Revert "Drivers: hv: ring_buffer: count on wrap around mappings in get_next_pkt_raw()"

To deal with the merge conflict between net-next and char-misc trees,
revert commit bb08d431a914 from char-misc tree. This commit can be rebased
and applied once net-next picks up char-misc changes.

Here is the commit log of the reverted patch:
"With wrap around mappings in place we can always provide drivers with
direct links to packets on the ring buffer, even when they wrap around.
Do the required updates to get_next_pkt_raw()/put_pkt_raw()"

Signed-off-by: K. Y. Srinivasan <kys@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

diff --git a/include/linux/hyperv.h b/include/linux/hyperv.h
index c877e79805858eded35bc4268df1e9298d678239..613074ef1ce9f356a7dcf15a11b2ba323229808f 100644 (file)
--- a/include/linux/hyperv.h
+++ b/include/linux/hyperv.h
@@ -1492,23 +1492,31 @@ static inline struct vmpacket_descriptor *
 get_next_pkt_raw(struct vmbus_channel *channel)
 {
        struct hv_ring_buffer_info *ring_info = &channel->inbound;
-       u32 priv_read_loc = ring_info->priv_read_index;
+       u32 read_loc = ring_info->priv_read_index;
        void *ring_buffer = hv_get_ring_buffer(ring_info);
+       struct vmpacket_descriptor *cur_desc;
+       u32 packetlen;
        u32 dsize = ring_info->ring_datasize;
-       /*
-        * delta is the difference between what is available to read and
-        * what was already consumed in place. We commit read index after
-        * the whole batch is processed.
-        */
-       u32 delta = priv_read_loc >= ring_info->ring_buffer->read_index ?
-               priv_read_loc - ring_info->ring_buffer->read_index :
-               (dsize - ring_info->ring_buffer->read_index) + priv_read_loc;
+       u32 delta = read_loc - ring_info->ring_buffer->read_index;
        u32 bytes_avail_toread = (hv_get_bytes_to_read(ring_info) - delta);
 
        if (bytes_avail_toread < sizeof(struct vmpacket_descriptor))
                return NULL;
 
-       return ring_buffer + priv_read_loc;
+       if ((read_loc + sizeof(*cur_desc)) > dsize)
+               return NULL;
+
+       cur_desc = ring_buffer + read_loc;
+       packetlen = cur_desc->len8 << 3;
+
+       /*
+        * If the packet under consideration is wrapping around,
+        * return failure.
+        */
+       if ((read_loc + packetlen + VMBUS_PKT_TRAILER) > (dsize - 1))
+               return NULL;
+
+       return cur_desc;
 }
 
 /*
@@ -1520,14 +1528,16 @@ static inline void put_pkt_raw(struct vmbus_channel *channel,
                                struct vmpacket_descriptor *desc)
 {
        struct hv_ring_buffer_info *ring_info = &channel->inbound;
+       u32 read_loc = ring_info->priv_read_index;
        u32 packetlen = desc->len8 << 3;
        u32 dsize = ring_info->ring_datasize;
 
+       if ((read_loc + packetlen + VMBUS_PKT_TRAILER) > dsize)
+               BUG();
        /*
         * Include the packet trailer.
         */
        ring_info->priv_read_index += packetlen + VMBUS_PKT_TRAILER;
-       ring_info->priv_read_index %= dsize;
 }
 
 /*