| Message ID | 20241212-fuse_name_max-limit-6-13-v1-1-92be52f01eca@ddn.com (mailing list archive) |
|---|---|
| State | New |
| Headers | show |
| Series | fuse: Increase FUSE_NAME_MAX limit | expand |
On 12/13/24 5:50 AM, Bernd Schubert wrote: > fuse_notify_inval_entry and fuse_notify_delete were using fixed allocations > of FUSE_NAME_MAX to hold the file name. Often that large buffers are not > needed as file names might be smaller, so this uses the actual file name > size to do the allocation. > > Signed-off-by: Bernd Schubert <bschubert@ddn.com> Reviewed-by: Jingbo Xu <jefflexu@linux.alibaba.com> > --- > fs/fuse/dev.c | 26 ++++++++++++++------------ > 1 file changed, 14 insertions(+), 12 deletions(-) > > diff --git a/fs/fuse/dev.c b/fs/fuse/dev.c > index 27ccae63495d14ea339aa6c8da63d0ac44fc8885..c979ce93685f8338301a094ac513c607f44ba572 100644 > --- a/fs/fuse/dev.c > +++ b/fs/fuse/dev.c > @@ -1525,14 +1525,10 @@ static int fuse_notify_inval_entry(struct fuse_conn *fc, unsigned int size, > struct fuse_copy_state *cs) > { > struct fuse_notify_inval_entry_out outarg; > - int err = -ENOMEM; > - char *buf; > + int err; > + char *buf = NULL; > struct qstr name; > > - buf = kzalloc(FUSE_NAME_MAX + 1, GFP_KERNEL); > - if (!buf) > - goto err; > - > err = -EINVAL; > if (size < sizeof(outarg)) > goto err; > @@ -1549,6 +1545,11 @@ static int fuse_notify_inval_entry(struct fuse_conn *fc, unsigned int size, > if (size != sizeof(outarg) + outarg.namelen + 1) > goto err; > > + err = -ENOMEM; > + buf = kzalloc(outarg.namelen + 1, GFP_KERNEL); > + if (!buf) > + goto err; > + > name.name = buf; > name.len = outarg.namelen; > err = fuse_copy_one(cs, buf, outarg.namelen + 1); > @@ -1573,14 +1574,10 @@ static int fuse_notify_delete(struct fuse_conn *fc, unsigned int size, > struct fuse_copy_state *cs) > { > struct fuse_notify_delete_out outarg; > - int err = -ENOMEM; > - char *buf; > + int err; > + char *buf = NULL; > struct qstr name; > > - buf = kzalloc(FUSE_NAME_MAX + 1, GFP_KERNEL); > - if (!buf) > - goto err; > - > err = -EINVAL; > if (size < sizeof(outarg)) > goto err; > @@ -1597,6 +1594,11 @@ static int fuse_notify_delete(struct fuse_conn *fc, unsigned int size, > if (size != sizeof(outarg) + outarg.namelen + 1) > goto err; > > + err = -ENOMEM; > + buf = kzalloc(outarg.namelen + 1, GFP_KERNEL); > + if (!buf) > + goto err; > + > name.name = buf; > name.len = outarg.namelen; > err = fuse_copy_one(cs, buf, outarg.namelen + 1); >
diff --git a/fs/fuse/dev.c b/fs/fuse/dev.c index 27ccae63495d14ea339aa6c8da63d0ac44fc8885..c979ce93685f8338301a094ac513c607f44ba572 100644 --- a/fs/fuse/dev.c +++ b/fs/fuse/dev.c @@ -1525,14 +1525,10 @@ static int fuse_notify_inval_entry(struct fuse_conn *fc, unsigned int size, struct fuse_copy_state *cs) { struct fuse_notify_inval_entry_out outarg; - int err = -ENOMEM; - char *buf; + int err; + char *buf = NULL; struct qstr name; - buf = kzalloc(FUSE_NAME_MAX + 1, GFP_KERNEL); - if (!buf) - goto err; - err = -EINVAL; if (size < sizeof(outarg)) goto err; @@ -1549,6 +1545,11 @@ static int fuse_notify_inval_entry(struct fuse_conn *fc, unsigned int size, if (size != sizeof(outarg) + outarg.namelen + 1) goto err; + err = -ENOMEM; + buf = kzalloc(outarg.namelen + 1, GFP_KERNEL); + if (!buf) + goto err; + name.name = buf; name.len = outarg.namelen; err = fuse_copy_one(cs, buf, outarg.namelen + 1); @@ -1573,14 +1574,10 @@ static int fuse_notify_delete(struct fuse_conn *fc, unsigned int size, struct fuse_copy_state *cs) { struct fuse_notify_delete_out outarg; - int err = -ENOMEM; - char *buf; + int err; + char *buf = NULL; struct qstr name; - buf = kzalloc(FUSE_NAME_MAX + 1, GFP_KERNEL); - if (!buf) - goto err; - err = -EINVAL; if (size < sizeof(outarg)) goto err; @@ -1597,6 +1594,11 @@ static int fuse_notify_delete(struct fuse_conn *fc, unsigned int size, if (size != sizeof(outarg) + outarg.namelen + 1) goto err; + err = -ENOMEM; + buf = kzalloc(outarg.namelen + 1, GFP_KERNEL); + if (!buf) + goto err; + name.name = buf; name.len = outarg.namelen; err = fuse_copy_one(cs, buf, outarg.namelen + 1);
fuse_notify_inval_entry and fuse_notify_delete were using fixed allocations of FUSE_NAME_MAX to hold the file name. Often that large buffers are not needed as file names might be smaller, so this uses the actual file name size to do the allocation. Signed-off-by: Bernd Schubert <bschubert@ddn.com> --- fs/fuse/dev.c | 26 ++++++++++++++------------ 1 file changed, 14 insertions(+), 12 deletions(-)