From: Henry Huang <henry.hj@antgroup.com>
Date: Sun, 22 Dec 2024 15:43:16 +0000 (+0800)
Subject: sched_ext: initialize kit->cursor.flags
X-Git-Tag: v6.13-rc6~5^2~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=35bf430e08a18fdab6eb94492a06d9ad14c6179b;p=thirdparty%2Flinux.git

sched_ext: initialize kit->cursor.flags

struct bpf_iter_scx_dsq *it maybe not initialized.
If we didn't call scx_bpf_dsq_move_set_vtime and scx_bpf_dsq_move_set_slice
before scx_bpf_dsq_move, it would cause unexpected behaviors:
1. Assign a huge slice into p->scx.slice
2. Assign a invalid vtime into p->scx.dsq_vtime

Signed-off-by: Henry Huang <henry.hj@antgroup.com>
Fixes: 6462dd53a260 ("sched_ext: Compact struct bpf_iter_scx_dsq_kern")
Cc: stable@vger.kernel.org # v6.12
Signed-off-by: Tejun Heo <tj@kernel.org>
---

diff --git a/kernel/sched/ext.c b/kernel/sched/ext.c
index 98519e6d0dcd0..19d2699cf6383 100644
--- a/kernel/sched/ext.c
+++ b/kernel/sched/ext.c
@@ -7013,7 +7013,7 @@ __bpf_kfunc int bpf_iter_scx_dsq_new(struct bpf_iter_scx_dsq *it, u64 dsq_id,
 		return -ENOENT;
 
 	INIT_LIST_HEAD(&kit->cursor.node);
-	kit->cursor.flags |= SCX_DSQ_LNODE_ITER_CURSOR | flags;
+	kit->cursor.flags = SCX_DSQ_LNODE_ITER_CURSOR | flags;
 	kit->cursor.priv = READ_ONCE(kit->dsq->seq);
 
 	return 0;