On Mon, Jun 01, 2026 at 01:42:31PM -0700, Nicolin Chen wrote: > Bugs were found in iommufd_veventq/fault_fops_read(), where userspace may: > - Receive a corrupted byte stream after a partial copy_to_user > - Spin in a poll/read loop when reading with an undersized buffer > - Miss notifications when the kernel cannot allocate a lost-events copy > - Receive duplicate faults with stale cookies after a mid-group failure > - Cause the kernel to retry the same failed copy_to_user indefinitely > > Fix them, then add selftest coverage for the vEVENTQ count validation. > > This is on github: > https://github.com/nicolinc/iommufd/commits/fix_eventq_read_bugs-v1 > > Rebased on Jason's for-next tree with the veventq_depth series applied. [...] > base-commit: f25989c19028e8bf81e26e1133a99e3436c3afc2
I realized that I sent this too fast, before Jason's for-next tree is available in linux-next. So maybe this is why Sashiko failed to review. FWIW, I've done a local Sashiko review, which came out clean. But, maybe we can respin a v2 once it collects some comments and tags. Thanks Nicolin
