libceph: make encode_request_*() work with r_mempool requests
authorIlya Dryomov <idryomov@gmail.com>
Tue, 25 Jul 2017 12:40:03 +0000 (14:40 +0200)
committerIlya Dryomov <idryomov@gmail.com>
Tue, 1 Aug 2017 14:46:31 +0000 (16:46 +0200)
Messages allocated out of ceph_msgpool have a fixed front length
(pool->front_len).  Asserting that the entire front has been filled
while encoding is thus wrong.

Fixes: 8cb441c0545d ("libceph: MOSDOp v8 encoding (actual spgid + full hash)")
Reported-by: "Yan, Zheng" <zyan@redhat.com>
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
Reviewed-by: "Yan, Zheng" <zyan@redhat.com>
net/ceph/osd_client.c

index 901bb8221366253efb0baa139aee4fa62e8e71e0..b5f016cb9569133b614d8d7394301967b88bf178 100644 (file)
@@ -1918,10 +1918,12 @@ static void encode_request_partial(struct ceph_osd_request *req,
        }
 
        ceph_encode_32(&p, req->r_attempts); /* retry_attempt */
-       BUG_ON(p != end - 8); /* space for features */
+       BUG_ON(p > end - 8); /* space for features */
 
        msg->hdr.version = cpu_to_le16(8); /* MOSDOp v8 */
        /* front_len is finalized in encode_request_finish() */
+       msg->front.iov_len = p - msg->front.iov_base;
+       msg->hdr.front_len = cpu_to_le32(msg->front.iov_len);
        msg->hdr.data_len = cpu_to_le32(data_len);
        /*
         * The header "data_off" is a hint to the receiver allowing it
@@ -1937,11 +1939,12 @@ static void encode_request_partial(struct ceph_osd_request *req,
 static void encode_request_finish(struct ceph_msg *msg)
 {
        void *p = msg->front.iov_base;
+       void *const partial_end = p + msg->front.iov_len;
        void *const end = p + msg->front_alloc_len;
 
        if (CEPH_HAVE_FEATURE(msg->con->peer_features, RESEND_ON_SPLIT)) {
                /* luminous OSD -- encode features and be done */
-               p = end - 8;
+               p = partial_end;
                ceph_encode_64(&p, msg->con->peer_features);
        } else {
                struct {
@@ -1984,7 +1987,7 @@ static void encode_request_finish(struct ceph_msg *msg)
                oid_len = p - oid;
 
                tail = p;
-               tail_len = (end - p) - 8;
+               tail_len = partial_end - p;
 
                p = msg->front.iov_base;
                ceph_encode_copy(&p, &head.client_inc, sizeof(head.client_inc));