From 762cf6dac2623473e83bb271f2bbe97d2355c64d Mon Sep 17 00:00:00 2001 From: Arnd Bergmann Date: Wed, 4 Jan 2006 20:31:21 +0100 Subject: [PATCH] [PATCH] spufs: fix locking in spu_acquire_runnable We need to check for validity of owner under down_write, down_read is not enough. Noticed by Al Viro. Signed-off-by: Arnd Bergmann Signed-off-by: Paul Mackerras --- arch/powerpc/platforms/cell/spufs/context.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/arch/powerpc/platforms/cell/spufs/context.c b/arch/powerpc/platforms/cell/spufs/context.c index 1758cec58bc7..903c35d19577 100644 --- a/arch/powerpc/platforms/cell/spufs/context.c +++ b/arch/powerpc/platforms/cell/spufs/context.c @@ -120,27 +120,29 @@ int spu_acquire_runnable(struct spu_context *ctx) ctx->spu->prio = current->prio; return 0; } + up_read(&ctx->state_sema); + + down_write(&ctx->state_sema); /* ctx is about to be freed, can't acquire any more */ if (!ctx->owner) { ret = -EINVAL; goto out; } - up_read(&ctx->state_sema); - down_write(&ctx->state_sema); if (ctx->state == SPU_STATE_SAVED) { ret = spu_activate(ctx, 0); ctx->state = SPU_STATE_RUNNABLE; } - downgrade_write(&ctx->state_sema); if (ret) goto out; + downgrade_write(&ctx->state_sema); /* On success, we return holding the lock */ + return ret; out: /* Release here, to simplify calling code. */ - up_read(&ctx->state_sema); + up_write(&ctx->state_sema); return ret; } -- 2.20.1