* [PATCH] io_uring: don't check unrelated req->open.how in accept request
@ 2022-03-14 23:29 Jens Axboe
0 siblings, 0 replies; only message in thread
From: Jens Axboe @ 2022-03-14 23:29 UTC (permalink / raw)
To: io-uring; +Cc: Pavel Begunkov
Looks like a victim of too much copy/paste, we should not be looking
at req->open.how in accept. The point is to check CLOEXEC and error
out, which we don't invalid direct descriptors on exec. Hence any
attempt to get a direct descriptor with CLOEXEC is invalid.
No harm is done here, outside of potentially causing a spurious -EINVAL
for direct accept requests.
Fixes: aaa4db12ef7b ("io_uring: accept directly into fixed file table")
Signed-off-by: Jens Axboe <[email protected]>
---
diff --git a/fs/io_uring.c b/fs/io_uring.c
index 4715980e9015..fbbd8ae44f88 100644
--- a/fs/io_uring.c
+++ b/fs/io_uring.c
@@ -5258,8 +5258,7 @@ static int io_accept_prep(struct io_kiocb *req, const struct io_uring_sqe *sqe)
accept->nofile = rlimit(RLIMIT_NOFILE);
accept->file_slot = READ_ONCE(sqe->file_index);
- if (accept->file_slot && ((req->open.how.flags & O_CLOEXEC) ||
- (accept->flags & SOCK_CLOEXEC)))
+ if (accept->file_slot && (accept->flags & SOCK_CLOEXEC))
return -EINVAL;
if (accept->flags & ~(SOCK_CLOEXEC | SOCK_NONBLOCK))
return -EINVAL;
--
Jens Axboe
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2022-03-14 23:29 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2022-03-14 23:29 [PATCH] io_uring: don't check unrelated req->open.how in accept request Jens Axboe
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox