diff options
-rw-r--r-- | fs/file.c | 2 | ||||
-rw-r--r-- | fs/proc/array.c | 2 | ||||
-rw-r--r-- | fs/proc/base.c | 6 | ||||
-rw-r--r-- | include/linux/fdtable.h | 8 |
4 files changed, 14 insertions, 4 deletions
@@ -478,7 +478,7 @@ repeat: | |||
478 | error = fd; | 478 | error = fd; |
479 | #if 1 | 479 | #if 1 |
480 | /* Sanity check */ | 480 | /* Sanity check */ |
481 | if (rcu_dereference(fdt->fd[fd]) != NULL) { | 481 | if (rcu_dereference_raw(fdt->fd[fd]) != NULL) { |
482 | printk(KERN_WARNING "alloc_fd: slot %d not NULL!\n", fd); | 482 | printk(KERN_WARNING "alloc_fd: slot %d not NULL!\n", fd); |
483 | rcu_assign_pointer(fdt->fd[fd], NULL); | 483 | rcu_assign_pointer(fdt->fd[fd], NULL); |
484 | } | 484 | } |
diff --git a/fs/proc/array.c b/fs/proc/array.c index 13b5d0708175..18e20feee251 100644 --- a/fs/proc/array.c +++ b/fs/proc/array.c | |||
@@ -270,7 +270,9 @@ static inline void task_sig(struct seq_file *m, struct task_struct *p) | |||
270 | blocked = p->blocked; | 270 | blocked = p->blocked; |
271 | collect_sigign_sigcatch(p, &ignored, &caught); | 271 | collect_sigign_sigcatch(p, &ignored, &caught); |
272 | num_threads = atomic_read(&p->signal->count); | 272 | num_threads = atomic_read(&p->signal->count); |
273 | rcu_read_lock(); /* FIXME: is this correct? */ | ||
273 | qsize = atomic_read(&__task_cred(p)->user->sigpending); | 274 | qsize = atomic_read(&__task_cred(p)->user->sigpending); |
275 | rcu_read_unlock(); | ||
274 | qlim = p->signal->rlim[RLIMIT_SIGPENDING].rlim_cur; | 276 | qlim = p->signal->rlim[RLIMIT_SIGPENDING].rlim_cur; |
275 | unlock_task_sighand(p, &flags); | 277 | unlock_task_sighand(p, &flags); |
276 | } | 278 | } |
diff --git a/fs/proc/base.c b/fs/proc/base.c index 58324c299165..623e2ffb5d2b 100644 --- a/fs/proc/base.c +++ b/fs/proc/base.c | |||
@@ -1095,8 +1095,12 @@ static ssize_t proc_loginuid_write(struct file * file, const char __user * buf, | |||
1095 | if (!capable(CAP_AUDIT_CONTROL)) | 1095 | if (!capable(CAP_AUDIT_CONTROL)) |
1096 | return -EPERM; | 1096 | return -EPERM; |
1097 | 1097 | ||
1098 | if (current != pid_task(proc_pid(inode), PIDTYPE_PID)) | 1098 | rcu_read_lock(); |
1099 | if (current != pid_task(proc_pid(inode), PIDTYPE_PID)) { | ||
1100 | rcu_read_unlock(); | ||
1099 | return -EPERM; | 1101 | return -EPERM; |
1102 | } | ||
1103 | rcu_read_unlock(); | ||
1100 | 1104 | ||
1101 | if (count >= PAGE_SIZE) | 1105 | if (count >= PAGE_SIZE) |
1102 | count = PAGE_SIZE - 1; | 1106 | count = PAGE_SIZE - 1; |
diff --git a/include/linux/fdtable.h b/include/linux/fdtable.h index a2ec74bc4812..144412ffaced 100644 --- a/include/linux/fdtable.h +++ b/include/linux/fdtable.h | |||
@@ -57,7 +57,11 @@ struct files_struct { | |||
57 | struct file * fd_array[NR_OPEN_DEFAULT]; | 57 | struct file * fd_array[NR_OPEN_DEFAULT]; |
58 | }; | 58 | }; |
59 | 59 | ||
60 | #define files_fdtable(files) (rcu_dereference((files)->fdt)) | 60 | #define files_fdtable(files) \ |
61 | (rcu_dereference_check((files)->fdt, \ | ||
62 | rcu_read_lock_held() || \ | ||
63 | lockdep_is_held(&(files)->file_lock) || \ | ||
64 | atomic_read(&files->count) == 1)) | ||
61 | 65 | ||
62 | struct file_operations; | 66 | struct file_operations; |
63 | struct vfsmount; | 67 | struct vfsmount; |
@@ -78,7 +82,7 @@ static inline struct file * fcheck_files(struct files_struct *files, unsigned in | |||
78 | struct fdtable *fdt = files_fdtable(files); | 82 | struct fdtable *fdt = files_fdtable(files); |
79 | 83 | ||
80 | if (fd < fdt->max_fds) | 84 | if (fd < fdt->max_fds) |
81 | file = rcu_dereference(fdt->fd[fd]); | 85 | file = rcu_dereference_check(fdt->fd[fd], rcu_read_lock_held() || lockdep_is_held(&files->file_lock) || atomic_read(&files->count) == 1); |
82 | return file; | 86 | return file; |
83 | } | 87 | } |
84 | 88 | ||