aboutsummaryrefslogtreecommitdiff
path: root/drivers/char
diff options
context:
space:
mode:
authorGreg Kroah-Hartman <gregkh@suse.de>2009-12-17 07:07:19 -0800
committerGreg Kroah-Hartman <gregkh@suse.de>2010-01-25 10:49:15 -0800
commit179b7e53797c61a7652075eb48c6008dbd2b88d5 (patch)
tree6ff5e48f7a9c9d881763d143b9a896a4a96ed1e8 /drivers/char
parentb70922a1819f26c3962a184070d9370dfae634a9 (diff)
tty: fix race in tty_fasync
commit 703625118069f9f8960d356676662d3db5a9d116 upstream. We need to keep the lock held over the call to __f_setown() to prevent a PID race. Thanks to Al Viro for pointing out the problem, and to Travis for making us look here in the first place. Cc: Eric W. Biederman <ebiederm@xmission.com> Cc: Al Viro <viro@ZenIV.linux.org.uk> Cc: Alan Cox <alan@lxorguk.ukuu.org.uk> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Tavis Ormandy <taviso@google.com> Cc: Jeff Dike <jdike@addtoit.com> Cc: Julien Tinnes <jln@google.com> Cc: Matt Mackall <mpm@selenic.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Diffstat (limited to 'drivers/char')
-rw-r--r--drivers/char/tty_io.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/drivers/char/tty_io.c b/drivers/char/tty_io.c
index 59499ee0fe6..e919bd9c92d 100644
--- a/drivers/char/tty_io.c
+++ b/drivers/char/tty_io.c
@@ -1930,8 +1930,8 @@ static int tty_fasync(int fd, struct file *filp, int on)
pid = task_pid(current);
type = PIDTYPE_PID;
}
- spin_unlock_irqrestore(&tty->ctrl_lock, flags);
retval = __f_setown(filp, pid, type, 0);
+ spin_unlock_irqrestore(&tty->ctrl_lock, flags);
if (retval)
goto out;
} else {