---

yaml --- r: 333910 b: refs/heads/master c: 7950e38 h: refs/heads/master v: v3
git-mirror · Oct 13, 2012 · 4d56917 · 4d56917
1 parent d545e37
commit 4d56917
Show file tree

Hide file tree

Showing 3 changed files with 51 additions and 21 deletions.
diff --git a/[refs] b/[refs]
@@ -1,2 +1,2 @@
 ---
-refs/heads/master: adb5c2473d3f91526c79db972aafb20a56d3fbb3
+refs/heads/master: 7950e3852ab86826b7349a535d2e8b0000340d7f
diff --git a/trunk/fs/namei.c b/trunk/fs/namei.c
@@ -119,40 +119,69 @@
  */
 void final_putname(struct filename *name)
 {
-	__putname(name->name);
-	kfree(name);
+	if (name->separate) {
+		__putname(name->name);
+		kfree(name);
+	} else {
+		__putname(name);
+	}
 }
 
+#define EMBEDDED_NAME_MAX	(PATH_MAX - sizeof(struct filename))
+
 static struct filename *
 getname_flags(const char __user *filename, int flags, int *empty)
 {
 	struct filename *result, *err;
-	char *kname;
 	int len;
+	long max;
+	char *kname;
 
 	result = audit_reusename(filename);
 	if (result)
 		return result;
 
-	/* FIXME: create dedicated slabcache? */
-	result = kzalloc(sizeof(*result), GFP_KERNEL);
+	result = __getname();
 	if (unlikely(!result))
 		return ERR_PTR(-ENOMEM);
 
-	kname = __getname();
-	if (unlikely(!kname)) {
-		err = ERR_PTR(-ENOMEM);
-		goto error_free_name;
-	}
-
+	/*
+	 * First, try to embed the struct filename inside the names_cache
+	 * allocation
+	 */
+	kname = (char *)result + sizeof(*result);
 	result->name = kname;
-	result->uptr = filename;
-	len = strncpy_from_user(kname, filename, PATH_MAX);
+	result->separate = false;
+	max = EMBEDDED_NAME_MAX;
+
+recopy:
+	len = strncpy_from_user(kname, filename, max);
 	if (unlikely(len < 0)) {
 		err = ERR_PTR(len);
 		goto error;
 	}
 
+	/*
+	 * Uh-oh. We have a name that's approaching PATH_MAX. Allocate a
+	 * separate struct filename so we can dedicate the entire
+	 * names_cache allocation for the pathname, and re-do the copy from
+	 * userland.
+	 */
+	if (len == EMBEDDED_NAME_MAX && max == EMBEDDED_NAME_MAX) {
+		kname = (char *)result;
+
+		result = kzalloc(sizeof(*result), GFP_KERNEL);
+		if (!result) {
+			err = ERR_PTR(-ENOMEM);
+			result = (struct filename *)kname;
+			goto error;
+		}
+		result->name = kname;
+		result->separate = true;
+		max = PATH_MAX;
+		goto recopy;
+	}
+
 	/* The empty path is special. */
 	if (unlikely(!len)) {
 		if (empty)
@@ -163,15 +192,15 @@ getname_flags(const char __user *filename, int flags, int *empty)
 	}
 
 	err = ERR_PTR(-ENAMETOOLONG);
-	if (likely(len < PATH_MAX)) {
-		audit_getname(result);
-		return result;
-	}
+	if (unlikely(len >= PATH_MAX))
+		goto error;
+
+	result->uptr = filename;
+	audit_getname(result);
+	return result;
 
 error:
-	__putname(kname);
-error_free_name:
-	kfree(result);
+	final_putname(result);
 	return err;
 }
 

diff --git a/trunk/include/linux/fs.h b/trunk/include/linux/fs.h
@@ -2201,6 +2201,7 @@ struct filename {
 	const char		*name;	/* pointer to actual string */
 	const __user char	*uptr;	/* original userland pointer */
 	struct audit_names	*aname;
+	bool			separate; /* should "name" be freed? */
 };
 
 extern int do_truncate(struct dentry *, loff_t start, unsigned int time_attrs,