Staging: android: task_get_unused_fd_flags: fix the wrong usage of tsk->signal

Compile tested. task_struct->signal is not protected by RCU, the code is bogus. Change the code to take ->siglock to pin ->signal. Signed-off-by: Oleg Nesterov <oleg@redhat.com> Cc: Arve Hjønnevåg <arve@android.com> Cc: Brian Swetland <swetland@google.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>

Staging: android: task_get_unused_fd_flags: fix the wrong usage of tsk->signal
Compile tested. task_struct->signal is not protected by RCU, the code is bogus. Change the code to take ->siglock to pin ->signal. Signed-off-by: Oleg Nesterov <oleg@redhat.com> Cc: Arve Hjønnevåg <arve@android.com> Cc: Brian Swetland <swetland@google.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
1176e83a · Oleg Nesterov · Greg Kroah-Hartman · 191805ac · 1176e83a
Commit 1176e83a authored Jan 18, 2009 by Oleg Nesterov Committed by Greg Kroah-Hartman Jan 28, 2009
Hide whitespace changes
Inline Side-by-side

Showing with 5 additions and 5 deletions

drivers/staging/android/binder.c drivers/staging/android/binder.c +5 -5

No files found.
--- a/drivers/staging/android/binder.c
+++ b/drivers/staging/android/binder.c
@@ -319,6 +319,7 @@ int task_get_unused_fd_flags(struct task_struct *tsk, int flags)
 	int fd, error;
 	struct fdtable *fdt;
 	unsigned long rlim_cur;
+	unsigned long irqs;
 	if (files == NULL)
 		return -ESRCH;
@@ -335,12 +336,11 @@ repeat:
 	 * N.B. For clone tasks sharing a files structure, this test
 	 * will limit the total number of files that can be opened.
 	 */
-	rcu_read_lock();
+	rlim_cur = 0;
-	if (tsk->signal)
+	if (lock_task_sighand(tsk, &irqs)) {
 		rlim_cur = tsk->signal->rlim[RLIMIT_NOFILE].rlim_cur;
-	else
+		unlock_task_sighand(tsk, &irqs);
-		rlim_cur = 0;
+	}
-	rcu_read_unlock();
 	if (fd >= rlim_cur)
 		goto out;