watch_queue: Fix lack of barrier/sync/lock between post and read
stable inclusion from stable-v5.10.106 commit ec03510e0a7784c4fb5c4b3297878a72cca834d5 bugzilla: https://gitee.com/openeuler/kernel/issues/I573US Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=ec03510e0a7784c4fb5c4b3297878a72cca834d5 -------------------------------- commit 2ed147f0 upstream. There's nothing to synchronise post_one_notification() versus pipe_read(). Whilst posting is done under pipe->rd_wait.lock, the reader only takes pipe->mutex which cannot bar notification posting as that may need to be made from contexts that cannot sleep. Fix this by setting pipe->head with a barrier in post_one_notification() and reading pipe->head with a barrier in pipe_read(). If that's not sufficient, the rd_wait.lock will need to be taken, possibly in a ->confirm() op so that it only applies to notifications. The lock would, however, have to be dropped before copy_page_to_iter() is invoked. Fixes: c73be61c ("pipe: Add general notification queue support") Reported-by:Jann Horn <jannh@google.com> Signed-off-by:
Loading
Please sign in to comment