diff options
| author | Greg Kroah-Hartman <gregkh@suse.de> | 2009-12-17 07:07:19 -0800 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@suse.de> | 2010-01-28 15:20:28 -0800 |
| commit | 76c5f486172fd061715f21c926d61f7e83ea6377 (patch) | |
| tree | b3cc11c76274ddeb4457d8457a144c94947618be | |
| parent | 951e8ab57d5a08fd083997e5bf674c3d0e81abff (diff) | |
| download | lwn-76c5f486172fd061715f21c926d61f7e83ea6377.tar.gz lwn-76c5f486172fd061715f21c926d61f7e83ea6377.zip | |
tty: fix race in tty_fasync
commit 703625118069f9f8960d356676662d3db5a9d116 upstream.
We need to keep the lock held over the call to __f_setown() to
prevent a PID race.
Thanks to Al Viro for pointing out the problem, and to Travis for
making us look here in the first place.
Cc: Eric W. Biederman <ebiederm@xmission.com>
Cc: Al Viro <viro@ZenIV.linux.org.uk>
Cc: Alan Cox <alan@lxorguk.ukuu.org.uk>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Tavis Ormandy <taviso@google.com>
Cc: Jeff Dike <jdike@addtoit.com>
Cc: Julien Tinnes <jln@google.com>
Cc: Matt Mackall <mpm@selenic.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
| -rw-r--r-- | drivers/char/tty_io.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/drivers/char/tty_io.c b/drivers/char/tty_io.c index 0232485ddad1..c4b82c7eca8c 100644 --- a/drivers/char/tty_io.c +++ b/drivers/char/tty_io.c @@ -2437,8 +2437,8 @@ static int tty_fasync(int fd, struct file *filp, int on) pid = task_pid(current); type = PIDTYPE_PID; } - spin_unlock_irqrestore(&tty->ctrl_lock, flags); retval = __f_setown(filp, pid, type, 0); + spin_unlock_irqrestore(&tty->ctrl_lock, flags); if (retval) goto out; } else { |