Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 1176e83a authored by Oleg Nesterov's avatar Oleg Nesterov Committed by Greg Kroah-Hartman
Browse files

Staging: android: task_get_unused_fd_flags: fix the wrong usage of tsk->signal 



Compile tested.

task_struct->signal is not protected by RCU, the code is bogus.
Change the code to take ->siglock to pin ->signal.

Signed-off-by: default avatarOleg Nesterov <oleg@redhat.com>
Cc: Arve Hjønnevåg <arve@android.com>
Cc: Brian Swetland <swetland@google.com>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@suse.de>
parent 191805ac

drivers/staging/android/binder.c

+5 −5
Original line number Diff line number Diff line
@@ -319,6 +319,7 @@ int task_get_unused_fd_flags(struct task_struct *tsk, int flags) 
	int fd, error;

	struct fdtable *fdt;

	unsigned long rlim_cur;

	unsigned long irqs;



	if (files == NULL)

		return -ESRCH;
@@ -335,12 +336,11 @@ int task_get_unused_fd_flags(struct task_struct *tsk, int flags) 
	 * N.B. For clone tasks sharing a files structure, this test

	 * will limit the total number of files that can be opened.

	 */

	rcu_read_lock();

	if (tsk->signal)

		rlim_cur = tsk->signal->rlim[RLIMIT_NOFILE].rlim_cur;

	else

	rlim_cur = 0;

	rcu_read_unlock();

	if (lock_task_sighand(tsk, &irqs)) {

		rlim_cur = tsk->signal->rlim[RLIMIT_NOFILE].rlim_cur;

		unlock_task_sighand(tsk, &irqs);

	}

	if (fd >= rlim_cur)

		goto out;