`io_rsrc_node` instance won't be shared among different io_uring ctxs, and its allocation 'ctx' is always same with the user's 'ctx', so it is safe to pass user 'ctx' reference to rsrc helpers. Even in io_clone_buffers(), `io_rsrc_node` instance is allocated actually for destination io_uring_ctx. Then io_rsrc_node_ctx() can be removed, and the 8 bytes `ctx` pointer will be removed from `io_rsrc_node` in the following patch. Signed-off-by: Ming Lei <ming.lei@xxxxxxxxxx> --- io_uring/filetable.c | 13 +++++++------ io_uring/filetable.h | 4 ++-- io_uring/rsrc.c | 24 +++++++++++------------- io_uring/rsrc.h | 22 +++++++++------------- io_uring/splice.c | 2 +- 5 files changed, 30 insertions(+), 35 deletions(-) diff --git a/io_uring/filetable.c b/io_uring/filetable.c index 45f005f5db42..a21660e3145a 100644 --- a/io_uring/filetable.c +++ b/io_uring/filetable.c @@ -36,20 +36,21 @@ static int io_file_bitmap_get(struct io_ring_ctx *ctx) return -ENFILE; } -bool io_alloc_file_tables(struct io_file_table *table, unsigned nr_files) +bool io_alloc_file_tables(struct io_ring_ctx *ctx, struct io_file_table *table, + unsigned nr_files) { if (io_rsrc_data_alloc(&table->data, nr_files)) return false; table->bitmap = bitmap_zalloc(nr_files, GFP_KERNEL_ACCOUNT); if (table->bitmap) return true; - io_rsrc_data_free(&table->data); + io_rsrc_data_free(ctx, &table->data); return false; } -void io_free_file_tables(struct io_file_table *table) +void io_free_file_tables(struct io_ring_ctx *ctx, struct io_file_table *table) { - io_rsrc_data_free(&table->data); + io_rsrc_data_free(ctx, &table->data); bitmap_free(table->bitmap); table->bitmap = NULL; } @@ -71,7 +72,7 @@ static int io_install_fixed_file(struct io_ring_ctx *ctx, struct file *file, if (!node) return -ENOMEM; - if (!io_reset_rsrc_node(&ctx->file_table.data, slot_index)) + if (!io_reset_rsrc_node(ctx, &ctx->file_table.data, slot_index)) io_file_bitmap_set(&ctx->file_table, slot_index); ctx->file_table.data.nodes[slot_index] = node; @@ -130,7 +131,7 @@ int io_fixed_fd_remove(struct io_ring_ctx *ctx, unsigned int offset) node = io_rsrc_node_lookup(&ctx->file_table.data, offset); if (!node) return -EBADF; - io_reset_rsrc_node(&ctx->file_table.data, offset); + io_reset_rsrc_node(ctx, &ctx->file_table.data, offset); io_file_bitmap_clear(&ctx->file_table, offset); return 0; } diff --git a/io_uring/filetable.h b/io_uring/filetable.h index bfacadb8d089..7717ea9efd0e 100644 --- a/io_uring/filetable.h +++ b/io_uring/filetable.h @@ -6,8 +6,8 @@ #include <linux/io_uring_types.h> #include "rsrc.h" -bool io_alloc_file_tables(struct io_file_table *table, unsigned nr_files); -void io_free_file_tables(struct io_file_table *table); +bool io_alloc_file_tables(struct io_ring_ctx *ctx, struct io_file_table *table, unsigned nr_files); +void io_free_file_tables(struct io_ring_ctx *ctx, struct io_file_table *table); int io_fixed_fd_install(struct io_kiocb *req, unsigned int issue_flags, struct file *file, unsigned int file_slot); diff --git a/io_uring/rsrc.c b/io_uring/rsrc.c index 2fb1791d7255..d7db36a2c66e 100644 --- a/io_uring/rsrc.c +++ b/io_uring/rsrc.c @@ -130,13 +130,13 @@ struct io_rsrc_node *io_rsrc_node_alloc(struct io_ring_ctx *ctx, int type) return node; } -__cold void io_rsrc_data_free(struct io_rsrc_data *data) +__cold void io_rsrc_data_free(struct io_ring_ctx *ctx, struct io_rsrc_data *data) { if (!data->nr) return; while (data->nr--) { if (data->nodes[data->nr]) - io_put_rsrc_node(data->nodes[data->nr]); + io_put_rsrc_node(ctx, data->nodes[data->nr]); } kvfree(data->nodes); data->nodes = NULL; @@ -184,7 +184,7 @@ static int __io_sqe_files_update(struct io_ring_ctx *ctx, continue; i = up->offset + done; - if (io_reset_rsrc_node(&ctx->file_table.data, i)) + if (io_reset_rsrc_node(ctx, &ctx->file_table.data, i)) io_file_bitmap_clear(&ctx->file_table, i); if (fd != -1) { @@ -266,7 +266,7 @@ static int __io_sqe_buffers_update(struct io_ring_ctx *ctx, node->tag = tag; } i = array_index_nospec(up->offset + done, ctx->buf_table.nr); - io_reset_rsrc_node(&ctx->buf_table, i); + io_reset_rsrc_node(ctx, &ctx->buf_table, i); ctx->buf_table.nodes[i] = node; if (ctx->compat) user_data += sizeof(struct compat_iovec); @@ -442,10 +442,8 @@ int io_files_update(struct io_kiocb *req, unsigned int issue_flags) return IOU_OK; } -void