From: Luca Boccassi dynamic_dname() harcodes its limit to NAME_MAX bytes, which includes a NUL terminator and a 'anon_inode:' prefix. If the name passed on goes above the limit it results in userspace getting a ENAMETOOLONG error. Truncate the name to NAME_MAX - 12 - 1 characters to ensure this never fails (accounting for prefix and NUL). Fixes: 0153094d03df ("liveupdate: luo_session: add sessions support") Signed-off-by: Luca Boccassi --- Builds on top of this just sent by Aleksa: https://lore.kernel.org/linux-fsdevel/20260401-dynamic-dname-name_max-v1-1-8ca20ab2642e@amutable.com/ kernel/liveupdate/luo_session.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/kernel/liveupdate/luo_session.c b/kernel/liveupdate/luo_session.c index 7836772956406..4a40c7fdfb44f 100644 --- a/kernel/liveupdate/luo_session.c +++ b/kernel/liveupdate/luo_session.c @@ -366,11 +366,14 @@ static const struct file_operations luo_session_fops = { /* Create a "struct file" for session */ static int luo_session_getfile(struct luo_session *session, struct file **filep) { - char name_buf[128]; + char name_buf[NAME_MAX]; struct file *file; lockdep_assert_held(&session->mutex); - snprintf(name_buf, sizeof(name_buf), "[luo_session] %s", session->name); + /* dynamic_dname() rejects names above NAME_MAX bytes, including NUL terminator + * and a 'anon_inode:' prefix. Truncate to NAME_MAX - 12 - 1 to avoid + * ENAMETOOLONG. */ + snprintf(name_buf, NAME_MAX - 12 - 1, "[luo_session] %s", session->name); file = anon_inode_getfile(name_buf, &luo_session_fops, session, O_RDWR); if (IS_ERR(file)) return PTR_ERR(file); -- 2.47.3