--- a/ChangeLog	Sat May 05 18:13:16 2018 +0200
+++ b/ChangeLog	Sat May 05 10:27:38 2018 -0700
@@ -1,3 +1,18 @@
+2018-05-05  Paul Eggert  <eggert@cs.ucla.edu>
+
+	sys-limits.h: new file for crypto and safe I/O
+	* lib/af_alg.c: Include sys-limits.h.
+	(MAX_RW_COUNT): Remove.  Use replaced by SYS_BUFSIZE_MAX.
+	(afalg_stream): Also reject negative sizes for sendfile; they
+	should not happen and the code is a bit cleaner and faster this way.
+	* lib/safe-read.c: Include sys-limits.h.
+	(BUGGY_READ_MAXIMUM): Remove.  All uses replaced by SYS_BUFSIZE_MAX.
+	* lib/sys-limits.h: New file, with values and commentary derived
+	from the old safe-read.c and from GNU Emacs sysdep.c.
+	* modules/crypto/md5, modules/crypto/sha1, modules/crypto/sha256:
+	* modules/crypto/sha512, modules/safe-read, modules/safe-write:
+	Add lib/sys-limits.h to Files section.
+
 2018-05-05  Bruno Haible  <bruno@clisp.org>
 
 	af_alg: Improve function signature.

--- a/lib/af_alg.c	Sat May 05 18:13:16 2018 +0200
+++ b/lib/af_alg.c	Sat May 05 10:27:38 2018 -0700
@@ -30,8 +30,8 @@
 
 #include "af_alg.h"
 
-/* from linux/include/linux/fs.h: (INT_MAX & PAGE_MASK).  */
-#define MAX_RW_COUNT 0x7FFFF000
+#include "sys-limits.h"
+
 #define BLOCKSIZE 32768
 
 int
@@ -70,7 +70,7 @@
   /* if file is a regular file, attempt sendfile to pipe the data.  */
   if (!fstat (fileno (stream), &st)
       && (S_ISREG (st.st_mode) || S_TYPEISSHM (&st) || S_TYPEISTMO (&st))
-      && st.st_size && st.st_size <= MAX_RW_COUNT)
+      && 0 < st.st_size && st.st_size <= SYS_BUFSIZE_MAX)
     {
       if (sendfile (ofd, fileno (stream), NULL, st.st_size) != st.st_size)
         {

--- a/lib/safe-read.c	Sat May 05 18:13:16 2018 +0200
+++ b/lib/safe-read.c	Sat May 05 10:27:38 2018 -0700
@@ -37,7 +37,7 @@
 # define IS_EINTR(x) 0
 #endif
 
-#include <limits.h>
+#include "sys-limits.h"
 
 #ifdef SAFE_WRITE
 # define safe_rw safe_write
@@ -55,12 +55,6 @@
 size_t
 safe_rw (int fd, void const *buf, size_t count)
 {
-  /* Work around a bug in Tru64 5.1.  Attempting to read more than
-     INT_MAX bytes fails with errno == EINVAL.  See
-     <https://lists.gnu.org/r/bug-gnu-utils/2002-04/msg00010.html>.
-     When decreasing COUNT, keep it block-aligned.  */
-  enum { BUGGY_READ_MAXIMUM = INT_MAX & ~8191 };
-
   for (;;)
     {
       ssize_t result = rw (fd, buf, count);
@@ -69,8 +63,8 @@
         return result;
       else if (IS_EINTR (errno))
         continue;
-      else if (errno == EINVAL && BUGGY_READ_MAXIMUM < count)
-        count = BUGGY_READ_MAXIMUM;
+      else if (errno == EINVAL && SYS_BUFSIZE_MAX < count)
+        count = SYS_BUFSIZE_MAX;
       else
         return result;
     }

--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/lib/sys-limits.h	Sat May 05 10:27:38 2018 -0700
@@ -0,0 +1,42 @@
+/* System call limits
+
+   Copyright 2018 Free Software Foundation, Inc.
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 2, or (at your option)
+   any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program; if not, see <https://www.gnu.org/licenses/>.  */
+
+#ifndef _SYS_LIMITS_H
+#define _SYS_LIMITS_H
+
+#include <limits.h>
+
+/* Maximum number of bytes to read or write in a single system call.
+   This can be useful for system calls like sendfile on GNU/Linux,
+   which do not handle more than MAX_RW_COUNT bytes correctly.
+   The Linux kernel MAX_RW_COUNT is at least INT_MAX >> 20 << 20,
+   where the 20 comes from the Hexagon port with 1 MiB pages; use that
+   as an approximation, as the exact value may not be available to us.
+
+   Using this also works around a serious Linux bug before 2.6.16; see
+   <https://bugzilla.redhat.com/show_bug.cgi?id=612839>.
+
+   Using this also works around a Tru64 5.1 bug, where attempting
+   to read INT_MAX bytes fails with errno == EINVAL.  See
+   <https://lists.gnu.org/r/bug-gnu-utils/2002-04/msg00010.html>.
+
+   Using this is likely to work around similar bugs in other operating
+   systems.  */
+
+enum { SYS_BUFSIZE_MAX = INT_MAX >> 20 << 20 };
+
+#endif

--- a/modules/crypto/md5	Sat May 05 18:13:16 2018 +0200
+++ b/modules/crypto/md5	Sat May 05 10:27:38 2018 -0700
@@ -7,6 +7,7 @@
 lib/md5.c
 lib/af_alg.h
 lib/af_alg.c
+lib/sys-limits.h
 m4/gl-openssl.m4
 m4/md5.m4
 m4/linux-if-alg.m4

--- a/modules/crypto/sha1	Sat May 05 18:13:16 2018 +0200
+++ b/modules/crypto/sha1	Sat May 05 10:27:38 2018 -0700
@@ -7,6 +7,7 @@
 lib/sha1.c
 lib/af_alg.h
 lib/af_alg.c
+lib/sys-limits.h
 m4/gl-openssl.m4
 m4/sha1.m4
 m4/linux-if-alg.m4

--- a/modules/crypto/sha256	Sat May 05 18:13:16 2018 +0200
+++ b/modules/crypto/sha256	Sat May 05 10:27:38 2018 -0700
@@ -7,6 +7,7 @@
 lib/sha256.c
 lib/af_alg.h
 lib/af_alg.c
+lib/sys-limits.h
 m4/gl-openssl.m4
 m4/sha256.m4
 m4/linux-if-alg.m4

--- a/modules/crypto/sha512	Sat May 05 18:13:16 2018 +0200
+++ b/modules/crypto/sha512	Sat May 05 10:27:38 2018 -0700
@@ -7,6 +7,7 @@
 lib/sha512.c
 lib/af_alg.h
 lib/af_alg.c
+lib/sys-limits.h
 m4/gl-openssl.m4
 m4/sha512.m4
 m4/linux-if-alg.m4

--- a/modules/safe-read	Sat May 05 18:13:16 2018 +0200
+++ b/modules/safe-read	Sat May 05 10:27:38 2018 -0700
@@ -4,6 +4,7 @@
 Files:
 lib/safe-read.h
 lib/safe-read.c
+lib/sys-limits.h
 m4/safe-read.m4
 
 Depends-on:

--- a/modules/safe-write	Sat May 05 18:13:16 2018 +0200
+++ b/modules/safe-write	Sat May 05 10:27:38 2018 -0700
@@ -5,6 +5,7 @@
 lib/safe-write.h
 lib/safe-write.c
 lib/safe-read.c
+lib/sys-limits.h
 m4/safe-write.m4
 m4/safe-read.m4