• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // SPDX-License-Identifier: GPL-2.0
2 #include <linux/kernel.h>
3 #include <linux/errno.h>
4 #include <linux/file.h>
5 #include <linux/io_uring.h>
6 #include <linux/security.h>
7 #include <linux/nospec.h>
8 
9 #include <uapi/linux/io_uring.h>
10 #include <asm/ioctls.h>
11 
12 #include "io_uring.h"
13 #include "rsrc.h"
14 #include "uring_cmd.h"
15 
io_uring_cmd_work(struct io_kiocb * req,struct io_tw_state * ts)16 static void io_uring_cmd_work(struct io_kiocb *req, struct io_tw_state *ts)
17 {
18 	struct io_uring_cmd *ioucmd = io_kiocb_to_cmd(req, struct io_uring_cmd);
19 	unsigned issue_flags = ts->locked ? 0 : IO_URING_F_UNLOCKED;
20 
21 	ioucmd->task_work_cb(ioucmd, issue_flags);
22 }
23 
__io_uring_cmd_do_in_task(struct io_uring_cmd * ioucmd,void (* task_work_cb)(struct io_uring_cmd *,unsigned),unsigned flags)24 void __io_uring_cmd_do_in_task(struct io_uring_cmd *ioucmd,
25 			void (*task_work_cb)(struct io_uring_cmd *, unsigned),
26 			unsigned flags)
27 {
28 	struct io_kiocb *req = cmd_to_io_kiocb(ioucmd);
29 
30 	ioucmd->task_work_cb = task_work_cb;
31 	req->io_task_work.func = io_uring_cmd_work;
32 	__io_req_task_work_add(req, flags);
33 }
34 EXPORT_SYMBOL_GPL(__io_uring_cmd_do_in_task);
35 
io_uring_cmd_do_in_task_lazy(struct io_uring_cmd * ioucmd,void (* task_work_cb)(struct io_uring_cmd *,unsigned))36 void io_uring_cmd_do_in_task_lazy(struct io_uring_cmd *ioucmd,
37 			void (*task_work_cb)(struct io_uring_cmd *, unsigned))
38 {
39 	__io_uring_cmd_do_in_task(ioucmd, task_work_cb, IOU_F_TWQ_LAZY_WAKE);
40 }
41 EXPORT_SYMBOL_GPL(io_uring_cmd_do_in_task_lazy);
42 
io_req_set_cqe32_extra(struct io_kiocb * req,u64 extra1,u64 extra2)43 static inline void io_req_set_cqe32_extra(struct io_kiocb *req,
44 					  u64 extra1, u64 extra2)
45 {
46 	req->big_cqe.extra1 = extra1;
47 	req->big_cqe.extra2 = extra2;
48 }
49 
50 /*
51  * Called by consumers of io_uring_cmd, if they originally returned
52  * -EIOCBQUEUED upon receiving the command.
53  */
io_uring_cmd_done(struct io_uring_cmd * ioucmd,ssize_t ret,ssize_t res2,unsigned issue_flags)54 void io_uring_cmd_done(struct io_uring_cmd *ioucmd, ssize_t ret, ssize_t res2,
55 		       unsigned issue_flags)
56 {
57 	struct io_kiocb *req = cmd_to_io_kiocb(ioucmd);
58 
59 	if (ret < 0)
60 		req_set_fail(req);
61 
62 	io_req_set_res(req, ret, 0);
63 	if (req->ctx->flags & IORING_SETUP_CQE32)
64 		io_req_set_cqe32_extra(req, res2, 0);
65 	if (req->ctx->flags & IORING_SETUP_IOPOLL) {
66 		/* order with io_iopoll_req_issued() checking ->iopoll_complete */
67 		smp_store_release(&req->iopoll_completed, 1);
68 	} else {
69 		struct io_tw_state ts = {
70 			.locked = !(issue_flags & IO_URING_F_UNLOCKED),
71 		};
72 		io_req_task_complete(req, &ts);
73 	}
74 }
75 EXPORT_SYMBOL_GPL(io_uring_cmd_done);
76 
io_uring_cmd_prep_async(struct io_kiocb * req)77 int io_uring_cmd_prep_async(struct io_kiocb *req)
78 {
79 	struct io_uring_cmd *ioucmd = io_kiocb_to_cmd(req, struct io_uring_cmd);
80 
81 	memcpy(req->async_data, ioucmd->sqe, uring_sqe_size(req->ctx));
82 	ioucmd->sqe = req->async_data;
83 	return 0;
84 }
85 
io_uring_cmd_prep(struct io_kiocb * req,const struct io_uring_sqe * sqe)86 int io_uring_cmd_prep(struct io_kiocb *req, const struct io_uring_sqe *sqe)
