io_uring/fdinfo: lock SQ thread while retrieving thread cpu/pid
mainline inclusion from mainline-v6.7 commit 7644b1a1 category: bugfix bugzilla: 189322, https://gitee.com/src-openeuler/kernel/issues/I8BQSX CVE: CVE-2023-46862 Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7644b1a1c9a7ae8ab99175989bfc8676055edb46 -------------------------------- We could race with SQ thread exit, and if we do, we'll hit a NULL pointer dereference when the thread is cleared. Grab the SQPOLL data lock before attempting to get the task cpu and pid for fdinfo, this ensures we have a stable view of it. Cc: stable@vger.kernel.org Link: https://bugzilla.kernel.org/show_bug.cgi?id=218032 Reviewed-by:Gabriel Krisman Bertazi <krisman@suse.de> Signed-off-by:
Loading
Please sign in to comment