From: Jens Axboe <axboe@xxxxxxxxx>
commit ed7eb2592286ead7d3bfdf8adf65e65392167cc4 upstream.
We can't support IOPOLL with non-pollable request types, and we should
check for unused/reserved fields like we do for other request types.
Fixes: 80a261fd0032 ("io_uring: add support for IORING_OP_RENAMEAT")
Cc: stable@xxxxxxxxxxxxxxx
Reported-by: Dmitry Kadashev <dkadashev@xxxxxxxxx>
Signed-off-by: Jens Axboe <axboe@xxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
fs/io_uring.c | 4 ++++
1 file changed, 4 insertions(+)
--- a/fs/io_uring.c
+++ b/fs/io_uring.c
@@ -3497,6 +3497,10 @@ static int io_renameat_prep(struct io_ki
struct io_rename *ren = &req->rename;
const char __user *oldf, *newf;
+ if (unlikely(req->ctx->flags & IORING_SETUP_IOPOLL))
+ return -EINVAL;
+ if (sqe->ioprio || sqe->buf_index)
+ return -EINVAL;
if (unlikely(req->flags & REQ_F_FIXED_FILE))
return -EBADF;
