[PATCH 1/2] pvcalls: check return value from copy_from/to_iter

[Stefano Stabellini]

Check the return value of copy_from_iter in __write_ring and
copy_to_iter in __read_ring. Update "len" accordingly.

In the cases where we issue two consecutive copy_from_iter, or two
consecutive copy_to_iter, first check return, then goto out if it is not
what we expect.

Signed-off-by: Stefano Stabellini <sstabellini@xxxxxxxxxx>
---
 drivers/xen/pvcalls-front.c | 30 ++++++++++++++++++------------
 1 file changed, 18 insertions(+), 12 deletions(-)

diff --git a/drivers/xen/pvcalls-front.c b/drivers/xen/pvcalls-front.c
index 8e7426083..f2dcac88 100644
--- a/drivers/xen/pvcalls-front.c
+++ b/drivers/xen/pvcalls-front.c
@@ -456,18 +456,21 @@ static int __write_ring(struct pvcalls_data_intf *intf,
 	masked_cons = pvcalls_mask(cons, array_size);
 
 	if (masked_prod < masked_cons) {
-		copy_from_iter(data->out + masked_prod, len, msg_iter);
+		len = copy_from_iter(data->out + masked_prod, len, msg_iter);
 	} else {
 		if (len > array_size - masked_prod) {
-			copy_from_iter(data->out + masked_prod,
+			int ret = copy_from_iter(data->out + masked_prod,
 				       array_size - masked_prod, msg_iter);
-			copy_from_iter(data->out,
-				       len - (array_size - masked_prod),
-				       msg_iter);
+			if (ret != array_size - masked_prod) {
+				len = ret;
+				goto out;
+			}
+			len = ret + copy_from_iter(data->out, len - ret, msg_iter);
 		} else {
-			copy_from_iter(data->out + masked_prod, len, msg_iter);
+			len = copy_from_iter(data->out + masked_prod, len, msg_iter);
 		}
 	}
+out:
 	/* write to ring before updating pointer */
 	virt_wmb();
 	intf->out_prod += len;
@@ -557,18 +560,21 @@ static int __read_ring(struct pvcalls_data_intf *intf,
 		len = size;
 
 	if (masked_prod > masked_cons) {
-		copy_to_iter(data->in + masked_cons, len, msg_iter);
+		len = copy_to_iter(data->in + masked_cons, len, msg_iter);
 	} else {
 		if (len > (array_size - masked_cons)) {
-			copy_to_iter(data->in + masked_cons,
+			int ret = copy_to_iter(data->in + masked_cons,
 				     array_size - masked_cons, msg_iter);
-			copy_to_iter(data->in,
-				     len - (array_size - masked_cons),
-				     msg_iter);
+			if (ret != array_size - masked_cons) {
+				len = ret;
+				goto out;
+			}
+			len = ret + copy_to_iter(data->in, len - ret, msg_iter);
 		} else {
-			copy_to_iter(data->in + masked_cons, len, msg_iter);
+			len = copy_to_iter(data->in + masked_cons, len, msg_iter);
 		}
 	}
+out:
 	/* read data from the ring before increasing the index */
 	virt_mb();
 	if (!(flags & MSG_PEEK))
-- 
1.9.1