Message ID | 20220929120632.64749-3-anuj20.g@samsung.com (mailing list archive) |
---|---|
State | New |
Headers | show |
Series | Fixed-buffer for uring-cmd/passthru | expand |
On 9/29/22 6:06 AM, Anuj Gupta wrote: > diff --git a/io_uring/uring_cmd.c b/io_uring/uring_cmd.c > index 6a6d69523d75..faefa9f6f259 100644 > --- a/io_uring/uring_cmd.c > +++ b/io_uring/uring_cmd.c > @@ -4,6 +4,7 @@ > #include <linux/file.h> > #include <linux/io_uring.h> > #include <linux/security.h> > +#include <linux/nospec.h> > > #include <uapi/linux/io_uring.h> > > @@ -77,8 +78,21 @@ int io_uring_cmd_prep(struct io_kiocb *req, const struct io_uring_sqe *sqe) > { > struct io_uring_cmd *ioucmd = io_kiocb_to_cmd(req, struct io_uring_cmd); > > - if (sqe->rw_flags || sqe->__pad1) > + if (sqe->__pad1) > return -EINVAL; > + > + ioucmd->flags = READ_ONCE(sqe->uring_cmd_flags); After reading this and checking for IORING_URING_CMD_FIXED, this should have a: if (iocmd->flags & ~IORING_URING_CMD_FIXED) return -EINVAL; to ensure we can safely add more flags in the future. Apart from that, this looks good.
diff --git a/include/linux/io_uring.h b/include/linux/io_uring.h index 1dbf51115c30..e10c5cc81082 100644 --- a/include/linux/io_uring.h +++ b/include/linux/io_uring.h @@ -28,7 +28,7 @@ struct io_uring_cmd { void *cookie; }; u32 cmd_op; - u32 pad; + u32 flags; u8 pdu[32]; /* available inline for free use */ }; diff --git a/include/uapi/linux/io_uring.h b/include/uapi/linux/io_uring.h index 92f29d9505a6..ab7458033ee3 100644 --- a/include/uapi/linux/io_uring.h +++ b/include/uapi/linux/io_uring.h @@ -56,6 +56,7 @@ struct io_uring_sqe { __u32 hardlink_flags; __u32 xattr_flags; __u32 msg_ring_flags; + __u32 uring_cmd_flags; }; __u64 user_data; /* data to be passed back at completion time */ /* pack this to avoid bogus arm OABI complaints */ @@ -219,6 +220,14 @@ enum io_uring_op { IORING_OP_LAST, }; +/* + * sqe->uring_cmd_flags + * IORING_URING_CMD_FIXED use registered buffer; pass thig flag + * along with setting sqe->buf_index. + */ +#define IORING_URING_CMD_FIXED (1U << 0) + + /* * sqe->fsync_flags */ diff --git a/io_uring/uring_cmd.c b/io_uring/uring_cmd.c index 6a6d69523d75..faefa9f6f259 100644 --- a/io_uring/uring_cmd.c +++ b/io_uring/uring_cmd.c @@ -4,6 +4,7 @@ #include <linux/file.h> #include <linux/io_uring.h> #include <linux/security.h> +#include <linux/nospec.h> #include <uapi/linux/io_uring.h> @@ -77,8 +78,21 @@ int io_uring_cmd_prep(struct io_kiocb *req, const struct io_uring_sqe *sqe) { struct io_uring_cmd *ioucmd = io_kiocb_to_cmd(req, struct io_uring_cmd); - if (sqe->rw_flags || sqe->__pad1) + if (sqe->__pad1) return -EINVAL; + + ioucmd->flags = READ_ONCE(sqe->uring_cmd_flags); + if (ioucmd->flags & IORING_URING_CMD_FIXED) { + struct io_ring_ctx *ctx = req->ctx; + u16 index; + + req->buf_index = READ_ONCE(sqe->buf_index); + if (unlikely(req->buf_index >= ctx->nr_user_bufs)) + return -EFAULT; + index = array_index_nospec(req->buf_index, ctx->nr_user_bufs); + req->imu = ctx->user_bufs[index]; + io_req_set_rsrc_node(req, ctx, 0); + } ioucmd->cmd = sqe->cmd; ioucmd->cmd_op = READ_ONCE(sqe->cmd_op); return 0;