* [PATCH 1/2] io_uring: set ctx sq/cq entry count earlier
[not found] <20200805190224.401962-1-axboe@kernel.dk>
@ 2020-08-05 19:02 ` Jens Axboe
2020-08-06 7:39 ` Stefano Garzarella
0 siblings, 1 reply; 3+ messages in thread
From: Jens Axboe @ 2020-08-05 19:02 UTC (permalink / raw)
To: io-uring; +Cc: Jens Axboe, stable
If we hit an earlier error path in io_uring_create(), then we will have
accounted memory, but not set ctx->{sq,cq}_entries yet. Then when the
ring is torn down in error, we use those values to unaccount the memory.
Ensure we set the ctx entries before we're able to hit a potential error
path.
Cc: stable@vger.kernel.org
Signed-off-by: Jens Axboe <axboe@kernel.dk>
---
fs/io_uring.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/fs/io_uring.c b/fs/io_uring.c
index 8f96566603f3..0d857f7ca507 100644
--- a/fs/io_uring.c
+++ b/fs/io_uring.c
@@ -8193,6 +8193,10 @@ static int io_allocate_scq_urings(struct io_ring_ctx *ctx,
struct io_rings *rings;
size_t size, sq_array_offset;
+ /* make sure these are sane, as we already accounted them */
+ ctx->sq_entries = p->sq_entries;
+ ctx->cq_entries = p->cq_entries;
+
size = rings_size(p->sq_entries, p->cq_entries, &sq_array_offset);
if (size == SIZE_MAX)
return -EOVERFLOW;
@@ -8209,8 +8213,6 @@ static int io_allocate_scq_urings(struct io_ring_ctx *ctx,
rings->cq_ring_entries = p->cq_entries;
ctx->sq_mask = rings->sq_ring_mask;
ctx->cq_mask = rings->cq_ring_mask;
- ctx->sq_entries = rings->sq_ring_entries;
- ctx->cq_entries = rings->cq_ring_entries;
size = array_size(sizeof(struct io_uring_sqe), p->sq_entries);
if (size == SIZE_MAX) {
--
2.28.0
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH 1/2] io_uring: set ctx sq/cq entry count earlier
2020-08-05 19:02 ` [PATCH 1/2] io_uring: set ctx sq/cq entry count earlier Jens Axboe
@ 2020-08-06 7:39 ` Stefano Garzarella
2020-08-06 13:20 ` Jens Axboe
0 siblings, 1 reply; 3+ messages in thread
From: Stefano Garzarella @ 2020-08-06 7:39 UTC (permalink / raw)
To: Jens Axboe; +Cc: io-uring, stable
On Wed, Aug 05, 2020 at 01:02:23PM -0600, Jens Axboe wrote:
> If we hit an earlier error path in io_uring_create(), then we will have
> accounted memory, but not set ctx->{sq,cq}_entries yet. Then when the
> ring is torn down in error, we use those values to unaccount the memory.
>
> Ensure we set the ctx entries before we're able to hit a potential error
> path.
