git.ipfire.org Git - thirdparty/kernel/linux.git/commit

author	T.J. Mercier <tjmercier@google.com>
	Thu, 4 Dec 2025 00:03:47 +0000 (16:03 -0800)
committer	Alexei Starovoitov <ast@kernel.org>
	Wed, 10 Dec 2025 07:48:34 +0000 (23:48 -0800)
commit	234483565dbb2b264fdd165927c89fbf3ecf4733
tree	b121255437d87083eafa9edbd3a5ef2424eb27b5	tree
parent	297c3fba9d766b52b6b8e99fa53f0a85c5902909	commit \| diff

bpf: Fix truncated dmabuf iterator reads

If there is a large number (hundreds) of dmabufs allocated, the text
output generated from dmabuf_iter_seq_show can exceed common user buffer
sizes (e.g. PAGE_SIZE) necessitating multiple start/stop cycles to
iterate through all dmabufs. However the dmabuf iterator currently
returns NULL in dmabuf_iter_seq_start for all non-zero pos values, which
results in the truncation of the output before all dmabufs are handled.

After dma_buf_iter_begin / dma_buf_iter_next, the refcount of the buffer
is elevated so that the BPF iterator program can run without holding any
locks. When a stop occurs, instead of immediately dropping the reference
on the buffer, stash a pointer to the buffer in seq->priv until
either start is called or the iterator is released. This also enables
the resumption of iteration without first walking through the list of
dmabufs based on the pos value.

Fixes: 76ea95534995 ("bpf: Add dmabuf iterator")
Signed-off-by: T.J. Mercier <tjmercier@google.com>
Link: https://lore.kernel.org/r/20251204000348.1413593-1-tjmercier@google.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>