| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 12 Mar 2009 10:24:36 GMT From: Darren Hart <dvhltc@...ibm.com> To: linux-tip-commits@...r.kernel.org Cc: linux-kernel@...r.kernel.org, dvhltc@...ibm.com, hpa@...or.com, mingo@...hat.com, rusty@...tcorp.com.au, peterz@...radead.org, tglx@...utronix.de, mingo@...e.hu Subject: [tip:core/futexes] futex: additional (get|put)_futex_key() fixes Commit-ID: de87fcc124a5d4a171aa32707b3265608ebda6e7 Gitweb: http://git.kernel.org/tip/de87fcc124a5d4a171aa32707b3265608ebda6e7 Author: "Darren Hart" <dvhltc@...ibm.com> AuthorDate: Thu, 12 Mar 2009 00:55:46 -0700 Commit: Ingo Molnar <mingo@...e.hu> CommitDate: Thu, 12 Mar 2009 11:20:56 +0100 futex: additional (get|put)_futex_key() fixes Impact: fix races futex_requeue and futex_lock_pi still had some bad (get|put)_futex_key() usage. This patch adds the missing put_futex_keys() and corrects a goto in futex_lock_pi() to avoid a double get. Build and boot tested on a 4 way Intel x86_64 workstation. Passes basic pthread_mutex and PI tests out of ltp/testcases/realtime. Signed-off-by: Darren Hart <dvhltc@...ibm.com> Acked-by: Peter Zijlstra <peterz@...radead.org> Cc: Rusty Russell <rusty@...tcorp.com.au> LKML-Reference: <20090312075545.9856.75152.stgit@...n> Signed-off-by: Ingo Molnar <mingo@...e.hu> --- kernel/futex.c | 16 +++++++++++----- 1 files changed, 11 insertions(+), 5 deletions(-) diff --git a/kernel/futex.c b/kernel/futex.c index e6a4d72..4000454 100644 --- a/kernel/futex.c +++ b/kernel/futex.c @@ -802,8 +802,10 @@ retry: ret = get_user(dummy, uaddr2); if (ret) - return ret; + goto out_put_keys; + put_futex_key(fshared, &key2); + put_futex_key(fshared, &key1); goto retryfull; } @@ -878,6 +880,9 @@ retry: if (hb1 != hb2) spin_unlock(&hb2->lock); + put_futex_key(fshared, &key2); + put_futex_key(fshared, &key1); + ret = get_user(curval, uaddr1); if (!ret) @@ -1453,6 +1458,7 @@ retry_locked: * exit to complete. */ queue_unlock(&q, hb); + put_futex_key(fshared, &q.key); cond_resched(); goto retry; @@ -1595,13 +1601,12 @@ uaddr_faulted: ret = get_user(uval, uaddr); if (!ret) - goto retry; + goto retry_unlocked; - if (to) - destroy_hrtimer_on_stack(&to->timer); - return ret; + goto out_put_key; } + /* * Userspace attempted a TID -> 0 atomic transition, and failed. * This is the in-kernel slowpath: we look up the PI state (if any), @@ -1705,6 +1710,7 @@ pi_faulted: } ret = get_user(uval, uaddr); + put_futex_key(fshared, &key); if (!ret) goto retry; -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists