lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <32d4a5ea-514f-cb79-94ff-83b0c4e1d47b@kernel.dk>
Date:   Sun, 16 Aug 2020 05:22:09 -0700
From:   Jens Axboe <axboe@...nel.dk>
To:     Linus Torvalds <torvalds@...ux-foundation.org>
Cc:     io-uring <io-uring@...r.kernel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: [GIT PULL] Final io_uring changes for 5.9-rc1

Hi Linus,

A few differerent things in here. Seems like syzbot got some more
io_uring bits wired up, and we got a handful of reports and the
associated fixes are in here. General fixes too, and a lot of them
marked for stable. Lastly, a bit of fallout from the async buffered
reads, where we now more easily trigger short reads. Some applications
don't really like that, so the io_read() code now handles short reads
internally, and got a cleanup along the way so that it's now easier to
read (and documented). We're now passing tests that failed with current
-git.

In detail:

- Fail read/writes if no ->read/write or iter based versions exist.
  (Guoyu)

- Cleanups based on the wait_on_page_bit_common() rewrite

- Add comments explaining the task_work based flow

- Use TWA_SIGNAL for everything. This comes with a fix from Oleg that
  ensures that repeated task_work_add(..., TWA_SIGNAL) isn't overly
  expensive. The 5.8 eventfd fix that drove the addition of TWA_SIGNAL
  has counterparts that can trigger without eventfd, so this removes the
  eventfd check and just does it unconditionally. Thanks to Peter
  Zijlstra, Oleg Nesterov, and Jann Horn for helping get this done.

- syzbot related fixes:
	- Recursive locking for overflows with links
	- File table dropping fix
	- Hold 'ctx' ref around task_work
	- Double poll issue

- Netty implementation found two bugs, fixes:
	- Enable cancellation of 'head' link of file table grabbing
	  requests 
	- TWA_SIGNAL change

- Fix a regression with RWF_NOWAIT now triggering read-ahead, whereas
  before it did not.

- Handling of short page cache reads, by cleaning up io_read() and
  having the iov_iter be persistent across retries. As a nice side
  effect, this is also more efficient internally, and now io_read() has
  a codeflow that is actually readable. Similarly, having a persistent
  struct iov_iter instead of maintaining separate state is a lot less
  error prone too, and eliminates magic storing/restoring of said state.
  Thanks a lot to Andres Freund for diligently testing this change.

Please pull!


The following changes since commit e4cbce4d131753eca271d9d67f58c6377f27ad21:

  Merge tag 'sched-core-2020-08-03' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip (2020-08-03 14:58:38 -0700)

are available in the Git repository at:

  git://git.kernel.dk/linux-block.git tags/io_uring-5.9-2020-08-15

for you to fetch changes up to f91daf565b0e272a33bd3fcd19eaebd331c5cffd:

  io_uring: short circuit -EAGAIN for blocking read attempt (2020-08-15 15:58:42 -0700)

----------------------------------------------------------------
io_uring-5.9-2020-08-15

----------------------------------------------------------------
Guoyu Huang (1):
      io_uring: Fix NULL pointer dereference in loop_rw_iter()

Jens Axboe (17):
      io_uring: io_async_buf_func() need not test page bit
      io_uring: add comments on how the async buffered read retry works
      io_uring: set ctx sq/cq entry count earlier
      io_uring: account locked memory before potential error case
      io_uring: use TWA_SIGNAL for task_work uncondtionally
      io_uring: fix recursive completion locking on oveflow flush
      io_uring: add missing REQ_F_COMP_LOCKED for nested requests
      io_uring: defer file table grabbing request cleanup for locked requests
      fs: RWF_NOWAIT should imply IOCB_NOIO
      io_uring: hold 'ctx' reference around task_work queue + execute
      io_uring: fail poll arm on queue proc failure
      io_uring: enable lookup of links holding inflight files
      task_work: only grab task signal lock when needed
      io_uring: retain iov_iter state over io_read/io_write calls
      io_uring: internally retry short reads
      io_uring: sanitize double poll handling
      io_uring: short circuit -EAGAIN for blocking read attempt

 fs/io_uring.c      | 539 ++++++++++++++++++++++++++++++++++++++---------------
 include/linux/fs.h |   2 +-
 kernel/signal.c    |  16 +-
 kernel/task_work.c |   8 +-
 4 files changed, 409 insertions(+), 156 deletions(-)

-- 
Jens Axboe

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