This is a note to let you know that I've just added the patch titled
io_uring: hold uring mutex around poll removal
to the 5.15-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
io_uring-hold-uring-mutex-around-poll-removal.patch
and it can be found in the queue-5.15 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.
>From 3f1f052a5f8e2f9c568c4e0a34057b9049e948d9 Mon Sep 17 00:00:00 2001
From: Jens Axboe <axboe@xxxxxxxxx>
Date: Fri, 16 Jun 2023 21:12:06 -0600
Subject: io_uring: hold uring mutex around poll removal
From: Jens Axboe <axboe@xxxxxxxxx>
Snipped from commit 9ca9fb24d5febccea354089c41f96a8ad0d853f8 upstream.
While reworking the poll hashing in the v6.0 kernel, we ended up
grabbing the ctx->uring_lock in poll update/removal. This also fixed
a bug with linked timeouts racing with timeout expiry and poll
removal.
Bring back just the locking fix for that.
Reported-and-tested-by: Querijn Voet <querijnqyn@xxxxxxxxx>
Signed-off-by: Jens Axboe <axboe@xxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
io_uring/io_uring.c | 3 +++
1 file changed, 3 insertions(+)
--- a/io_uring/io_uring.c
+++ b/io_uring/io_uring.c
@@ -6111,6 +6111,8 @@ static int io_poll_update(struct io_kioc
struct io_kiocb *preq;
int ret2, ret = 0;
+ io_ring_submit_lock(ctx, !(issue_flags & IO_URING_F_NONBLOCK));
+
spin_lock(&ctx->completion_lock);
preq = io_poll_find(ctx, req->poll_update.old_user_data, true);
if (!preq || !io_poll_disarm(preq)) {
@@ -6142,6 +6144,7 @@ out:
req_set_fail(req);
/* complete update request, we're done with it */
io_req_complete(req, ret);
+ io_ring_submit_unlock(ctx, !(issue_flags & IO_URING_F_NONBLOCK));
return 0;
}
Patches currently in stable-queue which might be from axboe@xxxxxxxxx are
queue-5.15/io_uring-hold-uring-mutex-around-poll-removal.patch
