On 24/11/2019 20:10, Jens Axboe wrote:
> On 11/24/19 1:58 AM, Pavel Begunkov wrote:
>> Read/write requests to devices without implemented read/write_iter
>> using fixed buffers causes general protection fault, which totally
>> hangs a machine.
>>
>> io_import_fixed() initialises iov_iter with bvec, but loop_rw_iter()
>> accesses it as iovec, so dereferencing random address.
>>
>> kmap() page by page in this case
> 
> This looks good to me, much cleaner/simpler. I've added a few pipe fixed
> buffer tests to liburing as well. Didn't crash for me, but obvious
> garbage coming out. I've flagged this for stable as well.
> 
The problem I have is that __user pointer is meant to be checked
for not being a kernel address. I suspect, it could fail in some
device, which double checks the pointer after vfs (e.g. using access_ok()).
Am I wrong? Not a fault at least...

#define access_ok(...) __range_not_ok(addr, user_addr_max());

BTW, is there anybody testing it for non x86-64 arch?

-- 
Pavel Begunkov