lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <21fceb38-4c0d-4183-a929-c824a3cb46a9@app.fastmail.com>
Date: Mon, 11 Aug 2025 15:13:59 +0200
From: "Arnout Engelen" <arnout@...t.net>
To: "Dominique Martinet" <asmadeus@...ewreck.org>,
 "Matthew Wilcox" <willy@...radead.org>,
 "Christian Brauner" <brauner@...nel.org>,
 "David Howells" <dhowells@...hat.com>,
 "Alexander Viro" <viro@...iv.linux.org.uk>,
 "Andrew Morton" <akpm@...ux-foundation.org>
Cc: "Maximilian Bosch" <maximilian@...sch.me>, "Ryan Lahfa" <ryan@...fa.xyz>,
 "Christian Theune" <ct@...ingcircus.io>, linux-kernel@...r.kernel.org,
 linux-block@...r.kernel.org, linux-fsdevel@...r.kernel.org
Subject: Re: [PATCH 2/2] iov_iter: iov_folioq_get_pages: don't leave empty slot behind

Great! I can confirm this indeed fixes my reproducer, and the iov_iter
now looks sensible in gdb as far as I can judge.

Tested-by: Arnout Engelen <arnout@...t.net>

On Mon, Aug 11, 2025, at 09:39, Dominique Martinet via B4 Relay wrote:
> From: Dominique Martinet <asmadeus@...ewreck.org>
> 
> After advancing into a folioq it makes more sense to point to the next
> slot than at the end of the current slot.
> This should not be needed for correctness, but this also happens to
> "fix" the 9p bug with iterate_folioq() not copying properly.
> 
> Signed-off-by: Dominique Martinet <asmadeus@...ewreck.org>
> ---
> lib/iov_iter.c | 6 +++---
> 1 file changed, 3 insertions(+), 3 deletions(-)
> 
> diff --git a/lib/iov_iter.c b/lib/iov_iter.c
> index f9193f952f49945297479483755d68a34c6d4ffe..65c05134ab934e1e0bf5d010fff22983bfe9c680 100644
> --- a/lib/iov_iter.c
> +++ b/lib/iov_iter.c
> @@ -1032,9 +1032,6 @@ static ssize_t iter_folioq_get_pages(struct iov_iter *iter,
> maxpages--;
> }
>  
> - if (maxpages == 0 || extracted >= maxsize)
> - break;
> -
> if (iov_offset >= fsize) {
> iov_offset = 0;
> slot++;
> @@ -1043,6 +1040,9 @@ static ssize_t iter_folioq_get_pages(struct iov_iter *iter,
> slot = 0;
> }
> }
> +
> + if (maxpages == 0 || extracted >= maxsize)
> + break;
> }
>  
> iter->count = count;
> 
> -- 
> 2.50.1
> 
> 
> 

-- 
Arnout Engelen
Engelen Open Source
https://engelen.eu

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