diff options
| author | Gu Zheng <guz.fnst@cn.fujitsu.com> | 2014-01-20 05:37:30 -0500 |
|---|---|---|
| committer | Jaegeuk Kim <jaegeuk.kim@samsung.com> | 2014-01-22 04:41:08 -0500 |
| commit | 63f5384c9a7df95a0e0eb6745f3038c703bdf4c3 (patch) | |
| tree | fa9316dc060b249f9881f5c7adc5ed0d3358163a /fs/f2fs | |
| parent | 9df27d982d58b9372bc476fb6b9bab861d617029 (diff) | |
f2fs: remove the orphan block page array
As the orphan_blocks may be max to 504, so it is not security
and rigorous to store such a large array in the kernel stack
as Dan Carpenter said.
In fact, grab_meta_page has locked the page in the page cache,
and we can use find_get_page() to fetch the page safely in the
downstream, so we can remove the page array directly.
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Gu Zheng <guz.fnst@cn.fujitsu.com>
Signed-off-by: Jaegeuk Kim <jaegeuk.kim@samsung.com>
Diffstat (limited to 'fs/f2fs')
| -rw-r--r-- | fs/f2fs/checkpoint.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/fs/f2fs/checkpoint.c b/fs/f2fs/checkpoint.c index f9d4f7de75ad..ed82de6bfb47 100644 --- a/fs/f2fs/checkpoint.c +++ b/fs/f2fs/checkpoint.c | |||
| @@ -311,11 +311,10 @@ static void write_orphan_inodes(struct f2fs_sb_info *sbi, block_t start_blk) | |||
| 311 | unsigned short orphan_blocks = (unsigned short)((sbi->n_orphans + | 311 | unsigned short orphan_blocks = (unsigned short)((sbi->n_orphans + |
| 312 | (F2FS_ORPHANS_PER_BLOCK - 1)) / F2FS_ORPHANS_PER_BLOCK); | 312 | (F2FS_ORPHANS_PER_BLOCK - 1)) / F2FS_ORPHANS_PER_BLOCK); |
| 313 | struct page *page = NULL; | 313 | struct page *page = NULL; |
| 314 | struct page *pages[orphan_blocks]; | ||
| 315 | struct orphan_inode_entry *orphan = NULL; | 314 | struct orphan_inode_entry *orphan = NULL; |
| 316 | 315 | ||
| 317 | for (index = 0; index < orphan_blocks; index++) | 316 | for (index = 0; index < orphan_blocks; index++) |
| 318 | pages[index] = grab_meta_page(sbi, start_blk + index); | 317 | grab_meta_page(sbi, start_blk + index); |
| 319 | 318 | ||
| 320 | index = 1; | 319 | index = 1; |
| 321 | spin_lock(&sbi->orphan_inode_lock); | 320 | spin_lock(&sbi->orphan_inode_lock); |
| @@ -324,10 +323,12 @@ static void write_orphan_inodes(struct f2fs_sb_info *sbi, block_t start_blk) | |||
| 324 | /* loop for each orphan inode entry and write them in Jornal block */ | 323 | /* loop for each orphan inode entry and write them in Jornal block */ |
| 325 | list_for_each_entry(orphan, head, list) { | 324 | list_for_each_entry(orphan, head, list) { |
| 326 | if (!page) { | 325 | if (!page) { |
| 327 | page = pages[index - 1]; | 326 | page = find_get_page(META_MAPPING(sbi), start_blk++); |
| 327 | f2fs_bug_on(!page); | ||
| 328 | orphan_blk = | 328 | orphan_blk = |
| 329 | (struct f2fs_orphan_block *)page_address(page); | 329 | (struct f2fs_orphan_block *)page_address(page); |
| 330 | memset(orphan_blk, 0, sizeof(*orphan_blk)); | 330 | memset(orphan_blk, 0, sizeof(*orphan_blk)); |
| 331 | f2fs_put_page(page, 0); | ||
| 331 | } | 332 | } |
| 332 | 333 | ||
| 333 | orphan_blk->ino[nentries++] = cpu_to_le32(orphan->ino); | 334 | orphan_blk->ino[nentries++] = cpu_to_le32(orphan->ino); |