1. Patchew
  2. linux
  3. View series

[PATCH v4] fuse: back uncached readdir buffers with pages

Matthew R. Ochs posted 1 patch 1 week, 6 days ago 
fs/fuse/readdir.c | 59 +++++++++++++++++++++++++++++++++++++++--------
1 file changed, 50 insertions(+), 9 deletions(-)
[PATCH v4] fuse: back uncached readdir buffers with pages
Posted by Matthew R. Ochs 1 week, 6 days ago 
Commit dabb90391028 ("fuse: increase readdir buffer size") changed
fuse_readdir_uncached() to size its temporary buffer from ctx->count.
This is useful for overlayfs and other in-kernel callers that use
INT_MAX to indicate an unlimited directory read.

The larger buffer is currently supplied as a kvec output argument. For
virtiofs, kvec arguments are copied through req->argbuf, which is
allocated with kmalloc(..., GFP_ATOMIC). A large uncached readdir buffer
can therefore require a multi-megabyte contiguous atomic allocation
before the request is queued.

Avoid the large bounce-buffer allocation by backing uncached readdir
output with pages and setting out_pages. Transports such as virtiofs can
then pass the pages as scatter-gather entries instead of copying the
output through argbuf.

Map the pages with vm_map_ram() only while parsing the returned dirents.
The existing parser can then continue to use a linear kernel mapping.

Fixes: dabb90391028 ("fuse: increase readdir buffer size")
Cc: stable@vger.kernel.org
Signed-off-by: Matthew R. Ochs <mochs@nvidia.com>
---
v4:
- Drop the fc->max_read/fc->max_write request-size cap.
- Keep the existing uncached readdir buffer sizing logic unchanged.
- Limit this patch to backing uncached readdir output with pages.
- Update the commit message to describe only the kernel-side argbuf fix.
- The remaining 4K-host/64K-guest ENOMEM was traced to virtiofsd rejecting
  READDIR sizes larger than its MAX_BUFFER_SIZE; a virtiofsd fix is being
  handled separately.
- Link to v3: https://lore.kernel.org/all/20260519004746.3203156-1-mochs@nvidia.com/

v3:
- Cap the requested byte size by fc->max_read in addition to fc->max_pages
  and fc->max_write.
- Use clamp_t(size_t, ...) for the readdir buffer size calculation.
- Use __free(kvfree) for the temporary page pointer array.
- Use release_pages() for pages allocated by alloc_pages_bulk().
- Handle partial alloc_pages_bulk() success by shrinking the request size.
- Verified with --overlay-rwdir across 4K/64K host and guest page sizes.
- Link to v2: https://lore.kernel.org/all/20260428233028.2747981-1-mochs@nvidia.com/

v2:
- Reworked uncached readdir to use output pages and out_pages, per Miklos.
- Cap the requested byte size by both fc->max_pages and fc->max_write.
- Map pages with vm_map_ram() only while parsing returned dirents.
- Verified with --overlay-rwdir across 4K/64K host and guest page sizes.
- Link to v1: https://lore.kernel.org/all/20260428021304.2338592-1-mochs@nvidia.com/

 fs/fuse/readdir.c | 59 +++++++++++++++++++++++++++++++++++++++--------
 1 file changed, 50 insertions(+), 9 deletions(-)

diff --git a/fs/fuse/readdir.c b/fs/fuse/readdir.c
index db5ae8ec1030..48b5e7682e47 100644
--- a/fs/fuse/readdir.c
+++ b/fs/fuse/readdir.c
@@ -12,6 +12,7 @@
 #include <linux/posix_acl.h>
 #include <linux/pagemap.h>
 #include <linux/highmem.h>
+#include <linux/vmalloc.h>
 
 static bool fuse_use_readdirplus(struct inode *dir, struct dir_context *ctx)
 {
@@ -343,17 +344,45 @@ static int fuse_readdir_uncached(struct file *file, struct dir_context *ctx)
 	struct fuse_mount *fm = get_fuse_mount(inode);
 	struct fuse_conn *fc = fm->fc;
 	struct fuse_io_args ia = {};
-	struct fuse_args *args = &ia.ap.args;
+	struct fuse_args_pages *ap = &ia.ap;
+	struct fuse_args *args = &ap->args;
+	struct page **pages __free(kvfree) = NULL;
 	void *buf;
 	size_t bufsize = clamp((unsigned int) ctx->count, PAGE_SIZE, fc->max_pages << PAGE_SHIFT);
+	unsigned int nr_pages = DIV_ROUND_UP(bufsize, PAGE_SIZE);
 	u64 attr_version = 0, evict_ctr = 0;
 	bool locked;
+	unsigned int nr_alloc;
+	unsigned int i;
 
-	buf = kvmalloc(bufsize, GFP_KERNEL);
-	if (!buf)
+	pages = kvcalloc(nr_pages, sizeof(*pages), GFP_KERNEL);
+	if (!pages)
 		return -ENOMEM;
 
