From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-9.1 required=3.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH,MAILING_LIST_MULTI, SIGNED_OFF_BY,SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5795BC282DB for ; Mon, 21 Jan 2019 10:49:58 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 1DFFB20663 for ; Mon, 21 Jan 2019 10:49:58 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=brauner.io header.i=@brauner.io header.b="TeQE2kMA" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727942AbfAUKt5 (ORCPT ); Mon, 21 Jan 2019 05:49:57 -0500 Received: from mail-ed1-f67.google.com ([209.85.208.67]:41535 "EHLO mail-ed1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727440AbfAUKt4 (ORCPT ); Mon, 21 Jan 2019 05:49:56 -0500 Received: by mail-ed1-f67.google.com with SMTP id a20so16185368edc.8 for ; Mon, 21 Jan 2019 02:49:55 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=brauner.io; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=ZlQDJ+iQAaKeozTMh+I5M2wgg0C3o6EXZHTueSqnRUY=; b=TeQE2kMAd/g2UqaoQktowCagP20Tizh65wVmRfITJQlFoiUZd1i8u2F6GnnD8mwmHE 9erIT3ngTag+01tmOmIM/ZHk+XsDvgQUuiV6Z4E3uahlsN4WdSu/A5US7U0m+i8t5W32 TjqZkk7pTuXSnKWKKiTPDpKB2ED/NeqhgI7lczksaE92j6c1RMhurcYhTbZWr6QnJdtV +0qtHcVXpjP6YQrF6LbKqiwCdqZKnDeC9piPhPRL4rKlc5LeOmAGP9DnEChZq98esxCT yi9Y0/BhKfqKBFfar4yWjHiTUcnUN0UlesEfqDBU/xQU49COQyOoe15K/v4bv28CP0Eb 7O1A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=ZlQDJ+iQAaKeozTMh+I5M2wgg0C3o6EXZHTueSqnRUY=; b=Jp85x/HcSqZ8y/aSFMH4Mi350e89BrvfBZRIEALfrLL3fzpr/W6I3787eyJfEVhtSC /aG8gCA+euFRCDHQvWVnS7VKgkoUJmDzdtqn8JCzoTD7EB6JGU99isih9ggGu/gYJb+G 7/4urke3XR/Hi/JW1BFPQ+E0ebtYvlr4gBBusxMNhyn2DyW2vlZehE1KWcx/yX5cllrD x1pRC0j8DmiOic81MvISpKhgnrKH1VqsShmLEf/NsHlVpFO+cbZjVS0VJ7/9UUX5IYAc L65fdOxOLcdwnnwHtf4gnVzujblAnfvM5ZhFxm6PNZ/qm8uV2AICdihenKI6fpGQR638 Ib6Q== X-Gm-Message-State: AJcUukeO2u7iaX1tWVVQlHWPvENHE9CFBdxq2R5sXIbMpNzmYSI3DC7e l4eoh1zGxUbN50+ueMKteKeVsQ== X-Google-Smtp-Source: ALg8bN7uEqHEjCPwcGs4KrU32hCgdefNcloNh+8jIU7egcLhnPUoravF+S2c+viyGLPDpIRgqaRK3A== X-Received: by 2002:a50:b68a:: with SMTP id d10mr26712826ede.16.1548067794554; Mon, 21 Jan 2019 02:49:54 -0800 (PST) Received: from localhost.localdomain ([2a02:8109:b6bf:f9e4:9473:6b39:afaf:14d4]) by smtp.gmail.com with ESMTPSA id e35sm9006196eda.13.2019.01.21.02.49.53 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 21 Jan 2019 02:49:54 -0800 (PST) From: Christian Brauner To: gregkh@linuxfoundation.org, devel@driverdev.osuosl.org, linux-fsdevel@vger.kernel.org, viro@zeniv.linux.org.uk, dhowells@redhat.com Cc: tkjos@google.com, Christian Brauner Subject: [PATCH v1 4/7] binderfs: rework binderfs_binder_device_create() Date: Mon, 21 Jan 2019 11:48:05 +0100 Message-Id: <20190121104808.24108-5-christian@brauner.io> X-Mailer: git-send-email 2.19.1 In-Reply-To: <20190121104808.24108-1-christian@brauner.io> References: <20190121104808.24108-1-christian@brauner.io> MIME-Version: 1.0 X-Patchwork-Bot: notify Content-Transfer-Encoding: 8bit Sender: linux-fsdevel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-fsdevel@vger.kernel.org - switch from d_alloc_name() + d_lookup() to lookup_one_len(): Instead of using