> --- a/drivers/tty/tty_io.c > +++ b/drivers/tty/tty_io.c > @@ -961,6 +961,9 @@ static inline ssize_t do_tty_write( > ret = write(tty, file, tty->write_buf, size); > if (ret <= 0) > break; > + /* ttyprintk historical oddity */ > + if (ret > size) > + break; > > /* FIXME! Have Al check this! */ > if (ret != size) > > in there. Because right now we clearly do strange and not-so-wonderful > things if the write routine returns a bigger value than it was > passed.. Not limited to that iov_iter_revert() thing, but the whole > loop. > > Comments?
Just want to comment that this fix is correct (tested), rather than what I did [1] to return abruptly in the beginning of do_tty_write() for write(fd, NULL, 0) case. Let me know if I can prepare a patch with Linus's fix above. [1] https://lore.kernel.org/lkml/20210217155536.2986178-1-snovit...@gmail.com --- a/drivers/tty/tty_io.c +++ b/drivers/tty/tty_io.c @@ -905,6 +905,9 @@ static inline ssize_t do_tty_write( ssize_t ret, written = 0; unsigned int chunk; + if (!count) + return -EFAULT; + ret = tty_write_lock(tty, file->f_flags & O_NDELAY); if (ret < 0) return ret;
