Received: by 2002:a25:7ec1:0:0:0:0:0 with SMTP id z184csp3460714ybc; Mon, 25 Nov 2019 15:05:48 -0800 (PST) X-Google-Smtp-Source: APXvYqw5orJ4UwGKjP4wHNUM+N08nuuORHy4dVHOrZhXzR8B49oT1inH8Wdw6FGDyzp/K2Q6cGqV X-Received: by 2002:a17:906:4e53:: with SMTP id g19mr39739834ejw.286.1574723148396; Mon, 25 Nov 2019 15:05:48 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1574723148; cv=none; d=google.com; s=arc-20160816; b=cmG/MpILCPY3w7WWG6tR5QrkJVnceLkoB6yHLC+TU+0GE/nOMHyue8dRvTrgDTSPu0 Xw/tY/zi7buaJu6+NgRjSeNdjitN77nWD8Nps6+fv6RsSaUe9Ws9wm0iRolrsP2kzcwx NWC5nUQkqpb82PQSZHvR7AgQWdbRFOyyElXidMgMueN+/bM7/oOp3J145jCXzfonNeCz HnoquareqEkMKXWyZPdXsO23Jfzi4X1dVE/LtWkIE1Z6Veyu3ts4/6sjhLTqlUKbmRwp OEyN2bCXCpmzvwHUZR8jpbsUkU8RiMoJDdb+3aYDgkNvc0qEhPuf3BeOcLnPe0MBtt81 Bt0Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:content-disposition :mime-version:message-id:subject:cc:to:from:date:dkim-signature; bh=6hWdddTYX2EN+e7oLjAml7YLdHvsihbxMMKm+GdLfgk=; b=ZA0HGqbHq5sTTWuhBjxgVX+RgLSOsyYFakMU2wNUCcLLx3KsTvupoBdY1f/A18bS6U KsSnwVOAU5gfZaCsVBg5noVzhh7Y9LIfsEub8GPRRI8GOyq+J8ZTFUDfGNCzAjLEjjdY /d7eCNf69t0beKPodJKPNNgvZSCaAFW2LKvtGe4+eEiVPWF27R3WgYlhcJWVlxtzPeGx /0+oZWytuJ36uuksc4DhxecZgiR0bg6skQA8eb5GxAW7a8ZSPqeAh2+FrDoKQtR6j1Ib 7iU17yN1zWf8Xx2QFZfff1+9KznvsN6giXN4kQtR09d2xpr3JWlZNdI+J8eb1qNY5+er Pchg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=WZkLYSU5; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id h26si5705309ejy.355.2019.11.25.15.05.23; Mon, 25 Nov 2019 15:05:48 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=WZkLYSU5; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727040AbfKYXDa (ORCPT + 99 others); Mon, 25 Nov 2019 18:03:30 -0500 Received: from mail.kernel.org ([198.145.29.99]:50552 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725940AbfKYXDa (ORCPT ); Mon, 25 Nov 2019 18:03:30 -0500 Received: from localhost (unknown [148.87.23.4]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 8D41E20733; Mon, 25 Nov 2019 23:03:29 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1574723009; bh=awSI1iSxQbhSMV0m77NwnLOTQKzfcKC3DBlLMmMYNGA=; h=Date:From:To:Cc:Subject:From; b=WZkLYSU53+TCdd5XbKUpAvsTF6p8uUTt1bP8tiSfGNHTjbY4I4KvZoW7uMxYPBPZX wtyI4r554FqLYpnJpLgBiufq4SJNPVMSaOE/HKg39MEVl6+7JBXTze1MmA8V6NroIK Wmh4hpF8HJlZnTniKAWpwqM9wevTUHNoOFVQAebQ= Date: Mon, 25 Nov 2019 15:03:26 -0800 From: "Darrick J. Wong" To: Linus Torvalds Cc: "Darrick J. Wong" , linux-fsdevel@vger.kernel.org, linux-xfs@vger.kernel.org, linux-kernel@vger.kernel.org, agruenba@redhat.com Subject: [GIT PULL] splice: fix for 5.5 Message-ID: <20191125230326.GS6211@magnolia> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.9.4 (2018-02-28) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi Linus, Please pull this single patch for 5.5 that fixes some questionable pipe behavior in the splice code. Specifically, whenever we perform a read into a pipe, we now clamp the read request to the length of the pipe buffer since there's no point in asking for more than we can handle. We already fixed this in one place, but Andreas Gruenbacher found another place where we could overflow, and requested a second fix. The branch merges cleanly against this morning's HEAD and survived a few days' worth of xfstests. The merge was completely straightforward, so please let me know if you run into anything weird. --D The following changes since commit 4f5cafb5cb8471e54afdc9054d973535614f7675: Linux 5.4-rc3 (2019-10-13 16:37:36 -0700) are available in the Git repository at: git://git.kernel.org/pub/scm/fs/xfs/xfs-linux.git tags/vfs-5.5-merge-1 for you to fetch changes up to 3253d9d093376d62b4a56e609f15d2ec5085ac73: splice: only read in as much information as there is pipe buffer space (2019-10-15 08:44:32 -0700) ---------------------------------------------------------------- New code for 5.5: - Fix another place in the splice code where a pipe could ask a filesystem for a longer read than the pipe actually has free buffer space. ---------------------------------------------------------------- Darrick J. Wong (1): splice: only read in as much information as there is pipe buffer space fs/splice.c | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-)