d_alloc_name() and then doing a d_lookup() with the allocated dentry to find whether a device with the name we're trying to create already exists switch to using lookup_one_len(). The latter will either return the existing dentry or a new one. - switch from kmalloc() + strscpy() to kmemdup(): Use a more idiomatic way to copy the name for the new dentry that userspace gave us. Suggested-by: Al Viro Signed-off-by: Christian Brauner --- /* Changelog */ v1: - patch introduced --- drivers/android/binderfs.c | 39 +++++++++++++++++++------------------- 1 file changed, 19 insertions(+), 20 deletions(-) diff --git a/drivers/android/binderfs.c b/drivers/android/binderfs.c index 89a2ee1a02f6..1e077498a507 100644 --- a/drivers/android/binderfs.c +++ b/drivers/android/binderfs.c @@ -11,6 +11,7 @@ #include #include #include +#include #include #include #include @@ -106,7 +107,7 @@ bool is_binderfs_device(const struct inode *inode) * @userp: buffer to copy information about new device for userspace to * @req: struct binderfs_device as copied from userspace * - * This function allocated a new binder_device and reserves a new minor + * This function allocates a new binder_device and reserves a new minor * number for it. * Minor numbers are limited and tracked globally in binderfs_minors. The * function will stash a struct binder_device for the specific binder @@ -122,10 +123,10 @@ static int binderfs_binder_device_create(struct inode *ref_inode, struct binderfs_device *req) { int minor, ret; - struct dentry *dentry, *dup, *root; + struct dentry *dentry, *root; struct binder_device *device; - size_t name_len = BINDERFS_MAX_NAME + 1; char *name = NULL; + size_t name_len; struct inode *inode = NULL; struct super_block *sb = ref_inode->i_sb; struct binderfs_info *info = sb->s_fs_info; @@ -168,12 +169,13 @@ static int binderfs_binder_device_create(struct inode *ref_inode, inode->i_uid = info->root_uid; inode->i_gid = info->root_gid; - name = kmalloc(name_len, GFP_KERNEL); + req->name[BINDERFS_MAX_NAME] = '\0'; /* NUL-terminate */ + name_len = strlen(req->name); + /* Make sure to include terminating NUL byte */ + name = kmemdup(req->name, name_len + 1, GFP_KERNEL); if (!name) goto err; - strscpy(name, req->name, name_len); - device->binderfs_inode = inode; device->context.binder_context_mgr_uid = INVALID_UID; device->context.name = name; @@ -192,24 +194,21 @@ static int binderfs_binder_device_create(struct inode *ref_inode, root = sb->s_root; inode_lock(d_inode(root)); - dentry = d_alloc_name(root, name); - if (!dentry) { + + /* look it up */ + dentry = lookup_one_len(name, root, name_len); + if (IS_ERR(dentry)) { inode_unlock(d_inode(root)); - ret = -ENOMEM; + ret = PTR_ERR(dentry); goto err; } - /* Verify that the name userspace gave us is not already in use. */ - dup = d_lookup(root, &dentry->d_name); - if (dup) { - if (d_really_is_positive(dup)) { - dput(dup); - dput(dentry); - inode_unlock(d_inode(root)); - ret = -EEXIST; - goto err; - } - dput(dup); + if (d_really_is_positive(dentry)) { + /* already exists */ + dput(dentry); + inode_unlock(d_inode(root)); + ret = -EEXIST; + goto err; } inode->i_private = device; -- 2.19.1