From: Arnd Bergmann <arnd@arndb.de>
Date: Wed, 4 Mar 2026 08:38:32 +0000 (+0100)
Subject: ntfs: reduce stack usage in ntfs_write_mft_block()
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=f462fdf3d6a405ada5cf51241d56a47ead152968;p=thirdparty%2Fkernel%2Flinux.git

ntfs: reduce stack usage in ntfs_write_mft_block()

The use of two large arrays in this function makes the stack frame exceed
the warning limit in some configurations, especially with KASAN enabled.
When CONFIG_PAGE_SIZE is set to 65536, each of the arrays contains 128
pointers, so the combined size is 2KB:

fs/ntfs/mft.c: In function 'ntfs_write_mft_block.isra':
fs/ntfs/mft.c:2891:1: error: the frame size of 2640 bytes is larger than 1536 bytes [-Werror=frame-larger-than=]

Use dynamic allocation of these arrays to avoid getting into dangerously
high stack usage.

Unfortunately, allocating memory in the writepages() code path can be
problematic in case of low memory situations, so it would be better to
rework the code more widely to avoid the allocation entirely.

Fixes: 115380f9a2f9 ("ntfs: update mft operations")
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Namjae Jeon <linkinjeon@kernel.org>
---

diff --git a/fs/ntfs/mft.c b/fs/ntfs/mft.c
index 6d88922ddba98..b313793a397cc 100644
--- a/fs/ntfs/mft.c
+++ b/fs/ntfs/mft.c
@@ -2704,9 +2704,11 @@ static int ntfs_write_mft_block(struct folio *folio, struct writeback_control *w
 	struct ntfs_inode *ni = NTFS_I(vi);
 	struct ntfs_volume *vol = ni->vol;
 	u8 *kaddr;
-	struct ntfs_inode *locked_nis[PAGE_SIZE / NTFS_BLOCK_SIZE];
+	struct ntfs_inode **locked_nis __free(kfree) = kmalloc_array(PAGE_SIZE / NTFS_BLOCK_SIZE,
+							sizeof(struct ntfs_inode *), GFP_NOFS);
 	int nr_locked_nis = 0, err = 0, mft_ofs, prev_mft_ofs;
-	struct inode *ref_inos[PAGE_SIZE / NTFS_BLOCK_SIZE];
+	struct inode **ref_inos __free(kfree) = kmalloc_array(PAGE_SIZE / NTFS_BLOCK_SIZE,
+							      sizeof(struct inode *), GFP_NOFS);
 	int nr_ref_inos = 0;
 	struct bio *bio = NULL;
 	unsigned long mft_no;
@@ -2721,6 +2723,9 @@ static int ntfs_write_mft_block(struct folio *folio, struct writeback_control *w
 	ntfs_debug("Entering for inode 0x%lx, attribute type 0x%x, folio index 0x%lx.",
 			vi->i_ino, ni->type, folio->index);
 
+	if (!locked_nis || !ref_inos)
+		return -ENOMEM;
+
 	/* We have to zero every time due to mmap-at-end-of-file. */
 	if (folio->index >= (i_size >> folio_shift(folio)))
 		/* The page straddles i_size. */