aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--fs/file.c2
-rw-r--r--fs/proc/array.c2
-rw-r--r--fs/proc/base.c6
-rw-r--r--include/linux/fdtable.h8
4 files changed, 14 insertions, 4 deletions
diff --git a/fs/file.c b/fs/file.c
index 87e129030ab1..38039af67663 100644
--- a/fs/file.c
+++ b/fs/file.c
@@ -478,7 +478,7 @@ repeat:
478 error = fd; 478 error = fd;
479#if 1 479#if 1
480 /* Sanity check */ 480 /* Sanity check */
481 if (rcu_dereference(fdt->fd[fd]) != NULL) { 481 if (rcu_dereference_raw(fdt->fd[fd]) != NULL) {
482 printk(KERN_WARNING "alloc_fd: slot %d not NULL!\n", fd); 482 printk(KERN_WARNING "alloc_fd: slot %d not NULL!\n", fd);
483 rcu_assign_pointer(fdt->fd[fd], NULL); 483 rcu_assign_pointer(fdt->fd[fd], NULL);
484 } 484 }
diff --git a/fs/proc/array.c b/fs/proc/array.c
index 13b5d0708175..18e20feee251 100644
--- a/fs/proc/array.c
+++ b/fs/proc/array.c
@@ -270,7 +270,9 @@ static inline void task_sig(struct seq_file *m, struct task_struct *p)
270 blocked = p->blocked; 270 blocked = p->blocked;
271 collect_sigign_sigcatch(p, &ignored, &caught); 271 collect_sigign_sigcatch(p, &ignored, &caught);
272 num_threads = atomic_read(&p->signal->count); 272 num_threads = atomic_read(&p->signal->count);
273 rcu_read_lock(); /* FIXME: is this correct? */
273 qsize = atomic_read(&__task_cred(p)->user->sigpending); 274 qsize = atomic_read(&__task_cred(p)->user->sigpending);
275 rcu_read_unlock();
274 qlim = p->signal->rlim[RLIMIT_SIGPENDING].rlim_cur; 276 qlim = p->signal->rlim[RLIMIT_SIGPENDING].rlim_cur;
275 unlock_task_sighand(p, &flags); 277 unlock_task_sighand(p, &flags);
276 } 278 }
diff --git a/fs/proc/base.c b/fs/proc/base.c
index 58324c299165..623e2ffb5d2b 100644
--- a/fs/proc/base.c
+++ b/fs/proc/base.c
@@ -1095,8 +1095,12 @@ static ssize_t proc_loginuid_write(struct file * file, const char __user * buf,
1095 if (!capable(CAP_AUDIT_CONTROL)) 1095 if (!capable(CAP_AUDIT_CONTROL))
1096 return -EPERM; 1096 return -EPERM;
1097 1097
1098 if (current != pid_task(proc_pid(inode), PIDTYPE_PID)) 1098 rcu_read_lock();
1099 if (current != pid_task(proc_pid(inode), PIDTYPE_PID)) {
1100 rcu_read_unlock();
1099 return -EPERM; 1101 return -EPERM;
1102 }
1103 rcu_read_unlock();
1100 1104
1101 if (count >= PAGE_SIZE) 1105 if (count >= PAGE_SIZE)
1102 count = PAGE_SIZE - 1; 1106 count = PAGE_SIZE - 1;
diff --git a/include/linux/fdtable.h b/include/linux/fdtable.h
index a2ec74bc4812..144412ffaced 100644
--- a/include/linux/fdtable.h
+++ b/include/linux/fdtable.h
@@ -57,7 +57,11 @@ struct files_struct {
57 struct file * fd_array[NR_OPEN_DEFAULT]; 57 struct file * fd_array[NR_OPEN_DEFAULT];
58}; 58};
59 59
60#define files_fdtable(files) (rcu_dereference((files)->fdt)) 60#define files_fdtable(files) \
61 (rcu_dereference_check((files)->fdt, \
62 rcu_read_lock_held() || \
63 lockdep_is_held(&(files)->file_lock) || \
64 atomic_read(&files->count) == 1))
61 65
62struct file_operations; 66struct file_operations;
63struct vfsmount; 67struct vfsmount;
@@ -78,7 +82,7 @@ static inline struct file * fcheck_files(struct files_struct *files, unsigned in
78 struct fdtable *fdt = files_fdtable(files); 82 struct fdtable *fdt = files_fdtable(files);
79 83
80 if (fd < fdt->max_fds) 84 if (fd < fdt->max_fds)
81 file = rcu_dereference(fdt->fd[fd]); 85 file = rcu_dereference_check(fdt->fd[fd], rcu_read_lock_held() || lockdep_is_held(&files->file_lock) || atomic_read(&files->count) == 1);
82 return file; 86 return file;
83} 87}
84 88