Received: by 2002:a05:6a10:6d10:0:0:0:0 with SMTP id gq16csp780989pxb;
        Tue, 12 Apr 2022 13:17:05 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJxgoTDffLkbNE/uQ4nxvjAuLjazIy2wcDDJO0x0lnlCg3EwiQT0vtNiCCaDSUIKbIc1Mdq4
X-Received: by 2002:a63:d342:0:b0:381:fd6f:4792 with SMTP id u2-20020a63d342000000b00381fd6f4792mr31412076pgi.101.1649794625379;
        Tue, 12 Apr 2022 13:17:05 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1649794625; cv=none;
        d=google.com; s=arc-20160816;
        b=F/CivHIFfgqnH0uu1mmJRc167sNS59lJn9wCThdgJX3EBrdAEKWrN2xDvEFVdXt4IT
         nJiwZVkfpeyQ+fb4VNElR6AdQ2wT0YUUFnXuuAM05MAnbewz4VnIxZJh2QGYYMY1R3gY
         DH85bIlA6T7JboMkPB/THI1rGmMNqmUI1uFlXtD0KVMlExiZehG0pO4xOT6JFNYjF/FN
         GdLojvYqQ/DKZNNJfI2htXd/MRlcCOlM2Q9WNCTO6d8MCyK5PshGEj6wkh0E7HhZMOGX
         g3m22CDvJjU46geJnKNj3FZMTxAd0ALYXcnHAKoI4bn4mcht3jsmAnybYUV6W0raRhNM
         NFLA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from
         :dkim-signature;
        bh=jpJLwlCd/Lo6d9EOp1tU7k+L8lqn56Qe1VGs4ldSBt0=;
        b=Eg57nB5NY8ReJbFKZoEy0Dy4oAtOr6u8JecLAJDuU//cw5aFwIhSOHrTyhryasX+vE
         t3pCSy3fOsaonWQN27X8WkuxVvxW3TSjSqufAQpS1+KJBqrMhcGEKZjHaM7vtTnYayUJ
         EJunJIbLLG4ga+fR1FtvEZbWRIzvvC2Kz/bUK9FES7/mmjmjp62kbTd2ALHlYoRqApI1
         OM1aTmGRuzoqCIKJL0I3KjYd/epolww54kJaRg4VOlcLo0ttP896zp/xreigg4I9luEB
         5GYcHFIilegvEpX5TKLK11NnPpFuOWjey+NHNyNl/unGhBqu9+A99VyUvIuVS46ipRaV
         N5cA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@fb.com header.s=facebook header.b=lhDW+wS1;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=fb.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [2620:137:e000::1:18])
        by mx.google.com with ESMTPS id n12-20020a63f80c000000b003816043f135si3436592pgh.810.2022.04.12.13.17.04
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 12 Apr 2022 13:17:05 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) client-ip=2620:137:e000::1:18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@fb.com header.s=facebook header.b=lhDW+wS1;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=fb.com
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by lindbergh.monkeyblade.net (Postfix) with ESMTP id CC9FF8A330;
	Tue, 12 Apr 2022 13:00:42 -0700 (PDT)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1357634AbiDLQdu (ORCPT <rfc822;42.hyeyoo@gmail.com> + 99 others);
        Tue, 12 Apr 2022 12:33:50 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37350 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S239010AbiDLQd3 (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 12 Apr 2022 12:33:29 -0400
Received: from mx0a-00082601.pphosted.com (mx0a-00082601.pphosted.com [67.231.145.42])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 879D95E16A
        for <linux-kernel@vger.kernel.org>; Tue, 12 Apr 2022 09:31:02 -0700 (PDT)
Received: from pps.filterd (m0148461.ppops.net [127.0.0.1])
        by mx0a-00082601.pphosted.com (8.16.1.2/8.16.1.2) with ESMTP id 23CF0kP2030058
        for <linux-kernel@vger.kernel.org>; Tue, 12 Apr 2022 09:31:02 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fb.com; h=from : to : cc : subject
 : date : message-id : in-reply-to : references : mime-version :
 content-transfer-encoding : content-type; s=facebook;
 bh=jpJLwlCd/Lo6d9EOp1tU7k+L8lqn56Qe1VGs4ldSBt0=;
