| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 3 Nov 2022 16:50:01 +0800
From: Ming Lei <ming.lei@...hat.com>
To: Jens Axboe <axboe@...nel.dk>, io-uring@...r.kernel.org
Cc: linux-block@...r.kernel.org, linux-kernel@...r.kernel.org,
linux-fsdevel@...r.kernel.org,
Miklos Szeredi <mszeredi@...hat.com>,
Stefan Hajnoczi <stefanha@...hat.com>,
ZiyangZhang <ZiyangZhang@...ux.alibaba.com>,
Ming Lei <ming.lei@...hat.com>
Subject: [RFC PATCH 1/4] io_uring/splice: support do_splice_direct
do_splice_direct() has at least two advantages:
1) the extra pipe isn't required from user viewpoint, so userspace
code can be simplified, meantime easy to relax current pipe
limit since curret->splice_pipe is used for direct splice
2) in some situation, it isn't good to expose file data via
->splice_read() to userspace, such as the coming ublk driver's
zero copy support, request pages will be spliced to pipe for
supporting zero copy, and if it is READ, userspace may read
data of kernel pages, and direct splice can avoid this kind
of info leaks
Signed-off-by: Ming Lei <ming.lei@...hat.com>
---
fs/read_write.c | 5 +++--
include/linux/splice.h | 3 +++
io_uring/splice.c | 13 ++++++++++---
3 files changed, 16 insertions(+), 5 deletions(-)
diff --git a/fs/read_write.c b/fs/read_write.c
index 328ce8cf9a85..98869d15e884 100644
--- a/fs/read_write.c
+++ b/fs/read_write.c
@@ -1253,7 +1253,7 @@ static ssize_t do_sendfile(int out_fd, int in_fd, loff_t *ppos,
goto fput_out;
file_start_write(out.file);
retval = do_splice_direct(in.file, &pos, out.file, &out_pos,
- count, fl);
+ count, fl | SPLICE_F_DIRECT);
file_end_write(out.file);
} else {
if (out.file->f_flags & O_NONBLOCK)
@@ -1389,7 +1389,8 @@ ssize_t generic_copy_file_range(struct file *file_in, loff_t pos_in,
size_t len, unsigned int flags)
{
return do_splice_direct(file_in, &pos_in, file_out, &pos_out,
- len > MAX_RW_COUNT ? MAX_RW_COUNT : len, 0);
+ len > MAX_RW_COUNT ? MAX_RW_COUNT : len,
+ SPLICE_F_DIRECT);
}
EXPORT_SYMBOL(generic_copy_file_range);
diff --git a/include/linux/splice.h b/include/linux/splice.h
index a55179fd60fc..9121624ad198 100644
--- a/include/linux/splice.h
+++ b/include/linux/splice.h
@@ -23,6 +23,9 @@
#define SPLICE_F_ALL (SPLICE_F_MOVE|SPLICE_F_NONBLOCK|SPLICE_F_MORE|SPLICE_F_GIFT)
+/* used for io_uring interface only */
+#define SPLICE_F_DIRECT (0x10) /* direct splice and user needn't provide pipe */
+
/*
* Passed to the actors
*/
diff --git a/io_uring/splice.c b/io_uring/splice.c
index 53e4232d0866..c11ea4cd1c7e 100644
--- a/io_uring/splice.c
+++ b/io_uring/splice.c
@@ -27,7 +27,8 @@ static int __io_splice_prep(struct io_kiocb *req,
const struct io_uring_sqe *sqe)
{
struct io_splice *sp = io_kiocb_to_cmd(req, struct io_splice);
- unsigned int valid_flags = SPLICE_F_FD_IN_FIXED | SPLICE_F_ALL;
+ unsigned int valid_flags = SPLICE_F_FD_IN_FIXED | SPLICE_F_ALL |
+ SPLICE_F_DIRECT;
sp->len = READ_ONCE(sqe->len);
sp->flags = READ_ONCE(sqe->splice_flags);
@@ -109,8 +110,14 @@ int io_splice(struct io_kiocb *req, unsigned int issue_flags)
poff_in = (sp->off_in == -1) ? NULL : &sp->off_in;
poff_out = (sp->off_out == -1) ? NULL : &sp->off_out;
- if (sp->len)
- ret = do_splice(in, poff_in, out, poff_out, sp->len, flags);
+ if (sp->len) {
+ if (flags & SPLICE_F_DIRECT)
+ ret = do_splice_direct(in, poff_in, out, poff_out,
+ sp->len, flags);
+ else
+ ret = do_splice(in, poff_in, out, poff_out, sp->len,
+ flags);
+ }
if (!(sp->flags & SPLICE_F_FD_IN_FIXED))
io_put_file(in);
--
2.31.1
Powered by blists - more mailing lists