lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Mon, 11 Jan 2021 10:48:35 +0800
From:   Ming Lei <ming.lei@...hat.com>
To:     Pavel Begunkov <asml.silence@...il.com>
Cc:     linux-block@...r.kernel.org, Jens Axboe <axboe@...nel.dk>,
        Christoph Hellwig <hch@...radead.org>,
        Matthew Wilcox <willy@...radead.org>,
        Johannes Weiner <hannes@...xchg.org>,
        Alexander Viro <viro@...iv.linux.org.uk>,
        "Darrick J . Wong" <darrick.wong@...cle.com>,
        "Martin K . Petersen" <martin.petersen@...cle.com>,
        Jonathan Corbet <corbet@....net>, linux-xfs@...r.kernel.org,
        linux-fsdevel@...r.kernel.org, io-uring@...r.kernel.org,
        linux-kernel@...r.kernel.org, target-devel@...r.kernel.org,
        linux-scsi@...r.kernel.org, linux-doc@...r.kernel.org,
        Christoph Hellwig <hch@....de>
Subject: Re: [PATCH v3 1/7] splice: don't generate zero-len segement bvecs

On Sat, Jan 09, 2021 at 04:02:57PM +0000, Pavel Begunkov wrote:
> iter_file_splice_write() may spawn bvec segments with zero-length. In
> preparation for prohibiting them, filter out by hand at splice level.
> 
> Reviewed-by: Christoph Hellwig <hch@....de>
> Signed-off-by: Pavel Begunkov <asml.silence@...il.com>
> ---
>  fs/splice.c | 9 ++++++---
>  1 file changed, 6 insertions(+), 3 deletions(-)
> 
> diff --git a/fs/splice.c b/fs/splice.c
> index 866d5c2367b2..474fb8b5562a 100644
> --- a/fs/splice.c
> +++ b/fs/splice.c
> @@ -662,12 +662,14 @@ iter_file_splice_write(struct pipe_inode_info *pipe, struct file *out,
>  
>  		/* build the vector */
>  		left = sd.total_len;
> -		for (n = 0; !pipe_empty(head, tail) && left && n < nbufs; tail++, n++) {
> +		for (n = 0; !pipe_empty(head, tail) && left && n < nbufs; tail++) {
>  			struct pipe_buffer *buf = &pipe->bufs[tail & mask];
>  			size_t this_len = buf->len;
>  
> -			if (this_len > left)
> -				this_len = left;
> +			/* zero-length bvecs are not supported, skip them */
> +			if (!this_len)
> +				continue;
> +			this_len = min(this_len, left);
>  
>  			ret = pipe_buf_confirm(pipe, buf);
>  			if (unlikely(ret)) {
> @@ -680,6 +682,7 @@ iter_file_splice_write(struct pipe_inode_info *pipe, struct file *out,
>  			array[n].bv_len = this_len;
>  			array[n].bv_offset = buf->offset;
>  			left -= this_len;
> +			n++;
>  		}
>  
>  		iov_iter_bvec(&from, WRITE, array, n, sd.total_len - left);
> -- 
> 2.24.0
> 

Reviewed-by: Ming Lei <ming.lei@...hat.com>

-- 
Ming

Powered by blists - more mailing lists