git.ipfire.org Git - thirdparty/linux.git/commit

author	Keith Busch <kbusch@kernel.org>
	Wed, 11 Jun 2025 20:53:43 +0000 (13:53 -0700)
committer	Jens Axboe <axboe@kernel.dk>
	Thu, 12 Jun 2025 14:17:09 +0000 (08:17 -0600)
commit	c538f400fae22725580842deb2bef546701b64bd
tree	99abc87d444307a7060fd281078a45746cd1f3d3	tree
parent	ac0b8b327a5677dc6fecdf353d808161525b1ff0	commit \| diff

io_uring: consistently use rcu semantics with sqpoll thread

The sqpoll thread is dereferenced with rcu read protection in one place,
so it needs to be annotated as an __rcu type, and should consistently
use rcu helpers for access and assignment to make sparse happy.

Since most of the accesses occur under the sqd->lock, we can use
rcu_dereference_protected() without declaring an rcu read section.
Provide a simple helper to get the thread from a locked context.

Fixes: ac0b8b327a5677d ("io_uring: fix use-after-free of sq->thread in __io_uring_show_fdinfo()")
Signed-off-by: Keith Busch <kbusch@kernel.org>
Link: https://lore.kernel.org/r/20250611205343.1821117-1-kbusch@meta.com
[axboe: fold in fix for register.c]
Signed-off-by: Jens Axboe <axboe@kernel.dk>

io_uring/io_uring.c		diff \| blob \| blame \| history
io_uring/register.c		diff \| blob \| blame \| history
io_uring/sqpoll.c		diff \| blob \| blame \| history
io_uring/sqpoll.h		diff \| blob \| blame \| history