This patch adds __iovec_copy_to_user() which doesn't verify write access to the user memory to be called from code where that verification has already been done. Signed-off-by: Dave Kleikamp <dave.kleikamp@xxxxxxxxxx> Tested-by: Sedat Dilek <sedat.dilek@xxxxxxxxx> --- fs/iov-iter.c | 14 ++++++++++++-- include/linux/fs.h | 4 +++- 2 files changed, 15 insertions(+), 3 deletions(-) diff --git a/fs/iov-iter.c b/fs/iov-iter.c index 0b2407e..6cecab4 100644 --- a/fs/iov-iter.c +++ b/fs/iov-iter.c @@ -19,7 +19,7 @@ static size_t __iovec_copy_to_user(char *vaddr, const struct iovec *iov, if (atomic) left = __copy_to_user_inatomic(buf, vaddr, copy); else - left = copy_to_user(buf, vaddr, copy); + left = __copy_to_user(buf, vaddr, copy); copied += copy; bytes -= copy; vaddr += copy; @@ -65,7 +65,7 @@ EXPORT_SYMBOL(iov_iter_copy_to_user_atomic); * The difference is that it attempts to resolve faults. * Page must not be locked. */ -size_t iov_iter_copy_to_user(struct page *page, +size_t __iov_iter_copy_to_user(struct page *page, struct iov_iter *i, unsigned long offset, size_t bytes) { char *kaddr; @@ -84,6 +84,16 @@ size_t iov_iter_copy_to_user(struct page *page, kunmap(page); return copied; } +EXPORT_SYMBOL(__iov_iter_copy_to_user); + +size_t iov_iter_copy_to_user(struct page *page, + struct iov_iter *i, unsigned long offset, size_t bytes) +{ + might_sleep(); + if (generic_segment_checks(i->iov, &i->nr_segs, &bytes, VERIFY_WRITE)) + return 0; + return __iov_iter_copy_to_user(page, i, offset, bytes); +} EXPORT_SYMBOL(iov_iter_copy_to_user); static size_t __iovec_copy_from_user(char *vaddr, const struct iovec *iov, diff --git a/include/linux/fs.h b/include/linux/fs.h index 11647fe..b7a0ff8 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h @@ -297,7 +297,9 @@ struct iov_iter { size_t count; }; -size_t iov_iter_copy_to_user_atomic(struct page *page, +size_t __iov_iter_copy_to_user_atomic(struct page *page, + struct iov_iter *i, unsigned long offset, size_t bytes); +size_t __iov_iter_copy_to_user(struct page *page, struct iov_iter *i, unsigned long offset, size_t bytes); size_t iov_iter_copy_to_user(struct page *page, struct iov_iter *i, unsigned long offset, size_t bytes); -- 1.8.4 -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html