fs: predict not reaching the limit in alloc_empty_file()

Eliminates a jump over a call to capable() in the common case.

By default the limit is not even set, in which case the check can't even
fail to begin with. It remains unset at least on Debian and Ubuntu.
For this cases this can probably become a static branch instead.

In the meantime tidy it up.

I note the check separate from the bump makes the entire thing racy.

Signed-off-by: Mateusz Guzik <mjguzik@gmail.com>
Link: https://lore.kernel.org/r/20250319124923.1838719-1-mjguzik@gmail.com
Signed-off-by: Christian Brauner <brauner@kernel.org>

diff --git a/fs/file_table.c b/fs/file_table.c
index f0291a66f9db4184359a52da2f4ead308de4abfe..4d9f723350fb57464464d79763a783487d051671 100644 (file)
--- a/fs/file_table.c
+++ b/fs/file_table.c
@@ -216,7 +216,8 @@ struct file *alloc_empty_file(int flags, const struct cred *cred)
        /*
         * Privileged users can go above max_files
         */
-       if (get_nr_files() >= files_stat.max_files && !capable(CAP_SYS_ADMIN)) {
+       if (unlikely(get_nr_files() >= files_stat.max_files) &&
+           !capable(CAP_SYS_ADMIN)) {
                /*
                 * percpu_counters are inaccurate.  Do an expensive check before
                 * we go and fail.