diff options
Diffstat (limited to 'kernel')
| -rw-r--r-- | kernel/auditsc.c | 2 | ||||
| -rw-r--r-- | kernel/futex.c | 1 | ||||
| -rw-r--r-- | kernel/irq/manage.c | 2 | ||||
| -rw-r--r-- | kernel/posix-timers.c | 9 | ||||
| -rw-r--r-- | kernel/signal.c | 4 |
5 files changed, 11 insertions, 7 deletions
diff --git a/kernel/auditsc.c b/kernel/auditsc.c index 3401293359e8..04f3ffb8d9d4 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c | |||
| @@ -2023,7 +2023,7 @@ int __audit_signal_info(int sig, struct task_struct *t) | |||
| 2023 | axp->d.next = ctx->aux_pids; | 2023 | axp->d.next = ctx->aux_pids; |
| 2024 | ctx->aux_pids = (void *)axp; | 2024 | ctx->aux_pids = (void *)axp; |
| 2025 | } | 2025 | } |
| 2026 | BUG_ON(axp->pid_count > AUDIT_AUX_PIDS); | 2026 | BUG_ON(axp->pid_count >= AUDIT_AUX_PIDS); |
| 2027 | 2027 | ||
| 2028 | axp->target_pid[axp->pid_count] = t->tgid; | 2028 | axp->target_pid[axp->pid_count] = t->tgid; |
| 2029 | selinux_get_task_sid(t, &axp->target_sid[axp->pid_count]); | 2029 | selinux_get_task_sid(t, &axp->target_sid[axp->pid_count]); |
diff --git a/kernel/futex.c b/kernel/futex.c index 3415e9ad1391..e8935b195e88 100644 --- a/kernel/futex.c +++ b/kernel/futex.c | |||
| @@ -1670,6 +1670,7 @@ pi_faulted: | |||
| 1670 | attempt); | 1670 | attempt); |
| 1671 | if (ret) | 1671 | if (ret) |
| 1672 | goto out; | 1672 | goto out; |
| 1673 | uval = 0; | ||
| 1673 | goto retry_unlocked; | 1674 | goto retry_unlocked; |
| 1674 | } | 1675 | } |
| 1675 | 1676 | ||
diff --git a/kernel/irq/manage.c b/kernel/irq/manage.c index 203a518b6f14..853aefbd184b 100644 --- a/kernel/irq/manage.c +++ b/kernel/irq/manage.c | |||
| @@ -462,7 +462,9 @@ void free_irq(unsigned int irq, void *dev_id) | |||
| 462 | * We do this after actually deregistering it, to make sure that | 462 | * We do this after actually deregistering it, to make sure that |
| 463 | * a 'real' IRQ doesn't run in parallel with our fake | 463 | * a 'real' IRQ doesn't run in parallel with our fake |
| 464 | */ | 464 | */ |
| 465 | local_irq_save(flags); | ||
| 465 | handler(irq, dev_id); | 466 | handler(irq, dev_id); |
| 467 | local_irq_restore(flags); | ||
| 466 | } | 468 | } |
| 467 | #endif | 469 | #endif |
| 468 | } | 470 | } |
diff --git a/kernel/posix-timers.c b/kernel/posix-timers.c index 55b3761edaa9..7a15afb73ed0 100644 --- a/kernel/posix-timers.c +++ b/kernel/posix-timers.c | |||
| @@ -547,9 +547,9 @@ sys_timer_create(const clockid_t which_clock, | |||
| 547 | new_timer->it_process = process; | 547 | new_timer->it_process = process; |
| 548 | list_add(&new_timer->list, | 548 | list_add(&new_timer->list, |
| 549 | &process->signal->posix_timers); | 549 | &process->signal->posix_timers); |
| 550 | spin_unlock_irqrestore(&process->sighand->siglock, flags); | ||
| 551 | if (new_timer->it_sigev_notify == (SIGEV_SIGNAL|SIGEV_THREAD_ID)) | 550 | if (new_timer->it_sigev_notify == (SIGEV_SIGNAL|SIGEV_THREAD_ID)) |
