aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPierre Peiffer <Pierre.Peiffer@bull.net>2007-10-19 02:40:57 -0400
committerLinus Torvalds <torvalds@woody.linux-foundation.org>2007-10-19 14:53:49 -0400
commit283bb7fada7e33a759d8fc9bd7a44532e4ad420e (patch)
treec6704baf10edd10ca64310f2d168969434bb7dcf
parent3ac88a41ff747b8c2f290f86b5243b2f8fce2cc0 (diff)
IPC: fix error case when idr-cache is empty in ipcget()
With the use of idr to store the ipc, the case where the idr cache is empty, when idr_get_new is called (this may happen even if we call idr_pre_get() before), is not well handled: it lets semget()/shmget()/msgget() return ENOSPC when this cache is empty, what 1. does not reflect the facts and 2. does not conform to the man(s). This patch fixes this by retrying the whole process of allocation in this case. Signed-off-by: Pierre Peiffer <pierre.peiffer@bull.net> Cc: Nadia Derbey <Nadia.Derbey@bull.net> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-rw-r--r--ipc/msg.c4
-rw-r--r--ipc/sem.c4
-rw-r--r--ipc/shm.c5
-rw-r--r--ipc/util.c16
4 files changed, 18 insertions, 11 deletions
diff --git a/ipc/msg.c b/ipc/msg.c
index ccf5f495db7b..fdf3db5731ce 100644
--- a/ipc/msg.c
+++ b/ipc/msg.c
@@ -203,10 +203,10 @@ static int newque(struct ipc_namespace *ns, struct ipc_params *params)
203 * ipc_addid() locks msq 203 * ipc_addid() locks msq
204 */ 204 */
205 id = ipc_addid(&msg_ids(ns), &msq->q_perm, ns->msg_ctlmni); 205 id = ipc_addid(&msg_ids(ns), &msq->q_perm, ns->msg_ctlmni);
206 if (id == -1) { 206 if (id < 0) {
207 security_msg_queue_free(msq); 207 security_msg_queue_free(msq);
208 ipc_rcu_putref(msq); 208 ipc_rcu_putref(msq);
209 return -ENOSPC; 209 return id;
210 } 210 }
211 211
212 msq->q_perm.id = msg_buildid(id, msq->q_perm.seq); 212 msq->q_perm.id = msg_buildid(id, msq->q_perm.seq);
diff --git a/ipc/sem.c b/ipc/sem.c
index 7617f4f34edc..35952c0bae46 100644
--- a/ipc/sem.c
+++ b/ipc/sem.c
@@ -283,10 +283,10 @@ static int newary(struct ipc_namespace *ns, struct ipc_params *params)
283 } 283 }
284 284
285 id = ipc_addid(&sem_ids(ns), &sma->sem_perm, ns->sc_semmni); 285 id = ipc_addid(&sem_ids(ns), &sma->sem_perm, ns->sc_semmni);
286 if(id == -1) { 286 if (id < 0) {
287 security_sem_free(sma); 287 security_sem_free(sma);
288 ipc_rcu_putref(sma); 288 ipc_rcu_putref(sma);
289 return -ENOSPC; 289 return id;
290 } 290 }
291 ns->used_sems += nsems; 291 ns->used_sems += nsems;
292 292
diff --git a/ipc/shm.c b/ipc/shm.c
index 05c97c7513c2..3818fae625c5 100644
--- a/ipc/shm.c
+++ b/ipc/shm.c
@@ -433,10 +433,11 @@ static int newseg(struct ipc_namespace *ns, struct ipc_params *params)
433 if (IS_ERR(file)) 433 if (IS_ERR(file))
434 goto no_file; 434 goto no_file;
435 435
436 error = -ENOSPC;
437 id = shm_addid(ns, shp); 436 id = shm_addid(ns, shp);
438 if(id == -1) 437 if (id < 0) {
438 error = id;
439 goto no_id; 439 goto no_id;
440 }
440 441
441 shp->shm_cprid = task_tgid_vnr(current); 442 shp->shm_cprid = task_tgid_vnr(current);
442 shp->shm_lprid = 0; 443 shp->shm_lprid = 0;
diff --git a/ipc/util.c b/ipc/util.c
index b42fbd58973a..1aa0ebf71bac 100644
--- a/ipc/util.c
+++ b/ipc/util.c
@@ -262,7 +262,7 @@ int ipc_get_maxid(struct ipc_ids *ids)
262 * Add an entry 'new' to the IPC ids idr. The permissions object is 262 * Add an entry 'new' to the IPC ids idr. The permissions object is
263 * initialised and the first free entry is set up and the id assigned 263 * initialised and the first free entry is set up and the id assigned
264 * is returned. The 'new' entry is returned in a locked state on success. 264 * is returned. The 'new' entry is returned in a locked state on success.
265 * On failure the entry is not locked and -1 is returned. 265 * On failure the entry is not locked and a negative err-code is returned.
266 * 266 *
267 * Called with ipc_ids.rw_mutex held as a writer. 267 * Called with ipc_ids.rw_mutex held as a writer.
268 */ 268 */
@@ -275,11 +275,11 @@ int ipc_addid(struct ipc_ids* ids, struct kern_ipc_perm* new, int size)
275 size = IPCMNI; 275 size = IPCMNI;
276 276
277 if (ids->in_use >= size) 277 if (ids->in_use >= size)
278 return -1; 278 return -ENOSPC;
279 279
280 err = idr_get_new(&ids->ipcs_idr, new, &id); 280 err = idr_get_new(&ids->ipcs_idr, new, &id);
281 if (err) 281 if (err)
282 return -1; 282 return err;
283 283
284 ids->in_use++; 284 ids->in_use++;
285 285
@@ -311,7 +311,7 @@ int ipcget_new(struct ipc_namespace *ns, struct ipc_ids *ids,
311 struct ipc_ops *ops, struct ipc_params *params) 311 struct ipc_ops *ops, struct ipc_params *params)
312{ 312{
313 int err; 313 int err;
314 314retry:
315 err = idr_pre_get(&ids->ipcs_idr, GFP_KERNEL); 315 err = idr_pre_get(&ids->ipcs_idr, GFP_KERNEL);
316 316
317 if (!err) 317 if (!err)
@@ -321,6 +321,9 @@ int ipcget_new(struct ipc_namespace *ns, struct ipc_ids *ids,
321 err = ops->getnew(ns, params); 321 err = ops->getnew(ns, params);
322 up_write(&ids->rw_mutex); 322 up_write(&ids->rw_mutex);
323 323
324 if (err == -EAGAIN)
325 goto retry;
326
324 return err; 327 return err;
325} 328}
326 329
@@ -374,7 +377,7 @@ int ipcget_public(struct ipc_namespace *ns, struct ipc_ids *ids,
374 struct kern_ipc_perm *ipcp; 377 struct kern_ipc_perm *ipcp;
375 int flg = params->flg; 378 int flg = params->flg;
376 int err; 379 int err;
377 380retry:
378 err = idr_pre_get(&ids->ipcs_idr, GFP_KERNEL); 381 err = idr_pre_get(&ids->ipcs_idr, GFP_KERNEL);
379 382
380 /* 383 /*
@@ -411,6 +414,9 @@ int ipcget_public(struct ipc_namespace *ns, struct ipc_ids *ids,
411 } 414 }
412 up_write(&ids->rw_mutex); 415 up_write(&ids->rw_mutex);
413 416
417 if (err == -EAGAIN)
418 goto retry;
419
414 return err; 420 return err;
415} 421}
416 422