[PATCH] spufs: fix locking in spu_acquire_runnable

We need to check for validity of owner under down_write, down_read is not enough. Noticed by Al Viro. Signed-off-by: Arnd Bergmann <arndb@de.ibm.com> Signed-off-by: Paul Mackerras <paulus@samba.org>

[PATCH] spufs: fix locking in spu_acquire_runnable
We need to check for validity of owner under down_write, down_read is not enough. Noticed by Al Viro. Signed-off-by: Arnd Bergmann <arndb@de.ibm.com> Signed-off-by: Paul Mackerras <paulus@samba.org>
762cf6da · Arnd Bergmann · Paul Mackerras · c902be71 · 762cf6da
Commit 762cf6da authored Jan 04, 2006 by Arnd Bergmann Committed by Paul Mackerras Jan 09, 2006
Hide whitespace changes
Inline Side-by-side

Showing with 6 additions and 4 deletions

arch/powerpc/platforms/cell/spufs/context.c arch/powerpc/platforms/cell/spufs/context.c +6 -4

No files found.
--- a/arch/powerpc/platforms/cell/spufs/context.c
+++ b/arch/powerpc/platforms/cell/spufs/context.c
@@ -120,27 +120,29 @@ int spu_acquire_runnable(struct spu_context *ctx)
 		ctx->spu->prio = current->prio;
 		return 0;
 	}
+	up_read(&ctx->state_sema);
+	down_write(&ctx->state_sema);
 	/* ctx is about to be freed, can't acquire any more */
 	if (!ctx->owner) {
 		ret = -EINVAL;
 		goto out;
 	}
-	up_read(&ctx->state_sema);
-	down_write(&ctx->state_sema);
 	if (ctx->state == SPU_STATE_SAVED) {
 		ret = spu_activate(ctx, 0);
 		ctx->state = SPU_STATE_RUNNABLE;
 	}
-	downgrade_write(&ctx->state_sema);
 	if (ret)
 		goto out;
+	downgrade_write(&ctx->state_sema);
 	/* On success, we return holding the lock */
 	return ret;
 out:
 	/* Release here, to simplify calling code. */
-	up_read(&ctx->state_sema);
+	up_write(&ctx->state_sema);
 	return ret;
 }