io_uring: don't recurse on tsk->sighand->siglock with signalfd
authorJens Axboe <axboe@kernel.dk>
Sun, 23 Aug 2020 17:00:37 +0000 (11:00 -0600)
committerJens Axboe <axboe@kernel.dk>
Sun, 23 Aug 2020 17:03:53 +0000 (11:03 -0600)
commitfd7d6de2241453fc7d042336d366a939a25bc5a9
treeb72bd45cda4f560cb1d3857139f62f0fdb5d0f25
parent867a23eab52847d41a0a6eae41a64d76de7782a8
io_uring: don't recurse on tsk->sighand->siglock with signalfd

If an application is doing reads on signalfd, and we arm the poll handler
because there's no data available, then the wakeup can recurse on the
tasks sighand->siglock as the signal delivery from task_work_add() will
use TWA_SIGNAL and that attempts to lock it again.

We can detect the signalfd case pretty easily by comparing the poll->head
wait_queue_head_t with the target task signalfd wait queue. Just use
normal task wakeup for this case.

Cc: stable@vger.kernel.org # v5.7+
Signed-off-by: Jens Axboe <axboe@kernel.dk>
fs/io_uring.c