Fix incorrect user space access locking in mincore() - linux-dev - Linux kernel development work

diff options

author	Linus Torvalds <torvalds@woody.osdl.org>	2006-12-16 09:44:32 -0800
committer	Linus Torvalds <torvalds@woody.osdl.org>	2006-12-16 09:44:32 -0800
commit	2f77d107050abc14bc393b34bdb7b91cf670c250 (patch)
tree	6651586fb1b10f60cd6acdb3222bafac9c2d7aa8 /kernel
parent	Fix "delayed_work_pending()" macro expansion (diff)
download	linux-dev-2f77d107050abc14bc393b34bdb7b91cf670c250.tar.xz linux-dev-2f77d107050abc14bc393b34bdb7b91cf670c250.zip

Fix incorrect user space access locking in mincore()

Doug Chapman noticed that mincore() will doa "copy_to_user()" of the result while holding the mmap semaphore for reading, which is a big no-no. While a recursive read-lock on a semaphore in the case of a page fault happens to work, we don't actually allow them due to deadlock schenarios with writers due to fairness issues. Doug and Marcel sent in a patch to fix it, but I decided to just rewrite the mess instead - not just fixing the locking problem, but making the code smaller and (imho) much easier to understand. Cc: Doug Chapman <dchapman@redhat.com> Cc: Marcel Holtmann <holtmann@redhat.com> Cc: Hugh Dickins <hugh@veritas.com> Cc: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>

Diffstat (limited to 'kernel')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: