From: Linus Torvalds Date: Sat, 4 May 2013 17:25:11 +0000 (-0700) Subject: ipc: fix double sem unlock in semctl error path X-Git-Tag: firefly_0821_release~3680^2~575^2~3 X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=fbfd1d2862a8316c7191bc551c6a842e6918abb0;p=firefly-linux-kernel-4.4.55.git ipc: fix double sem unlock in semctl error path Fix another ipc locking buglet introduced by the scalability patches: when semctl_down() was changed to delay the semaphore locking, one error path for security_sem_semctl() went through the semaphore unlock logic even though the semaphore had never been locked. Introduced by commit 16df3674efe3 ("ipc,sem: do not hold ipc lock more than necessary") Acked-by: Davidlohr Bueso Cc: Rik van Riel Cc: Al Viro Signed-off-by: Linus Torvalds --- diff --git a/ipc/sem.c b/ipc/sem.c index 8f5aa34f8d30..1f8f01a542de 100644 --- a/ipc/sem.c +++ b/ipc/sem.c @@ -1280,7 +1280,7 @@ static int semctl_down(struct ipc_namespace *ns, int semid, err = security_sem_semctl(sma, cmd); if (err) { rcu_read_unlock(); - goto out_unlock; + goto out_up; } switch(cmd){