userfaultfd: require UFFDIO_API before other ioctls

Orabug: 21685254

UFFDIO_API was already forced before read/poll could work.  This makes the
code more strict to force it also for all other ioctls.

All users would already have been required to call UFFDIO_API before
invoking other ioctls but this makes it more explicit.

This will ensure we can change all ioctls (all but UFFDIO_API/struct
uffdio_api) with a bump of uffdio_api.api.

There's no actual plan or need to change the API or the ioctl, the current
API already should cover fine even the non cooperative usage, but this is
just for the longer term future just in case.

Signed-off-by: Andrea Arcangeli <aarcange@redhat.com>
Cc: Pavel Emelyanov <xemul@parallels.com>
Cc: Dave Hansen <dave.hansen@intel.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
(cherry picked from commit e6485a47b758cae04a496764a1095961ee3249e4)
Signed-off-by: Mike Kravetz <mike.kravetz@oracle.com>
Reviewed-by: Dhaval Giani <dhaval.giani@oracle.com>
Signed-off-by: Dhaval Giani <dhaval.giani@oracle.com>

diff --git a/fs/userfaultfd.c b/fs/userfaultfd.c
index c020f96f06d6c26c74e289261b7cbde0e64f9997..45847215c7c2914bb89692a88607df600471d549 100644 (file)
--- a/fs/userfaultfd.c
+++ b/fs/userfaultfd.c
@@ -577,7 +577,6 @@ static ssize_t userfaultfd_read(struct file *file, char __user *buf,
 
        if (ctx->state == UFFD_STATE_WAIT_API)
                return -EINVAL;
-       BUG_ON(ctx->state != UFFD_STATE_RUNNING);
 
        for (;;) {
                if (count < sizeof(msg))
@@ -1115,6 +1114,9 @@ static long userfaultfd_ioctl(struct file *file, unsigned cmd,
        int ret = -EINVAL;
        struct userfaultfd_ctx *ctx = file->private_data;
 
+       if (cmd != UFFDIO_API && ctx->state == UFFD_STATE_WAIT_API)
+               return -EINVAL;
+
        switch(cmd) {
        case UFFDIO_API:
                ret = userfaultfd_api(ctx, arg);