File locking fixes for v5.6
-----BEGIN PGP SIGNATURE----- iQJHBAABCAAxFiEES8DXskRxsqGE6vXTAA5oQRlWghUFAl5igvYTHGpsYXl0b25A a2VybmVsLm9yZwAKCRAADmhBGVaCFdbFD/9ZP3XDY+ngnN5nsSYS4QuzudlncnZL ceRLD5YykNPLOAesr7DWI8EDky+IFL5w4wRHVxAbOeHpj3haySLefV9vsM/G6sm4 CiHdikx7uls184r5WYK3jfB19UF3UIePUjTnAtxOpemjkLv58Z15nPNGGQv9lkFJ dJbCk1kdwaEA3LYEyXiGC/ianaxLtiqBy+C0d581OZn3ty551c8vmF0Ziz5tcuot aObPE3f8sYNxDuTDZcseRxvXUfMS1Qj/tMxeDDIXryX71zIsFbQ6PMPUNHGHGit/ uoeuprDy90mLqGuEEuUfVaXjn8zEPFlW8IHy1OJ4fFNQ0X/HYa2/CFTA2BiVrpfM 1lVYKWuMz+mCq9i8wzF/+ikQ9QVMG2cSb0i4kyuAb+RBP+PDjNTbTLjFeEIJVz6O yN9MUXWH5XS8liFq2F5VbITwpSJEk7vxiTGDT1zU38HXFdrxL0FRC60TKhkplLzO 9xsj9jUBV/sD5ohwq9Ga+kcXOB/KA/9iW3TMfBApq7oWIxaEfW7rQ6A/O5tuF/hX q2mwrRoEx6tpCy77KFBLT89iF0gzV3xzadwWcnpDkFC7x2OkMmZPPr2nWeJS6qbN hPOD1fiWW/NXMXs7foQ9HZ7HdbQMDI7olnf1sjkh4pq2MKDWsJLvNB4fYwZUxhpn 8K4B+9yfIofvpg== =H/ky -----END PGP SIGNATURE----- Merge tag 'filelock-v5.6-1' of git://git.kernel.org/pub/scm/linux/kernel/git/jlayton/linux Pull file locking fixes from Jeff Layton: "Just a couple of late-breaking patches for the file locking code. The second patch (from yangerkun) fixes a rather nasty looking potential use-after-free that should go to stable. The other patch could technically wait for 5.7, but it's fairly innocuous so I figured we might as well take it" * tag 'filelock-v5.6-1' of git://git.kernel.org/pub/scm/linux/kernel/git/jlayton/linux: locks: fix a potential use-after-free problem when wakeup a waiter fcntl: Distribute switch variables for initialization
This commit is contained in:
Linus Torvalds
commit
0b25d45803
|
|
@ -735,8 +735,9 @@ static void send_sigio_to_task(struct task_struct *p,
|
|||
return;
|
||||
|
||||
switch (signum) {
|
||||
kernel_siginfo_t si;
|
||||
default:
|
||||
default: {
|
||||
kernel_siginfo_t si;
|
||||
|
||||
/* Queue a rt signal with the appropriate fd as its
|
||||
value. We use SI_SIGIO as the source, not
|
||||
SI_KERNEL, since kernel signals always get
|
||||
|
|
@ -769,6 +770,7 @@ static void send_sigio_to_task(struct task_struct *p,
|
|||
si.si_fd = fd;
|
||||
if (!do_send_sig_info(signum, &si, p, type))
|
||||
break;
|
||||
}
|
||||
/* fall-through - fall back on the old plain SIGIO signal */
|
||||
case 0:
|
||||
do_send_sig_info(SIGIO, SEND_SIG_PRIV, p, type);
|
||||
|
|
|
|||
14
fs/locks.c
14
fs/locks.c
|
|
@ -753,20 +753,6 @@ int locks_delete_block(struct file_lock *waiter)
|
|||
{
|
||||
int status = -ENOENT;
|
||||
|
||||
/*
|
||||
* If fl_blocker is NULL, it won't be set again as this thread
|
||||
* "owns" the lock and is the only one that might try to claim
|
||||
* the lock. So it is safe to test fl_blocker locklessly.
|
||||
* Also if fl_blocker is NULL, this waiter is not listed on
|
||||
* fl_blocked_requests for some lock, so no other request can
|
||||
* be added to the list of fl_blocked_requests for this
|
||||
* request. So if fl_blocker is NULL, it is safe to
|
||||
* locklessly check if fl_blocked_requests is empty. If both
|
||||
* of these checks succeed, there is no need to take the lock.
|
||||
*/
|
||||
if (waiter->fl_blocker == NULL &&
|
||||
list_empty(&waiter->fl_blocked_requests))
|
||||
return status;
|
||||
spin_lock(&blocked_lock_lock);
|
||||
if (waiter->fl_blocker)
|
||||
status = 0;
|
||||
|
|
|
|||
Loading…
Reference in New Issue