@@ -256,7 +256,7 @@ p9_virtio_request(struct p9_client *client, struct p9_req_t *req)
int in, out;
unsigned long flags;
struct virtio_chan *chan = client->trans;
- char *rdata = (char *)req->rc+sizeof(struct p9_fcall);
+ char *rdata = (char *)req->rc + sizeof(struct p9_fcall);
P9_DPRINTK(P9_DEBUG_TRANS, "9p debug: virtio request\n");
@@ -269,7 +269,7 @@ req_retry_pinned:
req->tc->size);
in = pack_sg_list(chan->sg, out, VIRTQUEUE_NUM,
- rdata, req->rc->capacity);
+ rdata, req->rc->capacity - sizeof(struct p9_fcall));
err = virtqueue_add_buf(chan->vq, chan->sg, out, in, req->tc);
if (err < 0) {
@@ -665,7 +665,13 @@ static struct p9_trans_module p9_virtio_trans = {
.request = p9_virtio_request,
.zc_request = p9_virtio_zc_request,
.cancel = p9_virtio_cancel,
- .maxsize = PAGE_SIZE*VIRTQUEUE_NUM,
+ /*
+ * We leave one entry for input and one entry for response
+ * headers. We also skip one more entry to accomodate, address
+ * that are not at page boundary, that can result in an extra
+ * page in zero copy.
+ */
+ .maxsize = PAGE_SIZE * (VIRTQUEUE_NUM - 3),
.def = 0,
.owner = THIS_MODULE,
};
With msize equal to 512K (PAGE_SIZE * VIRTQUEUE_NUM), we hit multiple crashes. This patch fix those. Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com> --- net/9p/trans_virtio.c | 12 +++++++++--- 1 files changed, 9 insertions(+), 3 deletions(-)