android/android_kernel_xiaomi_sm8450
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

UPSTREAM: io_uring: hold uring mutex around poll removal

Browse Source 
Snipped from commit 9ca9fb24d5febccea354089c41f96a8ad0d853f8 upstream.

While reworking the poll hashing in the v6.0 kernel, we ended up
grabbing the ctx->uring_lock in poll update/removal. This also fixed
a bug with linked timeouts racing with timeout expiry and poll
removal.

Bring back just the locking fix for that.

Bug: 289229683
Reported-and-tested-by: Querijn Voet <querijnqyn@gmail.com>
Signed-off-by: Jens Axboe <axboe@kernel.dk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
(cherry picked from commit 0e388fce7aec40992eadee654193cad345d62663)
Signed-off-by: Lee Jones <joneslee@google.com>
Change-Id: Ife3683f26b19af1887ae1c59d3bd8b4e1700c79a
This commit is contained in:
Jens Axboe 2023-06-16 21:12:06 -06:00 committed by Treehugger Robot
parent 6a975c2771
commit be9bc79296
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
io_uring/io_uring.c
View File

@ -5976,6 +5976,8 @@ static int io_poll_update(struct io_kiocb *req, unsigned int issue_flags)
struct io_kiocb *preq;
int ret2, ret = 0;
io_ring_submit_lock(ctx, !(issue_flags & IO_URING_F_NONBLOCK));
spin_lock(&ctx->completion_lock);
preq = io_poll_find(ctx, req->poll_update.old_user_data, true);
if (!preq || !io_poll_disarm(preq)) {
@ -6007,6 +6009,7 @@ static int io_poll_update(struct io_kiocb *req, unsigned int issue_flags)
req_set_fail(req);
/* complete update request, we're done with it */
io_req_complete(req, ret);
io_ring_submit_unlock(ctx, !(issue_flags & IO_URING_F_NONBLOCK));
return 0;
}