From: Al Viro > Sent: 09 August 2021 16:53 > > On Mon, Aug 09, 2021 at 12:52:35PM +0100, Pavel Begunkov wrote: > > For the bug description see 2/2. As mentioned there the current problems > > is because of generic_write_checks(), but there was also a similar case > > fixed in 5.12, which should have been triggerable by normal > > write(2)/read(2) and others. > > > > It may be better to enforce reexpands as a long term solution, but for > > now this patchset is quickier and easier to backport. > > Umm... Won't that screw the cases where we *are* doing proper > reexpands? AFAICS, with your patches that flag doesn't go away once > it had been set... >From what I remember the pointer into the iov[] gets incremented as it is processed - which makes 'backing up' hard. The caller also has to remember the original pointer because it might point to kmalloced memory. So if the 'iter' always contained a pointer to the base of the iov[] then various bits of code could be simplified. Another useful change would be to embed the short iov_cache[8] inside 'iter'. Almost all the callers allocate both together (usually on stack) so the stack use won't change. I have local patches for most of this (somewhere) but the io_uring changes start being non-trivial. David - Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK Registration No: 1397386 (Wales)
