Fix: Backport of "Fix: increment buffer offset when failing to copy from user-space"

[lttng-modules.git] / lib / ringbuffer / backend.h

diff --git a/lib/ringbuffer/backend.h b/lib/ringbuffer/backend.h
index 501fad480db4c05de59c1051fe7caf4577ad9621..bfadd94b99fbe40760e64a75a64dfb6b5fd1361d 100644 (file)
--- a/lib/ringbuffer/backend.h
+++ b/lib/ringbuffer/backend.h
@@ -21,7 +21,7 @@
 #include <linux/list.h>
 #include <linux/fs.h>
 #include <linux/mm.h>
-#include <linux/uaccess.h>
+#include <wrapper/uaccess.h>
 
 /* Internal helpers */
 #include <wrapper/ringbuffer/backend_internal.h>
@@ -156,7 +156,7 @@ size_t lib_ring_buffer_do_strcpy(const struct lib_ring_buffer_config *config,
                 * Only read source character once, in case it is
                 * modified concurrently.
                 */
-               c = READ_ONCE(src[count]);
+               c = LTTNG_READ_ONCE(src[count]);
                if (!c)
                        break;
                lib_ring_buffer_do_copy(config, &dest[count], &c, 1);
@@ -277,7 +277,6 @@ void lib_ring_buffer_copy_from_user_inatomic(const struct lib_ring_buffer_config
        size_t offset = ctx->buf_offset;
        struct lib_ring_buffer_backend_pages *backend_pages;
        unsigned long ret;
-       mm_segment_t old_fs = get_fs();
 
        if (unlikely(!len))
                return;
@@ -287,9 +286,8 @@ void lib_ring_buffer_copy_from_user_inatomic(const struct lib_ring_buffer_config
        index = (offset & (chanb->subbuf_size - 1)) >> PAGE_SHIFT;
        pagecpy = min_t(size_t, len, (-offset) & ~PAGE_MASK);
 
-       set_fs(KERNEL_DS);
        pagefault_disable();
-       if (unlikely(!access_ok(VERIFY_READ, src, len)))
+       if (unlikely(!lttng_access_ok(VERIFY_READ, src, len)))
                goto fill_buffer;
 
        if (likely(pagecpy == len)) {
@@ -304,19 +302,18 @@ void lib_ring_buffer_copy_from_user_inatomic(const struct lib_ring_buffer_config
                _lib_ring_buffer_copy_from_user_inatomic(bufb, offset, src, len, 0);
        }
        pagefault_enable();
-       set_fs(old_fs);
        ctx->buf_offset += len;
 
        return;
 
 fill_buffer:
        pagefault_enable();
-       set_fs(old_fs);
        /*
         * In the error path we call the slow path version to avoid
         * the pollution of static inline code.
         */
        _lib_ring_buffer_memset(bufb, offset, 0, len, 0);
+       ctx->buf_offset += len;
 }
 
 /**
@@ -347,7 +344,6 @@ void lib_ring_buffer_strcpy_from_user_inatomic(const struct lib_ring_buffer_conf
        size_t index, pagecpy;
        size_t offset = ctx->buf_offset;
        struct lib_ring_buffer_backend_pages *backend_pages;
-       mm_segment_t old_fs = get_fs();
 
        if (unlikely(!len))
                return;
@@ -357,9 +353,8 @@ void lib_ring_buffer_strcpy_from_user_inatomic(const struct lib_ring_buffer_conf
        index = (offset & (chanb->subbuf_size - 1)) >> PAGE_SHIFT;
        pagecpy = min_t(size_t, len, (-offset) & ~PAGE_MASK);
 
-       set_fs(KERNEL_DS);
        pagefault_disable();
-       if (unlikely(!access_ok(VERIFY_READ, src, len)))
+       if (unlikely(!lttng_access_ok(VERIFY_READ, src, len)))
                goto fill_buffer;
 
        if (likely(pagecpy == len)) {
@@ -388,14 +383,12 @@ void lib_ring_buffer_strcpy_from_user_inatomic(const struct lib_ring_buffer_conf
                                        len, 0, pad);
        }
        pagefault_enable();
-       set_fs(old_fs);
        ctx->buf_offset += len;
 
        return;
 
 fill_buffer:
        pagefault_enable();
-       set_fs(old_fs);
        /*
         * In the error path we call the slow path version to avoid
         * the pollution of static inline code.
@@ -403,6 +396,7 @@ fill_buffer:
        _lib_ring_buffer_memset(bufb, offset, pad, len - 1, 0);
        offset += len - 1;
        _lib_ring_buffer_memset(bufb, offset, '\0', 1, 0);
+       ctx->buf_offset += len;
 }
 
 /*
@@ -447,16 +441,12 @@ unsigned long lib_ring_buffer_copy_from_user_check_nofault(void *dest,
                                                unsigned long len)
 {
        unsigned long ret;
-       mm_segment_t old_fs;
 
-       if (!access_ok(VERIFY_READ, src, len))
+       if (!lttng_access_ok(VERIFY_READ, src, len))
                return 1;
-       old_fs = get_fs();
-       set_fs(KERNEL_DS);
        pagefault_disable();
        ret = __copy_from_user_inatomic(dest, src, len);
        pagefault_enable();
-       set_fs(old_fs);
        return ret;
 }