io_free_rsrc_node(struct io_rsrc_node *node) +void io_free_rsrc_node(struct io_ring_ctx *ctx, struct io_rsrc_node *node) { - struct io_ring_ctx *ctx = io_rsrc_node_ctx(node); - lockdep_assert_held(&ctx->uring_lock); if (node->tag) @@ -473,7 +471,7 @@ int io_sqe_files_unregister(struct io_ring_ctx *ctx) if (!ctx->file_table.data.nr) return -ENXIO; - io_free_file_tables(&ctx->file_table); + io_free_file_tables(ctx, &ctx->file_table); io_file_table_set_alloc_range(ctx, 0, 0); return 0; } @@ -494,7 +492,7 @@ int io_sqe_files_register(struct io_ring_ctx *ctx, void __user *arg, return -EMFILE; if (nr_args > rlimit(RLIMIT_NOFILE)) return -EMFILE; - if (!io_alloc_file_tables(&ctx->file_table, nr_args)) + if (!io_alloc_file_tables(ctx, &ctx->file_table, nr_args)) return -ENOMEM; for (i = 0; i < nr_args; i++) { @@ -551,7 +549,7 @@ int io_sqe_buffers_unregister(struct io_ring_ctx *ctx) { if (!ctx->buf_table.nr) return -ENXIO; - io_rsrc_data_free(&ctx->buf_table); + io_rsrc_data_free(ctx, &ctx->buf_table); return 0; } @@ -788,7 +786,7 @@ static struct io_rsrc_node *io_sqe_buffer_register(struct io_ring_ctx *ctx, if (ret) { kvfree(imu); if (node) - io_put_rsrc_node(node); + io_put_rsrc_node(ctx, node); node = ERR_PTR(ret); } kvfree(pages); @@ -1018,7 +1016,7 @@ static int io_clone_buffers(struct io_ring_ctx *ctx, struct io_ring_ctx *src_ctx * old and new nodes at this point. */ if (arg->flags & IORING_REGISTER_DST_REPLACE) - io_rsrc_data_free(&ctx->buf_table); + io_rsrc_data_free(ctx, &ctx->buf_table); /* * ctx->buf_table should be empty now - either the contents are being @@ -1042,7 +1040,7 @@ static int io_clone_buffers(struct io_ring_ctx *ctx, struct io_ring_ctx *src_ctx kfree(data.nodes[i]); } out_unlock: - io_rsrc_data_free(&data); + io_rsrc_data_free(ctx, &data); mutex_unlock(&src_ctx->uring_lock); mutex_lock(&ctx->uring_lock); return ret; diff --git a/io_uring/rsrc.h b/io_uring/rsrc.h index bc3a863b14bb..c9057f7a06f5 100644 --- a/io_uring/rsrc.h +++ b/io_uring/rsrc.h @@ -45,8 +45,8 @@ struct io_imu_folio_data { }; struct io_rsrc_node *io_rsrc_node_alloc(struct io_ring_ctx *ctx, int type); -void io_free_rsrc_node(struct io_rsrc_node *node); -void io_rsrc_data_free(struct io_rsrc_data *data); +void io_free_rsrc_node(struct io_ring_ctx *ctx, struct io_rsrc_node *node); +void io_rsrc_data_free(struct io_ring_ctx *ctx, struct io_rsrc_data *data); int io_rsrc_data_alloc(struct io_rsrc_data *data, unsigned nr); int io_import_fixed(int ddir, struct iov_iter *iter, @@ -76,19 +76,20 @@ static inline struct io_rsrc_node *io_rsrc_node_lookup(struct io_rsrc_data *data return NULL; } -static inline void io_put_rsrc_node(struct io_rsrc_node *node) +static inline void io_put_rsrc_node(struct io_ring_ctx *ctx, struct io_rsrc_node *node) { if (node && !--node->refs) - io_free_rsrc_node(node); + io_free_rsrc_node(ctx, node); } -static inline bool io_reset_rsrc_node(struct io_rsrc_data *data, int index) +static inline bool io_reset_rsrc_node(struct io_ring_ctx *ctx, + struct io_rsrc_data *data, int index) { struct io_rsrc_node *node = data->nodes[index]; if (!node) return false; - io_put_rsrc_node(node); + io_put_rsrc_node(ctx, node); data->nodes[index] = NULL; return true; } @@ -96,20 +97,15 @@ static inline bool io_reset_rsrc_node(struct io_rsrc_data *data, int index) static inline void io_req_put_rsrc_nodes(struct io_kiocb *req) { if (req->file_node) { - io_put_rsrc_node(req->file_node); + io_put_rsrc_node(req->ctx, req->file_node); req->file_node = NULL; } if (req->flags & REQ_F_BUF_NODE) { - io_put_rsrc_node(req->buf_node); + io_put_rsrc_node(req->ctx, req->buf_node); req->buf_node = NULL; } } -static inline struct io_ring_ctx *io_rsrc_node_ctx(struct io_rsrc_node *node) -{ - return (struct io_ring_ctx *) (node->ctx_ptr & ~IORING_RSRC_TYPE_MASK); -} - static inline int io_rsrc_node_type(struct io_rsrc_node *node) { return node->ctx_ptr & IORING_RSRC_TYPE_MASK; diff --git a/io_uring/splice.c b/io_uring/splice.c index e8ed15f4ea1a..5b84f1630611 100644 --- a/io_uring/splice.c +++ b/io_uring/splice.c @@ -51,7 +51,7 @@ void io_splice_cleanup(struct io_kiocb *req) { struct io_splice *sp = io_kiocb_to_cmd(req, struct io_splice); - io_put_rsrc_node(sp->rsrc_node); + io_put_rsrc_node(req->ctx, sp->rsrc_node); } static struct file *io_splice_get_file(struct io_kiocb *req, -- 2.47.0