diff options
author | Al Viro <viro@zeniv.linux.org.uk> | 2015-03-31 17:54:59 +0200 |
---|---|---|
committer | Al Viro <viro@zeniv.linux.org.uk> | 2015-04-12 04:27:55 +0200 |
commit | 47e393622bbdd48aa21837eb2c55ee1c359e080c (patch) | |
tree | 603da19bd5834a44723bd39693373ec56ca1e75d /fs/aio.c | |
parent | ioctx_alloc(): remove pointless check (diff) | |
download | linux-47e393622bbdd48aa21837eb2c55ee1c359e080c.tar.xz linux-47e393622bbdd48aa21837eb2c55ee1c359e080c.zip |
aio_run_iocb(): kill dead check
We check if ->ki_pos is positive. However, by that point we have
already done rw_verify_area(), which would have rejected such
unless the file had been one of /dev/mem, /dev/kmem and /proc/kcore.
All of which do not have vectored rw methods, so we would've bailed
out even earlier.
This check had been introduced before rw_verify_area() had been added there
- in fact, it was a subset of checks done on sync paths by rw_verify_area()
(back then the /dev/mem exception didn't exist at all). The rest of checks
(mandatory locking, etc.) hadn't been added until later. Unfortunately,
by the time the call of rw_verify_area() got added, the /dev/mem exception
had already appeared, so it wasn't obvious that the older explicit check
downstream had become dead code. It *is* a dead code, though, since the few
files for which the exception applies do not have ->aio_{read,write}() or
->{read,write}_iter() and for them we won't reach that check anyway.
What's more, even if we ever introduce vectored methods for /dev/mem
and friends, they'll have to cope with negative positions anyway, since
readv(2) and writev(2) are using the same checks as read(2) and write(2) -
i.e. rw_verify_area().
Let's bury it.
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to '')
-rw-r--r-- | fs/aio.c | 7 |
1 files changed, 0 insertions, 7 deletions
@@ -1422,13 +1422,6 @@ rw_common: len = ret; - /* XXX: move/kill - rw_verify_area()? */ - /* This matches the pread()/pwrite() logic */ - if (req->ki_pos < 0) { - ret = -EINVAL; - break; - } - if (rw == WRITE) file_start_write(file); |