[tip:core/futexes] futex: additional (get|put)_futex_key() fixes
From: Darren Hart
Date: Thu Mar 12 2009 - 06:26:00 EST
Commit-ID: de87fcc124a5d4a171aa32707b3265608ebda6e7
Gitweb: http://git.kernel.org/tip/de87fcc124a5d4a171aa32707b3265608ebda6e7
Author: "Darren Hart" <dvhltc@xxxxxxxxxx>
AuthorDate: Thu, 12 Mar 2009 00:55:46 -0700
Commit: Ingo Molnar <mingo@xxxxxxx>
CommitDate: Thu, 12 Mar 2009 11:20:56 +0100
futex: additional (get|put)_futex_key() fixes
Impact: fix races
futex_requeue and futex_lock_pi still had some bad
(get|put)_futex_key() usage. This patch adds the missing
put_futex_keys() and corrects a goto in futex_lock_pi() to avoid
a double get.
Build and boot tested on a 4 way Intel x86_64 workstation.
Passes basic pthread_mutex and PI tests out of
ltp/testcases/realtime.
Signed-off-by: Darren Hart <dvhltc@xxxxxxxxxx>
Acked-by: Peter Zijlstra <peterz@xxxxxxxxxxxxx>
Cc: Rusty Russell <rusty@xxxxxxxxxxxxxxx>
LKML-Reference: <20090312075545.9856.75152.stgit@Aeon>
Signed-off-by: Ingo Molnar <mingo@xxxxxxx>
---
kernel/futex.c | 16 +++++++++++-----
1 files changed, 11 insertions(+), 5 deletions(-)
diff --git a/kernel/futex.c b/kernel/futex.c
index e6a4d72..4000454 100644
--- a/kernel/futex.c
+++ b/kernel/futex.c
@@ -802,8 +802,10 @@ retry:
ret = get_user(dummy, uaddr2);
if (ret)
- return ret;
+ goto out_put_keys;
+ put_futex_key(fshared, &key2);
+ put_futex_key(fshared, &key1);
goto retryfull;
}
@@ -878,6 +880,9 @@ retry:
if (hb1 != hb2)
spin_unlock(&hb2->lock);
+ put_futex_key(fshared, &key2);
+ put_futex_key(fshared, &key1);
+
ret = get_user(curval, uaddr1);
if (!ret)
@@ -1453,6 +1458,7 @@ retry_locked:
* exit to complete.
*/
queue_unlock(&q, hb);
+ put_futex_key(fshared, &q.key);
cond_resched();
goto retry;
@@ -1595,13 +1601,12 @@ uaddr_faulted:
ret = get_user(uval, uaddr);
if (!ret)
- goto retry;
+ goto retry_unlocked;
- if (to)
- destroy_hrtimer_on_stack(&to->timer);
- return ret;
+ goto out_put_key;
}
+
/*
* Userspace attempted a TID -> 0 atomic transition, and failed.
* This is the in-kernel slowpath: we look up the PI state (if any),
@@ -1705,6 +1710,7 @@ pi_faulted:
}
ret = get_user(uval, uaddr);
+ put_futex_key(fshared, &key);
if (!ret)
goto retry;
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/