| 552 | get_task_struct(process); | 551 | get_task_struct(process); |
| 552 | spin_unlock_irqrestore(&process->sighand->siglock, flags); | ||
| 553 | } else { | 553 | } else { |
| 554 | spin_unlock_irqrestore(&process->sighand->siglock, flags); | 554 | spin_unlock_irqrestore(&process->sighand->siglock, flags); |
| 555 | process = NULL; | 555 | process = NULL; |
| @@ -605,13 +605,14 @@ static struct k_itimer * lock_timer(timer_t timer_id, unsigned long *flags) | |||
| 605 | timr = (struct k_itimer *) idr_find(&posix_timers_id, (int) timer_id); | 605 | timr = (struct k_itimer *) idr_find(&posix_timers_id, (int) timer_id); |
| 606 | if (timr) { | 606 | if (timr) { |
| 607 | spin_lock(&timr->it_lock); | 607 | spin_lock(&timr->it_lock); |
| 608 | spin_unlock(&idr_lock); | ||
| 609 | 608 | ||
| 610 | if ((timr->it_id != timer_id) || !(timr->it_process) || | 609 | if ((timr->it_id != timer_id) || !(timr->it_process) || |
| 611 | timr->it_process->tgid != current->tgid) { | 610 | timr->it_process->tgid != current->tgid) { |
| 612 | unlock_timer(timr, *flags); | 611 | spin_unlock(&timr->it_lock); |
| 612 | spin_unlock_irqrestore(&idr_lock, *flags); | ||
| 613 | timr = NULL; | 613 | timr = NULL; |
| 614 | } | 614 | } else |
| 615 | spin_unlock(&idr_lock); | ||
| 615 | } else | 616 | } else |
| 616 | spin_unlock_irqrestore(&idr_lock, *flags); | 617 | spin_unlock_irqrestore(&idr_lock, *flags); |
| 617 | 618 | ||
diff --git a/kernel/signal.c b/kernel/signal.c index b27c01a66448..ad63109e413c 100644 --- a/kernel/signal.c +++ b/kernel/signal.c | |||
| @@ -378,7 +378,7 @@ int dequeue_signal(struct task_struct *tsk, sigset_t *mask, siginfo_t *info) | |||
| 378 | /* We only dequeue private signals from ourselves, we don't let | 378 | /* We only dequeue private signals from ourselves, we don't let |
| 379 | * signalfd steal them | 379 | * signalfd steal them |
| 380 | */ | 380 | */ |
| 381 | if (tsk == current) | 381 | if (likely(tsk == current)) |
| 382 | signr = __dequeue_signal(&tsk->pending, mask, info); | 382 | signr = __dequeue_signal(&tsk->pending, mask, info); |
| 383 | if (!signr) { | 383 | if (!signr) { |
| 384 | signr = __dequeue_signal(&tsk->signal->shared_pending, | 384 | signr = __dequeue_signal(&tsk->signal->shared_pending, |
| @@ -425,7 +425,7 @@ int dequeue_signal(struct task_struct *tsk, sigset_t *mask, siginfo_t *info) | |||
| 425 | if (!(tsk->signal->flags & SIGNAL_GROUP_EXIT)) | 425 | if (!(tsk->signal->flags & SIGNAL_GROUP_EXIT)) |
| 426 | tsk->signal->flags |= SIGNAL_STOP_DEQUEUED; | 426 | tsk->signal->flags |= SIGNAL_STOP_DEQUEUED; |
| 427 | } | 427 | } |
| 428 | if ( signr && | 428 | if (signr && likely(tsk == current) && |
| 429 | ((info->si_code & __SI_MASK) == __SI_TIMER) && | 429 | ((info->si_code & __SI_MASK) == __SI_TIMER) && |
| 430 | info->si_sys_private){ | 430 | info->si_sys_private){ |
| 431 | /* | 431 | /* |