stuartl/linux-stable
1
0
Fork 0
mirror of https://kernel.googlesource.com/pub/scm/linux/kernel/git/stable/linux-stable.git synced 2025-10-16 00:03:34 +10:00
Code Issues Releases Wiki Activity
a5b7c237ea
linux-stable/io_uring
History
Jens Axboe 6b358b3adf io_uring/sqpoll: don't put task_struct on tctx setup failure 
[ Upstream commit f2320f1dd6 ]

A recent commit moved the error handling of sqpoll thread and tctx
failures into the thread itself, as part of fixing an issue. However, it
missed that tctx allocation may also fail, and that
io_sq_offload_create() does its own error handling for the task_struct
in that case.

Remove the manual task putting in io_sq_offload_create(), as
io_sq_thread() will notice that the tctx did not get setup and hence it
should put itself and exit.

Reported-by: syzbot+763e12bbf004fb1062e4@syzkaller.appspotmail.com
Fixes: ac0b8b327a ("io_uring: fix use-after-free of sq->thread in __io_uring_show_fdinfo()")
Signed-off-by: Jens Axboe <axboe@kernel.dk>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2025-06-27 11:11:42 +01:00
..
advise.c
advise.h
alloc_cache.h
cancel.c
cancel.h
epoll.c
epoll.h
eventfd.c io_uring/eventfd: ensure io_eventfd_signal() defers another RCU period 2025-01-17 13:40:58 +01:00
eventfd.h
fdinfo.c io_uring: fix use-after-free of sq->thread in __io_uring_show_fdinfo() 2025-06-19 15:32:33 +02:00
fdinfo.h
filetable.c
filetable.h
fs.c
fs.h
futex.c futex: Pass in task to futex_queue() 2025-03-22 12:54:14 -07:00
futex.h
io_uring.c io_uring: account drain memory to cgroup 2025-06-27 11:11:13 +01:00
io_uring.h
io-wq.c io_uring: fix task leak issue in io_wq_create() 2025-06-27 11:11:36 +01:00
io-wq.h
kbuf.c io_uring/kbuf: don't truncate end buffer for multiple buffer peeks 2025-06-27 11:11:36 +01:00
kbuf.h
Makefile
memmap.c
memmap.h
msg_ring.c io_uring/msg: initialise msg request opcode 2025-05-29 11:02:03 +02:00
msg_ring.h
napi.c
napi.h
net.c io_uring/net: fix io_req_post_cqe abuse by send bundle 2025-04-20 10:15:40 +02:00
net.h
nop.c
nop.h
notif.c
notif.h
opdef.c
opdef.h
openclose.c
openclose.h
poll.c io_uring/net: don't retry connect operation on EPOLLERR 2025-02-17 10:05:38 +01:00
poll.h
refs.h io_uring: always do atomic put from iowq 2025-05-02 07:59:21 +02:00
register.c io_uring: consistently use rcu semantics with sqpoll thread 2025-06-19 15:32:33 +02:00
register.h
rsrc.c io_uring/rsrc: require cloned buffers to share accounting contexts 2025-02-01 18:39:40 +01:00
rsrc.h
rw.c block: add a rq_list type 2025-04-25 10:48:06 +02:00
rw.h
slist.h
splice.c
splice.h
sqpoll.c io_uring/sqpoll: don't put task_struct on tctx setup failure 2025-06-27 11:11:42 +01:00
sqpoll.h io_uring: consistently use rcu semantics with sqpoll thread 2025-06-19 15:32:33 +02:00
statx.c
statx.h
sync.c
sync.h
tctx.c
tctx.h
timeout.c io_uring/timeout: fix multishot updates 2025-01-17 13:40:51 +01:00
timeout.h
truncate.c
truncate.h
uring_cmd.c io_uring/uring_cmd: remove dead req_has_async_data() check 2025-02-21 14:01:20 +01:00
uring_cmd.h
waitid.c io_uring/waitid: don't abuse io_tw_state 2025-02-21 14:01:20 +01:00
waitid.h
xattr.c
xattr.h