-	args->out_args[0].value = buf;
+	nr_alloc = alloc_pages_bulk(GFP_KERNEL, nr_pages, pages);
+	if (!nr_alloc) {
+		res = -ENOMEM;
+		goto out;
+	}
+	if (nr_alloc < nr_pages) {
+		nr_pages = nr_alloc;
+		bufsize = (size_t)nr_pages << PAGE_SHIFT;
+	}
+
+	ap->folios = fuse_folios_alloc(nr_pages, GFP_KERNEL, &ap->descs);
+	if (!ap->folios) {
+		res = -ENOMEM;
+		goto out;
+	}
+
+	for (i = 0; i < nr_pages; i++) {
+		ap->folios[i] = page_folio(pages[i]);
+		ap->descs[i].length = min_t(size_t,
+					    bufsize - (size_t)i * PAGE_SIZE,
+					    PAGE_SIZE);
+	}
+	ap->num_folios = nr_pages;
+	args->out_pages = true;
 
 	plus = fuse_use_readdirplus(inode, ctx);
 	if (plus) {
@@ -372,16 +401,28 @@ static int fuse_readdir_uncached(struct file *file, struct dir_context *ctx)
 
 			if (ff->open_flags & FOPEN_CACHE_DIR)
 				fuse_readdir_cache_end(file, ctx->pos);
-		} else if (plus) {
-			res = parse_dirplusfile(buf, res, file, ctx, attr_version,
-						evict_ctr);
 		} else {
-			res = parse_dirfile(buf, res, file, ctx);
+			buf = vm_map_ram(pages, nr_pages, -1);
+			if (!buf) {
+				res = -ENOMEM;
+			} else {
+				if (plus)
+					res = parse_dirplusfile(buf, res, file, ctx,
+								attr_version,
+								evict_ctr);
+				else
+					res = parse_dirfile(buf, res, file, ctx);
+
+				vm_unmap_ram(buf, nr_pages);
+			}
 		}
 	}
 
-	kvfree(buf);
 	fuse_invalidate_atime(inode);
+
+out:
+	kfree(ap->folios);
+	release_pages(pages, nr_alloc);
 	return res;
 }
 
-- 
2.50.1
Re: [PATCH v4] fuse: back uncached readdir buffers with pages
Posted by Matt Ochs 6 days, 5 hours ago 
Hi Miklos,

Gentle ping on this v4.

I reworked it to keep the kernel change limited to backing uncached
readdir output with pages, and dropped the request-size cap as requested.

For context, the separate virtiofsd-side issue we discussed has now been
fixed upstream in virtiofsd:

https://gitlab.com/virtio-fs/virtiofsd/-/commit/d24cda8a325d2a9ae1adc5acda57515ed2e8e1d2

That should leave this patch only addressing the kernel-side argbuf
allocation path for uncached readdir.

Do you have any remaining concerns with this version?


-matt

> On May 26, 2026, at 10:20, Matthew R. Ochs <mochs@nvidia.com> wrote:
> 
> Commit dabb90391028 ("fuse: increase readdir buffer size") changed
> fuse_readdir_uncached() to size its temporary buffer from ctx->count.
> This is useful for overlayfs and other in-kernel callers that use
> INT_MAX to indicate an unlimited directory read.
> 
> The larger buffer is currently supplied as a kvec output argument. For
> virtiofs, kvec arguments are copied through req->argbuf, which is
> allocated with kmalloc(..., GFP_ATOMIC). A large uncached readdir buffer
> can therefore require a multi-megabyte contiguous atomic allocation
> before the request is queued.
> 
> Avoid the large bounce-buffer allocation by backing uncached readdir
> output with pages and setting out_pages. Transports such as virtiofs can
> then pass the pages as scatter-gather entries instead of copying the
> output through argbuf.
> 
> Map the pages with vm_map_ram() only while parsing the returned dirents.
> The existing parser can then continue to use a linear kernel mapping.
> 
> Fixes: dabb90391028 ("fuse: increase readdir buffer size")
> Cc: stable@vger.kernel.org
> Signed-off-by: Matthew R. Ochs <mochs@nvidia.com>
> ---
> v4:
> - Drop the fc->max_read/fc->max_write request-size cap.
> - Keep the existing uncached readdir buffer sizing logic unchanged.
> - Limit this patch to backing uncached readdir output with pages.
> - Update the commit message to describe only the kernel-side argbuf fix.
> - The remaining 4K-host/64K-guest ENOMEM was traced to virtiofsd rejecting
>  READDIR sizes larger than its MAX_BUFFER_SIZE; a virtiofsd fix is being
>  handled separately.
> - Link to v3: https://lore.kernel.org/all/20260519004746.3203156-1-mochs@nvidia.com/
>

Patchew 2.1-devel-ea86937

© 2016 - 2026 Red Hat, Inc.