diff options
| author | Luis Henriques <luis@igalia.com> | 2025-03-06 11:12:18 +0000 |
|---|---|---|
| committer | Christian Brauner <brauner@kernel.org> | 2025-03-19 14:00:11 +0100 |
| commit | d55011469b41d9da6c06cb1c4a4da7a87fe155bc (patch) | |
| tree | 36778d40dccf1051aa1b88f4a0683b537ddd659c /net/lapb/lapb_timer.c | |
| parent | 613218fc74b32095152275fc11d5ab8e3f05d5e8 (diff) | |
| download | linux-d55011469b41d9da6c06cb1c4a4da7a87fe155bc.tar.gz linux-d55011469b41d9da6c06cb1c4a4da7a87fe155bc.tar.bz2 linux-d55011469b41d9da6c06cb1c4a4da7a87fe155bc.zip | |
fuse: fix possible deadlock if rings are never initialized
When mounting a user-space filesystem using io_uring, the initialization
of the rings is done separately in the server side. If for some reason
(e.g. a server bug) this step is not performed it will be impossible to
unmount the filesystem if there are already requests waiting.
This issue is easily reproduced with the libfuse passthrough_ll example,
if the queue depth is set to '0' and a request is queued before trying to
unmount the filesystem. When trying to force the unmount, fuse_abort_conn()
will try to wake up all tasks waiting in fc->blocked_waitq, but because the
rings were never initialized, fuse_uring_ready() will never return 'true'.
Fixes: 3393ff964e0f ("fuse: block request allocation until io-uring init is complete")
Signed-off-by: Luis Henriques <luis@igalia.com>
Link: https://lore.kernel.org/r/20250306111218.13734-1-luis@igalia.com
Acked-by: Miklos Szeredi <mszeredi@redhat.com>
Reviewed-by: Bernd Schubert <bschubert@ddn.com>
Signed-off-by: Christian Brauner <brauner@kernel.org>
Diffstat (limited to 'net/lapb/lapb_timer.c')
0 files changed, 0 insertions, 0 deletions