aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorIngo Molnar <mingo@elte.hu>2007-03-16 17:38:31 -0400
committerLinus Torvalds <torvalds@woody.linux-foundation.org>2007-03-16 22:25:06 -0400
commit21778867b1c8e0feb567addb6dc0a7e2ca6ecdec (patch)
treea88a1a8f9a469f0b9e94a2025a6d1990ee9fc407
parentd3a7b6df4951170079252402fd0c2dc70cb0ca2a (diff)
[PATCH] futex: PI state locking fix
Testing of -rt by IBM uncovered a locking bug in wake_futex_pi(): the PI state needs to be locked before we access it. Signed-off-by: Ingo Molnar <mingo@elte.hu> Acked-by: Thomas Gleixner <tglx@linutronix.de> Cc: Chuck Ebbert <cebbert@redhat.com> Cc: <stable@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-rw-r--r--kernel/futex.c2
1 files changed, 2 insertions, 0 deletions
diff --git a/kernel/futex.c b/kernel/futex.c
index e749e7df14b1..5a270b5e3f95 100644
--- a/kernel/futex.c
+++ b/kernel/futex.c
@@ -565,6 +565,7 @@ static int wake_futex_pi(u32 __user *uaddr, u32 uval, struct futex_q *this)
565 if (!pi_state) 565 if (!pi_state)
566 return -EINVAL; 566 return -EINVAL;
567 567
568 spin_lock(&pi_state->pi_mutex.wait_lock);
568 new_owner = rt_mutex_next_owner(&pi_state->pi_mutex); 569 new_owner = rt_mutex_next_owner(&pi_state->pi_mutex);
569 570
570 /* 571 /*
@@ -604,6 +605,7 @@ static int wake_futex_pi(u32 __user *uaddr, u32 uval, struct futex_q *this)
604 pi_state->owner = new_owner; 605 pi_state->owner = new_owner;
605 spin_unlock_irq(&new_owner->pi_lock); 606 spin_unlock_irq(&new_owner->pi_lock);
606 607
608 spin_unlock(&pi_state->pi_mutex.wait_lock);
607 rt_mutex_unlock(&pi_state->pi_mutex); 609 rt_mutex_unlock(&pi_state->pi_mutex);
608 610
609 return 0; 611 return 0;