>
> Cc: stable@vger.kernel.org
> Signed-off-by: Jens Axboe <axboe@kernel.dk>
> ---
> fs/io_uring.c | 6 ++++--
> 1 file changed, 4 insertions(+), 2 deletions(-)
>
> diff --git a/fs/io_uring.c b/fs/io_uring.c
> index 8f96566603f3..0d857f7ca507 100644
> --- a/fs/io_uring.c
> +++ b/fs/io_uring.c
> @@ -8193,6 +8193,10 @@ static int io_allocate_scq_urings(struct io_ring_ctx *ctx,
> struct io_rings *rings;
> size_t size, sq_array_offset;
>
> + /* make sure these are sane, as we already accounted them */
> + ctx->sq_entries = p->sq_entries;
> + ctx->cq_entries = p->cq_entries;
> +
> size = rings_size(p->sq_entries, p->cq_entries, &sq_array_offset);
> if (size == SIZE_MAX)
> return -EOVERFLOW;
> @@ -8209,8 +8213,6 @@ static int io_allocate_scq_urings(struct io_ring_ctx *ctx,
> rings->cq_ring_entries = p->cq_entries;
> ctx->sq_mask = rings->sq_ring_mask;
> ctx->cq_mask = rings->cq_ring_mask;
> - ctx->sq_entries = rings->sq_ring_entries;
> - ctx->cq_entries = rings->cq_ring_entries;
>
> size = array_size(sizeof(struct io_uring_sqe), p->sq_entries);
> if (size == SIZE_MAX) {
> --
> 2.28.0
>
While reviewing I was asking if we should move io_account_mem() before
io_allocate_scq_urings(), then I saw the second patch :-)
LGTM:
Reviewed-by: Stefano Garzarella <sgarzare@redhat.com>
Thanks,
Stefano
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH 1/2] io_uring: set ctx sq/cq entry count earlier
2020-08-06 7:39 ` Stefano Garzarella
@ 2020-08-06 13:20 ` Jens Axboe
0 siblings, 0 replies; 3+ messages in thread
From: Jens Axboe @ 2020-08-06 13:20 UTC (permalink / raw)
To: Stefano Garzarella; +Cc: io-uring, stable
On 8/6/20 1:39 AM, Stefano Garzarella wrote:
> On Wed, Aug 05, 2020 at 01:02:23PM -0600, Jens Axboe wrote:
>> If we hit an earlier error path in io_uring_create(), then we will have
>> accounted memory, but not set ctx->{sq,cq}_entries yet. Then when the
>> ring is torn down in error, we use those values to unaccount the memory.
>>
>> Ensure we set the ctx entries before we're able to hit a potential error
>> path.
>>
>> Cc: stable@vger.kernel.org
>> Signed-off-by: Jens Axboe <axboe@kernel.dk>
>> ---
>> fs/io_uring.c | 6 ++++--
>> 1 file changed, 4 insertions(+), 2 deletions(-)
>>
>> diff --git a/fs/io_uring.c b/fs/io_uring.c
>> index 8f96566603f3..0d857f7ca507 100644
>> --- a/fs/io_uring.c
>> +++ b/fs/io_uring.c
>> @@ -8193,6 +8193,10 @@ static int io_allocate_scq_urings(struct io_ring_ctx *ctx,
>> struct io_rings *rings;
>> size_t size, sq_array_offset;
>>
>> + /* make sure these are sane, as we already accounted them */
>> + ctx->sq_entries = p->sq_entries;
>> + ctx->cq_entries = p->cq_entries;
>> +
>> size = rings_size(p->sq_entries, p->cq_entries, &sq_array_offset);
>> if (size == SIZE_MAX)
>> return -EOVERFLOW;
>> @@ -8209,8 +8213,6 @@ static int io_allocate_scq_urings(struct io_ring_ctx *ctx,
>> rings->cq_ring_entries = p->cq_entries;
>> ctx->sq_mask = rings->sq_ring_mask;
>> ctx->cq_mask = rings->cq_ring_mask;
>> - ctx->sq_entries = rings->sq_ring_entries;
>> - ctx->cq_entries = rings->cq_ring_entries;
>>
>> size = array_size(sizeof(struct io_uring_sqe), p->sq_entries);
>> if (size == SIZE_MAX) {
>> --
>> 2.28.0
>>
>
> While reviewing I was asking if we should move io_account_mem() before
> io_allocate_scq_urings(), then I saw the second patch :-)
Indeed, just split it in two to avoid any extra issues around backporting.
> Reviewed-by: Stefano Garzarella <sgarzare@redhat.com>
Thanks, added.
--
Jens Axboe
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2020-08-06 17:22 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
[not found] <20200805190224.401962-1-axboe@kernel.dk>
2020-08-05 19:02 ` [PATCH 1/2] io_uring: set ctx sq/cq entry count earlier Jens Axboe
2020-08-06 7:39 ` Stefano Garzarella
2020-08-06 13:20 ` Jens Axboe
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).