[2/3] io_uring: Allocate only necessary memory in io_probe

Message ID	20240619020620.5301-3-krisman@suse.de (mailing list archive)
State	New
Headers	show Received: from smtp-out1.suse.de (smtp-out1.suse.de [195.135.223.130]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3AF871097B for <io-uring@vger.kernel.org>; Wed, 19 Jun 2024 02:06:37 +0000 (UTC) From: Gabriel Krisman Bertazi <krisman@suse.de> To: axboe@kernel.dk Cc: io-uring@vger.kernel.org, Gabriel Krisman Bertazi <krisman@suse.de> Subject: [PATCH 2/3] io_uring: Allocate only necessary memory in io_probe Date: Tue, 18 Jun 2024 22:06:19 -0400 Message-ID: <20240619020620.5301-3-krisman@suse.de> In-Reply-To: <20240619020620.5301-1-krisman@suse.de> References: <20240619020620.5301-1-krisman@suse.de> Precedence: bulk MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	io_uring op probing fixes \| expand [0/3] io_uring op probing fixes [1/3] io_uring: Fix probe of disabled operations [2/3] io_uring: Allocate only necessary memory in io_probe [3/3] io_uring: Don't read userspace data in io_probe

Message ID

20240619020620.5301-3-krisman@suse.de (mailing list archive)

State

New

Headers

From: Gabriel Krisman Bertazi <krisman@suse.de>
To: axboe@kernel.dk
Cc: io-uring@vger.kernel.org,
	Gabriel Krisman Bertazi <krisman@suse.de>
Subject: [PATCH 2/3] io_uring: Allocate only necessary memory in io_probe
Date: Tue, 18 Jun 2024 22:06:19 -0400
Message-ID: <20240619020620.5301-3-krisman@suse.de>
In-Reply-To: <20240619020620.5301-1-krisman@suse.de>
References: <20240619020620.5301-1-krisman@suse.de>
Precedence: bulk
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

io_uring op probing fixes | expand

Commit Message

Gabriel Krisman Bertazi June 19, 2024, 2:06 a.m. UTC

We write at most IORING_OP_LAST entries in the probe buffer, so we don't
need to allocate temporary space for more than that.  As a side effect,
we no longer can overflow "size".

Signed-off-by: Gabriel Krisman Bertazi <krisman@suse.de>
---
 io_uring/register.c | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/io_uring/register.c b/io_uring/register.c
index 75f8e85cf0b0..8409fc80c1cb 100644
--- a/io_uring/register.c
+++ b/io_uring/register.c
@@ -39,9 +39,10 @@  static __cold int io_probe(struct io_ring_ctx *ctx, void __user *arg,
 	size_t size;
 	int i, ret;
 
+	if (nr_args > IORING_OP_LAST)
+		nr_args = IORING_OP_LAST;
+
 	size = struct_size(p, ops, nr_args);
-	if (size == SIZE_MAX)
-		return -EOVERFLOW;
 	p = kzalloc(size, GFP_KERNEL);
 	if (!p)
 		return -ENOMEM;
@@ -54,8 +55,6 @@  static __cold int io_probe(struct io_ring_ctx *ctx, void __user *arg,
 		goto out;
 
 	p->last_op = IORING_OP_LAST - 1;
-	if (nr_args > IORING_OP_LAST)
-		nr_args = IORING_OP_LAST;
 
 	for (i = 0; i < nr_args; i++) {
 		p->ops[i].op = i;

[2/3] io_uring: Allocate only necessary memory in io_probe

Commit Message

Patch