commit: b9f90f2007fe034ccf58b3e0f0319d2f6bb8137e Author: Mike Pagano <mpagano <AT> gentoo <DOT> org> AuthorDate: Tue Apr 29 17:26:05 2025 +0000 Commit: Mike Pagano <mpagano <AT> gentoo <DOT> org> CommitDate: Tue Apr 29 17:26:05 2025 +0000 URL: https://gitweb.gentoo.org/proj/linux-patches.git/commit/?id=b9f90f20
eventpoll: Prevent hang in epoll_wait Bug: https://bugs.gentoo.org/954806 Signed-off-by: Mike Pagano <mpagano <AT> gentoo.org> 0000_README | 4 ++ 1900_eventpoll-Prevent-hang-in-epoll-wait.patch | 51 +++++++++++++++++++++++++ 2 files changed, 55 insertions(+) diff --git a/0000_README b/0000_README index ec88ba02..623e5a70 100644 --- a/0000_README +++ b/0000_README @@ -74,6 +74,10 @@ Patch: 1740_x86-insn-decoder-test-allow-longer-symbol-names.patch From: https://gitlab.com/cki-project/kernel-ark/-/commit/8d4a52c3921d278f27241fc0c6949d8fdc13a7f5 Desc: x86/insn_decoder_test: allow longer symbol-names +Patch: 1900_eventpoll-Prevent-hang-in-epoll-wait.patch +From: https://lore.kernel.org/linux-fsdevel/[email protected]/T/#u +Desc: eventpoll: Prevent hang in epoll_wait + Patch: 2000_BT-Check-key-sizes-only-if-Secure-Simple-Pairing-enabled.patch From: https://lore.kernel.org/linux-bluetooth/[email protected]/raw Desc: Bluetooth: Check key sizes only when Secure Simple Pairing is enabled. See bug #686758 diff --git a/1900_eventpoll-Prevent-hang-in-epoll-wait.patch b/1900_eventpoll-Prevent-hang-in-epoll-wait.patch new file mode 100644 index 00000000..7f1e543a --- /dev/null +++ b/1900_eventpoll-Prevent-hang-in-epoll-wait.patch @@ -0,0 +1,51 @@ +From git@z Thu Jan 1 00:00:00 1970 +Subject: [PATCH] eventpoll: Prevent hang in epoll_wait +From: Joe Damato <[email protected]> +Date: Tue, 29 Apr 2025 15:34:19 +0000 +Message-Id: <[email protected]> +MIME-Version: 1.0 +Content-Type: text/plain; charset="utf-8" +Content-Transfer-Encoding: 7bit + +In commit 0a65bc27bd64 ("eventpoll: Set epoll timeout if it's in the +future"), a bug was introduced causing the loop in ep_poll to hang under +certain circumstances. + +When the timeout is non-NULL and ep_schedule_timeout returns false, the +flag timed_out was not set to true. This causes a hang. + +Adjust the logic and set timed_out, if needed, fixing the original code. + +Reported-by: Christian Brauner <[email protected]> +Closes: https://lore.kernel.org/linux-fsdevel/20250426-haben-redeverbot-0b58878ac722@brauner/ +Reported-by: Mike Pagano <[email protected]> +Closes: https://bugs.gentoo.org/954806 +Reported-by: Carlos Llamas <[email protected]> +Closes: https://lore.kernel.org/linux-fsdevel/[email protected]/ +Fixes: 0a65bc27bd64 ("eventpoll: Set epoll timeout if it's in the future") +Tested-by: Carlos Llamas <[email protected]> +Signed-off-by: Joe Damato <[email protected]> +--- + fs/eventpoll.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/fs/eventpoll.c b/fs/eventpoll.c +index 4bc264b854c4..1a5d1147f082 100644 +--- a/fs/eventpoll.c ++++ b/fs/eventpoll.c +@@ -2111,7 +2111,9 @@ static int ep_poll(struct eventpoll *ep, struct epoll_event __user *events, + + write_unlock_irq(&ep->lock); + +- if (!eavail && ep_schedule_timeout(to)) ++ if (!ep_schedule_timeout(to)) ++ timed_out = 1; ++ else if (!eavail) + timed_out = !schedule_hrtimeout_range(to, slack, + HRTIMER_MODE_ABS); + __set_current_state(TASK_RUNNING); + +base-commit: f520bed25d17bb31c2d2d72b0a785b593a4e3179 +-- +2.43.0 +
