
865 subbuf->tail[0].iov_base = NULL;
866 subbuf->tail[0].iov_len = 0;
867 base -= buf->tail[0].iov_len;
868 }
869
870 if (base || len)
871 return -1;
872 return 0;
873 }
874 EXPORT_SYMBOL_GPL(xdr_buf_subsegment);
875
876 static void __read_bytes_from_xdr_buf(struct xdr_buf *subbuf, void *obj, unsigned int len)
877 {
878 unsigned int this_len;
879
880 this_len = min_t(unsigned int, len, subbuf->head[0].iov_len);
881 memcpy(obj, subbuf->head[0].iov_base, this_len);
882 len -= this_len;
883 obj += this_len;
884 this_len = min_t(unsigned int, len, subbuf->page_len);
885 if (this_len)
886 _copy_from_pages(obj, subbuf->pages, subbuf->page_base, this_len);
887 len -= this_len;
888 obj += this_len;
889 this_len = min_t(unsigned int, len, subbuf->tail[0].iov_len);
890 memcpy(obj, subbuf->tail[0].iov_base, this_len);
891 }
892
893 /* obj is assumed to point to allocated memory of size at least len: */
894 int read_bytes_from_xdr_buf(struct xdr_buf *buf, unsigned int base, void *obj, unsigned int len)
895 {
896 struct xdr_buf subbuf;
897 int status;
898
899 status = xdr_buf_subsegment(buf, &subbuf, base, len);
900 if (status != 0)
901 return status;
902 __read_bytes_from_xdr_buf(&subbuf, obj, len);
903 return 0;
904 }
905 EXPORT_SYMBOL_GPL(read_bytes_from_xdr_buf);
906
907 static void __write_bytes_to_xdr_buf(struct xdr_buf *subbuf, void *obj, unsigned int len)
908 {
909 unsigned int this_len;
910
911 this_len = min_t(unsigned int, len, subbuf->head[0].iov_len);
912 memcpy(subbuf->head[0].iov_base, obj, this_len);
913 len -= this_len;
914 obj += this_len;
915 this_len = min_t(unsigned int, len, subbuf->page_len);
916 if (this_len)
917 _copy_to_pages(subbuf->pages, subbuf->page_base, obj, this_len);
918 len -= this_len;
919 obj += this_len;
920 this_len = min_t(unsigned int, len, subbuf->tail[0].iov_len);
921 memcpy(subbuf->tail[0].iov_base, obj, this_len);
922 }
923
924 /* obj is assumed to point to allocated memory of size at least len: */
925 int write_bytes_to_xdr_buf(struct xdr_buf *buf, unsigned int base, void *obj, unsigned int len)
926 {
927 struct xdr_buf subbuf;
928 int status;
929
930 status = xdr_buf_subsegment(buf, &subbuf, base, len);
931 if (status != 0)
932 return status;
933 __write_bytes_to_xdr_buf(&subbuf, obj, len);
934 return 0;
935 }
936 EXPORT_SYMBOL_GPL(write_bytes_to_xdr_buf);
937
938 int
939 xdr_decode_word(struct xdr_buf *buf, unsigned int base, u32 *obj)
940 {
941 __be32 raw;
942 int status;
943
944 status = read_bytes_from_xdr_buf(buf, base, &raw, sizeof(*obj));
945 if (status)
946 return status;
947 *obj = be32_to_cpu(raw);
948 return 0;
949 }
950 EXPORT_SYMBOL_GPL(xdr_decode_word);
951
952 int
953 xdr_encode_word(struct xdr_buf *buf, unsigned int base, u32 obj)
954 {
955 __be32 raw = cpu_to_be32(obj);
956
957 return write_bytes_to_xdr_buf(buf, base, &raw, sizeof(obj));
958 }
959 EXPORT_SYMBOL_GPL(xdr_encode_word);
960
961 /* If the netobj starting offset bytes from the start of xdr_buf is contained
962 * entirely in the head or the tail, set object to point to it; otherwise
963 * try to find space for it at the end of the tail, copy it there, and
964 * set obj to point to it. */
965 int xdr_buf_read_netobj(struct xdr_buf *buf, struct xdr_netobj *obj, unsigned int offset)
966 {
967 struct xdr_buf subbuf;
968
969 if (xdr_decode_word(buf, offset, &obj->len))
970 return -EFAULT;
971 if (xdr_buf_subsegment(buf, &subbuf, offset + 4, obj->len))
972 return -EFAULT;
973
974 /* Is the obj contained entirely in the head? */
975 obj->data = subbuf.head[0].iov_base;
976 if (subbuf.head[0].iov_len == obj->len)
977 return 0;
978 /* ..or is the obj contained entirely in the tail? */
979 obj->data = subbuf.tail[0].iov_base;
980 if (subbuf.tail[0].iov_len == obj->len)
981 return 0;
982
983 /* use end of tail as storage for obj:
984 * (We don't copy to the beginning because then we'd have
985 * to worry about doing a potentially overlapping copy.
