diff options
| author | Ming Lei <ming.lei@redhat.com> | 2024-05-10 11:50:27 +0800 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2024-06-16 13:32:30 +0200 |
| commit | b6920325aca03138ef9ba759ce0d4e6fbb5c9763 (patch) | |
| tree | 63a4f4142d54135e540a5c4126621634bbfa07d6 /io_uring | |
| parent | 54e8f88d2baa104dee179ebd3c3325b93383e7d2 (diff) | |
| download | linux-stable-b6920325aca03138ef9ba759ce0d4e6fbb5c9763.tar.gz linux-stable-b6920325aca03138ef9ba759ce0d4e6fbb5c9763.tar.bz2 linux-stable-b6920325aca03138ef9ba759ce0d4e6fbb5c9763.zip | |
io_uring: fail NOP if non-zero op flags is passed in
commit 3d8f874bd620ce03f75a5512847586828ab86544 upstream.
The NOP op flags should have been checked from beginning like any other
opcode, otherwise NOP may not be extended with the op flags.
Given both liburing and Rust io-uring crate always zeros SQE op flags, just
ignore users which play raw NOP uring interface without zeroing SQE, because
NOP is just for test purpose. Then we can save one NOP2 opcode.
Suggested-by: Jens Axboe <axboe@kernel.dk>
Fixes: 2b188cc1bb85 ("Add io_uring IO interface")
Cc: stable@vger.kernel.org
Signed-off-by: Ming Lei <ming.lei@redhat.com>
Link: https://lore.kernel.org/r/20240510035031.78874-2-ming.lei@redhat.com
Signed-off-by: Jens Axboe <axboe@kernel.dk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'io_uring')
| -rw-r--r-- | io_uring/io_uring.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/io_uring/io_uring.c b/io_uring/io_uring.c index 93f9ecedc59f..47bc8fe2b945 100644 --- a/io_uring/io_uring.c +++ b/io_uring/io_uring.c @@ -6474,6 +6474,8 @@ static int io_req_prep(struct io_kiocb *req, const struct io_uring_sqe *sqe) { switch (req->opcode) { case IORING_OP_NOP: + if (READ_ONCE(sqe->rw_flags)) + return -EINVAL; return 0; case IORING_OP_READV: case IORING_OP_READ_FIXED: |