mirrors/linux
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git synced 2025-01-22 16:06:04 -05:00
Code Activity
linux/io_uring
History
Jens Axboe ed123c948d io_uring/kbuf: use pre-committed buffer address for non-pollable file 
For non-pollable files, buffer ring consumption will commit upfront.
This is fine, but io_ring_buffer_select() will return the address of the
buffer after having committed it. For incrementally consumed buffers,
this is incorrect as it will modify the buffer address.

Store the pre-committed value and return that. If that isn't done, then
the initial part of the buffer is not used and the application will
correctly assume the content arrived at the start of the userspace
buffer, but the kernel will have put it later in the buffer. Or it can
cause a spurious -EFAULT returned in the CQE, depending on the buffer
size. As bounds are suitably checked for doing the actual IO, no adverse
side effects are possible - it's just a data misplacement within the
existing buffer.

Reported-by: Gwendal Fernet <gwendalfernet@gmail.com>
Cc: stable@vger.kernel.org
Fixes: ae98dbf43d ("io_uring/kbuf: add support for incremental buffer consumption")
Signed-off-by: Jens Axboe <axboe@kernel.dk>
2025-01-03 09:38:37 -07:00
..
advise.c
advise.h
alloc_cache.h
cancel.c
cancel.h
epoll.c
epoll.h
eventfd.c
eventfd.h
fdinfo.c
fdinfo.h
filetable.c
filetable.h
fs.c
fs.h
futex.c
futex.h
io-wq.c
io-wq.h
io_uring.c io_uring: check if iowq is killed before queuing 2024-12-19 13:31:53 -07:00
io_uring.h io_uring: limit local tw done 2024-11-21 07:11:00 -07:00
kbuf.c io_uring/kbuf: use pre-committed buffer address for non-pollable file 2025-01-03 09:38:37 -07:00
kbuf.h
Makefile
memmap.c io_uring: fix corner case forgetting to vunmap 2024-11-27 15:00:57 -07:00
memmap.h io_uring: introduce concept of memory regions 2024-11-15 09:58:34 -07:00
msg_ring.c
msg_ring.h
napi.c
napi.h
net.c io_uring/net: always initialize kmsg->msg.msg_inq upfront 2025-01-02 16:40:08 -07:00
net.h
nop.c io_uring/nop: ensure nop->fd is always initialized 2024-11-21 07:15:30 -07:00
nop.h
notif.c
notif.h
opdef.c
opdef.h
openclose.c
openclose.h
poll.c
poll.h
refs.h
register.c io_uring/register: limit ring resizing to DEFER_TASKRUN 2024-12-19 09:32:26 -07:00
register.h io_uring: temporarily disable registered waits 2024-11-15 09:58:34 -07:00
rsrc.c io_uring/rsrc: don't put/free empty buffers 2024-12-12 08:01:52 -07:00
rsrc.h
rw.c io_uring/rw: fix downgraded mshot read 2024-12-28 13:13:22 -07:00
rw.h
slist.h
splice.c
splice.h
sqpoll.c io_uring/sqpoll: fix sqpoll error handling races 2024-12-26 10:02:40 -07:00
sqpoll.h
statx.c
statx.h
sync.c
sync.h
tctx.c io_uring/tctx: work around xa_store() allocation error issue 2024-11-29 07:20:28 -07:00
tctx.h
timeout.c io_uring/timeout: flush timeouts outside of the timeout lock 2024-12-30 14:15:17 -07:00
timeout.h
truncate.c
truncate.h
uring_cmd.c io_uring: Change res2 parameter type in io_uring_cmd_done 2024-12-03 06:33:13 -07:00
uring_cmd.h
waitid.c
waitid.h
xattr.c
xattr.h