io_uring/nop: ensure nop->fd is always initialized

JIRA: https://issues.redhat.com/browse/RHEL-105612

commit ee11657
Author: Jens Axboe <axboe@kernel.dk>
Date:   Thu Nov 21 07:12:17 2024 -0700

    io_uring/nop: ensure nop->fd is always initialized
    
    A previous commit added file support for nop, but it only initializes
    nop->fd if IORING_NOP_FIXED_FILE is set. That check should be
    IORING_NOP_FILE. Fix up the condition in nop preparation, and initialize
    it to a sane value even if we're not going to be directly using it.
    
    While in there, do the same thing for the nop->buffer field.
    
    Reported-by: syzbot+9a8500a45c2cabdf9577@syzkaller.appspotmail.com
    Fixes: a85f310 ("io_uring/nop: add support for testing registered files and buffers")
    Signed-off-by: Jens Axboe <axboe@kernel.dk>

Signed-off-by: Jeff Moyer <jmoyer@redhat.com>

Author: JeffMoyer

io_uring/nop.c

@@ -36,10 +36,14 @@ int io_nop_prep(struct io_kiocb *req, const struct io_uring_sqe *sqe)
 		nop->result = READ_ONCE(sqe->len);
 	else
 		nop->result = 0;
-	if (nop->flags & IORING_NOP_FIXED_FILE)
+	if (nop->flags & IORING_NOP_FILE)
 		nop->fd = READ_ONCE(sqe->fd);
+	else
+		nop->fd = -1;
 	if (nop->flags & IORING_NOP_FIXED_BUFFER)
 		nop->buffer = READ_ONCE(sqe->buf_index);
+	else
+		nop->buffer = -1;
 	return 0;
 }