From: Al Viro <viro@zeniv.linux.org.uk>
To: linux-fsdevel@vger.kernel.org
Cc: torvalds@linux-foundation.org, brauner@kernel.org, jack@suse.cz,
mjguzik@gmail.com, paul@paul-moore.com, axboe@kernel.dk,
audit@vger.kernel.org, io-uring@vger.kernel.org
Subject: [RFC PATCH v2 12/18] getname_flags() massage, part 1
Date: Sat, 29 Nov 2025 17:01:36 +0000 [thread overview]
Message-ID: <20251129170142.150639-13-viro@zeniv.linux.org.uk> (raw)
In-Reply-To: <20251129170142.150639-1-viro@zeniv.linux.org.uk>
In case of long name don't reread what we'd already copied.
memmove() it instead. That avoids the possibility of ending
up with empty name there and the need to look at the flags
on the slow path.
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
---
fs/namei.c | 33 ++++++++++++++++-----------------
1 file changed, 16 insertions(+), 17 deletions(-)
diff --git a/fs/namei.c b/fs/namei.c
index dd86e41deeeb..bc5fe9732949 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -174,36 +174,35 @@ getname_flags(const char __user *filename, int flags)
*/
if (unlikely(len == EMBEDDED_NAME_MAX)) {
const size_t size = offsetof(struct filename, iname[1]);
- kname = (char *)result;
+ struct filename *p;
/*
* size is chosen that way we to guarantee that
* result->iname[0] is within the same object and that
* kname can't be equal to result->iname, no matter what.
*/
- result = kzalloc(size, GFP_KERNEL);
- if (unlikely(!result)) {
- __putname(kname);
+ p = kzalloc(size, GFP_KERNEL);
+ if (unlikely(!p)) {
+ __putname(result);
return ERR_PTR(-ENOMEM);
}
- result->name = kname;
- len = strncpy_from_user(kname, filename, PATH_MAX);
+ memmove(result, &result->iname, EMBEDDED_NAME_MAX);
+ kname = (char *)result;
+ p->name = kname;
+ len = strncpy_from_user(kname + EMBEDDED_NAME_MAX,
+ filename + EMBEDDED_NAME_MAX,
+ PATH_MAX - EMBEDDED_NAME_MAX);
if (unlikely(len < 0)) {
- __putname(kname);
- kfree(result);
+ kfree(p);
+ __putname(result);
return ERR_PTR(len);
}
- /* The empty path is special. */
- if (unlikely(!len) && !(flags & LOOKUP_EMPTY)) {
- __putname(kname);
- kfree(result);
- return ERR_PTR(-ENOENT);
- }
- if (unlikely(len == PATH_MAX)) {
- __putname(kname);
- kfree(result);
+ if (unlikely(len == PATH_MAX - EMBEDDED_NAME_MAX)) {
+ kfree(p);
+ __putname(result);
return ERR_PTR(-ENAMETOOLONG);
}
+ result = p;
}
initname(result);
audit_getname(result);
--
2.47.3
next prev parent reply other threads:[~2025-11-29 17:01 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-11-29 17:01 [RFC PATCH v2 00/18] io_uring, struct filename and audit Al Viro
2025-11-29 17:01 ` [RFC PATCH v2 01/18] do_faccessat(): import pathname only once Al Viro
2025-11-29 17:01 ` [RFC PATCH v2 02/18] do_fchmodat(): " Al Viro
2025-11-29 17:01 ` [RFC PATCH v2 03/18] do_fchownat(): " Al Viro
2025-11-29 17:01 ` [RFC PATCH v2 04/18] do_utimes_path(): " Al Viro
2025-11-29 17:01 ` [RFC PATCH v2 05/18] chdir(2): " Al Viro
2025-11-29 17:01 ` [RFC PATCH v2 06/18] chroot(2): " Al Viro
2025-11-29 17:01 ` [RFC PATCH v2 07/18] user_statfs(): " Al Viro
2025-11-29 17:01 ` [RFC PATCH v2 08/18] do_sys_truncate(): " Al Viro
2025-11-29 17:01 ` [RFC PATCH v2 09/18] do_readlinkat(): " Al Viro
2025-11-29 17:01 ` [RFC PATCH v2 10/18] get rid of audit_reusename() Al Viro
2025-12-16 2:14 ` Paul Moore
2025-11-29 17:01 ` [RFC PATCH v2 11/18] ntfs: ->d_compare() must not block Al Viro
2025-11-29 17:01 ` Al Viro [this message]
2025-11-29 17:01 ` [RFC PATCH v2 13/18] getname_flags() massage, part 2 Al Viro
2025-11-29 17:01 ` [RFC PATCH v2 14/18] struct filename: use names_cachep only for getname() and friends Al Viro
2025-11-29 17:01 ` [RFC PATCH v2 15/18] struct filename: saner handling of long names Al Viro
2025-11-29 17:33 ` Mateusz Guzik
2025-11-30 4:06 ` Al Viro
2025-11-30 4:38 ` Mateusz Guzik
2025-11-29 17:01 ` [RFC PATCH v2 16/18] allow incomplete imports of filenames Al Viro
2025-11-29 17:01 ` [RFC PATCH v2 17/18] fs: touch up predicts in putname() Al Viro
2025-11-29 17:34 ` Mateusz Guzik
2025-11-29 17:01 ` [RFC PATCH v2 18/18] struct filename ->refcnt doesn't need to be atomic Al Viro
2025-12-16 2:18 ` Paul Moore
2025-12-10 1:31 ` [RFC PATCH v2 00/18] io_uring, struct filename and audit Jens Axboe
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20251129170142.150639-13-viro@zeniv.linux.org.uk \
--to=viro@zeniv.linux.org.uk \
--cc=audit@vger.kernel.org \
--cc=axboe@kernel.dk \
--cc=brauner@kernel.org \
--cc=io-uring@vger.kernel.org \
--cc=jack@suse.cz \
--cc=linux-fsdevel@vger.kernel.org \
--cc=mjguzik@gmail.com \
--cc=paul@paul-moore.com \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox