[PATCH -mm][AIO] AIO completion signal notification fixes and cleanups

Tue, 06 Feb 2007 01:25:10 -0800 

  Andrew, here is another incremental patch which does a bit of cleanup
as well as fixing a possible release on a task ref that was not taken.

  Thanks,

  Sébastien.


From: Sébastien Dugué <[EMAIL PROTECTED]>

        AIO completion signal notification misc fixes and cleanups

  This patches cleans up the notification path and fixes a possible
release on a task ref that was not taken in aio_setup_sigevent().


 aio.c |   15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

Signed-off-by: Sébastien Dugué <[EMAIL PROTECTED]>


Index: linux-2.6.20-rc6-mm3/fs/aio.c
===================================================================
--- linux-2.6.20-rc6-mm3.orig/fs/aio.c  2007-02-05 16:53:43.000000000 +0100
+++ linux-2.6.20-rc6-mm3/fs/aio.c       2007-02-06 09:33:55.000000000 +0100
@@ -469,8 +469,7 @@ static inline void really_put_req(struct
                kfree(req->ki_iovec);
 
        /* Release task ref */
-       if (req->ki_notify.notify == SIGEV_THREAD_ID ||
-           req->ki_notify.notify == SIGEV_SIGNAL)
+       if (req->ki_notify.notify != SIGEV_NONE)
                put_task_struct(req->ki_notify.target);
 
        kmem_cache_free(kiocb_cachep, req);
@@ -970,8 +969,14 @@ static long aio_setup_sigevent(struct ai
        rcu_read_lock();
        target = sigevent_find_task(&event);
 
-       if (unlikely(!target))
+       if (unlikely(!target)) {
+               /*
+                * Revert notify to SIGEV_NONE so that really_put_req()
+                * knows that no ref has been taken on a task.
+                */
+               notify->notify = SIGEV_NONE;
                goto out_unlock;
+       }
 
        /*
         * At this point, we know that notify is either SIGEV_SIGNAL or
@@ -996,7 +1001,7 @@ static long aio_setup_sigevent(struct ai
        return 0;
 
 out_unlock:
-       read_unlock(&tasklist_lock);
+       rcu_read_unlock();
        return -EINVAL;
 }
 
@@ -1763,7 +1768,7 @@ int fastcall io_submit_one(struct kioctx
                                         (struct sigevent __user *)(unsigned 
long)
                                         iocb->aio_sigeventp);
                if (ret)
-                       goto out_put_req;
+                       goto out_sigqfree;
        }
 
        /* Attach this iocb to its lio */
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Reply via email to