io_uring: fix personality idr leak

mainline inclusion from mainline-5.6-rc4 commit 41726c9a category: feature bugzilla: https://bugzilla.openeuler.org/show_bug.cgi?id=27 CVE: NA --------------------------- We somehow never free the idr, even though we init it for every ctx. Free it when the rest of the ring data is freed. Fixes: 071698e1 ("io_uring: allow registering credentials") Reviewed-by: N Stefano Garzarella <sgarzare@redhat.com> Signed-off-by: N Jens Axboe <axboe@kernel.dk> Signed-off-by: N yangerkun <yangerkun@huawei.com> Reviewed-by: N zhangyi (F) <yi.zhang@huawei.com> Signed-off-by: N Cheng Jian <cj.chengjian@huawei.com>

io_uring: fix personality idr leak
mainline inclusion from mainline-5.6-rc4 commit 41726c9a category: feature bugzilla: https://bugzilla.openeuler.org/show_bug.cgi?id=27 CVE: NA --------------------------- We somehow never free the idr, even though we init it for every ctx. Free it when the rest of the ring data is freed. Fixes: 071698e1 ("io_uring: allow registering credentials") Reviewed-by: N Stefano Garzarella <sgarzare@redhat.com> Signed-off-by: N Jens Axboe <axboe@kernel.dk> Signed-off-by: N yangerkun <yangerkun@huawei.com> Reviewed-by: N zhangyi (F) <yi.zhang@huawei.com> Signed-off-by: N Cheng Jian <cj.chengjian@huawei.com>
e3f99e80 · Jens Axboe · Cheng Jian · 8d600e63 · e3f99e80
隐藏空白更改
内联并排

Showing with 1 addition and 0 deletion

fs/io_uring.c fs/io_uring.c +1 -0

未找到文件。
--- a/fs/io_uring.c
+++ b/fs/io_uring.c
@@ -6274,6 +6274,7 @@ static void io_ring_ctx_free(struct io_ring_ctx *ctx)
 	io_sqe_buffer_unregister(ctx);
 	io_sqe_files_unregister(ctx);
 	io_eventfd_unregister(ctx);
+	idr_destroy(&ctx->personality_idr);
 #if defined(CONFIG_UNIX)
 	if (ctx->ring_sock) {