From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-9.6 required=3.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH,MAILING_LIST_MULTI,SIGNED_OFF_BY, SPF_HELO_NONE,SPF_PASS,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 48624C433DF for ; Tue, 2 Jun 2020 12:35:36 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 24C9B20678 for ; Tue, 2 Jun 2020 12:35:36 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="hyOwp+Ai" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726664AbgFBMff (ORCPT ); Tue, 2 Jun 2020 08:35:35 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41462 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725940AbgFBMfc (ORCPT ); Tue, 2 Jun 2020 08:35:32 -0400 Received: from mail-wm1-x343.google.com (mail-wm1-x343.google.com [IPv6:2a00:1450:4864:20::343]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 17A44C08C5C0; Tue, 2 Jun 2020 05:35:31 -0700 (PDT) Received: by mail-wm1-x343.google.com with SMTP id q25so2970160wmj.0; Tue, 02 Jun 2020 05:35:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=llzfaOtjtxotM2PdMXaLFeIV9ii4UvCM9qWQuLi/X6s=; b=hyOwp+Ai4LWZB8TCt2mfFwhM3dCVhBttcuAAAHwioJs5bvRFwpznVtz5QXgu1zxMwR hxCjcjuWtvJ0KGMtpr3+egt4vcjC0pwCdU9zMs3g45gHNsy1HAW7BJIOfd2lzAPS/PqO +Du2vS1ywWIi5KR3XSd8wsXbzjg9f7GXixRdWYW39e96rLC7B0WsGtd+fC/CeGef+mHz XgohHBpZwPh37UydsH40Zn1iFJ/vo+BI2ZYk5lSqEwi094cUCgB665l+/Z8bZq9uyqnB pbpvwLlHCtZsPMzjcT4MKn/fqoXVLPshgyH6IJIvudpqxGhV6gwuRYfYt+3SRihSaqqj 9pBA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=llzfaOtjtxotM2PdMXaLFeIV9ii4UvCM9qWQuLi/X6s=; b=KZBVwhUj+vylOHz4FvkBYt6FV2kzHEx5jPqV2Lop8teKAulHtb1L/eaFAt+ugWCxtG ChFoQTuiuijNtypnuYONF0QSR/10uSPVys9iU7ElF7zYG+OvE1HY185ivX5HlCecFE1x CXlXPpKUaJBUcsGX3uOWEKNMIjbJAIQEWM/hFrDgcKXlWnmXEHpU2illty500y4Zsi5O pmkDMWuUk1URrSu5SYNoDFyVKIa+UJLU65s6oLDfgAh095nVx6jvGT5ghIOc3qeK4LA3 vlHcgEMc0JOqWUpdIDDq3S5da3bMnh2isi93fnBdkZGWMfcVYCaRf572AoSzJgkx3tM0 IrXA== X-Gm-Message-State: AOAM531tv1ITcEwQamn4GUyThgfhwCThg8g7XT0qby4zh4xG1nXa8ZMR q9RWPxsEf0iI+OG/sdv3O/o= X-Google-Smtp-Source: ABdhPJwN88dWWlhtGhu2sYUQ95AcNC6E4LYG7kI2bZYSZ8Qs8hglQIe3nSCEtHwWIRQnK/OARuCExg== X-Received: by 2002:a7b:c642:: with SMTP id q2mr3890931wmk.93.1591101329802; Tue, 02 Jun 2020 05:35:29 -0700 (PDT) Received: from localhost.localdomain ([5.100.193.151]) by smtp.gmail.com with ESMTPSA id z22sm3347711wmf.9.2020.06.02.05.35.28 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 02 Jun 2020 05:35:29 -0700 (PDT) From: Pavel Begunkov To: Jens Axboe , io-uring@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH 1/4] io_uring: fix open/close/statx with {SQ,IO}POLL Date: Tue, 2 Jun 2020 15:34:01 +0300 Message-Id: X-Mailer: git-send-email 2.24.0 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: io-uring-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: io-uring@vger.kernel.org Trying to use them with IORING_SETUP_IOPOLL: RIP: 0010:io_iopoll_getevents+0x111/0x5a0 Call Trace: ? _raw_spin_unlock_irqrestore+0x24/0x40 ? do_send_sig_info+0x64/0x90 io_iopoll_reap_events.part.0+0x5e/0xa0 io_ring_ctx_wait_and_kill+0x132/0x1c0 io_uring_release+0x20/0x30 __fput+0xcd/0x230 ____fput+0xe/0x10 task_work_run+0x67/0xa0 do_exit+0x353/0xb10 ? handle_mm_fault+0xd4/0x200 ? syscall_trace_enter+0x18c/0x2c0 do_group_exit+0x43/0xa0 __x64_sys_exit_group+0x18/0x20 do_syscall_64+0x60/0x1e0 entry_SYSCALL_64_after_hwframe+0x44/0xa9 Also SQPOLL thread can't know which file table to use with open/close. Disallow all these cases. Signed-off-by: Pavel Begunkov --- fs/io_uring.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/fs/io_uring.c b/fs/io_uring.c index 732ec73ec3c0..7208f91e9e77 100644 --- a/fs/io_uring.c +++ b/fs/io_uring.c @@ -2990,6 +2990,8 @@ static int io_openat_prep(struct io_kiocb *req, const struct io_uring_sqe *sqe) const char __user *fname; int ret; + if (unlikely(req->ctx->flags & (IORING_SETUP_IOPOLL|IORING_SETUP_SQPOLL))) + return -EINVAL; if (sqe->ioprio || sqe->buf_index) return -EINVAL; if (req->flags & REQ_F_FIXED_FILE) @@ -3023,6 +3025,8 @@ static int io_openat2_prep(struct io_kiocb *req, const struct io_uring_sqe *sqe) size_t len; int ret; + if (unlikely(req->ctx->flags & (IORING_SETUP_IOPOLL|IORING_SETUP_SQPOLL))) + return -EINVAL; if (sqe->ioprio || sqe->buf_index) return -EINVAL; if (req->flags & REQ_F_FIXED_FILE) @@ -3373,6 +3377,8 @@ static int io_fadvise(struct io_kiocb *req, bool force_nonblock) static int io_statx_prep(struct io_kiocb *req, const struct io_uring_sqe *sqe) { + if (unlikely(req->ctx->flags & IORING_SETUP_IOPOLL)) + return -EINVAL; if (sqe->ioprio || sqe->buf_index) return -EINVAL; if (req->flags & REQ_F_FIXED_FILE) @@ -3417,6 +3423,8 @@ static int io_close_prep(struct io_kiocb *req, const struct io_uring_sqe *sqe) */ req->work.flags |= IO_WQ_WORK_NO_CANCEL; + if (unlikely(req->ctx->flags & (IORING_SETUP_IOPOLL|IORING_SETUP_SQPOLL))) + return -EINVAL; if (sqe->ioprio || sqe->off || sqe->addr || sqe->len || sqe->rw_flags || sqe->buf_index) return -EINVAL; -- 2.24.0