SAFE public projects git trees. - safe/jmp/linux-2.6/commit

author	Manfred Spraul <manfred@colorfullife.com>
	Fri, 25 Jul 2008 08:48:06 +0000 (01:48 -0700)
committer	Linus Torvalds <torvalds@linux-foundation.org>
	Fri, 25 Jul 2008 17:53:42 +0000 (10:53 -0700)
commit	380af1b33b3ff92df5cda96329b58f5d1b6b5a53
tree	9a47d66c18e4aae2093a708a7509c0f188ee0bd1	tree \| snapshot
parent	a1193f8ec091cd8fd309cc2982abe4499f6f2b4d	commit \| diff

ipc/sem.c: rewrite undo list locking

The attached patch:
- reverses the locking order of ulp->lock and sem_lock:
  Previously, it was first ulp->lock, then inside sem_lock.
  Now it's the other way around.
- converts the undo structure to rcu.

Benefits:
- With the old locking order, IPC_RMID could not kfree the undo structures.
  The stale entries remained in the linked lists and were released later.
- The patch fixes a a race in semtimedop(): if both IPC_RMID and a semget() that
  recreates exactly the same id happen between find_alloc_undo() and sem_lock,
  then semtimedop() would access already kfree'd memory.

[akpm@linux-foundation.org: coding-style fixes]
Signed-off-by: Manfred Spraul <manfred@colorfullife.com>
Reviewed-by: Nadia Derbey <Nadia.Derbey@bull.net>
Cc: Pierre Peiffer <peifferp@gmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

include/linux/sem.h		diff \| blob \| history
ipc/sem.c		diff \| blob \| history