linux/io_uring
Jens Axboe 72bd80252f io_uring/net: fix sr->len for IORING_OP_RECV with MSG_WAITALL and buffers
If we use IORING_OP_RECV with provided buffers and pass in '0' as the
length of the request, the length is retrieved from the selected buffer.
If MSG_WAITALL is also set and we get a short receive, then we may hit
the retry path which decrements sr->len and increments the buffer for
a retry. However, the length is still zero at this point, which means
that sr->len now becomes huge and import_ubuf() will cap it to
MAX_RW_COUNT and subsequently return -EFAULT for the range as a whole.

Fix this by always assigning sr->len once the buffer has been selected.

Cc: stable@vger.kernel.org
Fixes: 7ba89d2af1 ("io_uring: ensure recv and recvmsg handle MSG_WAITALL correctly")
Signed-off-by: Jens Axboe <axboe@kernel.dk>
2024-02-01 06:42:36 -07:00
..
advise.c
advise.h
alloc_cache.h io_uring: use mempool KASAN hook 2023-12-29 11:58:41 -08:00
cancel.c io_uring: use fget/fput consistently 2023-11-28 11:56:29 -07:00
cancel.h io_uring: add support for futex wake and wait 2023-09-29 02:36:57 -06:00
epoll.c io_uring: undeprecate epoll_ctl support 2023-05-26 20:22:41 -06:00
epoll.h
fdinfo.c io_uring/fdinfo: remove need for sqpoll lock for thread/pid retrieval 2023-11-15 06:35:46 -07:00
fdinfo.h
filetable.c io_uring: drop any code related to SCM_RIGHTS 2023-12-19 12:36:34 -07:00
filetable.h io_uring: add helpers to decode the fixed file file_ptr 2023-06-20 09:36:22 -06:00
fs.c io_uring/fs: consider link->flags when getting path for LINKAT 2023-11-20 09:01:42 -07:00
fs.h
futex.c io_uring: add support for vectored futex waits 2023-09-29 02:37:08 -06:00
futex.h io_uring: add support for vectored futex waits 2023-09-29 02:37:08 -06:00
io_uring.c for-6.8/io_uring-2024-01-18 2024-01-18 18:17:57 -08:00
io_uring.h io_uring/poll: add requeue return code from poll multishot handling 2024-01-29 13:19:47 -07:00
io-wq.c io-wq: fully initialize wqe before calling cpuhp_state_add_instance_nocalls() 2023-10-05 14:11:18 -06:00
io-wq.h io_uring: break out of iowq iopoll on teardown 2023-09-07 09:02:27 -06:00
kbuf.c io_uring/kbuf: add method for returning provided buffer ring head 2023-12-21 09:47:06 -07:00
kbuf.h io_uring/kbuf: add method for returning provided buffer ring head 2023-12-21 09:47:06 -07:00
Makefile io_uring/register: move io_uring_register(2) related code to register.c 2023-12-19 08:54:20 -07:00
msg_ring.c io_uring: use io_file_from_index in io_msg_grab_file 2023-06-20 09:36:22 -06:00
msg_ring.h
net.c io_uring/net: fix sr->len for IORING_OP_RECV with MSG_WAITALL and buffers 2024-02-01 06:42:36 -07:00
net.h io_uring: Add KASAN support for alloc_caches 2023-04-03 07:16:14 -06:00
nop.c
nop.h
notif.c io_uring/notif: add constant for ubuf_info flags 2023-04-15 14:21:04 -06:00
notif.h io_uring/notif: add constant for ubuf_info flags 2023-04-15 14:21:04 -06:00
opdef.c io_uring: enable audit and restrict cred override for IORING_OP_FIXED_FD_INSTALL 2024-01-23 15:25:14 -07:00
opdef.h io_uring/rw: mark readv/writev as vectored in the opcode definition 2023-09-21 12:00:46 -06:00
openclose.c io_uring: enable audit and restrict cred override for IORING_OP_FIXED_FD_INSTALL 2024-01-23 15:25:14 -07:00
openclose.h io_uring/openclose: add support for IORING_OP_FIXED_FD_INSTALL 2023-12-12 07:42:57 -07:00
poll.c io_uring/poll: add requeue return code from poll multishot handling 2024-01-29 13:19:47 -07:00
poll.h io_uring/rw: ensure poll based multishot read retries appropriately 2024-01-28 20:37:11 -07:00
refs.h
register.c io_uring/register: guard compat syscall with CONFIG_COMPAT 2024-01-17 09:45:18 -07:00
register.h io_uring/register: move io_uring_register(2) related code to register.c 2023-12-19 08:54:20 -07:00
rsrc.c io_uring: drop any code related to SCM_RIGHTS 2023-12-19 12:36:34 -07:00
rsrc.h io_uring/rsrc: improve code generation for fixed file assignment 2024-01-11 13:37:31 -07:00
rw.c io_uring/rw: ensure poll based multishot read retries appropriately 2024-01-28 20:37:11 -07:00
rw.h io_uring/rw: add separate prep handler for fixed read/write 2023-11-06 07:43:16 -07:00
slist.h io_uring: silence variable ‘prev’ set but not used warning 2023-03-09 10:10:58 -07:00
splice.c splice: return type ssize_t from all helpers 2023-12-12 16:19:59 +01:00
splice.h
sqpoll.c io_uring/fdinfo: remove need for sqpoll lock for thread/pid retrieval 2023-11-15 06:35:46 -07:00
sqpoll.h io_uring/sqpoll: fix io-wq affinity when IORING_SETUP_SQPOLL is used 2023-08-16 13:40:28 -06:00
statx.c
statx.h
sync.c
sync.h
tctx.c io_uring: Add io_uring_setup flag to pre-register ring fd and never install it 2023-05-16 08:06:00 -06:00
tctx.h
timeout.c io_uring: never overflow io_aux_cqe 2023-08-11 10:42:57 -06:00
timeout.h
uring_cmd.c for-6.8/io_uring-2024-01-08 2024-01-11 14:19:23 -08:00
uring_cmd.h io_uring: Remove unnecessary BUILD_BUG_ON 2023-05-04 08:19:05 -06:00
waitid.c io_uring: add IORING_OP_WAITID support 2023-09-21 12:04:45 -06:00
waitid.h io_uring: add IORING_OP_WAITID support 2023-09-21 12:04:45 -06:00
xattr.c
xattr.h