diff options
-rw-r--r-- | kernel/futex.c | 26 |
1 files changed, 12 insertions, 14 deletions
diff --git a/kernel/futex.c b/kernel/futex.c index 99f8acce08bf..b4f87bac91c1 100644 --- a/kernel/futex.c +++ b/kernel/futex.c | |||
@@ -1565,12 +1565,11 @@ static int futex_lock_pi(u32 __user *uaddr, int fshared, | |||
1565 | 1565 | ||
1566 | uaddr_faulted: | 1566 | uaddr_faulted: |
1567 | /* | 1567 | /* |
1568 | * We have to r/w *(int __user *)uaddr, but we can't modify it | 1568 | * We have to r/w *(int __user *)uaddr, and we have to modify it |
1569 | * non-atomically. Therefore, if get_user below is not | 1569 | * atomically. Therefore, if we continue to fault after get_user() |
1570 | * enough, we need to handle the fault ourselves, while | 1570 | * below, we need to handle the fault ourselves, while still holding |
1571 | * still holding the mmap_sem. | 1571 | * the mmap_sem. This can occur if the uaddr is under contention as |
1572 | * | 1572 | * we have to drop the mmap_sem in order to call get_user(). |
1573 | * ... and hb->lock. :-) --ANK | ||
1574 | */ | 1573 | */ |
1575 | queue_unlock(&q, hb); | 1574 | queue_unlock(&q, hb); |
1576 | 1575 | ||
@@ -1582,7 +1581,7 @@ static int futex_lock_pi(u32 __user *uaddr, int fshared, | |||
1582 | } | 1581 | } |
1583 | 1582 | ||
1584 | ret = get_user(uval, uaddr); | 1583 | ret = get_user(uval, uaddr); |
1585 | if (!ret && (uval != -EFAULT)) | 1584 | if (!ret) |
1586 | goto retry; | 1585 | goto retry; |
1587 | 1586 | ||
1588 | if (to) | 1587 | if (to) |
@@ -1676,12 +1675,11 @@ out: | |||
1676 | 1675 | ||
1677 | pi_faulted: | 1676 | pi_faulted: |
1678 | /* | 1677 | /* |
1679 | * We have to r/w *(int __user *)uaddr, but we can't modify it | 1678 | * We have to r/w *(int __user *)uaddr, and we have to modify it |
1680 | * non-atomically. Therefore, if get_user below is not | 1679 | * atomically. Therefore, if we continue to fault after get_user() |
1681 | * enough, we need to handle the fault ourselves, while | 1680 | * below, we need to handle the fault ourselves, while still holding |
1682 | * still holding the mmap_sem. | 1681 | * the mmap_sem. This can occur if the uaddr is under contention as |
1683 | * | 1682 | * we have to drop the mmap_sem in order to call get_user(). |
1684 | * ... and hb->lock. --ANK | ||
1685 | */ | 1683 | */ |
1686 | spin_unlock(&hb->lock); | 1684 | spin_unlock(&hb->lock); |
1687 | 1685 | ||
@@ -1694,7 +1692,7 @@ pi_faulted: | |||
1694 | } | 1692 | } |
1695 | 1693 | ||
1696 | ret = get_user(uval, uaddr); | 1694 | ret = get_user(uval, uaddr); |
1697 | if (!ret && (uval != -EFAULT)) | 1695 | if (!ret) |
1698 | goto retry; | 1696 | goto retry; |
1699 | 1697 | ||
1700 | return ret; | 1698 | return ret; |