Re: [RFC][PATCH] fix short copy handling in copy_mc_pipe_to_iter()

From: Al Viro
Date: Tue Jun 14 2022 - 08:12:30 EST

Next message: Vitaly Kuznetsov: "Re: [PATCH] KVM: nVMX: Don't expose TSC scaling to L1 when on Hyper-V"
Previous message: Irui Wang: "[RESEND V9,6/7] mtk-jpegenc: add output pic reorder interface"
In reply to: David Howells: "Re: [RFC][PATCH] fix short copy handling in copy_mc_pipe_to_iter()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Jun 14, 2022 at 07:36:19AM +0100, David Howells wrote:
> Al Viro <viro@xxxxxxxxxxxxxxxxxx> wrote:
>
> > What's wrong with
> > p_occupancy = pipe_occupancy(head, tail);
> > if (p_occupancy >= pipe->max_usage)
> > return 0;
> > else
> > return pipe->max_usage - p_occupancy;
>
> Because "pipe->max_usage - p_occupancy" can be negative.

Sure can. And in that case you return 0; no problem wiht that.
It's what happens when occupancy is below max_usage that is weird.

> post_one_notification() is limited by pipe->ring_size, not pipe->max_usage.
>
> The idea is to allow some slack in a watch pipe for the watch_queue code to
> use that userspace can't.

Sure. And if this function is supposed to report how many times would
userspace be able to grab a slot, it's returning the wrong value.

Look: 32-slot ring. max_usage is 16. 14 slots are already occupied.
Userland (sure as hell, anything in iov_iter.c) will be able to occupy
two more before it runs into the pipe_full(). And your function returns
min(32 - 14, 16), i.e. 16.

What am I missing here?

Next message: Vitaly Kuznetsov: "Re: [PATCH] KVM: nVMX: Don't expose TSC scaling to L1 when on Hyper-V"
Previous message: Irui Wang: "[RESEND V9,6/7] mtk-jpegenc: add output pic reorder interface"
In reply to: David Howells: "Re: [RFC][PATCH] fix short copy handling in copy_mc_pipe_to_iter()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]