--- /dev/null
+From 00540e5d54be972a94a3b2ce6da8621bebe731a2 Mon Sep 17 00:00:00 2001
+From: Peter Zijlstra <a.p.zijlstra@chello.nl>
+Date: Fri, 12 Jun 2009 10:04:01 +0200
+Subject: lockdep: Select frame pointers on x86
+
+From: Peter Zijlstra <a.p.zijlstra@chello.nl>
+
+commit 00540e5d54be972a94a3b2ce6da8621bebe731a2 upstream.
+
+x86 stack traces are a piece of crap without frame pointers, and its not
+like the 'performance gain' of not having stack pointers matters when you
+selected lockdep.
+
+Reported-by: Andrew Morton <akpm@linux-foundation.org>
+LKML-Reference: <new-submission>
+Signed-off-by: Peter Zijlstra <a.p.zijlstra@chello.nl>
+Signed-off-by: Ingo Molnar <mingo@elte.hu>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ lib/Kconfig.debug | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/lib/Kconfig.debug
++++ b/lib/Kconfig.debug
+@@ -394,7 +394,7 @@ config LOCKDEP
+ bool
+ depends on DEBUG_KERNEL && TRACE_IRQFLAGS_SUPPORT && STACKTRACE_SUPPORT && LOCKDEP_SUPPORT
+ select STACKTRACE
+- select FRAME_POINTER if !X86 && !MIPS && !PPC
++ select FRAME_POINTER if !MIPS && !PPC
+ select KALLSYMS
+ select KALLSYMS_ALL
+
--- /dev/null
+From 8eeee4e2f04fc551f50c9d9847da2d73d7d33728 Mon Sep 17 00:00:00 2001
+From: Oleg Nesterov <oleg@redhat.com>
+Date: Wed, 17 Jun 2009 00:27:10 +0200
+Subject: send_sigio_to_task: sanitize the usage of fown->signum
+
+From: Oleg Nesterov <oleg@redhat.com>
+
+commit 8eeee4e2f04fc551f50c9d9847da2d73d7d33728 upstream.
+
+send_sigio_to_task() reads fown->signum several times, we can race with
+F_SETSIG which changes ->signum lockless. In theory, this can fool
+security checks or we can call group_send_sig_info() with the wrong
+->si_signo which does not match "int sig".
+
+Change the code to cache ->signum.
+
+Signed-off-by: Oleg Nesterov <oleg@redhat.com>
+Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ fs/fcntl.c | 16 +++++++++++-----
+ 1 file changed, 11 insertions(+), 5 deletions(-)
+
+--- a/fs/fcntl.c
++++ b/fs/fcntl.c
+@@ -417,14 +417,20 @@ static inline int sigio_perm(struct task
+ }
+
+ static void send_sigio_to_task(struct task_struct *p,
+- struct fown_struct *fown,
++ struct fown_struct *fown,
+ int fd,
+ int reason)
+ {
+- if (!sigio_perm(p, fown, fown->signum))
++ /*
++ * F_SETSIG can change ->signum lockless in parallel, make
++ * sure we read it once and use the same value throughout.
++ */
++ int signum = ACCESS_ONCE(fown->signum);
++
++ if (!sigio_perm(p, fown, signum))
+ return;
+
+- switch (fown->signum) {
++ switch (signum) {
+ siginfo_t si;
+ default:
+ /* Queue a rt signal with the appropriate fd as its
+@@ -433,7 +439,7 @@ static void send_sigio_to_task(struct ta
+ delivered even if we can't queue. Failure to
+ queue in this case _should_ be reported; we fall
+ back to SIGIO in that case. --sct */
+- si.si_signo = fown->signum;
++ si.si_signo = signum;
+ si.si_errno = 0;
+ si.si_code = reason;
+ /* Make sure we are called with one of the POLL_*
+@@ -445,7 +451,7 @@ static void send_sigio_to_task(struct ta
+ else
+ si.si_band = band_table[reason - POLL_IN];
+ si.si_fd = fd;
+- if (!group_send_sig_info(fown->signum, &si, p))
++ if (!group_send_sig_info(signum, &si, p))
+ break;
+ /* fall-through: fall back on the old plain SIGIO signal */
+ case 0:
projects / thirdparty / kernel / stable-queue.git / commitdiff
