diff options
author | Eric Paris <eparis@redhat.com> | 2010-10-28 17:21:57 -0400 |
---|---|---|
committer | Eric Paris <eparis@redhat.com> | 2010-10-28 17:22:14 -0400 |
commit | 2529a0df0f64dab1f60ae08e038b89c53a6b4c02 (patch) | |
tree | 59f73938d84b78b535c91282677054d1f3dd1697 | |
parent | 5322a59f14e4cae5f878b9c0c5612d403c230d7f (diff) |
fsnotify: implement a default maximum queue depth
Currently fanotify has no maximum queue depth. Since fanotify is
CAP_SYS_ADMIN only this does not pose a normal user DoS issue, but it
certianly is possible that an fanotify listener which can't keep up could
OOM the box. This patch implements a default 16k depth. This is the same
default depth used by inotify, but given fanotify's better queue merging in
many situations this queue will contain many additional useful events by
comparison.
Signed-off-by: Eric Paris <eparis@redhat.com>
-rw-r--r-- | fs/notify/fanotify/fanotify_user.c | 4 | ||||
-rw-r--r-- | include/linux/fanotify.h | 1 |
2 files changed, 4 insertions, 1 deletions
diff --git a/fs/notify/fanotify/fanotify_user.c b/fs/notify/fanotify/fanotify_user.c index b265936e92d6..04f2fe47b66a 100644 --- a/fs/notify/fanotify/fanotify_user.c +++ b/fs/notify/fanotify/fanotify_user.c | |||
@@ -16,6 +16,8 @@ | |||
16 | 16 | ||
17 | #include <asm/ioctls.h> | 17 | #include <asm/ioctls.h> |
18 | 18 | ||
19 | #define FANOTIFY_DEFAULT_MAX_EVENTS 16384 | ||
20 | |||
19 | extern const struct fsnotify_ops fanotify_fsnotify_ops; | 21 | extern const struct fsnotify_ops fanotify_fsnotify_ops; |
20 | 22 | ||
21 | static struct kmem_cache *fanotify_mark_cache __read_mostly; | 23 | static struct kmem_cache *fanotify_mark_cache __read_mostly; |
@@ -689,6 +691,8 @@ SYSCALL_DEFINE2(fanotify_init, unsigned int, flags, unsigned int, event_f_flags) | |||
689 | goto out_put_group; | 691 | goto out_put_group; |
690 | } | 692 | } |
691 | 693 | ||
694 | group->max_events = FANOTIFY_DEFAULT_MAX_EVENTS; | ||
695 | |||
692 | fd = anon_inode_getfd("[fanotify]", &fanotify_fops, group, f_flags); | 696 | fd = anon_inode_getfd("[fanotify]", &fanotify_fops, group, f_flags); |
693 | if (fd < 0) | 697 | if (fd < 0) |
694 | goto out_put_group; | 698 | goto out_put_group; |
diff --git a/include/linux/fanotify.h b/include/linux/fanotify.h index a97c96d28c07..ed479b6fef7b 100644 --- a/include/linux/fanotify.h +++ b/include/linux/fanotify.h | |||
@@ -12,7 +12,6 @@ | |||
12 | 12 | ||
13 | #define FAN_EVENT_ON_CHILD 0x08000000 /* interested in child events */ | 13 | #define FAN_EVENT_ON_CHILD 0x08000000 /* interested in child events */ |
14 | 14 | ||
15 | /* FIXME currently Q's have no limit.... */ | ||
16 | #define FAN_Q_OVERFLOW 0x00004000 /* Event queued overflowed */ | 15 | #define FAN_Q_OVERFLOW 0x00004000 /* Event queued overflowed */ |
17 | 16 | ||
18 | #define FAN_OPEN_PERM 0x00010000 /* File open in perm check */ | 17 | #define FAN_OPEN_PERM 0x00010000 /* File open in perm check */ |