From 4329490a78b66ae44a9c93e433da375284162e3d Mon Sep 17 00:00:00 2001
From: Al Viro <viro@zeniv.linux.org.uk>
Date: Wed, 11 May 2022 20:30:20 -0400
Subject: [PATCH] io_uring_enter(): don't leave f.flags uninitialized
Git-commit: 4329490a78b66ae44a9c93e433da375284162e3d
Patch-mainline: v5.19-rc1
References: bsc#1205205
simplifies logics on cleanup, as well...
Reviewed-by: Jens Axboe <axboe@kernel.dk>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Gabriel Krisman Bertazi <krisman@suse.de>
---
fs/io_uring.c | 11 +++++------
1 file changed, 5 insertions(+), 6 deletions(-)
--- a/fs/io_uring.c
+++ b/fs/io_uring.c
@@ -11204,14 +11204,14 @@ SYSCALL_DEFINE6(io_uring_enter, unsigned
return -EINVAL;
fd = array_index_nospec(fd, IO_RINGFD_REG_MAX);
f.file = tctx->registered_rings[fd];
- if (unlikely(!f.file))
- return -EBADF;
+ f.flags = 0;
} else {
f = fdget(fd);
- if (unlikely(!f.file))
- return -EBADF;
}
+ if (unlikely(!f.file))
+ return -EBADF;
+
ret = -EOPNOTSUPP;
if (unlikely(f.file->f_op != &io_uring_fops))
goto out_fput;
@@ -11309,8 +11309,7 @@ iopoll_locked:
out:
percpu_ref_put(&ctx->refs);
out_fput:
- if (!(flags & IORING_ENTER_REGISTERED_RING))
- fdput(f);
+ fdput(f);
return ret;
}