eventfd: writes must be exactly 8 bytes

ayushr2 · gvisor-bot · commit a2af0eaa5412 · 2025-10-27T15:08:55.000-07:00
Linux 6.9+ enforces that writes to eventfd must be exactly 8 bytes. Previously,
Linux allowed writes larger than 8 bytes, ignoring the extra input. See commit
d31563b5f9bb "eventfd: strictly check the count parameter of eventfd_write to
avoid inputting illegal strings"

PiperOrigin-RevId: 824690963
diff --git a/pkg/sentry/fsimpl/eventfd/eventfd.go b/pkg/sentry/fsimpl/eventfd/eventfd.go
@@ -164,7 +164,7 @@ func (efd *EventFileDescription) Read(ctx context.Context, dst usermem.IOSequenc
 
 // Write implements vfs.FileDescriptionImpl.Write.
 func (efd *EventFileDescription) Write(ctx context.Context, src usermem.IOSequence, _ vfs.WriteOptions) (int64, error) {
-	if src.NumBytes() < 8 {
+	if src.NumBytes() != 8 {
 		return 0, unix.EINVAL
 	}
 	if err := efd.write(ctx, src); err != nil {
diff --git a/test/syscalls/linux/eventfd.cc b/test/syscalls/linux/eventfd.cc
@@ -120,13 +120,19 @@ TEST(EventfdTest, IllegalPwrite) {
   EXPECT_THAT(pwrite(efd.get(), "x", 1, 0), SyscallFailsWithErrno(ESPIPE));
 }
 
-TEST(EventfdTest, BigWrite) {
+TEST(EventfdTest, BigWriteFails) {
+  // Starting Linux 6.9, big writes fail. gVisor has the newer behavior.
+  if (!IsRunningOnGvisor()) {
+    auto version = ASSERT_NO_ERRNO_AND_VALUE(GetKernelVersion());
+    SKIP_IF(version.major < 6 || (version.major == 6 && version.minor < 9));
+  }
   FileDescriptor efd =
       ASSERT_NO_ERRNO_AND_VALUE(NewEventFD(0, EFD_NONBLOCK | EFD_SEMAPHORE));
 
   uint64_t big[16];
   big[0] = 16;
-  ASSERT_THAT(write(efd.get(), big, sizeof(big)), SyscallSucceeds());
+  ASSERT_THAT(write(efd.get(), big, sizeof(big)),
+              SyscallFailsWithErrno(EINVAL));
 }
 
 TEST(EventfdTest, BigRead) {
@@ -136,22 +142,12 @@ TEST(EventfdTest, BigRead) {
   uint64_t l = 1;
   ASSERT_THAT(write(efd.get(), &l, sizeof(l)), SyscallSucceeds());
 
+  // As of writing, big reads are allowed on Linux while big writes are not.
   uint64_t big[16];
   ASSERT_THAT(read(efd.get(), big, sizeof(big)), SyscallSucceeds());
   EXPECT_EQ(big[0], 1);
 }
 
-TEST(EventfdTest, BigWriteBigRead) {
-  FileDescriptor efd =
-      ASSERT_NO_ERRNO_AND_VALUE(NewEventFD(0, EFD_NONBLOCK | EFD_SEMAPHORE));
-
-  uint64_t l[16];
-  l[0] = 16;
-  ASSERT_THAT(write(efd.get(), l, sizeof(l)), SyscallSucceeds());
-  ASSERT_THAT(read(efd.get(), l, sizeof(l)), SyscallSucceeds());
-  EXPECT_EQ(l[0], 1);
-}
-
 TEST(EventfdTest, NotifyNonZero) {
   // Waits will time out at 10 seconds.
   constexpr int kEpollTimeoutMs = 10000;

Original file line number	Diff line number	Diff line change
`@@ -164,7 +164,7 @@ func (efd *EventFileDescription) Read(ctx context.Context, dst usermem.IOSequenc`
`164`	`164`
`165`	`165`	`// Write implements vfs.FileDescriptionImpl.Write.`
`166`	`166`	`func (efd *EventFileDescription) Write(ctx context.Context, src usermem.IOSequence, _ vfs.WriteOptions) (int64, error) {`
`167`		`- if src.NumBytes() < 8 {`
	`167`	`+ if src.NumBytes() != 8 {`
`168`	`168`	`return 0, unix.EINVAL`
`169`	`169`	`}`
`170`	`170`	`if err := efd.write(ctx, src); err != nil {`