• D
    splice: don't read more than available pipe space · 67c14e68
    Darrick J. Wong 提交于
    commit 17614445576b6af24e9cf36607c6448164719c96 upstream.
    
    In commit 4721a601099, we tried to fix a problem wherein directio reads
    into a splice pipe will bounce EFAULT/EAGAIN all the way out to
    userspace by simulating a zero-byte short read.  This happens because
    some directio read implementations (xfs) will call
    bio_iov_iter_get_pages to grab pipe buffer pages and issue asynchronous
    reads, but as soon as we run out of pipe buffers that _get_pages call
    returns EFAULT, which the splice code translates to EAGAIN and bounces
    out to userspace.
    
    In that commit, the iomap code catches the EFAULT and simulates a
    zero-byte read, but that causes assertion errors on regular splice reads
    because xfs doesn't allow short directio reads.
    
    The brokenness is compounded by splice_direct_to_actor immediately
    bailing on do_splice_to returning <= 0 without ever calling ->actor
    (which empties out the pipe), so if userspace calls back we'll EFAULT
    again on the full pipe, and nothing ever gets copied.
    
    Therefore, teach splice_direct_to_actor to clamp its requests to the
    amount of free space in the pipe and remove the simulated short read
    from the iomap directio code.
    
    Fixes: 4721a601099 ("iomap: dio data corruption and spurious errors when pipes fill")
    Reported-by: NMurphy Zhou <jencce.kernel@gmail.com>
    Ranted-by: NAmir Goldstein <amir73il@gmail.com>
    Reviewed-by: NChristoph Hellwig <hch@lst.de>
    Signed-off-by: NDarrick J. Wong <darrick.wong@oracle.com>
    Signed-off-by: NJeffle Xu <jefflexu@linux.alibaba.com>
    Acked-by: NCaspar Zhang <caspar@linux.alibaba.com>
    67c14e68
splice.c 39.9 KB