[PATCH v2] nfs: fix bitmap decoder to handle a 3rd word

From: Jeff Layton
Date: Wed Aug 21 2024 - 08:28:58 EST


It only decodes the first two words at this point. Have it decode the
third word as well. Without this, the client doesn't send delegated
timestamps in the CB_GETATTR response.

With this change we also need to expand the on-stack bitmap in
decode_recallany_args to 3 elements, in case the server sends a larger
bitmap than expected.

Fixes: 43df7110f4a9 ("NFSv4: Add CB_GETATTR support for delegated attributes")
Signed-off-by: Jeff Layton <jlayton@xxxxxxxxxx>
---
Changes in v2:
- expand bitmap in decode_recallany_args to avoid buffer overrun
- Link to v1: https://lore.kernel.org/r/20240821-nfs-6-11-v1-1-ce61f5fc7587@xxxxxxxxxx
---
fs/nfs/callback_xdr.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/fs/nfs/callback_xdr.c b/fs/nfs/callback_xdr.c
index 29c49a7e5fe1..6df77f008d3f 100644
--- a/fs/nfs/callback_xdr.c
+++ b/fs/nfs/callback_xdr.c
@@ -118,7 +118,9 @@ static __be32 decode_bitmap(struct xdr_stream *xdr, uint32_t *bitmap)
if (likely(attrlen > 0))
bitmap[0] = ntohl(*p++);
if (attrlen > 1)
- bitmap[1] = ntohl(*p);
+ bitmap[1] = ntohl(*p++);
+ if (attrlen > 2)
+ bitmap[2] = ntohl(*p);
return 0;
}

@@ -446,7 +448,7 @@ static __be32 decode_recallany_args(struct svc_rqst *rqstp,
void *argp)
{
struct cb_recallanyargs *args = argp;
- uint32_t bitmap[2];
+ uint32_t bitmap[3];
__be32 *p, status;

p = xdr_inline_decode(xdr, 4);

---
base-commit: b311c1b497e51a628aa89e7cb954481e5f9dced2
change-id: 20240821-nfs-6-11-188bb4e1f1dd

Best regards,
--
Jeff Layton <jlayton@xxxxxxxxxx>