From: David Howells <dhowells@redhat.com>
Date: Thu, 2 Nov 2017 15:27:51 +0000 (+0000)
Subject: afs: Fix total-length calculation for multiple-page send
X-Git-Tag: rel_imx_4.19.35_1.1.0~11266^2~10
X-Git-Url: https://git.somdevices.com/?a=commitdiff_plain;h=1199db603511d7463d9d3840f96f61967affc766;p=linux.git

afs: Fix total-length calculation for multiple-page send

Fix the total-length calculation in afs_make_call() when the operation
being dispatched has data from a series of pages attached.

Despite the patched code looking like that it should reduce mathematically
to the current code, it doesn't because the 32-bit unsigned arithmetic
being used to calculate the page-offset-difference doesn't correctly extend
to a 64-bit value when the result is effectively negative.

Without this, some FS.StoreData operations that span multiple pages fail,
reporting too little or too much data.

Signed-off-by: David Howells <dhowells@redhat.com>
---

diff --git a/fs/afs/rxrpc.c b/fs/afs/rxrpc.c
index 21f43d3acb91..1d075696bf55 100644
--- a/fs/afs/rxrpc.c
+++ b/fs/afs/rxrpc.c
@@ -350,8 +350,17 @@ long afs_make_call(struct afs_addr_cursor *ac, struct afs_call *call,
 	 */
 	tx_total_len = call->request_size;
 	if (call->send_pages) {
-		tx_total_len += call->last_to - call->first_offset;
-		tx_total_len += (call->last - call->first) * PAGE_SIZE;
+		if (call->last == call->first) {
+			tx_total_len += call->last_to - call->first_offset;
+		} else {
+			/* It looks mathematically like you should be able to
+			 * combine the following lines with the ones above, but
+			 * unsigned arithmetic is fun when it wraps...
+			 */
+			tx_total_len += PAGE_SIZE - call->first_offset;
+			tx_total_len += call->last_to;
+			tx_total_len += (call->last - call->first - 1) * PAGE_SIZE;
+		}
 	}
 
 	/* create a call */