git.fsl.cs.sunysb.edu Git - wrapfs-4.14.y.git/commit

author	Ben Hutchings <ben@decadent.org.uk>
	Mon, 1 Mar 2021 17:31:48 +0000 (18:31 +0100)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Sun, 7 Mar 2021 10:25:55 +0000 (11:25 +0100)
commit	9787adc793abc49c08b111c9b3eb69f250bcc3b4
tree	71183b8ba6e60660f77620d6cf64d641ec1eb016	tree \| snapshot
parent	25a678da6d8a4def2262447fd37e85f2dca26c76	commit \| diff

futex: Fix pi_state->owner serialization

From: Peter Zijlstra <peterz@infradead.org>

commit c74aef2d06a9f59cece89093eecc552933cba72a upstream.

There was a reported suspicion about a race between exit_pi_state_list()
and put_pi_state(). The same report mentioned the comment with
put_pi_state() said it should be called with hb->lock held, and it no
longer is in all places.

As it turns out, the pi_state->owner serialization is indeed broken. As per
the new rules:

734009e96d19 ("futex: Change locking rules")

pi_state->owner should be serialized by pi_state->pi_mutex.wait_lock.
For the sites setting pi_state->owner we already hold wait_lock (where
required) but exit_pi_state_list() and put_pi_state() were not and
raced on clearing it.

Fixes: 734009e96d19 ("futex: Change locking rules")
Reported-by: Gratian Crisan <gratian.crisan@ni.com>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Cc: dvhart@infradead.org
Cc: stable@vger.kernel.org
Link:
https://lkml.kernel.org/r/20170922154806.jd3ffltfk24m4o4y@hirez.programming.kicks-ass.net
[bwh: Backported to 4.9: adjust context]
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>