linux/io_uring
Jens Axboe 72bd80252f io_uring/net: fix sr->len for IORING_OP_RECV with MSG_WAITALL and buffers
If we use IORING_OP_RECV with provided buffers and pass in '0' as the
length of the request, the length is retrieved from the selected buffer.
If MSG_WAITALL is also set and we get a short receive, then we may hit
the retry path which decrements sr->len and increments the buffer for
a retry. However, the length is still zero at this point, which means
that sr->len now becomes huge and import_ubuf() will cap it to
MAX_RW_COUNT and subsequently return -EFAULT for the range as a whole.

Fix this by always assigning sr->len once the buffer has been selected.

Cc: stable@vger.kernel.org
Fixes: 7ba89d2af1 ("io_uring: ensure recv and recvmsg handle MSG_WAITALL correctly")
Signed-off-by: Jens Axboe <axboe@kernel.dk>
2024-02-01 06:42:36 -07:00
..
advise.c
advise.h
alloc_cache.h io_uring: use mempool KASAN hook 2023-12-29 11:58:41 -08:00
cancel.c io_uring: use fget/fput consistently 2023-11-28 11:56:29 -07:00
cancel.h
epoll.c
epoll.h
fdinfo.c io_uring/fdinfo: remove need for sqpoll lock for thread/pid retrieval 2023-11-15 06:35:46 -07:00
fdinfo.h
filetable.c io_uring: drop any code related to SCM_RIGHTS 2023-12-19 12:36:34 -07:00
filetable.h
fs.c io_uring/fs: consider link->flags when getting path for LINKAT 2023-11-20 09:01:42 -07:00
fs.h
futex.c
futex.h
io_uring.c for-6.8/io_uring-2024-01-18 2024-01-18 18:17:57 -08:00
io_uring.h io_uring/poll: add requeue return code from poll multishot handling 2024-01-29 13:19:47 -07:00
io-wq.c
io-wq.h
kbuf.c io_uring/kbuf: add method for returning provided buffer ring head 2023-12-21 09:47:06 -07:00
kbuf.h io_uring/kbuf: add method for returning provided buffer ring head 2023-12-21 09:47:06 -07:00
Makefile io_uring/register: move io_uring_register(2) related code to register.c 2023-12-19 08:54:20 -07:00
msg_ring.c
msg_ring.h
net.c io_uring/net: fix sr->len for IORING_OP_RECV with MSG_WAITALL and buffers 2024-02-01 06:42:36 -07:00
net.h
nop.c
nop.h
notif.c
notif.h
opdef.c io_uring: enable audit and restrict cred override for IORING_OP_FIXED_FD_INSTALL 2024-01-23 15:25:14 -07:00
opdef.h
openclose.c io_uring: enable audit and restrict cred override for IORING_OP_FIXED_FD_INSTALL 2024-01-23 15:25:14 -07:00
openclose.h io_uring/openclose: add support for IORING_OP_FIXED_FD_INSTALL 2023-12-12 07:42:57 -07:00
poll.c io_uring/poll: add requeue return code from poll multishot handling 2024-01-29 13:19:47 -07:00
poll.h io_uring/rw: ensure poll based multishot read retries appropriately 2024-01-28 20:37:11 -07:00
refs.h
register.c io_uring/register: guard compat syscall with CONFIG_COMPAT 2024-01-17 09:45:18 -07:00
register.h io_uring/register: move io_uring_register(2) related code to register.c 2023-12-19 08:54:20 -07:00
rsrc.c io_uring: drop any code related to SCM_RIGHTS 2023-12-19 12:36:34 -07:00
rsrc.h io_uring/rsrc: improve code generation for fixed file assignment 2024-01-11 13:37:31 -07:00
rw.c io_uring/rw: ensure poll based multishot read retries appropriately 2024-01-28 20:37:11 -07:00
rw.h
slist.h
splice.c splice: return type ssize_t from all helpers 2023-12-12 16:19:59 +01:00
splice.h
sqpoll.c io_uring/fdinfo: remove need for sqpoll lock for thread/pid retrieval 2023-11-15 06:35:46 -07:00
sqpoll.h
statx.c
statx.h
sync.c
sync.h
tctx.c
tctx.h
timeout.c
timeout.h
uring_cmd.c for-6.8/io_uring-2024-01-08 2024-01-11 14:19:23 -08:00
uring_cmd.h
waitid.c
waitid.h
xattr.c
xattr.h