futex: Take mmap_sem for get_user_pages in fault_in_user_writeable

commit 722d0172377a5697919b9f7e5beb95165b1dec4e upstream. get_user_pages() must be called with mmap_sem held. Signed-off-by: Andi Kleen <ak@linux.intel.com> Cc: Andrew Morton <akpm@linuxfoundation.org> Cc: Nick Piggin <npiggin@suse.de> Cc: Darren Hart <dvhltc@us.ibm.com> Cc: Peter Zijlstra <peterz@infradead.org> LKML-Reference: <20091208121942.GA21298@basil.fritz.box> Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
author: Andi Kleen <andi@firstfloor.org> 2009-12-08 13:19:42 +0100
committer: Greg Kroah-Hartman <gregkh@suse.de> 2009-12-18 13:43:21 -0800
commit: 7098a7420bc7c75253d785119d91be6ab15e18e5 (patch)
tree: 31a56e011400fae66ca7ab9a03706d3f25e1ac93 /kernel
parent: 1f5c6cef516b8ff4d5fe5f6976a5aad5b4ee9c06 (diff)
1 files changed, 8 insertions, 2 deletions
diff --git a/kernel/futex.c b/kernel/futex.c
index c0a020fcc246..ba7f0be17531 100644
--- a/kernel/futex.c
+++ b/kernel/futex.c
@@ -303,8 +303,14 @@ void put_futex_key(int fshared, union futex_key *key)
  */
 static int fault_in_user_writeable(u32 __user *uaddr)
 {
-	int ret = get_user_pages(current, current->mm, (unsigned long)uaddr,
-				 1, 1, 0, NULL, NULL);
+	struct mm_struct *mm = current->mm;
+	int ret;
+
+	down_read(&mm->mmap_sem);
+	ret = get_user_pages(current, mm, (unsigned long)uaddr,
+			     1, 1, 0, NULL, NULL);
+	up_read(&mm->mmap_sem);
+
 	return ret < 0 ? ret : 0;
 }
author	Andi Kleen <andi@firstfloor.org>	2009-12-08 13:19:42 +0100
committer	Greg Kroah-Hartman <gregkh@suse.de>	2009-12-18 13:43:21 -0800
commit	7098a7420bc7c75253d785119d91be6ab15e18e5 (patch)
tree	31a56e011400fae66ca7ab9a03706d3f25e1ac93 /kernel
parent	1f5c6cef516b8ff4d5fe5f6976a5aad5b4ee9c06 (diff)