On Wed, Jan 07, 2026 at 05:50:04PM -0800, Caleb Sander Mateos wrote: > On Tue, Jan 6, 2026 at 4:28 PM Ming Lei <[email protected]> wrote: > > > > On Tue, Jan 06, 2026 at 10:20:14AM -0800, Caleb Sander Mateos wrote: > > > On Tue, Jan 6, 2026 at 5:34 AM Ming Lei <[email protected]> wrote: > > > > > > > > On Mon, Jan 05, 2026 at 05:57:41PM -0700, Caleb Sander Mateos wrote: > > > > > From: Stanley Zhang <[email protected]> > > > > > > > > > > Add a function ublk_copy_user_integrity() to copy integrity > > > > > information > > > > > between a request and a user iov_iter. This mirrors the existing > > > > > ublk_copy_user_pages() but operates on request integrity data instead > > > > > of > > > > > regular data. Check UBLKSRV_IO_INTEGRITY_FLAG in iocb->ki_pos in > > > > > ublk_user_copy() to choose between copying data or integrity data. > > > > > > > > > > Signed-off-by: Stanley Zhang <[email protected]> > > > > > [csander: change offset units from data bytes to integrity data bytes, > > > > > test UBLKSRV_IO_INTEGRITY_FLAG after subtracting > > > > > UBLKSRV_IO_BUF_OFFSET, > > > > > fix CONFIG_BLK_DEV_INTEGRITY=n build, > > > > > rebase on ublk user copy refactor] > > > > > Signed-off-by: Caleb Sander Mateos <[email protected]> > > > > > --- > > > > > drivers/block/ublk_drv.c | 52 > > > > > +++++++++++++++++++++++++++++++++-- > > > > > include/uapi/linux/ublk_cmd.h | 4 +++ > > > > > 2 files changed, 53 insertions(+), 3 deletions(-) > > > > > > > > > > diff --git a/drivers/block/ublk_drv.c b/drivers/block/ublk_drv.c > > > > > index e44ab9981ef4..9694a4c1caa7 100644 > > > > > --- a/drivers/block/ublk_drv.c > > > > > +++ b/drivers/block/ublk_drv.c > > > > > @@ -621,10 +621,15 @@ static inline unsigned ublk_pos_to_tag(loff_t > > > > > pos) > > > > > { > > > > > return ((pos - UBLKSRV_IO_BUF_OFFSET) >> UBLK_TAG_OFF) & > > > > > UBLK_TAG_BITS_MASK; > > > > > } > > > > > > > > > > +static inline bool ublk_pos_is_integrity(loff_t pos) > > > > > +{ > > > > > + return !!((pos - UBLKSRV_IO_BUF_OFFSET) & > > > > > UBLKSRV_IO_INTEGRITY_FLAG); > > > > > +} > > > > > + > > > > > > > > It could be more readable to check UBLKSRV_IO_INTEGRITY_FLAG only. > > > > > > That's assuming that UBLK_TAG_BITS = 16 has more bits than are > > > strictly required by UBLK_MAX_QUEUE_DEPTH = 4096? Otherwise, adding > > > UBLKSRV_IO_BUF_OFFSET = 1 << 31 to tag << UBLK_TAG_OFF could overflow > > > into the QID bits, which could then overflow into > > > UBLKSRV_IO_INTEGRITY_FLAG. That seems like a very fragile assumption. > > > And if you want to rely on this assumption, why bother subtracting > > > UBLKSRV_IO_BUF_OFFSET in ublk_pos_to_hwq() either? The compiler should > > > easily be able to deduplicate the iocb->ki_pos - UBLKSRV_IO_BUF_OFFSET > > > computations, so I can't imagine it matters for performance. > > > > UBLKSRV_IO_INTEGRITY_FLAG should be defined as one flag starting from top > > bit(bit 62), then you will see it is just fine to check it directly. > > > > But it isn't a big deal to subtract UBLKSRV_IO_BUF_OFFSET or not here, I > > will leave it to you. > > > > > > > > > > > > > > static void ublk_dev_param_basic_apply(struct ublk_device *ub) > > > > > { > > > > > const struct ublk_param_basic *p = &ub->params.basic; > > > > > > > > > > if (p->attrs & UBLK_ATTR_READ_ONLY) > > > > > @@ -1047,10 +1052,37 @@ static size_t ublk_copy_user_pages(const > > > > > struct request *req, > > > > > break; > > > > > } > > > > > return done; > > > > > } > > > > > > > > > > +#ifdef CONFIG_BLK_DEV_INTEGRITY > > > > > +static size_t ublk_copy_user_integrity(const struct request *req, > > > > > + unsigned offset, struct iov_iter *uiter, int dir) > > > > > +{ > > > > > + size_t done = 0; > > > > > + struct bio *bio = req->bio; > > > > > + struct bvec_iter iter; > > > > > + struct bio_vec iv; > > > > > + > > > > > + if (!blk_integrity_rq(req)) > > > > > + return 0; > > > > > + > > > > > + bio_for_each_integrity_vec(iv, bio, iter) { > > > > > + if (!ublk_copy_user_bvec(&iv, &offset, uiter, dir, > > > > > &done)) > > > > > + break; > > > > > + } > > > > > + > > > > > + return done; > > > > > +} > > > > > +#else /* #ifdef CONFIG_BLK_DEV_INTEGRITY */ > > > > > +static size_t ublk_copy_user_integrity(const struct request *req, > > > > > + unsigned offset, struct iov_iter *uiter, int dir) > > > > > +{ > > > > > + return 0; > > > > > +} > > > > > +#endif /* #ifdef CONFIG_BLK_DEV_INTEGRITY */ > > > > > + > > > > > static inline bool ublk_need_map_req(const struct request *req) > > > > > { > > > > > return ublk_rq_has_data(req) && req_op(req) == REQ_OP_WRITE; > > > > > } > > > > > > > > > > @@ -2654,10 +2686,12 @@ ublk_user_copy(struct kiocb *iocb, struct > > > > > iov_iter *iter, int dir) > > > > > { > > > > > struct ublk_device *ub = iocb->ki_filp->private_data; > > > > > struct ublk_queue *ubq; > > > > > struct request *req; > > > > > struct ublk_io *io; > > > > > + unsigned data_len; > > > > > + bool is_integrity; > > > > > size_t buf_off; > > > > > u16 tag, q_id; > > > > > ssize_t ret; > > > > > > > > > > if (!user_backed_iter(iter)) > > > > > @@ -2667,10 +2701,11 @@ ublk_user_copy(struct kiocb *iocb, struct > > > > > iov_iter *iter, int dir) > > > > > return -EACCES; > > > > > > > > > > tag = ublk_pos_to_tag(iocb->ki_pos); > > > > > q_id = ublk_pos_to_hwq(iocb->ki_pos); > > > > > buf_off = ublk_pos_to_buf_off(iocb->ki_pos); > > > > > + is_integrity = ublk_pos_is_integrity(iocb->ki_pos); > > > > > > > > UBLKSRV_IO_INTEGRITY_FLAG can be set for device without > > > > UBLK_F_INTEGRITY, > > > > so UBLK_F_INTEGRITY need to be checked in case of `is_integrity`. > > > > > > If UBLK_F_INTEGRITY isn't set, then UBLK_PARAM_TYPE_INTEGRITY isn't > > > allowed, so the ublk device won't support integrity data. Therefore, > > > blk_integrity_rq() will return false and ublk_copy_user_integrity() > > > will just return 0. Do you think it's important to return some error > > > code value instead? I would rather avoid the additional checks in the > > > hot path. > > > > The check could be zero cost, but better to fail the wrong usage than > > returning 0 silently, which may often imply big issue. > > Not sure what you mean by "the check could be zero cost". It's 2 > branches to check for UBLK_F_INTEGRITY in the ublk_device flags and to > check is_integrity. Even if the branches are predictable (and the > is_integrity one might not be), there's still some cost for computing > the conditions and taking up space in the branch history table.
ub->dev_info.nr_hw_queues is fetched for validating `q_id`, so ub->dev_info.flags is always hit from the same cache line. > A ublk server should already be checking that the return value from > the user copy syscall matches the passed in length. Otherwise, the > request's data was shorter than expected or a fault occurred while > accessing the userspace buffer. But if you feel strongly, I'll add an > explicit -EINVAL return code. It is absolutely userspace fault or bug, I think it is better to fast fail. Otherwise, it has to be documented clearly. Thanks, Ming