87 {
88 	struct io_uring_cmd *ioucmd = io_kiocb_to_cmd(req, struct io_uring_cmd);
89 
90 	if (sqe->__pad1)
91 		return -EINVAL;
92 
93 	ioucmd->flags = READ_ONCE(sqe->uring_cmd_flags);
94 	if (ioucmd->flags & ~IORING_URING_CMD_FIXED)
95 		return -EINVAL;
96 
97 	if (ioucmd->flags & IORING_URING_CMD_FIXED) {
98 		struct io_ring_ctx *ctx = req->ctx;
99 		u16 index;
100 
101 		req->buf_index = READ_ONCE(sqe->buf_index);
102 		if (unlikely(req->buf_index >= ctx->nr_user_bufs))
103 			return -EFAULT;
104 		index = array_index_nospec(req->buf_index, ctx->nr_user_bufs);
105 		req->imu = ctx->user_bufs[index];
106 		io_req_set_rsrc_node(req, ctx, 0);
107 	}
108 	ioucmd->sqe = sqe;
109 	ioucmd->cmd_op = READ_ONCE(sqe->cmd_op);
110 	return 0;
111 }
112 
io_uring_cmd(struct io_kiocb * req,unsigned int issue_flags)113 int io_uring_cmd(struct io_kiocb *req, unsigned int issue_flags)
114 {
115 	struct io_uring_cmd *ioucmd = io_kiocb_to_cmd(req, struct io_uring_cmd);
116 	struct io_ring_ctx *ctx = req->ctx;
117 	struct file *file = req->file;
118 	int ret;
119 
120 	if (!file->f_op->uring_cmd)
121 		return -EOPNOTSUPP;
122 
123 	ret = security_uring_cmd(ioucmd);
124 	if (ret)
125 		return ret;
126 
127 	if (ctx->flags & IORING_SETUP_SQE128)
128 		issue_flags |= IO_URING_F_SQE128;
129 	if (ctx->flags & IORING_SETUP_CQE32)
130 		issue_flags |= IO_URING_F_CQE32;
131 	if (ctx->flags & IORING_SETUP_IOPOLL) {
132 		if (!file->f_op->uring_cmd_iopoll)
133 			return -EOPNOTSUPP;
134 		issue_flags |= IO_URING_F_IOPOLL;
135 		req->iopoll_completed = 0;
136 		WRITE_ONCE(ioucmd->cookie, NULL);
137 	}
138 
139 	ret = file->f_op->uring_cmd(ioucmd, issue_flags);
140 	if (ret == -EAGAIN) {
141 		if (!req_has_async_data(req)) {
142 			if (io_alloc_async_data(req))
143 				return -ENOMEM;
144 			io_uring_cmd_prep_async(req);
145 		}
146 		return -EAGAIN;
147 	}
148 
149 	if (ret != -EIOCBQUEUED) {
150 		if (ret < 0)
151 			req_set_fail(req);
152 		io_req_set_res(req, ret, 0);
153 		return ret;
154 	}
155 
156 	return IOU_ISSUE_SKIP_COMPLETE;
157 }
158 
io_uring_cmd_import_fixed(u64 ubuf,unsigned long len,int rw,struct iov_iter * iter,void * ioucmd)159 int io_uring_cmd_import_fixed(u64 ubuf, unsigned long len, int rw,
160 			      struct iov_iter *iter, void *ioucmd)
161 {
162 	struct io_kiocb *req = cmd_to_io_kiocb(ioucmd);
163 
164 	return io_import_fixed(rw, iter, req->imu, ubuf, len);
165 }
166 EXPORT_SYMBOL_GPL(io_uring_cmd_import_fixed);
167 
io_uring_cmd_sock(struct io_uring_cmd * cmd,unsigned int issue_flags)168 int io_uring_cmd_sock(struct io_uring_cmd *cmd, unsigned int issue_flags)
169 {
170 	struct socket *sock = cmd->file->private_data;
171 	struct sock *sk = sock->sk;
172 	struct proto *prot = READ_ONCE(sk->sk_prot);
173 	int ret, arg = 0;
174 
175 	if (!prot || !prot->ioctl)
176 		return -EOPNOTSUPP;
177 
178 	switch (cmd->sqe->cmd_op) {
179 	case SOCKET_URING_OP_SIOCINQ:
180 		ret = prot->ioctl(sk, SIOCINQ, &arg);
181 		if (ret)
182 			return ret;
183 		return arg;
184 	case SOCKET_URING_OP_SIOCOUTQ:
185 		ret = prot->ioctl(sk, SIOCOUTQ, &arg);
186 		if (ret)
187 			return ret;
188 		return arg;
189 	default:
190 		return -EOPNOTSUPP;
191 	}
192 }
193 EXPORT_SYMBOL_GPL(io_uring_cmd_sock);
194