Commit cf3040ca authored by Jens Axboe's avatar Jens Axboe
Browse files

io_uring: statx/openat/openat2 don't support fixed files 



All of these opcodes take a directory file descriptor. We can't easily
support fixed files for these operations, and the use case for that
probably isn't all that clear (or sensible) anyway.

Disable IOSQE_FIXED_FILE for these operations.

Reported-by: default avatarStefan Metzmacher <metze@samba.org>
Signed-off-by: default avatarJens Axboe <axboe@kernel.dk>
parent 1e95081c

fs/io_uring.c

+7 −1
Original line number Diff line number Diff line
@@ -2516,6 +2516,8 @@ static int io_openat_prep(struct io_kiocb *req, const struct io_uring_sqe *sqe) 


	if (sqe->ioprio || sqe->buf_index)

		return -EINVAL;

	if (sqe->flags & IOSQE_FIXED_FILE)

		return -EBADF;



	req->open.dfd = READ_ONCE(sqe->fd);

	req->open.how.mode = READ_ONCE(sqe->len);
@@ -2541,6 +2543,8 @@ static int io_openat2_prep(struct io_kiocb *req, const struct io_uring_sqe *sqe) 


	if (sqe->ioprio || sqe->buf_index)

		return -EINVAL;

	if (sqe->flags & IOSQE_FIXED_FILE)

		return -EBADF;



	req->open.dfd = READ_ONCE(sqe->fd);

	fname = u64_to_user_ptr(READ_ONCE(sqe->addr));
@@ -2736,6 +2740,8 @@ static int io_statx_prep(struct io_kiocb *req, const struct io_uring_sqe *sqe) 


	if (sqe->ioprio || sqe->buf_index)

		return -EINVAL;

	if (sqe->flags & IOSQE_FIXED_FILE)

		return -EBADF;



	req->open.dfd = READ_ONCE(sqe->fd);

	req->open.mask = READ_ONCE(sqe->len);
@@ -2809,7 +2815,7 @@ static int io_close_prep(struct io_kiocb *req, const struct io_uring_sqe *sqe) 
	    sqe->rw_flags || sqe->buf_index)

		return -EINVAL;

	if (sqe->flags & IOSQE_FIXED_FILE)

		return -EINVAL;

		return -EBADF;



	req->close.fd = READ_ONCE(sqe->fd);

	if (req->file->f_op == &io_uring_fops ||

CRA Git | Maintained and supported by SUSTech CRA and CCSE