[PATCH] Fix reproducible SMP crash in security/keys/key.c
Jani Jaakkola <jjaakkol@cs.Helsinki.FI> wrote: > > SMP race handling is broken in key_user_lookup() in security/keys/key.c This was fixed post-2.6.11. Can you confirm that 2.6.12-rc2 works OK? This is the patch we used. It should go into -stable if it's not already there. From: Alexander Nyberg <alexn@dsv.su.se> I looked at some of the oops reports against keyrings, I think the problem is that the search isn't restarted after dropping the key_user_lock, *p will still be NULL when we get back to try_again and look through the tree. It looks like the intention was that the search start over from scratch. Signed-off-by: Alexander Nyberg <alexn@dsv.su.se> Cc: David Howells <dhowells@redhat.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Chris Wright <chrisw@osdl.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
This commit is contained in:
akpm@osdl.org
Greg KH
parent
64ffae4fd8
commit
4b4f0b12c4
|
|
@ -57,9 +57,10 @@ struct key_user *key_user_lookup(uid_t uid)
|
|||
{
|
||||
struct key_user *candidate = NULL, *user;
|
||||
struct rb_node *parent = NULL;
|
||||
struct rb_node **p = &key_user_tree.rb_node;
|
||||
struct rb_node **p;
|
||||
|
||||
try_again:
|
||||
p = &key_user_tree.rb_node;
|
||||
spin_lock(&key_user_lock);
|
||||
|
||||
/* search the tree for a user record with a matching UID */
|
||||
|
|
|
|||
Loading…
Reference in New Issue