When tmpfs is mounted with a size less than one page the number of blocks
is set to 0 which makes the tmpfs mount unlimited. This can lead to a quick
and surprising death is someone typos a tmpfs mount command and writes to much.
tmpfs can still be mounted as unlimited if size or nr_blocks is exactly 0.
Signed-off-by: Michael Marineau <[email protected]>
---
mm/shmem.c | 2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
diff --git a/mm/shmem.c b/mm/shmem.c
index 253d205..66b07f2 100644
--- a/mm/shmem.c
+++ b/mm/shmem.c
@@ -2138,6 +2138,8 @@ static int shmem_parse_options(char *options, int *mode, uid_t *uid,
if (*rest)
goto bad_val;
*blocks = size >> PAGE_CACHE_SHIFT;
+ if (size && blocks == 0)
+ blocks = 1;
} else if (!strcmp(this_char,"nr_blocks")) {
*blocks = memparse(value,&rest);
if (*rest)
--
1.5.1.6
When tmpfs is mounted with a size less than one page the number of blocks
is set to 0 which makes the tmpfs mount unlimited. This can lead to a quick
and surprising death is someone typos a tmpfs mount command and writes to much.
tmpfs can still be mounted as unlimited if size or nr_blocks is exactly 0.
Signed-off-by: Michael Marineau <[email protected]>
---
Somehow I was a moron and didn't notice the compiler shouting insults at me,
here is the correct version of the patch. Sorry for the noise :-(
mm/shmem.c | 2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
diff --git a/mm/shmem.c b/mm/shmem.c
index 253d205..86b47d8 100644
--- a/mm/shmem.c
+++ b/mm/shmem.c
@@ -2138,6 +2138,8 @@ static int shmem_parse_options(char *options, int *mode, uid_t *uid,
if (*rest)
goto bad_val;
*blocks = size >> PAGE_CACHE_SHIFT;
+ if (size && *blocks == 0)
+ *blocks = 1;
} else if (!strcmp(this_char,"nr_blocks")) {
*blocks = memparse(value,&rest);
if (*rest)
--
1.5.1.6
Fair enough, that does match the documentation of "size=0" better.
Though either way, someone who typos is going to get one kind of surprise
or another. Do you mind if we do it slightly differently, achieving the
same effect without a special case, by rounding up instead of down?
From: Michael Marineau <[email protected]>
When tmpfs is mounted with a size less than one page, the number of blocks
is set to 0 which makes the tmpfs mount unlimited. This can lead to a quick
and surprising death if someone typos a tmpfs mount command and writes too
much.
tmpfs can still be mounted as unlimited if size or nr_blocks is exactly 0,
as Documentation/filesystems/tmpfs.txt says.
Hugh: do this by rounding size up instead of down in all cases: which
slightly expands other odd-sized tmpfs mounts, but in a consistent way.
Signed-off-by: Michael Marineau <[email protected]>
Signed-off-by: Hugh Dickins <[email protected]>
---
mm/shmem.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- 2.6.24-rc1-git/mm/shmem.c 2007-10-31 06:18:05.000000000 +0000
+++ linux/mm/shmem.c 2007-11-04 11:46:09.000000000 +0000
@@ -2137,7 +2137,7 @@ static int shmem_parse_options(char *opt
}
if (*rest)
goto bad_val;
- *blocks = size >> PAGE_CACHE_SHIFT;
+ *blocks = DIV_ROUND_UP(size, PAGE_CACHE_SIZE);
} else if (!strcmp(this_char,"nr_blocks")) {
*blocks = memparse(value,&rest);
if (*rest)
On 11/4/07, Hugh Dickins <[email protected]> wrote:
> Fair enough, that does match the documentation of "size=0" better.
> Though either way, someone who typos is going to get one kind of surprise
> or another. Do you mind if we do it slightly differently, achieving the
> same effect without a special case, by rounding up instead of down?
Sounds reasonable to me. I didn't know about DIV_ROUND_UP :-)
>
>
> From: Michael Marineau <[email protected]>
>
> When tmpfs is mounted with a size less than one page, the number of blocks
> is set to 0 which makes the tmpfs mount unlimited. This can lead to a quick
> and surprising death if someone typos a tmpfs mount command and writes too
> much.
>
> tmpfs can still be mounted as unlimited if size or nr_blocks is exactly 0,
> as Documentation/filesystems/tmpfs.txt says.
>
> Hugh: do this by rounding size up instead of down in all cases: which
> slightly expands other odd-sized tmpfs mounts, but in a consistent way.
>
> Signed-off-by: Michael Marineau <[email protected]>
> Signed-off-by: Hugh Dickins <[email protected]>
> ---
>
> mm/shmem.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> --- 2.6.24-rc1-git/mm/shmem.c 2007-10-31 06:18:05.000000000 +0000
> +++ linux/mm/shmem.c 2007-11-04 11:46:09.000000000 +0000
> @@ -2137,7 +2137,7 @@ static int shmem_parse_options(char *opt
> }
> if (*rest)
> goto bad_val;
> - *blocks = size >> PAGE_CACHE_SHIFT;
> + *blocks = DIV_ROUND_UP(size, PAGE_CACHE_SIZE);
> } else if (!strcmp(this_char,"nr_blocks")) {
> *blocks = memparse(value,&rest);
> if (*rest)
>
--
Michael Marineau
Oregon State University
[email protected]
On Sun, 4 Nov 2007, Michael Marineau wrote:
> On 11/4/07, Hugh Dickins <[email protected]> wrote:
> > Fair enough, that does match the documentation of "size=0" better.
> > Though either way, someone who typos is going to get one kind of surprise
> > or another. Do you mind if we do it slightly differently, achieving the
> > same effect without a special case, by rounding up instead of down?
>
> Sounds reasonable to me. I didn't know about DIV_ROUND_UP :-)
I'm not familiar with it either (had to look it up to check it's
the right thing) - in mm/ we're accustomed to writing things like
"(size + PAGE_CACHE_SIZE - 1) >> PAGE_CACHE_SHIFT"; but that took
the line over 80 columns, and I dreaded someone somewhere mailing
in to ask "Why didn't you use DIV_ROUND_UP?" ;-)
Hugh