On Mon, Apr 28, 2025 at 6:02 PM Ming Lei <ming.lei@xxxxxxxxxx> wrote:
>
> On Mon, Apr 28, 2025 at 09:28:07AM -0700, Caleb Sander Mateos wrote:
> > On Sun, Apr 27, 2025 at 6:50 AM Ming Lei <ming.lei@xxxxxxxxxx> wrote:
> > >
> > > The simple check of UBLK_IO_FLAG_OWNED_BY_SRV can avoid incorrect
> > > register/unregister io buffer easily, so check it before calling
> > > starting to register/un-register io buffer.
> > >
> > > Also only allow io buffer register/unregister uring_cmd in case of
> > > UBLK_F_SUPPORT_ZERO_COPY.
> > >
> > > Also mark argument 'ublk_queue *' of ublk_register_io_buf as const.
> > >
> > > Fixes: 1f6540e2aabb ("ublk: zc register/unregister bvec")
> > > Signed-off-by: Ming Lei <ming.lei@xxxxxxxxxx>
> > > ---
> > > drivers/block/ublk_drv.c | 24 ++++++++++++++++++++----
> > > 1 file changed, 20 insertions(+), 4 deletions(-)
> > >
> > > diff --git a/drivers/block/ublk_drv.c b/drivers/block/ublk_drv.c
> > > index 0a3a3c64316d..c624d8f653ae 100644
> > > --- a/drivers/block/ublk_drv.c
> > > +++ b/drivers/block/ublk_drv.c
> > > @@ -201,7 +201,7 @@ struct ublk_params_header {
> > > static void ublk_stop_dev_unlocked(struct ublk_device *ub);
> > > static void ublk_abort_queue(struct ublk_device *ub, struct ublk_queue *ubq);
> > > static inline struct request *__ublk_check_and_get_req(struct ublk_device *ub,
> > > - struct ublk_queue *ubq, int tag, size_t offset);
> > > + const struct ublk_queue *ubq, int tag, size_t offset);
> > > static inline unsigned int ublk_req_build_flags(struct request *req);
> > > static inline struct ublksrv_io_desc *ublk_get_iod(struct ublk_queue *ubq,
> > > int tag);
> > > @@ -1949,13 +1949,20 @@ static void ublk_io_release(void *priv)
> > > }
> > >
> > > static int ublk_register_io_buf(struct io_uring_cmd *cmd,
> > > - struct ublk_queue *ubq, unsigned int tag,
> > > + const struct ublk_queue *ubq, unsigned int tag,
> > > unsigned int index, unsigned int issue_flags)
> > > {
> > > struct ublk_device *ub = cmd->file->private_data;
> > > + const struct ublk_io *io = &ubq->ios[tag];
> > > struct request *req;
> > > int ret;
> > >
> > > + if (!ublk_support_zero_copy(ubq))
> > > + return -EINVAL;
> > > +
> > > + if (!(io->flags & UBLK_IO_FLAG_OWNED_BY_SRV))
> > > + return -EINVAL;
> >
> > I would still prefer to see this common UBLK_IO_FLAG_OWNED_BY_SRV
> > check moved to __ublk_ch_uring_cmd() along with the existing flag
> > checks. Something like this:
>
> This way mixes bug fix with cleanup.
>
> We are close to v6.15-rc5, and bug fix should keep simple for minimizing
> regression.
>
> But it is fine to make it one cleanup aiming at v6.16.
Okay, I can send out this cleanup for 6.16. In that case,
Reviewed-by: Caleb Sander Mateos <csander@xxxxxxxxxxxxxxx>
