android/android_kernel_xiaomi_sm8450
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
5fdea4468f
android_kernel_xiaomi_sm8450/io_uring
History
Jens Axboe 5fdea4468f io_uring/net: save msghdr->msg_control for retries 
Commit cac9e4418f4cbd548ccb065b3adcafe073f7f7d2 upstream.

If the application sets ->msg_control and we have to later retry this
command, or if it got queued with IOSQE_ASYNC to begin with, then we
need to retain the original msg_control value. This is due to the net
stack overwriting this field with an in-kernel pointer, to copy it
in. Hitting that path for the second time will now fail the copy from
user, as it's attempting to copy from a non-user address.

Cc: stable@vger.kernel.org # 5.10+
Link: https://github.com/axboe/liburing/issues/880
Reported-and-tested-by: Marek Majkowski <marek@cloudflare.com>
Signed-off-by: Jens Axboe <axboe@kernel.dk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2023-06-28 10:28:09 +02:00
..
io_uring.c io_uring/net: save msghdr->msg_control for retries 2023-06-28 10:28:09 +02:00
io-wq.c io_uring: don't gate task_work run on TIF_NOTIFY_SIGNAL 2023-01-24 07:19:56 +01:00
io-wq.h
Makefile