From 23c832b10ca9ab2685d7d3e0990800ffc846fc92 Mon Sep 17 00:00:00 2001 From: Al Viro Date: Wed, 12 Oct 2016 19:23:50 -0400 Subject: remove spd_release_page() no users left Signed-off-by: Al Viro --- fs/splice.c | 5 ----- 1 file changed, 5 deletions(-) (limited to 'fs/splice.c') diff --git a/fs/splice.c b/fs/splice.c index 873d83104e79..bf17a92e26c3 100644 --- a/fs/splice.c +++ b/fs/splice.c @@ -244,11 +244,6 @@ ssize_t add_to_pipe(struct pipe_inode_info *pipe, struct pipe_buffer *buf) } EXPORT_SYMBOL(add_to_pipe); -void spd_release_page(struct splice_pipe_desc *spd, unsigned int i) -{ - put_page(spd->pages[i]); -} - /* * Check if we need to grow the arrays holding pages and partial page * descriptions. -- cgit v1.2.3-59-g8ed1b From 3d6ea290f337cc64cf44290482e36306fc8aaa31 Mon Sep 17 00:00:00 2001 From: Al Viro Date: Sat, 10 Dec 2016 13:17:32 -0500 Subject: splice/tee/vmsplice: validate flags Long overdue... Signed-off-by: Al Viro --- fs/splice.c | 8 ++++++++ include/linux/splice.h | 2 ++ 2 files changed, 10 insertions(+) (limited to 'fs/splice.c') diff --git a/fs/splice.c b/fs/splice.c index bf17a92e26c3..1af65632c371 100644 --- a/fs/splice.c +++ b/fs/splice.c @@ -1351,6 +1351,8 @@ SYSCALL_DEFINE4(vmsplice, int, fd, const struct iovec __user *, iov, struct fd f; long error; + if (unlikely(flags & ~SPLICE_F_ALL)) + return -EINVAL; if (unlikely(nr_segs > UIO_MAXIOV)) return -EINVAL; else if (unlikely(!nr_segs)) @@ -1401,6 +1403,9 @@ SYSCALL_DEFINE6(splice, int, fd_in, loff_t __user *, off_in, if (unlikely(!len)) return 0; + if (unlikely(flags & ~SPLICE_F_ALL)) + return -EINVAL; + error = -EBADF; in = fdget(fd_in); if (in.file) { @@ -1729,6 +1734,9 @@ SYSCALL_DEFINE4(tee, int, fdin, int, fdout, size_t, len, unsigned int, flags) struct fd in; int error; + if (unlikely(flags & ~SPLICE_F_ALL)) + return -EINVAL; + if (unlikely(!len)) return 0; diff --git a/include/linux/splice.h b/include/linux/splice.h index 3c98dad93bf3..db42746bdfea 100644 --- a/include/linux/splice.h +++ b/include/linux/splice.h @@ -20,6 +20,8 @@ #define SPLICE_F_MORE (0x04) /* expect more data */ #define SPLICE_F_GIFT (0x08) /* pages passed in are a gift */ +#define SPLICE_F_ALL (SPLICE_F_MOVE|SPLICE_F_NONBLOCK|SPLICE_F_MORE|SPLICE_F_GIFT) + /* * Passed to the actors */ -- cgit v1.2.3-59-g8ed1b From 13c0f52beb6310b9c08804c0929901f70abd211a Mon Sep 17 00:00:00 2001 From: Al Viro Date: Sat, 10 Dec 2016 13:20:53 -0500 Subject: make nr_pages calculation in default_file_splice_read() a bit less ugly It's an artifact of lousy calling conventions of iov_iter_get_pages_alloc(). Hopefully, we'll get something saner come next cycle; for now that'll do. Signed-off-by: Al Viro --- fs/splice.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) (limited to 'fs/splice.c') diff --git a/fs/splice.c b/fs/splice.c index 1af65632c371..712bc902e414 100644 --- a/fs/splice.c +++ b/fs/splice.c @@ -385,7 +385,7 @@ static ssize_t default_file_splice_read(struct file *in, loff_t *ppos, struct iov_iter to; struct page **pages; unsigned int nr_pages; - size_t offset, dummy, copied = 0; + size_t offset, base, copied = 0; ssize_t res; int i; @@ -400,12 +400,11 @@ static ssize_t default_file_splice_read(struct file *in, loff_t *ppos, iov_iter_pipe(&to, ITER_PIPE | READ, pipe, len + offset); - res = iov_iter_get_pages_alloc(&to, &pages, len + offset, &dummy); + res = iov_iter_get_pages_alloc(&to, &pages, len + offset, &base); if (res <= 0) return -ENOMEM; - BUG_ON(dummy); - nr_pages = DIV_ROUND_UP(res, PAGE_SIZE); + nr_pages = DIV_ROUND_UP(res + base, PAGE_SIZE); vec = __vec; if (nr_pages > PIPE_DEF_BUFFERS) { -- cgit v1.2.3-59-g8ed1b