UPSTREAM: io_uring/poll: serialize poll linked timer start with poll removal
Commit ef7dfac5 upstream. We selectively grab the ctx->uring_lock for poll update/removal, but we really should grab it from the start to fully synchronize with linked timeouts. Normally this is indeed the case, but if requests are forced async by the application, we don't fully cover removal and timer disarm within the uring_lock. Make this simpler by having consistent locking state for poll removal. Bug: 290270326 Cc: stable@vger.kernel.org # 6.1+ Reported-by:Querijn Voet <querijnqyn@gmail.com> Signed-off-by:
Jens Axboe <axboe@kernel.dk> Signed-off-by:
Greg Kroah-Hartman <gregkh@linuxfoundation.org> (cherry picked from commit 24f47376) Signed-off-by:
Lee Jones <joneslee@google.com> Change-Id: I6632b7d78493b0dfc0fb26204d34823045c03f72
Loading
Please sign in to comment