986 * This assumes the object is at most half the length of the
987 * tail.) */
988 if (obj->len > buf->buflen - buf->len)
989 return -ENOMEM;
990 if (buf->tail[0].iov_len != 0)
991 obj->data = buf->tail[0].iov_base + buf->tail[0].iov_len;
992 else
993 obj->data = buf->head[0].iov_base + buf->head[0].iov_len;
994 __read_bytes_from_xdr_buf(&subbuf, obj->data, obj->len);
995 return 0;
996 }
997 EXPORT_SYMBOL_GPL(xdr_buf_read_netobj);
998
999 /* Returns 0 on success, or else a negative error code. */
1000 static int
1001 xdr_xcode_array2(struct xdr_buf *buf, unsigned int base,
1002 struct xdr_array2_desc *desc, int encode)
1003 {
1004 char *elem = NULL, *c;
1005 unsigned int copied = 0, todo, avail_here;
1006 struct page **ppages = NULL;
1007 int err;
1008
1009 if (encode) {
1010 if (xdr_encode_word(buf, base, desc->array_len) != 0)
1011 return -EINVAL;
1012 } else {
1013 if (xdr_decode_word(buf, base, &desc->array_len) != 0 ||
1014 desc->array_len > desc->array_maxlen ||
1015 (unsigned long) base + 4 + desc->array_len *
1016 desc->elem_size > buf->len)
1017 return -EINVAL;
1018 }
1019 base += 4;
1020
1021 if (!desc->xcode)
1022 return 0;
1023
1024 todo = desc->array_len * desc->elem_size;
1025
1026 /* process head */
1027 if (todo && base < buf->head->iov_len) {
1028 c = buf->head->iov_base + base;
1029 avail_here = min_t(unsigned int, todo,
1030 buf->head->iov_len - base);
1031 todo -= avail_here;
1032
1033 while (avail_here >= desc->elem_size) {
1034 err = desc->xcode(desc, c);
1035 if (err)
1036 goto out;
1037 c += desc->elem_size;
1038 avail_here -= desc->elem_size;
1039 }
1040 if (avail_here) {
1041 if (!elem) {
1042 elem = kmalloc(desc->elem_size, GFP_KERNEL);
1043 err = -ENOMEM;
1044 if (!elem)
1045 goto out;
1046 }
1047 if (encode) {
1048 err = desc->xcode(desc, elem);
1049 if (err)
1050 goto out;
1051 memcpy(c, elem, avail_here);
1052 } else
1053 memcpy(elem, c, avail_here);
1054 copied = avail_here;
1055 }
1056 base = buf->head->iov_len; /* align to start of pages */
1057 }
1058
1059 /* process pages array */
1060 base -= buf->head->iov_len;
1061 if (todo && base < buf->page_len) {
1062 unsigned int avail_page;
1063
1064 avail_here = min(todo, buf->page_len - base);
1065 todo -= avail_here;
1066
1067 base += buf->page_base;
1068 ppages = buf->pages + (base >> PAGE_CACHE_SHIFT);
1069 base &= ~PAGE_CACHE_MASK;
1070 avail_page = min_t(unsigned int, PAGE_CACHE_SIZE - base,
1071 avail_here);
1072 c = kmap(*ppages) + base;
1073
1074 while (avail_here) {
1075 avail_here -= avail_page;
1076 if (copied || avail_page < desc->elem_size) {
1077 unsigned int l = min(avail_page,
1078 desc->elem_size - copied);
1079 if (!elem) {
1080 elem = kmalloc(desc->elem_size,
1081 GFP_KERNEL);
1082 err = -ENOMEM;
1083 if (!elem)
1084 goto out;
1085 }
1086 if (encode) {
1087 if (!copied) {
1088 err = desc->xcode(desc, elem);
1089 if (err)
1090 goto out;
1091 }
1092 memcpy(c, elem + copied, l);
1093 copied += l;
1094 if (copied == desc->elem_size)
1095 copied = 0;
1096 } else {
1097 memcpy(elem + copied, c, l);
1098 copied += l;
1099 if (copied == desc->elem_size) {
1100 err = desc->xcode(desc, elem);
1101 if (err)
1102 goto out;
1103 copied = 0;
1104 }
1105 }
1106 avail_page -= l;
1107 c += l;
1108 }
1109 while (avail_page >= desc->elem_size) {
1110 err = desc->xcode(desc, c);
1111 if (err)
1112 goto out;
1113 c += desc->elem_size;
1114 avail_page -= desc->elem_size;
1115 }
1116 if (avail_page) {
1117 unsigned int l = min(avail_page,
1118 desc->elem_size - copied);
1119 if (!elem) {
1120 elem = kmalloc(desc->elem_size,
1121 GFP_KERNEL);
1122 err = -ENOMEM;
1123 if (!elem)
1124 goto out;
1125 }
1126 if (encode) {
1127 if (!copied) {
1128 err = desc->xcode(desc, elem);
