On Mon, Feb 17, 2020 at 01:59:31PM +0100, Christoph Hellwig wrote:
> Simplify the user copy code by using strndup_user. This means that we
> now do one memory allocation per operation instead of one per ioctl,
> but memory allocations are cheap compared to the actual file system
> operations.
>
> Signed-off-by: Christoph Hellwig <hch@xxxxxx>
> Reviewed-by: Chandan Rajendra <chandanrlinux@xxxxxxxxx>
> Reviewed-by: Darrick J. Wong <darrick.wong@xxxxxxxxxx>
> ---
> fs/xfs/xfs_ioctl.c | 17 +++++------------
> fs/xfs/xfs_ioctl32.c | 17 +++++------------
> 2 files changed, 10 insertions(+), 24 deletions(-)
>
> diff --git a/fs/xfs/xfs_ioctl.c b/fs/xfs/xfs_ioctl.c
> index b806003caacd..bb490a954c0b 100644
> --- a/fs/xfs/xfs_ioctl.c
> +++ b/fs/xfs/xfs_ioctl.c
> @@ -448,11 +448,6 @@ xfs_attrmulti_by_handle(
> goto out_dput;
> }
>
> - error = -ENOMEM;
> - attr_name = kmalloc(MAXNAMELEN, GFP_KERNEL);
> - if (!attr_name)
> - goto out_kfree_ops;
> -
> error = 0;
> for (i = 0; i < am_hreq.opcount; i++) {
> if ((ops[i].am_flags & ATTR_ROOT) &&
> @@ -462,12 +457,11 @@ xfs_attrmulti_by_handle(
> }
> ops[i].am_flags &= ~ATTR_KERNEL_FLAGS;
>
> - ops[i].am_error = strncpy_from_user((char *)attr_name,
> - ops[i].am_attrname, MAXNAMELEN);
> - if (ops[i].am_error == 0 || ops[i].am_error == MAXNAMELEN)
> - error = -ERANGE;
> - if (ops[i].am_error < 0)
> + attr_name = strndup_user(ops[i].am_attrname, MAXNAMELEN);
> + if (IS_ERR(attr_name)) {
> + ops[i].am_error = PTR_ERR(attr_name);
> break;
> + }
This changes the error returned for an invalid attr name length from
-ERANGE to either -EINVAL or -EFAULT. Can you please document that
in the commit message. This change requires updates to the
path_to_handle(3) man page shipped in xfsprogs in the xfslibs-dev
package (xfsprogs::man/man3/handle.3) to document the differences in
return values.
Cheers,
Dave.
--
Dave Chinner
david@xxxxxxxxxxxxx
