aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--ipc/msg.c48
1 files changed, 26 insertions, 22 deletions
diff --git a/ipc/msg.c b/ipc/msg.c
index a92275023134..a80aaf463d9c 100644
--- a/ipc/msg.c
+++ b/ipc/msg.c
@@ -807,6 +807,30 @@ static inline void free_copy(struct msg_msg *copy)
807} 807}
808#endif 808#endif
809 809
810static struct msg_msg *find_msg(struct msg_queue *msq, long *msgtyp, int mode)
811{
812 struct msg_msg *msg;
813 long count = 0;
814
815 list_for_each_entry(msg, &msq->q_messages, m_list) {
816 if (testmsg(msg, *msgtyp, mode) &&
817 !security_msg_queue_msgrcv(msq, msg, current,
818 *msgtyp, mode)) {
819 if (mode == SEARCH_LESSEQUAL && msg->m_type != 1) {
820 *msgtyp = msg->m_type - 1;
821 } else if (mode == SEARCH_NUMBER) {
822 if (*msgtyp == count)
823 return msg;
824 } else
825 return msg;
826 count++;
827 }
828 }
829
830 return ERR_PTR(-EAGAIN);
831}
832
833
810long do_msgrcv(int msqid, void __user *buf, size_t bufsz, long msgtyp, 834long do_msgrcv(int msqid, void __user *buf, size_t bufsz, long msgtyp,
811 int msgflg, 835 int msgflg,
812 long (*msg_handler)(void __user *, struct msg_msg *, size_t)) 836 long (*msg_handler)(void __user *, struct msg_msg *, size_t))
@@ -836,33 +860,13 @@ long do_msgrcv(int msqid, void __user *buf, size_t bufsz, long msgtyp,
836 860
837 for (;;) { 861 for (;;) {
838 struct msg_receiver msr_d; 862 struct msg_receiver msr_d;
839 struct msg_msg *walk_msg;
840 long msg_counter = 0;
841 863
842 msg = ERR_PTR(-EACCES); 864 msg = ERR_PTR(-EACCES);
843 if (ipcperms(ns, &msq->q_perm, S_IRUGO)) 865 if (ipcperms(ns, &msq->q_perm, S_IRUGO))
844 goto out_unlock; 866 goto out_unlock;
845 867
846 msg = ERR_PTR(-EAGAIN); 868 msg = find_msg(msq, &msgtyp, mode);
847 list_for_each_entry(walk_msg, &msq->q_messages, m_list) { 869
848
849 if (testmsg(walk_msg, msgtyp, mode) &&
850 !security_msg_queue_msgrcv(msq, walk_msg, current,
851 msgtyp, mode)) {
852
853 msg = walk_msg;
854 if (mode == SEARCH_LESSEQUAL &&
855 walk_msg->m_type != 1) {
856 msgtyp = walk_msg->m_type - 1;
857 } else if (mode == SEARCH_NUMBER) {
858 if (msgtyp == msg_counter)
859 break;
860 msg = ERR_PTR(-EAGAIN);
861 } else
862 break;
863 msg_counter++;
864 }
865 }
866 if (!IS_ERR(msg)) { 870 if (!IS_ERR(msg)) {
867 /* 871 /*
868 * Found a suitable message. 872 * Found a suitable message.