On 12/11/24 21:11, Jens Axboe wrote:
> >
> On 11/12/24 2:01 PM, Jens Axboe wrote:
>> This is why io_kiocb->async_data exists. uring_cmd is already using that
>> for the sqe, I think you'd want to add a 2nd "void *op_data" or
>> something in there, and have the uring_cmd alloc cache get clear that to
>> NULL and have uring_cmd alloc cache put kfree() it if it's non-NULL.
>>
>> We'd also need to move the uring_cache struct into
>> include/linux/io_uring_types.h so that btrfs can get to it (and probably
>> rename it to something saner, uring_cmd_async_data for example).
>
> Here are two patches that implement that basic thing on the io_uring
> uring_cmd side. With that, you can then do:
>
>> static int btrfs_uring_encoded_write(struct io_uring_cmd *cmd, unsigned int issue_flags)
>> {
>> struct io_kiocb *req = cmd_to_io_kiocb(cmd);
>> struct uring_cmd_async_data *data = req->async_data;
>> struct btrfs_ioctl_encoded_io_args *args;
>>
>> if (!data->op_data) {
>> data->op_data = kmalloc(sizeof(*args), GFP_NOIO);
>> if (!data->op_data)
>> return -ENOMEM;
>> if (copy_from_user(data->op_data, sqe_addr, sizeof(*args))
>> return -EFAULT;
>> }
>> ...
>> }
>
> and have it be both stable, and not need to worry about freeing it
> either. Hope that helps. Totally untested...
>
This works, but I get a KASAN crash because
io_issue_defs[IORING_OP_URING_CMD].async_size is now the wrong size.
I'll send a patch for this.
Mark
