Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/sys/kern tty(9): Make ttwrite update uio with only how much ...
details: https://anonhg.NetBSD.org/src/rev/a90a08e824ce
branches: trunk
changeset: 375925:a90a08e824ce
user: riastradh <riastradh%NetBSD.org@localhost>
date: Mon May 22 14:07:37 2023 +0000
description:
tty(9): Make ttwrite update uio with only how much it has consumed.
As is, it leaves uio in an inconsistent state. Good enough for the
write(2) return value to be correct for a userland caller to restart
write(2) where it left off, but not good enough for a loop in the
kernel to reuse the same uio.
Reported-by: syzbot+e0f56178d0add0d8be20%syzkaller.appspotmail.com@localhost
https://syzkaller.appspot.com/bug?id=6290eb02b8fe73361dc15c7bc44e1208601e6af8
Reported-by: syzbot+7caa189e8fccd926357e%syzkaller.appspotmail.com@localhost
https://syzkaller.appspot.com/bug?id=c0a3b77b4831dfa81fc855857bde81755d246bd3
Reported-by: syzbot+4a1eff91eb4e7c1970b6%syzkaller.appspotmail.com@localhost
https://syzkaller.appspot.com/bug?id=10523a633a4ad9749f57dc7cf03f9447d518c5b8
Reported-by: syzbot+1d3c280f59099dc82e17%syzkaller.appspotmail.com@localhost
https://syzkaller.appspot.com/bug?id=8e02ebb0da76a8e286461f33502117a1d30275c6
Reported-by: syzbot+080d51214d0634472b12%syzkaller.appspotmail.com@localhost
https://syzkaller.appspot.com/bug?id=1f617747db8087e5554d3df1b79a545dee26a650
Reported-by: syzbot+dd50b448e49e5020131a%syzkaller.appspotmail.com@localhost
https://syzkaller.appspot.com/bug?id=f71c8cef4110b7eeac6eca67b6a4d1f4a8b3e96f
Reported-by: syzbot+26b675ecf0cc9dfd8586%syzkaller.appspotmail.com@localhost
https://syzkaller.appspot.com/bug?id=57b1901f5b3e090a964d08dd0d729f9909f203be
Reported-by: syzbot+87f0df2c9056313a5c4b%syzkaller.appspotmail.com@localhost
https://syzkaller.appspot.com/bug?id=67994a3da32d075144e25d1ac314be1d9694ae6e
Reported-by: syzbot+e5bc98e18aa42f0cb25d%syzkaller.appspotmail.com@localhost
https://syzkaller.appspot.com/bug?id=6374bd286532423c63f2b331748280729134224c
Reported-by: syzbot+7e587f4c5aaaf80e84b3%syzkaller.appspotmail.com@localhost
https://syzkaller.appspot.com/bug?id=976210ed438d48ac275d77d7ebf4a086e43b5fcb
diffstat:
sys/kern/tty.c | 21 +++++++++------------
1 files changed, 9 insertions(+), 12 deletions(-)
diffs (63 lines):
diff -r 87b81b7bbdc4 -r a90a08e824ce sys/kern/tty.c
--- a/sys/kern/tty.c Mon May 22 14:07:24 2023 +0000
+++ b/sys/kern/tty.c Mon May 22 14:07:37 2023 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: tty.c,v 1.310 2023/04/12 06:35:26 riastradh Exp $ */
+/* $NetBSD: tty.c,v 1.311 2023/05/22 14:07:37 riastradh Exp $ */
/*-
* Copyright (c) 2008, 2020 The NetBSD Foundation, Inc.
@@ -63,7 +63,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: tty.c,v 1.310 2023/04/12 06:35:26 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: tty.c,v 1.311 2023/05/22 14:07:37 riastradh Exp $");
#ifdef _KERNEL_OPT
#include "opt_compat_netbsd.h"
@@ -2229,13 +2229,13 @@ ttwrite(struct tty *tp, struct uio *uio,
{
u_char *cp;
struct proc *p;
- int cc, ce, i, hiwat, error;
+ int cc, cc0, ce, i, hiwat, error;
u_char obuf[OBUFSIZ];
cp = NULL;
hiwat = tp->t_hiwat;
error = 0;
- cc = 0;
+ cc0 = cc = 0;
loop:
mutex_spin_enter(&tty_lock);
if (!CONNECTED(tp)) {
@@ -2300,9 +2300,10 @@ ttwrite(struct tty *tp, struct uio *uio,
* leftover from last time.
*/
if (cc == 0) {
- cc = uimin(uio->uio_resid, OBUFSIZ);
+ uioskip(cc0, uio);
+ cc0 = cc = uimin(uio->uio_resid, OBUFSIZ);
cp = obuf;
- error = uiomove(cp, cc, uio);
+ error = uiopeek(cp, cc, uio);
if (error) {
cc = 0;
goto out;
@@ -2373,13 +2374,9 @@ ttwrite(struct tty *tp, struct uio *uio,
}
out:
- /*
- * If cc is nonzero, we leave the uio structure inconsistent, as the
- * offset and iov pointers have moved forward, but it doesn't matter
- * (the call will either return short or restart with a new uio).
- */
KASSERTMSG(error || cc == 0, "error=%d cc=%d", error, cc);
- uio->uio_resid += cc;
+ KASSERTMSG(cc0 >= cc, "cc0=%d cc=%d", cc0, cc);
+ uioskip(cc0 - cc, uio);
return (error);
overfull:
Home |
Main Index |
Thread Index |
Old Index