From: Ingo Molnar Date: Fri, 16 Mar 2007 21:38:31 +0000 (-0800) Subject: [PATCH] futex: PI state locking fix X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=21778867b1c8e0feb567addb6dc0a7e2ca6ecdec;p=GitHub%2FLineageOS%2FG12%2Fandroid_kernel_amlogic_linux-4.9.git [PATCH] futex: PI state locking fix Testing of -rt by IBM uncovered a locking bug in wake_futex_pi(): the PI state needs to be locked before we access it. Signed-off-by: Ingo Molnar Acked-by: Thomas Gleixner Cc: Chuck Ebbert Cc: Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- diff --git a/kernel/futex.c b/kernel/futex.c index e749e7df14b1..5a270b5e3f95 100644 --- a/kernel/futex.c +++ b/kernel/futex.c @@ -565,6 +565,7 @@ static int wake_futex_pi(u32 __user *uaddr, u32 uval, struct futex_q *this) if (!pi_state) return -EINVAL; + spin_lock(&pi_state->pi_mutex.wait_lock); new_owner = rt_mutex_next_owner(&pi_state->pi_mutex); /* @@ -604,6 +605,7 @@ static int wake_futex_pi(u32 __user *uaddr, u32 uval, struct futex_q *this) pi_state->owner = new_owner; spin_unlock_irq(&new_owner->pi_lock); + spin_unlock(&pi_state->pi_mutex.wait_lock); rt_mutex_unlock(&pi_state->pi_mutex); return 0;