github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-08 22:52:35 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
Linux kernel source tree
1,049,379 Commits 1 Branch 934 Tags 20 GiB
C 97%
Assembly 1%
Shell 0.6%
Rust 0.5%
Python 0.4%
Other 0.3%
ca62747b38
Go to file
Miklos Szeredi ca62747b38 fuse: fix pipe buffer lifetime for direct_io 
commit 0c4bcfdecb upstream.

In FOPEN_DIRECT_IO mode, fuse_file_write_iter() calls
fuse_direct_write_iter(), which normally calls fuse_direct_io(), which then
imports the write buffer with fuse_get_user_pages(), which uses
iov_iter_get_pages() to grab references to userspace pages instead of
actually copying memory.

On the filesystem device side, these pages can then either be read to
userspace (via fuse_dev_read()), or splice()d over into a pipe using
fuse_dev_splice_read() as pipe buffers with &nosteal_pipe_buf_ops.

This is wrong because after fuse_dev_do_read() unlocks the FUSE request,
the userspace filesystem can mark the request as completed, causing write()
to return. At that point, the userspace filesystem should no longer have
access to the pipe buffer.

Fix by copying pages coming from the user address space to new pipe
buffers.

Reported-by: Jann Horn <jannh@google.com>
Fixes: c3021629a0 ("fuse: support splice() reading from fuse device")
Cc: <stable@vger.kernel.org>
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2022-03-16 14:23:42 +01:00
arch ARM: Spectre-BHB: provide empty stub for non-config 2022-03-16 14:23:42 +01:00
block block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern 2022-03-08 19:12:31 +01:00
certs certs: Add support for using elliptic curve keys for signing modules 2021-08-23 19:55:42 +03:00
crypto crypto: api - Move cryptomgr soft dependency into algapi 2022-02-11 09:10:26 +01:00
Documentation swiotlb: fix info leak with DMA_FROM_DEVICE 2022-03-16 14:23:40 +01:00
drivers Revert "xen-netback: Check for hotplug-status existence before watching" 2022-03-16 14:23:41 +01:00
fs fuse: fix pipe buffer lifetime for direct_io 2022-03-16 14:23:42 +01:00
include swiotlb: fix info leak with DMA_FROM_DEVICE 2022-03-16 14:23:40 +01:00
init init: make unknown command line param message clearer 2021-11-18 19:17:11 +01:00
ipc ipc/sem: do not sleep with a spin lock held 2022-02-08 18:34:03 +01:00
kernel tracing/osnoise: Make osnoise_main to sleep for microseconds 2022-03-16 14:23:42 +01:00
lib lib/iov_iter: initialize "flags" in new pipe_buffer 2022-02-23 12:03:20 +01:00
LICENSES LICENSES/dual/CC-BY-4.0: Git rid of "smart quotes" 2021-07-15 06:31:24 -06:00
mm memfd: fix F_SEAL_WRITE after shmem huge page allocated 2022-03-08 19:12:48 +01:00
net ipv6: prevent a possible race condition with lifetimes 2022-03-16 14:23:41 +01:00
samples samples: bpf: Fix 'unknown warning group' build warning on Clang 2022-01-27 11:03:29 +01:00
scripts kconfig: fix failing to generate auto.conf 2022-02-23 12:03:20 +01:00
security selinux: fix misuse of mutex_is_locked() 2022-03-02 11:47:48 +01:00
sound ASoC: cs4265: Fix the duplicated control name 2022-03-08 19:12:47 +01:00
tools selftests/memfd: clean up mapping in mfd_fail_write 2022-03-16 14:23:42 +01:00
usr usr/include/Makefile: add linux/nfc.h to the compile-test coverage 2022-02-01 17:27:15 +01:00
virt KVM: Fix lockdep false negative during host resume 2022-03-16 14:23:40 +01:00
.clang-format clang-format: Update with the latest for_each macro list 2021-05-12 23:32:39 +02:00
.cocciconfig
.get_maintainer.ignore Opt out of scripts/get_maintainer.pl 2019-05-16 10:53:40 -07:00
.gitattributes .gitattributes: use 'dts' diff driver for dts files 2019-12-04 19:44:11 -08:00
.gitignore .gitignore: ignore only top-level modules.builtin 2021-05-02 00:43:35 +09:00
.mailmap mailmap: add Andrej Shadura 2021-10-18 20:22:03 -10:00
COPYING COPYING: state that all contributions really are covered by this file 2020-02-10 13:32:20 -08:00
CREDITS MAINTAINERS: Move Daniel Drake to credits 2021-09-21 08:34:58 +03:00
Kbuild kbuild: rename hostprogs-y/always to hostprogs/always-y 2020-02-04 01:53:07 +09:00
Kconfig kbuild: ensure full rebuild when the compiler is updated 2020-05-12 13:28:33 +09:00
MAINTAINERS MAINTAINERS: adjust file entry for of_net.c after movement 2022-03-08 19:12:53 +01:00
Makefile Linux 5.15.28 2022-03-11 12:22:37 +01:00
README Drop all 00-INDEX files from Documentation/ 2018-09-09 15:08:58 -06:00

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.