io_uring/kbuf: hold io_buffer_list reference over mmap

Linux kernel 安全漏洞

io_uring/kbuf: 在mmap时保持io_buffer_list引用

In the Linux kernel, the following vulnerability has been resolved: io_uring/kbuf: hold io_buffer_list reference over mmap If we look up the kbuf, ensure that it doesn't get unregistered until after we're done with it. Since we're inside mmap, we cannot safely use the io_uring lock. Rely on the fact that we can lookup the buffer list under RCU now and grab a reference to it, preventing it from being unregistered until we're done with it. The lookup returns the io_buffer_list directly with it referenced.

Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞，该漏洞源于无法安全地使用 io_uring 锁。

在Linux内核中，已解决以下漏洞： io_uring/kbuf: 在mmap中持有io_buffer_list引用 如果查找kbuf，确保在我们完成使用它之前，它不会被注销。既然我们在mmap内，我们无法安全地使用io_uring锁。依赖于现在可以在RCU下查找缓冲区列表，并获取其引用，从而防止在我们完成使用它之前被注销。查找直接返回io_buffer_list，其中引用了它。