libceph: ceph_x_encrypt_buflen() takes in_len

commit 36721ece1e84a25130c4befb930509b3f96de020 upstream.

Pass what's going to be encrypted - that's msg_b, not ticket_blob.
ceph_x_encrypt_buflen() returns the upper bound, so this doesn't change
the maxlen calculation, but makes it a bit clearer.

Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
Reviewed-by: Sage Weil <sage@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

diff --git a/net/ceph/auth_x.c b/net/ceph/auth_x.c
index a0905f0..4d14dc8 100644 (file)
--- a/net/ceph/auth_x.c
+++ b/net/ceph/auth_x.c
@@ -308,8 +308,8 @@ static int ceph_x_build_authorizer(struct ceph_auth_client *ac,
        if (ret)
                goto out_au;
 
-       maxlen = sizeof(*msg_a) + sizeof(msg_b) +
-               ceph_x_encrypt_buflen(ticket_blob_len);
+       maxlen = sizeof(*msg_a) + ticket_blob_len +
+               ceph_x_encrypt_buflen(sizeof(msg_b));
        dout("  need len %d\n", maxlen);
        if (au->buf && au->buf->alloc_len < maxlen) {
                ceph_buffer_put(au->buf);
@@ -350,11 +350,12 @@ static int ceph_x_build_authorizer(struct ceph_auth_client *ac,
                             p, end - p);
        if (ret < 0)
                goto out_au;
+
        p += ret;
+       WARN_ON(p > end);
        au->buf->vec.iov_len = p - au->buf->vec.iov_base;
        dout(" built authorizer nonce %llx len %d\n", au->nonce,
             (int)au->buf->vec.iov_len);
-       BUG_ON(au->buf->vec.iov_len > maxlen);
        return 0;
 
 out_au: