[V9fs-developer] [PATCH] net/9p: avoid request size exceed to the virtqueue number in the zero copy

[jiangyiwen]

Unfortunately, when the address(input and response headers) are not
at page boundary, it will need two extra entry in the zero copy, or
else it will cause sg array out of bounds.

To avoid the problem, we should subtract two pages for maxsize.

Signed-off-by: Yiwen Jiang <jiangyiwen@xxxxxxxxxx>
---
 net/9p/trans_virtio.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/net/9p/trans_virtio.c b/net/9p/trans_virtio.c
index 6265d1d..63591b2 100644
--- a/net/9p/trans_virtio.c
+++ b/net/9p/trans_virtio.c
@@ -754,11 +754,12 @@ static void p9_virtio_remove(struct virtio_device *vdev)
 	.cancel = p9_virtio_cancel,
 	/*
 	 * We leave one entry for input and one entry for response
-	 * headers. We also skip one more entry to accomodate, address
-	 * that are not at page boundary, that can result in an extra
-	 * page in zero copy.
+	 * headers. We also skip three more entrys to accomodate
+	 * (input + response headers + data pages), address
+	 * that are not at page boundary, that can result in
+	 * an extra page in zero copy.
 	 */
-	.maxsize = PAGE_SIZE * (VIRTQUEUE_NUM - 3),
+	.maxsize = PAGE_SIZE * (VIRTQUEUE_NUM - 5),
 	.def = 1,
 	.owner = THIS_MODULE,
 };
-- 
1.8.3.1