Changeset View
Changeset View
Standalone View
Standalone View
sys/kern/subr_sbuf.c
Show First 20 Lines • Show All 260 Lines • ▼ Show 20 Lines | |||||
sbuf_uionew(struct sbuf *s, struct uio *uio, int *error) | sbuf_uionew(struct sbuf *s, struct uio *uio, int *error) | ||||
{ | { | ||||
KASSERT(uio != NULL, | KASSERT(uio != NULL, | ||||
("%s called with NULL uio pointer", __func__)); | ("%s called with NULL uio pointer", __func__)); | ||||
KASSERT(error != NULL, | KASSERT(error != NULL, | ||||
("%s called with NULL error pointer", __func__)); | ("%s called with NULL error pointer", __func__)); | ||||
if (uio->uio_resid >= INT_MAX || uio->uio_resid < SBUF_MINSIZE - 1) { | |||||
markj: I suspect it should be `uio->uio_resid < SBUF_MINSIZE - 1`, otherwise it is impossible to write… | |||||
*error = EINVAL; | |||||
return (NULL); | |||||
} | |||||
Done Inline ActionsThis still permits userspace to trigger a large kernel allocation. pfs_read() imposes a limit of 1MB, PFS_MAXBUFSIZ. I think this is probably a reasonable limit for writes as well? markj: This still permits userspace to trigger a large kernel allocation.
pfs_read() imposes a limit… | |||||
Done Inline ActionsEven 1M is arguably large kernel allocation. I do not want to add drain support and drain code. kib: Even 1M is arguably large kernel allocation.
Without drain, it is the only way around.
I do… | |||||
Not Done Inline ActionsAnd consumers have to opt in to using sbuf drain anyway. markj: And consumers have to opt in to using sbuf drain anyway. | |||||
s = sbuf_new(s, NULL, uio->uio_resid + 1, 0); | s = sbuf_new(s, NULL, uio->uio_resid + 1, 0); | ||||
if (s == NULL) { | if (s == NULL) { | ||||
*error = ENOMEM; | *error = ENOMEM; | ||||
return (NULL); | return (NULL); | ||||
} | } | ||||
*error = uiomove(s->s_buf, uio->uio_resid, uio); | *error = uiomove(s->s_buf, uio->uio_resid, uio); | ||||
if (*error != 0) { | if (*error != 0) { | ||||
sbuf_delete(s); | sbuf_delete(s); | ||||
▲ Show 20 Lines • Show All 678 Lines • Show Last 20 Lines |
I suspect it should be uio->uio_resid < SBUF_MINSIZE - 1, otherwise it is impossible to write to a 1-byte file.