io_uring/eventfd: use ctx->rings_rcu for flags checking

Commit 177c69432161f6e4bab07ccacf8a1748a6898a6b upstream.

Similarly to what commit e78f7b70e837 did for local task work additions,
use ->rings_rcu under RCU rather than dereference ->rings directly. See
that commit for more details.

Cc: stable@vger.kernel.org
Fixes: 79cfe9e59c2a ("io_uring/register: add IORING_REGISTER_RESIZE_RINGS")
Signed-off-by: Jens Axboe <axboe@kernel.dk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

diff --git a/io_uring/eventfd.c b/io_uring/eventfd.c
index 78f8ab7db104f018a3442db35d64dcb6cdfde3ef..ab789e1ebe91e80de5c24b433a30a96f19237e2a 100644 (file)
--- a/io_uring/eventfd.c
+++ b/io_uring/eventfd.c
@@ -76,11 +76,15 @@ void io_eventfd_signal(struct io_ring_ctx *ctx, bool cqe_event)
 {
        bool skip = false;
        struct io_ev_fd *ev_fd;
-
-       if (READ_ONCE(ctx->rings->cq_flags) & IORING_CQ_EVENTFD_DISABLED)
-               return;
+       struct io_rings *rings;
 
        guard(rcu)();
+
+       rings = rcu_dereference(ctx->rings_rcu);
+       if (!rings)
+               return;
+       if (READ_ONCE(rings->cq_flags) & IORING_CQ_EVENTFD_DISABLED)
+               return;
        ev_fd = rcu_dereference(ctx->io_ev_fd);
        /*
         * Check again if ev_fd exists in case an io_eventfd_unregister call