Google Git
Sign in
chromium / chromiumos / third_party / kernel / 9786eee4ad51625db617ff96ad282ab9ce08b272
commit9786eee4ad51625db617ff96ad282ab9ce08b272[log] [tgz]
authorThomas Gleixner <tglx@linutronix.de>Tue Jun 03 12:27:07 2014
committerchrome-internal-fetch <chrome-internal-fetch@google.com>Fri Jun 06 01:14:42 2014
treef5b878eec3b691c609ca88587d9b3e8ab97d05c6
parent27d662df7a15a1075afe9b234e47b3966b4ed053 [diff]
UPSTREAM: futex: Always cleanup owner tid in unlock_pi

If the owner died bit is set at futex_unlock_pi, we currently do not
cleanup the user space futex. So the owner TID of the current owner
(the unlocker) persists. That's observable inconsistant state,
especially when the ownership of the pi state got transferred.

Clean it up unconditionally.

Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Cc: Kees Cook <keescook@chromium.org>
Cc: Will Drewry <wad@chromium.org>
Cc: Darren Hart <dvhart@linux.intel.com>
Cc: stable@vger.kernel.org

BUG=chromium:377392
TEST=x86-generic build

Change-Id: Ib98f3a92d95a127e9af73db0521c054e684a8d80
Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/202713
Reviewed-by: Will Drewry <wad@chromium.org>
1 file changed
tree: f5b878eec3b691c609ca88587d9b3e8ab97d05c6
  1. arch/
  2. block/
  3. chromeos/
  4. crypto/
  5. Documentation/
  6. drivers/
  7. firmware/
  8. fs/
  9. include/
  10. init/
  11. ipc/
  12. kernel/
  13. lib/
  14. mm/
  15. net/
  16. samples/
  17. scripts/
  18. security/
  19. sound/
  20. tools/
  21. usr/
  22. virt/
  23. .gitignore
  24. .mailmap
  25. .scmversion
  26. COPYING
  27. CREDITS
  28. Kbuild
  29. Kconfig
  30. MAINTAINERS
  31. Makefile
  32. README
  33. REPORTING-BUGS