[tip:locking/core] rtmutex: Plug preempt count leak in rt_mutex_futex_unlock()
From: tip-bot for Mike Galbraith
Date: Wed Apr 05 2017 - 11:06:48 EST
Commit-ID: def34eaae5ce04b324e48e1bfac873091d945213
Gitweb: http://git.kernel.org/tip/def34eaae5ce04b324e48e1bfac873091d945213
Author: Mike Galbraith <efault@xxxxxx>
AuthorDate: Wed, 5 Apr 2017 10:08:27 +0200
Committer: Thomas Gleixner <tglx@xxxxxxxxxxxxx>
CommitDate: Wed, 5 Apr 2017 16:59:37 +0200
rtmutex: Plug preempt count leak in rt_mutex_futex_unlock()
mark_wakeup_next_waiter() already disables preemption, doing so again
leaves us with an unpaired preempt_disable().
Fixes: 2a1c60299406 ("rtmutex: Deboost before waking up the top waiter")
Signed-off-by: Mike Galbraith <efault@xxxxxx>
Cc: Peter Zijlstra <peterz@xxxxxxxxxxxxx>
Cc: xlpang@xxxxxxxxxx
Cc: rostedt@xxxxxxxxxxx
Link: http://lkml.kernel.org/r/1491379707.6538.2.camel@xxxxxx
Signed-off-by: Thomas Gleixner <tglx@xxxxxxxxxxxxx>
---
kernel/locking/rtmutex.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/kernel/locking/rtmutex.c b/kernel/locking/rtmutex.c
index 0e641eb..b955094 100644
--- a/kernel/locking/rtmutex.c
+++ b/kernel/locking/rtmutex.c
@@ -1581,13 +1581,13 @@ bool __sched __rt_mutex_futex_unlock(struct rt_mutex *lock,
return false; /* done */
}
- mark_wakeup_next_waiter(wake_q, lock);
/*
- * We've already deboosted, retain preempt_disabled when dropping
- * the wait_lock to avoid inversion until the wakeup. Matched
- * by rt_mutex_postunlock();
+ * We've already deboosted, mark_wakeup_next_waiter() will
+ * retain preempt_disabled when we drop the wait_lock, to
+ * avoid inversion prior to the wakeup. preempt_disable()
+ * therein pairs with rt_mutex_postunlock().
*/
- preempt_disable();
+ mark_wakeup_next_waiter(wake_q, lock);
return true; /* call postunlock() */
}