summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorHerton R. Krzesinski <herton@redhat.com>2015-08-15 00:35:05 +0200
committerLinus Torvalds <torvalds@linux-foundation.org>2015-08-15 00:56:32 +0200
commita97955844807e327df11aa33869009d14d6b7de0 (patch)
tree20d83d811aa907898be0b09b6c4c94f8789e7224
parentipc,sem: fix use after free on IPC_RMID after a task using same semaphore set... (diff)
downloadlinux-a97955844807e327df11aa33869009d14d6b7de0.tar.xz
linux-a97955844807e327df11aa33869009d14d6b7de0.zip
ipc,sem: remove uneeded sem_undo_list lock usage in exit_sem()
After we acquire the sma->sem_perm lock in exit_sem(), we are protected against a racing IPC_RMID operation. Also at that point, we are the last user of sem_undo_list. Therefore it isn't required that we acquire or use ulp->lock. Signed-off-by: Herton R. Krzesinski <herton@redhat.com> Acked-by: Manfred Spraul <manfred@colorfullife.com> Cc: Davidlohr Bueso <dave@stgolabs.net> Cc: Rafael Aquini <aquini@redhat.com> CC: Aristeu Rozanski <aris@redhat.com> Cc: David Jeffery <djeffery@redhat.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-rw-r--r--ipc/sem.c6
1 files changed, 4 insertions, 2 deletions
diff --git a/ipc/sem.c b/ipc/sem.c
index a37aaeb02561..178f303deea5 100644
--- a/ipc/sem.c
+++ b/ipc/sem.c
@@ -2123,9 +2123,11 @@ void exit_sem(struct task_struct *tsk)
ipc_assert_locked_object(&sma->sem_perm);
list_del(&un->list_id);
- spin_lock(&ulp->lock);
+ /* we are the last process using this ulp, acquiring ulp->lock
+ * isn't required. Besides that, we are also protected against
+ * IPC_RMID as we hold sma->sem_perm lock now
+ */
list_del_rcu(&un->list_proc);
- spin_unlock(&ulp->lock);
/* perform adjustments registered in un */
for (i = 0; i < sma->sem_nsems; i++) {