On Mon, Jun 07, 2021 at 04:59:10PM +0100, Christoph Hellwig wrote:
> On Mon, Jun 07, 2021 at 02:43:40PM +0000, Al Viro wrote:
> > > It can't even happen for the legacy architectures, given that the
> > > remaining set_fs() areas are small and never do iov_iter based I/O.
> >
> > Umm... It's a bit trickier than that - e.g. a kernel thread on
> > a CONFIG_SET_FS target passing a kernel pointer to vfs_read() could've
> > ended up with new_sync_write() hitting iov_iter_init().
>
> Yes, that is a possbility, but rather unlikely - it would require an
> arch-specific thread using iov_iter_init. iov_iter_init instances are
> rather fewer, and only very few in arch code.
Doesn't have to be in arch code itself (see above re vfs_read()/vfs_write()),
but AFAICS it doesn't happen.
Anyway, what I'm going to do is
void iov_iter_init(struct iov_iter *i, unsigned int direction,
const struct iovec *iov, unsigned long nr_segs,
size_t count)
{
WARN_ON(direction & ~(READ | WRITE));
if (WARN_ON(uaccess_kernel())) {
// shouldn't be any such callers left...
iov_iter_kvec(i, direction, (const struct kvec *)iov,
nr_segs, count);
return;
}
*i = (struct iov_iter) {
.iter_type = ITER_IOVEC,
.data_source = direction,
.iov = iov,
.nr_segs = nr_segs,
.iov_offset = 0,
.count = count
};
}
and in a cycle or two replace that if (WARN_ON()) into flat BUG_ON()
Linus, can you live with that variant? AFAICS, we really should have
no such callers left on any targets.
