diff options
| author | Pavel Begunkov <asml.silence@gmail.com> | 2025-11-06 12:31:56 +0000 |
|---|---|---|
| committer | Jens Axboe <axboe@kernel.dk> | 2025-11-11 07:53:33 -0700 |
| commit | 21bd7b14a32de35bc6c4fff7a739dc5d33ce04f1 (patch) | |
| tree | 17f73739d3f81d077470952cb3c1504c90164933 /io_uring | |
| parent | b6c5f9454ef34fd2753ba7843ef4d9a295c43eee (diff) | |
io_uring/query: buffer size calculations with a union
Instead of having an array of a calculated size as a buffer, put all
query uapi structures into a union and pass that around. That way
everything is well typed, and the compiler will prevent opcode handling
using a structure not accounted into the buffer size.
Signed-off-by: Pavel Begunkov <asml.silence@gmail.com>
Signed-off-by: Jens Axboe <axboe@kernel.dk>
Diffstat (limited to 'io_uring')
| -rw-r--r-- | io_uring/query.c | 20 |
1 files changed, 11 insertions, 9 deletions
diff --git a/io_uring/query.c b/io_uring/query.c index 645301bd2c82..6cf732936b3d 100644 --- a/io_uring/query.c +++ b/io_uring/query.c @@ -5,14 +5,16 @@ #include "query.h" #include "io_uring.h" -#define IO_MAX_QUERY_SIZE (sizeof(struct io_uring_query_opcode)) +union io_query_data { + struct io_uring_query_opcode opcodes; +}; + +#define IO_MAX_QUERY_SIZE sizeof(union io_query_data) #define IO_MAX_QUERY_ENTRIES 1000 -static ssize_t io_query_ops(void *data) +static ssize_t io_query_ops(union io_query_data *data) { - struct io_uring_query_opcode *e = data; - - BUILD_BUG_ON(sizeof(*e) > IO_MAX_QUERY_SIZE); + struct io_uring_query_opcode *e = &data->opcodes; e->nr_request_opcodes = IORING_OP_LAST; e->nr_register_opcodes = IORING_REGISTER_LAST; @@ -24,7 +26,7 @@ static ssize_t io_query_ops(void *data) } static int io_handle_query_entry(struct io_ring_ctx *ctx, - void *data, void __user *uhdr, + union io_query_data *data, void __user *uhdr, u64 *next_entry) { struct io_uring_query_hdr hdr; @@ -73,11 +75,11 @@ out: int io_query(struct io_ring_ctx *ctx, void __user *arg, unsigned nr_args) { - char entry_buffer[IO_MAX_QUERY_SIZE]; + union io_query_data entry_buffer; void __user *uhdr = arg; int ret, nr = 0; - memset(entry_buffer, 0, sizeof(entry_buffer)); + memset(&entry_buffer, 0, sizeof(entry_buffer)); if (nr_args) return -EINVAL; @@ -85,7 +87,7 @@ int io_query(struct io_ring_ctx *ctx, void __user *arg, unsigned nr_args) while (uhdr) { u64 next_hdr; - ret = io_handle_query_entry(ctx, entry_buffer, uhdr, &next_hdr); + ret = io_handle_query_entry(ctx, &entry_buffer, uhdr, &next_hdr); if (ret) return ret; uhdr = u64_to_user_ptr(next_hdr); |