aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--fs/xattr.c21
1 files changed, 17 insertions, 4 deletions
diff --git a/fs/xattr.c b/fs/xattr.c
index d14afbae3c13..3c8c1cc333c7 100644
--- a/fs/xattr.c
+++ b/fs/xattr.c
@@ -321,6 +321,7 @@ setxattr(struct dentry *d, const char __user *name, const void __user *value,
321{ 321{
322 int error; 322 int error;
323 void *kvalue = NULL; 323 void *kvalue = NULL;
324 void *vvalue = NULL; /* If non-NULL, we used vmalloc() */
324 char kname[XATTR_NAME_MAX + 1]; 325 char kname[XATTR_NAME_MAX + 1];
325 326
326 if (flags & ~(XATTR_CREATE|XATTR_REPLACE)) 327 if (flags & ~(XATTR_CREATE|XATTR_REPLACE))
@@ -335,13 +336,25 @@ setxattr(struct dentry *d, const char __user *name, const void __user *value,
335 if (size) { 336 if (size) {
336 if (size > XATTR_SIZE_MAX) 337 if (size > XATTR_SIZE_MAX)
337 return -E2BIG; 338 return -E2BIG;
338 kvalue = memdup_user(value, size); 339 kvalue = kmalloc(size, GFP_KERNEL | __GFP_NOWARN);
339 if (IS_ERR(kvalue)) 340 if (!kvalue) {
340 return PTR_ERR(kvalue); 341 vvalue = vmalloc(size);
342 if (!vvalue)
343 return -ENOMEM;
344 kvalue = vvalue;
345 }
346 if (copy_from_user(kvalue, value, size)) {
347 error = -EFAULT;
348 goto out;
349 }
341 } 350 }
342 351
343 error = vfs_setxattr(d, kname, kvalue, size, flags); 352 error = vfs_setxattr(d, kname, kvalue, size, flags);
344 kfree(kvalue); 353out:
354 if (vvalue)
355 vfree(vvalue);
356 else
357 kfree(kvalue);
345 return error; 358 return error;
346} 359}
347 360
generated by cgit v1.2.2 (git 2.25.0) at 2025-01-01 12:44:20 -0500