From 08a53cdce62d37d918530bbbf726cc01b21dc3d1 Mon Sep 17 00:00:00 2001 From: Miklos Szeredi Date: Mon, 10 Apr 2006 22:54:59 -0700 Subject: [PATCH] fuse: account background requests The previous patch removed limiting the number of outstanding requests. This patch adds a much simpler limiting, that is also compatible with file locking operations. A task may have at most one synchronous request allocated. So these requests need not be otherwise limited. However the number of background requests (release, forget, asynchronous reads, interrupted requests) can grow indefinitely. This can be used by a malicous user to cause FUSE to allocate arbitrary amounts of unswappable kernel memory, denying service. For this reason add a limit for the number of background requests, and block allocations of new requests until the number goes bellow the limit. Also use this mechanism to block all requests until the INIT reply is received. Signed-off-by: Miklos Szeredi Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- fs/fuse/fuse_i.h | 14 ++++++++++++++ 1 file changed, 14 insertions(+) (limited to 'fs/fuse/fuse_i.h') diff --git a/fs/fuse/fuse_i.h b/fs/fuse/fuse_i.h index 242e69cb125..19c7185a754 100644 --- a/fs/fuse/fuse_i.h +++ b/fs/fuse/fuse_i.h @@ -18,6 +18,9 @@ /** Max number of pages that can be used in a single read request */ #define FUSE_MAX_PAGES_PER_REQ 32 +/** Maximum number of outstanding background requests */ +#define FUSE_MAX_BACKGROUND 10 + /** It could be as large as PATH_MAX, but would that have any uses? */ #define FUSE_NAME_MAX 1024 @@ -241,6 +244,17 @@ struct fuse_conn { interrupted request) */ struct list_head background; + /** Number of requests currently in the background */ + unsigned num_background; + + /** Flag indicating if connection is blocked. This will be + the case before the INIT reply is received, and if there + are too many outstading backgrounds requests */ + int blocked; + + /** waitq for blocked connection */ + wait_queue_head_t blocked_waitq; + /** RW semaphore for exclusion with fuse_put_super() */ struct rw_semaphore sbput_sem; -- cgit v1.2.3