Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
io_uring: sanitise ring params earlier
Do all struct io_uring_params validation early on before allocating the
context. That makes initialisation easier, especially by having fewer
places where we need to care about partial de-initialisation.
Signed-off-by: Pavel Begunkov <asml.silence@gmail.com>
Link: https://lore.kernel.org/r/363ba90b83ff78eefdc88b60e1b2c4a39d182247.1738344646.git.asml.silence@gmail.com
Signed-off-by: Jens Axboe <axboe@kernel.dk>
authored by
Pavel Begunkov
and committed by
Jens Axboe
92a3bac9
72154696
+44
-33
+44
-33
io_uring/io_uring.c
+44
-33
io_uring/io_uring.c
···
3535
3535
O_RDWR | O_CLOEXEC, NULL);
3536
3536
}
3537
3537
3538
+
static int io_uring_sanitise_params(struct io_uring_params *p)
3539
+
{
3540
+
unsigned flags = p->flags;
3541
+
3542
+
/* There is no way to mmap rings without a real fd */
3543
+
if ((flags & IORING_SETUP_REGISTERED_FD_ONLY) &&
3544
+
!(flags & IORING_SETUP_NO_MMAP))
3545
+
return -EINVAL;
3546
+
3547
+
if (flags & IORING_SETUP_SQPOLL) {
3548
+
/* IPI related flags don't make sense with SQPOLL */
3549
+
if (flags & (IORING_SETUP_COOP_TASKRUN |
3550
+
IORING_SETUP_TASKRUN_FLAG |
3551
+
IORING_SETUP_DEFER_TASKRUN))
3552
+
return -EINVAL;
3553
+
}
3554
+
3555
+
if (flags & IORING_SETUP_TASKRUN_FLAG) {
3556
+
if (!(flags & (IORING_SETUP_COOP_TASKRUN |
3557
+
IORING_SETUP_DEFER_TASKRUN)))
3558
+
return -EINVAL;
3559
+
}
3560
+
3561
+
/* HYBRID_IOPOLL only valid with IOPOLL */
3562
+
if ((flags & IORING_SETUP_HYBRID_IOPOLL) && !(flags & IORING_SETUP_IOPOLL))
3563
+
return -EINVAL;
3564
+
3565
+
/*
3566
+
* For DEFER_TASKRUN we require the completion task to be the same as
3567
+
* the submission task. This implies that there is only one submitter.
3568
+
*/
3569
+
if ((flags & IORING_SETUP_DEFER_TASKRUN) &&
3570
+
!(flags & IORING_SETUP_SINGLE_ISSUER))
3571
+
return -EINVAL;
3572
+
3573
+
return 0;
3574
+
}
3575
+
3538
3576
int io_uring_fill_params(unsigned entries, struct io_uring_params *p)
3539
3577
{
3540
3578
if (!entries)
···
3582
3544
return -EINVAL;
3583
3545
entries = IORING_MAX_ENTRIES;
3584
3546
}
3585
-
3586
-
if ((p->flags & IORING_SETUP_REGISTERED_FD_ONLY)
3587
-
&& !(p->flags & IORING_SETUP_NO_MMAP))
3588
-
return -EINVAL;
3589
3547
3590
3548
/*
3591
3549
* Use twice as many entries for the CQ ring. It's possible for the
···
3644
3610
struct file *file;
3645
3611
int ret;
3646
3612
3613
+
ret = io_uring_sanitise_params(p);
3614
+
if (ret)
3615
+
return ret;
3616
+
3647
3617
ret = io_uring_fill_params(entries, p);
3648
3618
if (unlikely(ret))
3649
3619
return ret;
···
3695
3657
* For SQPOLL, we just need a wakeup, always. For !SQPOLL, if
3696
3658
* COOP_TASKRUN is set, then IPIs are never needed by the app.
3697
3659
*/
3698
-
ret = -EINVAL;
3699
-
if (ctx->flags & IORING_SETUP_SQPOLL) {
3700
-
/* IPI related flags don't make sense with SQPOLL */
3701
-
if (ctx->flags & (IORING_SETUP_COOP_TASKRUN |
3702
-
IORING_SETUP_TASKRUN_FLAG |
3703
-
IORING_SETUP_DEFER_TASKRUN))
3704
-
goto err;
3660
+
if (ctx->flags & (IORING_SETUP_SQPOLL|IORING_SETUP_COOP_TASKRUN))
3705
3661
ctx->notify_method = TWA_SIGNAL_NO_IPI;
3706
-
} else if (ctx->flags & IORING_SETUP_COOP_TASKRUN) {
3707
-
ctx->notify_method = TWA_SIGNAL_NO_IPI;
3708
-
} else {
3709
-
if (ctx->flags & IORING_SETUP_TASKRUN_FLAG &&
3710
-
!(ctx->flags & IORING_SETUP_DEFER_TASKRUN))
3711
-
goto err;
3662
+
else
3712
3663
ctx->notify_method = TWA_SIGNAL;
3713
-
}
3714
-
3715
-
/* HYBRID_IOPOLL only valid with IOPOLL */
3716
-
if ((ctx->flags & (IORING_SETUP_IOPOLL|IORING_SETUP_HYBRID_IOPOLL)) ==
3717
-
IORING_SETUP_HYBRID_IOPOLL)
3718
-
goto err;
3719
-
3720
-
/*
3721
-
* For DEFER_TASKRUN we require the completion task to be the same as the
3722
-
* submission task. This implies that there is only one submitter, so enforce
3723
-
* that.
3724
-
*/
3725
-
if (ctx->flags & IORING_SETUP_DEFER_TASKRUN &&
3726
-
!(ctx->flags & IORING_SETUP_SINGLE_ISSUER)) {
3727
-
goto err;
3728
-
}
3729
3664
3730
3665
/*
3731
3666
* This is just grabbed for accounting purposes. When a process exits,