io_uring: check for valid register opcode earlier

[ Upstream commit 343190841a1f22b96996d9f8cfab902a4d1bfd0e ]

We only check the register opcode value inside the restricted ring
section, move it into the main io_uring_register() function instead
and check it up front.

Signed-off-by: Jens Axboe <axboe@kernel.dk>
Signed-off-by: Sasha Levin <sashal@kernel.org>

diff --git a/io_uring/io_uring.c b/io_uring/io_uring.c
index 71f1cab..1bc68df 100644 (file)
--- a/io_uring/io_uring.c
+++ b/io_uring/io_uring.c
@@ -3897,8 +3897,6 @@ static int __io_uring_register(struct io_ring_ctx *ctx, unsigned opcode,
                return -EEXIST;
 
        if (ctx->restricted) {
-               if (opcode >= IORING_REGISTER_LAST)
-                       return -EINVAL;
                opcode = array_index_nospec(opcode, IORING_REGISTER_LAST);
                if (!test_bit(opcode, ctx->restrictions.register_op))
                        return -EACCES;
@@ -4054,6 +4052,9 @@ SYSCALL_DEFINE4(io_uring_register, unsigned int, fd, unsigned int, opcode,
        long ret = -EBADF;
        struct fd f;
 
+       if (opcode >= IORING_REGISTER_LAST)
+               return -EINVAL;
+
        f = fdget(fd);
        if (!f.file)
                return -EBADF;