From: Ming Lei <ming.lei@redhat.com>
To: Caleb Sander Mateos <csander@purestorage.com>
Cc: Jens Axboe <axboe@kernel.dk>,
linux-block@vger.kernel.org,
Uday Shankar <ushankar@purestorage.com>
Subject: Re: [PATCH 07/16] ublk: add helper ublk_check_fetch_buf()
Date: Sun, 13 Jul 2025 22:13:24 +0800 [thread overview]
Message-ID: <aHO_BLnBB9RAalrO@fedora> (raw)
In-Reply-To: <CADUfDZrY0H4w1PNjGiSvE0jr4dGu=UjC3nq+6ejze7kut22KLw@mail.gmail.com>
On Tue, Jul 08, 2025 at 08:31:05AM -0400, Caleb Sander Mateos wrote:
> On Wed, Jul 2, 2025 at 12:04 AM Ming Lei <ming.lei@redhat.com> wrote:
> >
> > Add helper ublk_check_fetch_buf() for checking buffer only.
> >
> > Signed-off-by: Ming Lei <ming.lei@redhat.com>
>
> The commit message seems a bit sparse. How about something like:
> Add a helper ublk_check_fetch_buf() to validate UBLK_IO_FETCH_REQ's
> addr. This doesn't require access to the ublk_io, so it can be done
> before taking the ublk_device mutex.
OK, looks much better.
>
> > ---
> > drivers/block/ublk_drv.c | 32 +++++++++++++++++++-------------
> > 1 file changed, 19 insertions(+), 13 deletions(-)
> >
> > diff --git a/drivers/block/ublk_drv.c b/drivers/block/ublk_drv.c
> > index 6d3aa08eef22..7fd2fa493d6a 100644
> > --- a/drivers/block/ublk_drv.c
> > +++ b/drivers/block/ublk_drv.c
> > @@ -2146,6 +2146,22 @@ static int ublk_unregister_io_buf(struct io_uring_cmd *cmd,
> > return io_buffer_unregister_bvec(cmd, index, issue_flags);
> > }
> >
> > +static int ublk_check_fetch_buf(const struct ublk_queue *ubq, __u64 buf_addr)
> > +{
> > + if (ublk_need_map_io(ubq)) {
> > + /*
> > + * FETCH_RQ has to provide IO buffer if NEED GET
> > + * DATA is not enabled
> > + */
> > + if (!buf_addr && !ublk_need_get_data(ubq))
> > + return -EINVAL;
> > + } else if (buf_addr) {
> > + /* User copy requires addr to be unset */
> > + return -EINVAL;
> > + }
> > + return 0;
> > +}
> > +
> > static int ublk_fetch(struct io_uring_cmd *cmd, struct ublk_queue *ubq,
> > struct ublk_io *io, __u64 buf_addr)
> > {
> > @@ -2172,19 +2188,6 @@ static int ublk_fetch(struct io_uring_cmd *cmd, struct ublk_queue *ubq,
> >
> > WARN_ON_ONCE(io->flags & UBLK_IO_FLAG_OWNED_BY_SRV);
> >
> > - if (ublk_need_map_io(ubq)) {
> > - /*
> > - * FETCH_RQ has to provide IO buffer if NEED GET
> > - * DATA is not enabled
> > - */
> > - if (!buf_addr && !ublk_need_get_data(ubq))
> > - goto out;
>
> Was it a bug that this didn't set ret = -EINVAL before jumping to out?
> Looks like ublk_fetch() would incorrectly skip initializing the
> ublk_io and return 0 in this case. So probably this needs a Fixes tag.
> Looks like the bug was introduced by the code movement in b69b8edfb27d
> ("ublk: properly serialize all FETCH_REQs").
Good catch!
Thanks,
Ming
next prev parent reply other threads:[~2025-07-13 14:13 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-07-02 4:03 [PATCH 00/16] ublk: cleanup for supporting batch IO command Ming Lei
2025-07-02 4:03 ` [PATCH 01/16] ublk: move fake timeout logic into __ublk_complete_rq() Ming Lei
2025-07-03 2:23 ` Caleb Sander Mateos
2025-07-02 4:03 ` [PATCH 02/16] ublk: look up ublk task via its pid in timeout handler Ming Lei
2025-07-02 4:03 ` [PATCH 03/16] ublk: let ublk_fill_io_cmd() cover more things Ming Lei
2025-07-02 4:03 ` [PATCH 04/16] ublk: avoid to pass `struct ublksrv_io_cmd *` to ublk_commit_and_fetch() Ming Lei
2025-07-03 2:33 ` Caleb Sander Mateos
2025-07-02 4:03 ` [PATCH 05/16] ublk: move auto buffer register handling into one dedicated helper Ming Lei
2025-07-03 20:19 ` Caleb Sander Mateos
2025-07-07 9:44 ` Ming Lei
2025-07-02 4:03 ` [PATCH 06/16] ublk: store auto buffer register data into `struct ublk_io` Ming Lei
2025-07-08 12:15 ` Caleb Sander Mateos
2025-07-02 4:03 ` [PATCH 07/16] ublk: add helper ublk_check_fetch_buf() Ming Lei
2025-07-08 12:31 ` Caleb Sander Mateos
2025-07-13 14:13 ` Ming Lei [this message]
2025-07-02 4:03 ` [PATCH 08/16] ublk: remove ublk_commit_and_fetch() Ming Lei
2025-07-08 13:27 ` Caleb Sander Mateos
2025-07-09 11:56 ` Ming Lei
2025-07-11 14:05 ` Caleb Sander Mateos
2025-07-13 14:14 ` Ming Lei
2025-07-02 4:03 ` [PATCH 09/16] ublk: pass 'const struct ublk_io *' to ublk_[un]map_io() Ming Lei
2025-07-08 13:29 ` Caleb Sander Mateos
2025-07-02 4:03 ` [PATCH 10/16] selftests: ublk: remove `tag` parameter of ->tgt_io_done() Ming Lei
2025-07-02 4:03 ` [PATCH 11/16] selftests: ublk: pass 'ublk_thread *' to ->queue_io() and ->tgt_io_done() Ming Lei
2025-07-02 4:03 ` [PATCH 12/16] selftests: ublk: pass 'ublk_thread *' to more common helpers Ming Lei
2025-07-02 4:03 ` [PATCH 13/16] selftests: ublk: remove ublk queue self-defined flags Ming Lei
2025-07-02 4:03 ` [PATCH 14/16] selftests: ublk: improve flags naming Ming Lei
2025-07-02 4:03 ` [PATCH 15/16] selftests: ublk: add helper ublk_handle_uring_cmd() for handle ublk command Ming Lei
2025-07-02 4:03 ` [PATCH 16/16] selftests: ublk: add utils.h Ming Lei
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aHO_BLnBB9RAalrO@fedora \
--to=ming.lei@redhat.com \
--cc=axboe@kernel.dk \
--cc=csander@purestorage.com \
--cc=linux-block@vger.kernel.org \
--cc=ushankar@purestorage.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.