On Tue, Jan 06, 2026 at 10:20:14AM -0800, Caleb Sander Mateos wrote:
> On Tue, Jan 6, 2026 at 5:34 AM Ming Lei <[email protected]> wrote:
> >
> > On Mon, Jan 05, 2026 at 05:57:41PM -0700, Caleb Sander Mateos wrote:
> > > From: Stanley Zhang <[email protected]>
> > >
> > > Add a function ublk_copy_user_integrity() to copy integrity information
> > > between a request and a user iov_iter. This mirrors the existing
> > > ublk_copy_user_pages() but operates on request integrity data instead of
> > > regular data. Check UBLKSRV_IO_INTEGRITY_FLAG in iocb->ki_pos in
> > > ublk_user_copy() to choose between copying data or integrity data.
> > >
> > > Signed-off-by: Stanley Zhang <[email protected]>
> > > [csander: change offset units from data bytes to integrity data bytes,
> > > test UBLKSRV_IO_INTEGRITY_FLAG after subtracting UBLKSRV_IO_BUF_OFFSET,
> > > fix CONFIG_BLK_DEV_INTEGRITY=n build,
> > > rebase on ublk user copy refactor]
> > > Signed-off-by: Caleb Sander Mateos <[email protected]>
> > > ---
> > > drivers/block/ublk_drv.c | 52 +++++++++++++++++++++++++++++++++--
> > > include/uapi/linux/ublk_cmd.h | 4 +++
> > > 2 files changed, 53 insertions(+), 3 deletions(-)
> > >
> > > diff --git a/drivers/block/ublk_drv.c b/drivers/block/ublk_drv.c
> > > index e44ab9981ef4..9694a4c1caa7 100644
> > > --- a/drivers/block/ublk_drv.c
> > > +++ b/drivers/block/ublk_drv.c
> > > @@ -621,10 +621,15 @@ static inline unsigned ublk_pos_to_tag(loff_t pos)
> > > {
> > > return ((pos - UBLKSRV_IO_BUF_OFFSET) >> UBLK_TAG_OFF) &
> > > UBLK_TAG_BITS_MASK;
> > > }
> > >
> > > +static inline bool ublk_pos_is_integrity(loff_t pos)
> > > +{
> > > + return !!((pos - UBLKSRV_IO_BUF_OFFSET) &
> > > UBLKSRV_IO_INTEGRITY_FLAG);
> > > +}
> > > +
> >
> > It could be more readable to check UBLKSRV_IO_INTEGRITY_FLAG only.
>
> That's assuming that UBLK_TAG_BITS = 16 has more bits than are
> strictly required by UBLK_MAX_QUEUE_DEPTH = 4096? Otherwise, adding
> UBLKSRV_IO_BUF_OFFSET = 1 << 31 to tag << UBLK_TAG_OFF could overflow
> into the QID bits, which could then overflow into
> UBLKSRV_IO_INTEGRITY_FLAG. That seems like a very fragile assumption.
> And if you want to rely on this assumption, why bother subtracting
> UBLKSRV_IO_BUF_OFFSET in ublk_pos_to_hwq() either? The compiler should
> easily be able to deduplicate the iocb->ki_pos - UBLKSRV_IO_BUF_OFFSET
> computations, so I can't imagine it matters for performance.
UBLKSRV_IO_INTEGRITY_FLAG should be defined as one flag starting from top
bit(bit 62), then you will see it is just fine to check it directly.
But it isn't a big deal to subtract UBLKSRV_IO_BUF_OFFSET or not here, I
will leave it to you.
>
> >
> > > static void ublk_dev_param_basic_apply(struct ublk_device *ub)
> > > {
> > > const struct ublk_param_basic *p = &ub->params.basic;
> > >
> > > if (p->attrs & UBLK_ATTR_READ_ONLY)
> > > @@ -1047,10 +1052,37 @@ static size_t ublk_copy_user_pages(const struct
> > > request *req,
> > > break;
> > > }
> > > return done;
> > > }
> > >
> > > +#ifdef CONFIG_BLK_DEV_INTEGRITY
> > > +static size_t ublk_copy_user_integrity(const struct request *req,
> > > + unsigned offset, struct iov_iter *uiter, int dir)
> > > +{
> > > + size_t done = 0;
> > > + struct bio *bio = req->bio;
> > > + struct bvec_iter iter;
> > > + struct bio_vec iv;
> > > +
> > > + if (!blk_integrity_rq(req))
> > > + return 0;
> > > +
> > > + bio_for_each_integrity_vec(iv, bio, iter) {
> > > + if (!ublk_copy_user_bvec(&iv, &offset, uiter, dir, &done))
> > > + break;
> > > + }
> > > +
> > > + return done;
> > > +}
> > > +#else /* #ifdef CONFIG_BLK_DEV_INTEGRITY */
> > > +static size_t ublk_copy_user_integrity(const struct request *req,
> > > + unsigned offset, struct iov_iter *uiter, int dir)
> > > +{
> > > + return 0;
> > > +}
> > > +#endif /* #ifdef CONFIG_BLK_DEV_INTEGRITY */
> > > +
> > > static inline bool ublk_need_map_req(const struct request *req)
> > > {
> > > return ublk_rq_has_data(req) && req_op(req) == REQ_OP_WRITE;
> > > }
> > >
> > > @@ -2654,10 +2686,12 @@ ublk_user_copy(struct kiocb *iocb, struct
> > > iov_iter *iter, int dir)
> > > {
> > > struct ublk_device *ub = iocb->ki_filp->private_data;
> > > struct ublk_queue *ubq;
> > > struct request *req;
> > > struct ublk_io *io;
> > > + unsigned data_len;
> > > + bool is_integrity;
> > > size_t buf_off;
> > > u16 tag, q_id;
> > > ssize_t ret;
> > >
> > > if (!user_backed_iter(iter))
> > > @@ -2667,10 +2701,11 @@ ublk_user_copy(struct kiocb *iocb, struct
> > > iov_iter *iter, int dir)
> > > return -EACCES;
> > >
> > > tag = ublk_pos_to_tag(iocb->ki_pos);
> > > q_id = ublk_pos_to_hwq(iocb->ki_pos);
> > > buf_off = ublk_pos_to_buf_off(iocb->ki_pos);
> > > + is_integrity = ublk_pos_is_integrity(iocb->ki_pos);
> >
> > UBLKSRV_IO_INTEGRITY_FLAG can be set for device without UBLK_F_INTEGRITY,
> > so UBLK_F_INTEGRITY need to be checked in case of `is_integrity`.
>
> If UBLK_F_INTEGRITY isn't set, then UBLK_PARAM_TYPE_INTEGRITY isn't
> allowed, so the ublk device won't support integrity data. Therefore,
> blk_integrity_rq() will return false and ublk_copy_user_integrity()
> will just return 0. Do you think it's important to return some error
> code value instead? I would rather avoid the additional checks in the
> hot path.
The check could be zero cost, but better to fail the wrong usage than
returning 0 silently, which may often imply big issue.
Thanks,
Ming
