From patchwork Sat Jan 18 00:15:53 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gerhard Heift X-Patchwork-Id: 3507691 Return-Path: X-Original-To: patchwork-linux-btrfs@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork1.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.19.201]) by patchwork1.web.kernel.org (Postfix) with ESMTP id A30E99F39C for ; Sat, 18 Jan 2014 00:16:32 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id ACC302017B for ; Sat, 18 Jan 2014 00:16:31 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id AC9902017E for ; Sat, 18 Jan 2014 00:16:30 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752841AbaARAQ2 (ORCPT ); Fri, 17 Jan 2014 19:16:28 -0500 Received: from mail-ea0-f176.google.com ([209.85.215.176]:57488 "EHLO mail-ea0-f176.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752779AbaARAQX (ORCPT ); Fri, 17 Jan 2014 19:16:23 -0500 Received: by mail-ea0-f176.google.com with SMTP id h14so1991696eaj.21 for ; Fri, 17 Jan 2014 16:16:22 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references; bh=HcCu0UiIFqcNjZEGlSkK8oLS+CagLODsR1pzUTVmyJ0=; b=kr/ZZqUQsPxEN0B8gV6hh1B5XXkldniuSve+UdRD8LVHuyz+U/GjwvadqT8GU+MjfQ kg2iNg/CHi4RN9UlHLkSfdl+3s83MAR0xgvFlviLJMDRdoYobOuMwPUy+3vhUo+RBddm TZyZ+E0JaVSeUUFy4yxUa7AdV3d0nyWUs+Zlow/Y9DQPwJ15ovLHvBBIF2yn4dB+8jA9 c+PxTA38XSwRVKsTITbKdkKyTiX40nVvliHQb5qa5boa5Gmww0hxKiDRtbq5vPGHZEVu rh0AfBDg6/AoHWOoLLDlnaPOqx+A3BEC423TTruRy0dLkZ+68RSLQtPVmwXGGOcF0Np/ TNnQ== X-Gm-Message-State: ALoCoQkui3m6Ae9ws7idOcz9j6jakCU0kqv/KTQ1PlgnMrd7fRN/Eznqeyozlb8Ml3nRwtmWBzX7 X-Received: by 10.14.32.132 with SMTP id o4mr5510218eea.14.1390004182694; Fri, 17 Jan 2014 16:16:22 -0800 (PST) Received: from localhost (host-115-115.kawo1.rwth-aachen.de. [134.130.115.115]) by mx.google.com with ESMTPSA id 46sm14487371ees.4.2014.01.17.16.16.21 for (version=TLSv1.2 cipher=RC4-SHA bits=128/128); Fri, 17 Jan 2014 16:16:22 -0800 (PST) From: Gerhard Heift To: linux-btrfs@vger.kernel.org Subject: [PATCH RFC 5/5] btrfs: search_ioctl: direct copy to userspace Date: Sat, 18 Jan 2014 01:15:53 +0100 Message-Id: <1390004153-4228-6-git-send-email-Gerhard@Heift.Name> X-Mailer: git-send-email 1.8.5.3 In-Reply-To: <1390004153-4228-1-git-send-email-Gerhard@Heift.Name> References: <20140116150710.GL6498@suse.cz> <1390004153-4228-1-git-send-email-Gerhard@Heift.Name> Sender: linux-btrfs-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-btrfs@vger.kernel.org X-Spam-Status: No, score=-7.2 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_HI, RP_MATCHES_RCVD, UNPARSEABLE_RELAY autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP By copying each found item seperatly to userspace, we only need a small amount of memory in the kernel. This allows to run a large search inside of a single call. Signed-off-by: Gerhard Heift --- fs/btrfs/ioctl.c | 105 +++++++++++++++++++++++++++++++++++++------------------ 1 file changed, 71 insertions(+), 34 deletions(-) diff --git a/fs/btrfs/ioctl.c b/fs/btrfs/ioctl.c index cc82bd9..103023c 100644 --- a/fs/btrfs/ioctl.c +++ b/fs/btrfs/ioctl.c @@ -1851,7 +1851,7 @@ static noinline int copy_to_sk(struct btrfs_root *root, struct btrfs_key *key, struct btrfs_ioctl_search_key *sk, size_t buf_size, - char *buf, + char __user *buf, unsigned long *sk_offset, int *num_found) { @@ -1865,6 +1865,11 @@ static noinline int copy_to_sk(struct btrfs_root *root, int slot; int ret = 0; + char *ext_buf; + unsigned long ext_buf_size; + + ext_buf_size = 0; + leaf = path->nodes[0]; slot = path->slots[0]; nritems = btrfs_header_nritems(leaf); @@ -1886,7 +1891,7 @@ static noinline int copy_to_sk(struct btrfs_root *root, if (sizeof(sh) + item_len > buf_size) { if (*num_found) { ret = 1; - goto overflow; + goto err; } item_len = 0; @@ -1895,7 +1900,7 @@ static noinline int copy_to_sk(struct btrfs_root *root, if (sizeof(sh) + item_len + *sk_offset > buf_size) { ret = 1; - goto overflow; + goto err; } sh.objectid = key->objectid; @@ -1905,20 +1910,47 @@ static noinline