diff options
| author | Manfred Spraul <[email protected]> | 2008-07-25 01:48:06 -0700 |
|---|---|---|
| committer | Linus Torvalds <[email protected]> | 2008-07-25 10:53:42 -0700 |
| commit | 380af1b33b3ff92df5cda96329b58f5d1b6b5a53 (patch) | |
| tree | 9a47d66c18e4aae2093a708a7509c0f188ee0bd1 /include/linux/timerqueue.h | |
| parent | a1193f8ec091cd8fd309cc2982abe4499f6f2b4d (diff) | |
ipc/sem.c: rewrite undo list locking
The attached patch:
- reverses the locking order of ulp->lock and sem_lock:
Previously, it was first ulp->lock, then inside sem_lock.
Now it's the other way around.
- converts the undo structure to rcu.
Benefits:
- With the old locking order, IPC_RMID could not kfree the undo structures.
The stale entries remained in the linked lists and were released later.
- The patch fixes a a race in semtimedop(): if both IPC_RMID and a semget() that
recreates exactly the same id happen between find_alloc_undo() and sem_lock,
then semtimedop() would access already kfree'd memory.
[[email protected]: coding-style fixes]
Signed-off-by: Manfred Spraul <[email protected]>
Reviewed-by: Nadia Derbey <[email protected]>
Cc: Pierre Peiffer <[email protected]>
Signed-off-by: Andrew Morton <[email protected]>
Signed-off-by: Linus Torvalds <[email protected]>
Diffstat (limited to 'include/linux/timerqueue.h')
0 files changed, 0 insertions, 0 deletions