From: David Laight <[email protected]>
To: "[email protected]" <[email protected]>,
"[email protected]" <[email protected]>,
"[email protected]" <[email protected]>,
Jens Axboe <[email protected]>,
"David S. Miller" <[email protected]>,
Al Viro <[email protected]>,
linux-fsdevel <[email protected]>
Subject: [PATCH 0/9 next] Changes to code that reads iovec from userspace
Date: Tue, 15 Sep 2020 14:53:55 +0000 [thread overview]
Message-ID: <[email protected]> (raw)
The canonical code to read iov[] from userspace is currently:
struct iovec iovstack[UIO_FASTIOV];
struct iovec *iov;
...
iov = iovstack;
rc = import_iovec(..., UIO_FASTIOV, &iov, &iter);
if (rc < 0)
return rc;
...
kfree(iov);
Note that the 'iov' parameter is used for two different things.
On input it is an iov[] that can be used.
On output it is an iov[] array that must be freed.
If 'iovstack' is passed, the count is actually always UIO_FASTIOV (8)
although in some places the array definition is in a different file
(never mind function) from the constant used.
import_iovec() itself is just a wrapper to rw_copy_check_uvector().
So everything is passed through to a second function.
Several items are 'passed by reference' - adding to the code paths.
On success import_iovec() returned the transfer count.
Only one caller looks at it, the count is also in iter.count.
The new canonical code is:
struct iov_cache cache;
struct iovec *iov;
...
iov = iovec_import(..., &cache, &iter);
if (IS_ERR(iov))
return PTR_ERR(iov);
...
kfree(iov);
Since 'struct iov_cache' is a fixed size there is no need to pass in
a length (correct or not!). It can still be NULL (used by the scsi code).
iovec_import() contains the code that used to be in rw_copy_check_uvector()
and then sets up the iov_iter.
rw_copy_check_uvector() is no more.
The only other caller was in mm/process_vm_access.c when reading the
iov[] for the target process addresses when copying from a different process.
This can extract the iov[] from an extra 'struct iov_iter'.
In passing I noticed an access_ok() call on each fragment.
I hope this is just there to bail out early!
It is also skipped in process_vm_rw(). I did a quick look but couldn't
see an obvious equivalent check.
I've only done minimal changes to fs/io_uring.c
Once it has been converted to use iovec_import() the import_iovec()
functions can be deleted.
Patches 1, 2 and 3 need to be applied first.
Patches 4 to 9 can be applied in any order.
There should be measurable (if small) improvements to the recvmmsg() and
sendmmsg() system calls.
David Laight (9):
1) mm:process_vm_access Call import_iovec() instead of rw_copy_check_uvector()
2) fs: Move rw_copy_check_uvector() into lib/iov_iter.c and make static.
3) lib/iov_iter: Improved function for importing iovec[] from userpace.
4) fs/io_uring Don't use the return value from import_iovec().
5) scsi: Use iovec_import() instead of import_iovec().
6) security/keys: Use iovec_import() instead of import_iovec().
7) mm/process_vm_access: Use iovec_import() instead of import_iovec().
8) fs: Use iovec_import() instead of import_iovec().
9) net/socket: Use iovec_import() instead of import_iovec().
block/scsi_ioctl.c | 14 ++-
drivers/scsi/sg.c | 14 +--
fs/aio.c | 34 +++---
fs/io_uring.c | 21 ++--
fs/read_write.c | 248 ++++++-----------------------------------
fs/splice.c | 22 ++--
include/linux/compat.h | 6 -
include/linux/fs.h | 5 -
include/linux/socket.h | 15 +--
include/linux/uio.h | 14 +++
include/net/compat.h | 5 +-
lib/iov_iter.c | 200 +++++++++++++++++++++++++++++----
mm/process_vm_access.c | 82 +++++++-------
net/compat.c | 17 ++-
net/socket.c | 66 +++++------
security/keys/compat.c | 11 +-
security/keys/keyctl.c | 10 +-
17 files changed, 386 insertions(+), 398 deletions(-)
-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
Registration No: 1397386 (Wales)
reply other threads:[~2020-09-15 14:54 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
[email protected] \
[email protected] \
[email protected] \
[email protected] \
[email protected] \
[email protected] \
[email protected] \
[email protected] \
[email protected] \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox