On 8/23/21 4:18 AM, Pavel Begunkov wrote: > iov_iter_revert() doesn't go well with iov_iter_truncate() in all > cases, see 2/2 for the bug description. As mentioned there the current > problems is because of generic_write_checks(), but there was also a > similar case fixed in 5.12, which should have been triggerable by normal > write(2)/read(2) and others. > > It may be better to enforce reexpands as a long term solution, but for > now this patchset is quickier and easier to backport. > > v2: don't fail if it was justly fully reverted > v3: use truncated size + reexapand based approach Al, let's get this upstream. How do you want to handle it? I can take it through the io_uring tree, or it can go through your tree. I really don't care which route it takes, but we should get this upstream as it solves a real problem. -- Jens Axboe