1129 if (err)
1130 goto out;
1131 }
1132 memcpy(c, elem + copied, l);
1133 copied += l;
1134 if (copied == desc->elem_size)
1135 copied = 0;
1136 } else {
1137 memcpy(elem + copied, c, l);
1138 copied += l;
1139 if (copied == desc->elem_size) {
1140 err = desc->xcode(desc, elem);
1141 if (err)
1142 goto out;
1143 copied = 0;
1144 }
1145 }
1146 }
1147 if (avail_here) {
1148 kunmap(*ppages);
1149 ppages++;
1150 c = kmap(*ppages);
1151 }
1152
1153 avail_page = min(avail_here,
1154 (unsigned int) PAGE_CACHE_SIZE);
1155 }
1156 base = buf->page_len; /* align to start of tail */
1157 }
1158
1159 /* process tail */
1160 base -= buf->page_len;
1161 if (todo) {
1162 c = buf->tail->iov_base + base;
1163 if (copied) {
1164 unsigned int l = desc->elem_size - copied;
1165
1166 if (encode)
1167 memcpy(c, elem + copied, l);
1168 else {
1169 memcpy(elem + copied, c, l);
1170 err = desc->xcode(desc, elem);
1171 if (err)
1172 goto out;
1173 }
1174 todo -= l;
1175 c += l;
1176 }
1177 while (todo) {
1178 err = desc->xcode(desc, c);
1179 if (err)
1180 goto out;
1181 c += desc->elem_size;
1182 todo -= desc->elem_size;
1183 }
1184 }
1185 err = 0;
1186
1187 out:
1188 kfree(elem);
1189 if (ppages)
1190 kunmap(*ppages);
1191 return err;
1192 }
1193
1194 int
1195 xdr_decode_array2(struct xdr_buf *buf, unsigned int base,
1196 struct xdr_array2_desc *desc)
1197 {
1198 if (base >= buf->len)
1199 return -EINVAL;
1200
1201 return xdr_xcode_array2(buf, base, desc, 0);
1202 }
1203 EXPORT_SYMBOL_GPL(xdr_decode_array2);
1204
1205 int
1206 xdr_encode_array2(struct xdr_buf *buf, unsigned int base,
1207 struct xdr_array2_desc *desc)
1208 {
1209 if ((unsigned long) base + 4 + desc->array_len * desc->elem_size >
1210 buf->head->iov_len + buf->page_len + buf->tail->iov_len)
1211 return -EINVAL;
1212
1213 return xdr_xcode_array2(buf, base, desc, 1);
1214 }
1215 EXPORT_SYMBOL_GPL(xdr_encode_array2);
1216
1217 int
1218 xdr_process_buf(struct xdr_buf *buf, unsigned int offset, unsigned int len,
1219 int (*actor)(struct scatterlist *, void *), void *data)
1220 {
1221 int i, ret = 0;
1222 unsigned int page_len, thislen, page_offset;
1223 struct scatterlist sg[1];
1224
1225 sg_init_table(sg, 1);
1226
1227 if (offset >= buf->head[0].iov_len) {
1228 offset -= buf->head[0].iov_len;
1229 } else {
1230 thislen = buf->head[0].iov_len - offset;
1231 if (thislen > len)
1232 thislen = len;
1233 sg_set_buf(sg, buf->head[0].iov_base + offset, thislen);
1234 ret = actor(sg, data);
1235 if (ret)
1236 goto out;
1237 offset = 0;
1238 len -= thislen;
1239 }
1240 if (len == 0)
1241 goto out;
1242
1243 if (offset >= buf->page_len) {
1244 offset -= buf->page_len;
1245 } else {
1246 page_len = buf->page_len - offset;
1247 if (page_len > len)
1248 page_len = len;
1249 len -= page_len;
1250 page_offset = (offset + buf->page_base) & (PAGE_CACHE_SIZE - 1);
1251 i = (offset + buf->page_base) >> PAGE_CACHE_SHIFT;
1252 thislen = PAGE_CACHE_SIZE - page_offset;
1253 do {
1254 if (thislen > page_len)
1255 thislen = page_len;
1256 sg_set_page(sg, buf->pages[i], thislen, page_offset);
1257 ret = actor(sg, data);
1258 if (ret)
1259 goto out;
1260 page_len -= thislen;
1261 i++;
1262 page_offset = 0;
1263 thislen = PAGE_CACHE_SIZE;
1264 } while (page_len != 0);
1265 offset = 0;
1266 }
1267 if (len == 0)
1268 goto out;
1269 if (offset < buf->tail[0].iov_len) {
1270 thislen = buf->tail[0].iov_len - offset;
1271 if (thislen > len)
1272 thislen = len;
1273 sg_set_buf(sg, buf->tail[0].iov_base + offset, thislen);
1274 ret = actor(sg, data);
1275 len -= thislen;
1276 }
1277 if (len != 0)
1278 ret = -EINVAL;
1279 out:
1280 return ret;
1281 }
1282 EXPORT_SYMBOL_GPL(xdr_process_buf);
1283
Linus' kernel tree