      If the requested msize is too small (either from command line argument
      or from the server version reply), we won't get any work done.
      If it's *really* too small, nothing will work, and this got caught by
      syzbot recently (on a new kmem_cache_create_usercopy() call)
      Just set a minimum msize to 4k in both code paths, until someone
      complains they have a use-case for a smaller msize.
      We need to check in both mount option and server reply individually
      because the msize for the first version request would be unchecked
      with just a global check on clnt->msize.
      Link: http://lkml.kernel.org/r/1541407968-31350-1-git-send-email-asmadeus@codewreck.org
      Reported-by: syzbot+0c1d61e4db7db94102ca@syzkaller.appspotmail.com
      Signed-off-by: default avatarDominique Martinet <dominique.martinet@cea.fr>
      Cc: Eric Van Hensbergen <ericvh@gmail.com>
      Cc: Latchesar Ionkov <lucho@ionkov.net>
      Cc: stable@vger.kernel.org
      When switching to the new iovec accessors, a negation got subtly
      dropped, leading to 9p being remarkably broken (here with kvmtool):
      [    7.430941] VFS: Mounted root (9p filesystem) on device 0:15.
      [    7.432080] devtmpfs: mounted
      [    7.432717] Freeing unused kernel memory: 1344K
      [    7.433658] Run /virt/init as init process
        Warning: unable to translate guest address 0x7e00902ff000 to host
        Warning: unable to translate guest address 0x7e00902fefc0 to host
        Warning: unable to translate guest address 0x7e00902ff000 to host
        Warning: unable to translate guest address 0x7e008febef80 to host
        Warning: unable to translate guest address 0x7e008febf000 to host
        Warning: unable to translate guest address 0x7e008febef00 to host
        Warning: unable to translate guest address 0x7e008febf000 to host
      [    7.436376] Kernel panic - not syncing: Requested init /virt/init failed (error -8).
      [    7.437554] CPU: 29 PID: 1 Comm: swapper/0 Not tainted 4.19.0-rc8-02267-g00e23707 #291
      [    7.439006] Hardware name: linux,dummy-virt (DT)
      [    7.439902] Call trace:
      [    7.440387]  dump_backtrace+0x0/0x148
      [    7.441104]  show_stack+0x14/0x20
      [    7.441768]  dump_stack+0x90/0xb4
      [    7.442425]  panic+0x120/0x27c
      [    7.443036]  kernel_init+0xa4/0x100
      [    7.443725]  ret_from_fork+0x10/0x18
      [    7.444444] SMP: stopping secondary CPUs
      [    7.445391] Kernel Offset: disabled
      [    7.446169] CPU features: 0x0,23000438
      [    7.446974] Memory Limit: none
      [    7.447645] ---[ end Kernel panic - not syncing: Requested init /virt/init failed (error -8). ]---
      Restoring the missing "!" brings the guest back to life.
      Fixes: 00e23707 ("iov_iter: Use accessor function")
      Reported-by: default avatarWill Deacon <will.deacon@arm.com>
      Signed-off-by: default avatarMarc Zyngier <marc.zyngier@arm.com>
      Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
      iov_iter: Separate type from direction and use accessor functions · aa563d7b
      David Howells authored
      In the iov_iter struct, separate the iterator type from the iterator
      direction and use accessor functions to access them in most places.
      Convert a bunch of places to use switch-statements to access them rather
      then chains of bitwise-AND statements.  This makes it easier to add further
      iterator types.  Also, this can be more efficient as to implement a switch
      of small contiguous integers, the compiler can use ~50% fewer compare
      instructions than it has to use bitwise-and instructions.
      Further, cease passing the iterator type into the iterator setup function.
      The iterator function can set that itself.  Only the direction is required.
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
    • David Howells's avatar
      iov_iter: Use accessor function · 00e23707
      David Howells authored
      Use accessor functions to access an iterator's type and direction.  This
      allows for the possibility of using some other method of determining the
      type of iterator than if-chains with bitwise-AND conditions.
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