 b=lhDW+wS1PWX7Dd5U0d5//NRgork1OIGL5UlZ3DkxJHOrEGqG+gCYCAv/SvVcEgTgQX14
 S5vwRH08+ID1Yp+Qpjf9pPxN2VXUgVs+ZNZFVvbXUwIJ+abYyVPApBmOqK8GqetsPPco
 9vESh4MnV7ZgKMqu2zzMsr+1yv428IFNEyk= 
Received: from maileast.thefacebook.com ([163.114.130.16])
        by mx0a-00082601.pphosted.com (PPS) with ESMTPS id 3fdbpj8pek-1
        (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT)
        for <linux-kernel@vger.kernel.org>; Tue, 12 Apr 2022 09:31:02 -0700
Received: from twshared14141.02.ash7.facebook.com (2620:10d:c0a8:1b::d) by
 mail.thefacebook.com (2620:10d:c0a8:82::c) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.2308.21; Tue, 12 Apr 2022 09:31:01 -0700
Received: by devbig039.lla1.facebook.com (Postfix, from userid 572232)
        id 398667456066; Tue, 12 Apr 2022 09:30:48 -0700 (PDT)
From:   Dylan Yudaken <dylany@fb.com>
To:     <io-uring@vger.kernel.org>
CC:     <axboe@kernel.dk>, <asml.silence@gmail.com>,
        <linux-kernel@vger.kernel.org>, <kernel-team@fb.com>,
        Dylan Yudaken <dylany@fb.com>
Subject: [PATCH 2/4] io_uring: verify that resv2 is 0 in io_uring_rsrc_update2
Date:   Tue, 12 Apr 2022 09:30:40 -0700
Message-ID: <20220412163042.2788062-3-dylany@fb.com>
X-Mailer: git-send-email 2.30.2
In-Reply-To: <20220412163042.2788062-1-dylany@fb.com>
References: <20220412163042.2788062-1-dylany@fb.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
X-FB-Internal: Safe
Content-Type: text/plain
X-Proofpoint-ORIG-GUID: eRMg5F3rRGAyajd58Tpyi9hUQZNAk48j
X-Proofpoint-GUID: eRMg5F3rRGAyajd58Tpyi9hUQZNAk48j
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.205,Aquarius:18.0.858,Hydra:6.0.486,FMLib:17.11.64.514
 definitions=2022-04-12_06,2022-04-12_02,2022-02-23_01
X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
	DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,
	MAILING_LIST_MULTI,RDNS_NONE,SPF_HELO_NONE,T_SCC_BODY_TEXT_LINE
	autolearn=no autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
	lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Verify that the user does not pass in anything but 0 for this field.

Fixes: 992da01aa932 ("io_uring: change registration/upd/rsrc tagging ABI"=
)
Signed-off-by: Dylan Yudaken <dylany@fb.com>
---
 fs/io_uring.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/fs/io_uring.c b/fs/io_uring.c
index 58bfa71fe3b6..e899192ffb77 100644
--- a/fs/io_uring.c
+++ b/fs/io_uring.c
@@ -6839,6 +6839,7 @@ static int io_files_update(struct io_kiocb *req, un=
signed int issue_flags)
 	up.nr =3D 0;
 	up.tags =3D 0;
 	up.resv =3D 0;
+	up.resv2 =3D 0;
=20
 	io_ring_submit_lock(ctx, needs_lock);
 	ret =3D __io_register_rsrc_update(ctx, IORING_RSRC_FILE,
@@ -11423,7 +11424,7 @@ static int io_register_files_update(struct io_rin=
g_ctx *ctx, void __user *arg,
 	memset(&up, 0, sizeof(up));
 	if (copy_from_user(&up, arg, sizeof(struct io_uring_rsrc_update)))
 		return -EFAULT;
-	if (up.resv)
+	if (up.resv || up.resv2)
 		return -EINVAL;
 	return __io_register_rsrc_update(ctx, IORING_RSRC_FILE, &up, nr_args);
 }
@@ -11437,7 +11438,7 @@ static int io_register_rsrc_update(struct io_ring=
_ctx *ctx, void __user *arg,
 		return -EINVAL;
 	if (copy_from_user(&up, arg, sizeof(up)))
 		return -EFAULT;
-	if (!up.nr || up.resv)
+	if (!up.nr || up.resv || up.resv2)
 		return -EINVAL;
 	return __io_register_rsrc_update(ctx, type, &up, up.nr);
 }
--=20
2.30.2