Re: [06/11] tty: fix race in tty_fasync
From: Eric W. Biederman
Date: Tue Jan 26 2010 - 14:50:30 EST
Greg KH <gregkh@xxxxxxx> writes:
> 2.6.27-stable review patch. If anyone has any objections, please let us know.
Only that __f_setown by way of f_modown unconditionally enables interrupts. So
without touching f_modown as well in mainline we have nasty sounding lockdep warnings.
Eric
> ------------------
>
> From: Greg Kroah-Hartman <gregkh@xxxxxxx>
>
> commit 703625118069f9f8960d356676662d3db5a9d116 upstream.
>
> We need to keep the lock held over the call to __f_setown() to
> prevent a PID race.
>
> Thanks to Al Viro for pointing out the problem, and to Travis for
> making us look here in the first place.
>
> Cc: Eric W. Biederman <ebiederm@xxxxxxxxxxxx>
> Cc: Al Viro <viro@xxxxxxxxxxxxxxxxxx>
> Cc: Alan Cox <alan@xxxxxxxxxxxxxxxxxxx>
> Cc: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
> Cc: Tavis Ormandy <taviso@xxxxxxxxxx>
> Cc: Jeff Dike <jdike@xxxxxxxxxxx>
> Cc: Julien Tinnes <jln@xxxxxxxxxx>
> Cc: Matt Mackall <mpm@xxxxxxxxxxx>
> Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxx>
>
> ---
> drivers/char/tty_io.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> --- a/drivers/char/tty_io.c
> +++ b/drivers/char/tty_io.c
> @@ -2437,8 +2437,8 @@ static int tty_fasync(int fd, struct fil
> pid = task_pid(current);
> type = PIDTYPE_PID;
> }
> - spin_unlock_irqrestore(&tty->ctrl_lock, flags);
> retval = __f_setown(filp, pid, type, 0);
> + spin_unlock_irqrestore(&tty->ctrl_lock, flags);
> if (retval)
> goto out;
> } else {
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/