On Sat, Jul 31, 2021 at 08:44:33AM -0600, Jens Axboe wrote: > On 7/31/21 12:43 AM, gregkh@xxxxxxxxxxxxxxxxxxx wrote: > > > > The patch below does not apply to the 5.13-stable tree. > > If someone wants it applied there, or to any other stable or longterm > > tree, then please email the backport, including the original git commit > > id to <stable@xxxxxxxxxxxxxxx>. > > Here's a tested 5.13-stable port. > > From: Jens Axboe <axboe@xxxxxxxxx> > Subject: io_uring: fix race in unified task_work running > > commit 110aa25c3ce417a44e35990cf8ed22383277933a upstream. > > We use a bit to manage if we need to add the shared task_work, but > a list + lock for the pending work. Before aborting a current run > of the task_work we check if the list is empty, but we do so without > grabbing the lock that protects it. This can lead to races where > we think we have nothing left to run, where in practice we could be > racing with a task adding new work to the list. If we do hit that > race condition, we could be left with work items that need processing, > but the shared task_work is not active. > > Ensure that we grab the lock before checking if the list is empty, > so we know if it's safe to exit the run or not. > > Link: https://lore.kernel.org/io-uring/c6bd5987-e9ae-cd02-49d0-1b3ac1ef65b1@xxxxxxxxxxxx/ > Cc: stable@xxxxxxxxxxxxxxx # 5.11+ > Reported-by: Forza <forza@xxxxxxxxxxxx> > Tested-by: Forza <forza@xxxxxxxxxxxx> Now queued up, thanks! greg k-h