int copy_to_sk(struct btrfs_root *root, sh.transid = found_transid; /* copy search result header */ - memcpy(buf + *sk_offset, &sh, sizeof(sh)); + if (copy_to_user(buf + *sk_offset, &sh, sizeof(sh))) { + ret = -EFAULT; + goto err; + } + *sk_offset += sizeof(sh); if (item_len) { - char *p = buf + *sk_offset; + /* resize internal buffer if needed */ + if (ext_buf_size < item_len) { + if (ext_buf_size) + kfree(ext_buf); + + ext_buf_size = (item_len + PAGE_SIZE - 1) + & ~(PAGE_SIZE - 1); + + ext_buf = kmalloc_track_caller( + ext_buf_size, GFP_KERNEL); + + if (!ext_buf) { + ext_buf_size = 0; + ret = -ENOMEM; + goto err; + } + } + /* copy the item */ - read_extent_buffer(leaf, p, + read_extent_buffer(leaf, ext_buf, item_off, item_len); + + if (copy_to_user(buf + *sk_offset, ext_buf, item_len)) { + ret = -EFAULT; + goto err; + } + *sk_offset += item_len; } (*num_found)++; if (ret) /* -EOVERFLOW from above */ - goto overflow; + goto err; if (*num_found >= sk->nr_items) break; @@ -1936,14 +1968,26 @@ advance_key: key->objectid++; } else ret = 1; -overflow: +err: + /* + 0: all found + 1: more items can be copied, but buffer is too small or all items + were found, either way it will stops the loop which iterate to + the next leaf + -EOVERFLOW: item was to large for buffer + -ENOMEM: could not allocate memory to temporary the extent_buffer + -EFAULT: could not copy extent buffer back to userspace + */ + if (ext_buf_size) + kfree(ext_buf); + return ret; } static noinline int search_ioctl(struct inode *inode, struct btrfs_ioctl_search_key *sk, size_t buf_size, - char *buf + char __user *buf ) { struct btrfs_root *root; @@ -1996,6 +2040,7 @@ static noinline int search_ioctl(struct inode *inode, ret = copy_to_sk(root, path, &key, sk, buf_size, buf, &sk_offset, &num_found); btrfs_release_path(path); + if (ret || num_found >= sk->nr_items) break; @@ -2011,22 +2056,25 @@ err: static noinline int btrfs_ioctl_tree_search(struct file *file, void __user *argp) { - struct btrfs_ioctl_search_args *args; - struct inode *inode; - int ret; + struct btrfs_ioctl_search_args __user *usarg; + struct btrfs_ioctl_search_key *sk; + struct inode *inode; + int ret; if (!capable(CAP_SYS_ADMIN)) return -EPERM; - args = memdup_user(argp, sizeof(*args)); - if (IS_ERR(args)) - return PTR_ERR(args); + usarg = (struct btrfs_ioctl_search_args __user *)argp; + + sk = memdup_user(&usarg->key, sizeof(*sk)); + if (IS_ERR(sk)) + return PTR_ERR(sk); inode = file_inode(file); - ret = search_ioctl(inode, &args->key, sizeof(args->buf), args->buf); + ret = search_ioctl(inode, sk, sizeof(usarg->buf), usarg->buf); if (ret == -EOVERFLOW) ret = 0; - if (ret == 0 && copy_to_user(argp, args, sizeof(*args))) + if (ret == 0 && copy_to_user(argp, sk, sizeof(*sk))) ret = -EFAULT; kfree(args); return ret; @@ -2035,6 +2083,7 @@ static noinline int btrfs_ioctl_tree_search(struct file *file, static noinline int btrfs_ioctl_tree_search_v2(struct file *file, void __user *argp) { + struct btrfs_ioctl_search_args_v2 __user *usarg; struct btrfs_ioctl_search_args_v2 *args; struct inode *inode; int ret; @@ -2049,31 +2098,19 @@ static noinline int btrfs_ioctl_tree_search_v2(struct file *file, if (IS_ERR(args)) return PTR_ERR(args); + usarg = (struct btrfs_ioctl_search_args_v2 __user *)argp; + buf_size = args->buf_size; if (buf_size < sizeof(struct btrfs_ioctl_search_header)) { kfree(args); - return -ENOMEM; - } - - /* limit memory */ - if (buf_size > PAGE_SIZE * 32) - buf_size = PAGE_SIZE * 32; - - buf = memdup_user(argp->buf, buf_size); - if (IS_ERR(buf)) { - kfree(args); - return PTR_ERR(buf); + return -EOVERFLOW; } inode = file_inode(file); - ret = search_ioctl(inode, &args->key, buf_size, buf); - if (ret == 0 && ( - copy_to_user(argp, args, sizeof(*args)) || - copy_to_user(argp->buf, buf, buf_size) - )) + ret = search_ioctl(inode, &args->key, buf_size, usarg->buf); + if (ret == 0 && copy_to_user(argp, args, sizeof(*args)) ret = -EFAULT; - kfree(buf); kfree(args); return ret; }