[PATCH] Make futex waiters take an mm or inode reference

From: Jamie Lokier
Date: Mon Sep 08 2003 - 13:21:58 EST

Next message: Jamie Lokier: "Re: [PATCH] Re: today's futex changes"
Previous message: Sam Ravnborg: "Re: [BK PATCH] build: config vs. everything else"
Next in thread: Jamie Lokier: "Re: [PATCH] Make futex waiters take an mm or inode reference"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Rusty Russell wrote:
> But why not solve the problem by just holding an mm reference, too?

Rusty also wrote:
> Why not make the code a *whole* lot more readable (and only marginally
> slower, if at all) by doing it in two passes: pull them off onto a
> (on-stack) list in one pass, then requeue them all in another.

This patch makes each futex waiter hold a reference to the mm or inode
that a futex is keyed on.

This is very important, because otherwise a malicious or erroneous
program can use FUTEX_FD to create futexes on mms or inodes which are
recycled, and steal wakeups from other, unrelated programs.

It isn't entirely trivial, because we can't call mmdrop() or iput()
while holding the spinlock, I think. (Does someone know to the
contrary?) Rusty, you will be glad to see that I have reimplemented
futex_requeue() exactly as you suggest: in two passes.

Ulrich will be glad to hear tst-cond2 runs just fine :)

Linus, please apply unless there are objections.

Thanks,
-- Jamie
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Jamie Lokier: "Re: [PATCH] Re: today's futex changes"
Previous message: Sam Ravnborg: "Re: [BK PATCH] build: config vs. everything else"
Next in thread: Jamie Lokier: "Re: [PATCH] Make futex waiters take an mm or inode reference"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]