Staging: android: task_get_unused_fd_flags: fix the wrong usage of ts…

…k->signal Compile tested. task_struct->signal is not protected by RCU, the code is bogus. Change the code to take ->siglock to pin ->signal. Signed-off-by: Oleg Nesterov <oleg@redhat.com> Cc: Arve Hjønnevåg <arve@android.com> Cc: Brian Swetland <swetland@google.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
git-mirror · Jan 28, 2009 · 1176e83 · 1176e83
1 parent 191805a
commit 1176e83
Showing 1 changed file with 5 additions and 5 deletions.
diff --git a/drivers/staging/android/binder.c b/drivers/staging/android/binder.c
@@ -319,6 +319,7 @@ int task_get_unused_fd_flags(struct task_struct *tsk, int flags)
 	int fd, error;
 	struct fdtable *fdt;
 	unsigned long rlim_cur;
+	unsigned long irqs;
 
 	if (files == NULL)
 		return -ESRCH;
@@ -335,12 +336,11 @@ int task_get_unused_fd_flags(struct task_struct *tsk, int flags)
 	 * N.B. For clone tasks sharing a files structure, this test
 	 * will limit the total number of files that can be opened.
 	 */
-	rcu_read_lock();
-	if (tsk->signal)
+	rlim_cur = 0;
+	if (lock_task_sighand(tsk, &irqs)) {
 		rlim_cur = tsk->signal->rlim[RLIMIT_NOFILE].rlim_cur;
-	else
-		rlim_cur = 0;
-	rcu_read_unlock();
+		unlock_task_sighand(tsk, &irqs);
+	}
 	if (fd >= rlim_cur)
 		goto out;