> From: Nicolin Chen <[email protected]> > Sent: Tuesday, June 2, 2026 4:43 AM > > Bugs were found in iommufd_veventq/fault_fops_read(), where userspace > may: > - Receive a corrupted byte stream after a partial copy_to_user > - Spin in a poll/read loop when reading with an undersized buffer > - Miss notifications when the kernel cannot allocate a lost-events copy > - Receive duplicate faults with stale cookies after a mid-group failure > - Cause the kernel to retry the same failed copy_to_user indefinitely > > Fix them, then add selftest coverage for the vEVENTQ count validation. >
for the whole series: Reviewed-by: Kevin Tian <[email protected]>
