From 58b08fa7c7fb51b04957aad838ff17dc7c8cec2e Mon Sep 17 00:00:00 2001 From: jprx Date: Thu, 28 Apr 2022 12:10:08 -0400 Subject: [PATCH] Add second version after incorporating feedback --- ...x-uninitialized-field-in-rw-io_kiocb.patch | 29 +++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 io_uring_uninit_memory/0001-io_uring-fix-uninitialized-field-in-rw-io_kiocb.patch diff --git a/io_uring_uninit_memory/0001-io_uring-fix-uninitialized-field-in-rw-io_kiocb.patch b/io_uring_uninit_memory/0001-io_uring-fix-uninitialized-field-in-rw-io_kiocb.patch new file mode 100644 index 0000000..c70b6c7 --- /dev/null +++ b/io_uring_uninit_memory/0001-io_uring-fix-uninitialized-field-in-rw-io_kiocb.patch @@ -0,0 +1,29 @@ +From e3b2387b7aadfeb2e21eb159b8c44110f7a61768 Mon Sep 17 00:00:00 2001 +From: Joseph Ravichandran +Date: Thu, 28 Apr 2022 11:05:04 -0400 +Subject: [PATCH] io_uring: fix uninitialized field in rw io_kiocb + +io_rw_init_file does not initialize kiocb->private, so when iocb_bio_iopoll +reads kiocb->private it can contain uninitialized data. + +Fixes: 3e08773c3841 ("block: switch polling to be bio based") +Signed-off-by: Joseph Ravichandran +--- + fs/io_uring.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/fs/io_uring.c b/fs/io_uring.c +index 7625b29153b9..a16f2d758379 100644 +--- a/fs/io_uring.c ++++ b/fs/io_uring.c +@@ -3783,6 +3783,7 @@ static int io_rw_init_file(struct io_kiocb *req, fmode_t mode) + if (!(kiocb->ki_flags & IOCB_DIRECT) || !file->f_op->iopoll) + return -EOPNOTSUPP; + ++ kiocb->private = NULL; + kiocb->ki_flags |= IOCB_HIPRI | IOCB_ALLOC_CACHE; + kiocb->ki_complete = io_complete_rw_iopoll; + req->iopoll_completed = 0; +-- +2.25.1 +