diff options
| author | Joanne Koong <joannelkoong@gmail.com> | 2026-04-30 14:47:46 +0300 |
|---|---|---|
| committer | Miklos Szeredi <mszeredi@redhat.com> | 2026-06-15 15:06:19 +0300 |
| commit | 6bd421b499ef16006bdc2ee85bf66d3956b52def (patch) | |
| tree | 900a26ad8fb16bd2c8a4d3917caa6634c6e1557a | |
| parent | d3aa89c9bfb7cd72a7025ebbb92275128d28afbd (diff) | |
| download | linux-6bd421b499ef16006bdc2ee85bf66d3956b52def.tar.xz | |
fuse: remove redundant buffer size checks for interrupt and forget requests
In fuse_dev_do_read(), there is already logic that ensures the buffer is
a minimum of at least FUSE_MIN_READ_BUFFER (8k) bytes.
This makes the buffer size checks for interrupt and forget requests
redundant as sizeof(struct fuse_in_header) + sizeof(struct
fuse_interrupt_in) and sizeof(struct fuse_in_header) + sizeof(struct
fuse_forget_in) are both less than FUSE_MIN_READ_BUFFER.
We can get rid of these checks.
Signed-off-by: Joanne Koong <joannelkoong@gmail.com>
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
| -rw-r--r-- | fs/fuse/dev.c | 18 |
1 files changed, 4 insertions, 14 deletions
diff --git a/fs/fuse/dev.c b/fs/fuse/dev.c index 9feecbd2532a..32b0bb1f79d7 100644 --- a/fs/fuse/dev.c +++ b/fs/fuse/dev.c @@ -1376,7 +1376,7 @@ static int request_pending(struct fuse_iqueue *fiq) */ static int fuse_read_interrupt(struct fuse_iqueue *fiq, struct fuse_copy_state *cs, - size_t nbytes, struct fuse_req *req) + struct fuse_req *req) __releases(fiq->lock) { struct fuse_in_header ih; @@ -1393,8 +1393,6 @@ __releases(fiq->lock) arg.unique = req->in.h.unique; spin_unlock(&fiq->lock); - if (nbytes < reqsize) - return -EINVAL; err = fuse_copy_one(cs, &ih, sizeof(ih)); if (!err) @@ -1427,8 +1425,7 @@ static struct fuse_forget_link *fuse_dequeue_forget(struct fuse_iqueue *fiq, } static int fuse_read_single_forget(struct fuse_iqueue *fiq, - struct fuse_copy_state *cs, - size_t nbytes) + struct fuse_copy_state *cs) __releases(fiq->lock) { int err; @@ -1445,8 +1442,6 @@ __releases(fiq->lock) spin_unlock(&fiq->lock); kfree(forget); - if (nbytes < ih.len) - return -EINVAL; err = fuse_copy_one(cs, &ih, sizeof(ih)); if (!err) @@ -1474,11 +1469,6 @@ __releases(fiq->lock) .len = sizeof(ih) + sizeof(arg), }; - if (nbytes < ih.len) { - spin_unlock(&fiq->lock); - return -EINVAL; - } - max_forgets = (nbytes - ih.len) / sizeof(struct fuse_forget_one); head = fuse_dequeue_forget(fiq, max_forgets, &count); spin_unlock(&fiq->lock); @@ -1514,7 +1504,7 @@ static int fuse_read_forget(struct fuse_chan *fch, struct fuse_iqueue *fiq, __releases(fiq->lock) { if (fch->minor < 16 || fiq->forget_list_head.next->next == NULL) - return fuse_read_single_forget(fiq, cs, nbytes); + return fuse_read_single_forget(fiq, cs); else return fuse_read_batch_forget(fiq, cs, nbytes); } @@ -1581,7 +1571,7 @@ static ssize_t fuse_dev_do_read(struct fuse_dev *fud, struct file *file, if (!list_empty(&fiq->interrupts)) { req = list_entry(fiq->interrupts.next, struct fuse_req, intr_entry); - return fuse_read_interrupt(fiq, cs, nbytes, req); + return fuse_read_interrupt(fiq, cs, req); } if (forget_pending(fiq)) { |