Revision 887d9dc989eb0154492e41e7c07492edbb088ba1 authored by Peter Zijlstra on 11 June 2015, 12:46:48 UTC, committed by Thomas Gleixner on 18 June 2015, 22:09:56 UTC
Currently an hrtimer callback function cannot free its own timer because __run_hrtimer() still needs to clear HRTIMER_STATE_CALLBACK after it. Freeing the timer would result in a clear use-after-free. Solve this by using a scheme similar to regular timers; track the current running timer in hrtimer_clock_base::running. Suggested-by: Thomas Gleixner <tglx@linutronix.de> Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org> Cc: ktkhai@parallels.com Cc: rostedt@goodmis.org Cc: juri.lelli@gmail.com Cc: pang.xunlei@linaro.org Cc: wanpeng.li@linux.intel.com Cc: Al Viro <viro@ZenIV.linux.org.uk> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Paul McKenney <paulmck@linux.vnet.ibm.com> Cc: Oleg Nesterov <oleg@redhat.com> Cc: umgwanakikbuti@gmail.com Link: http://lkml.kernel.org/r/20150611124743.471563047@infradead.org Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
1 parent c4bfa3f
| File | Mode | Size |
|---|---|---|
| Makefile | -rw-r--r-- | 377 bytes |
| compat.c | -rw-r--r-- | 19.1 KB |
| compat_mq.c | -rw-r--r-- | 3.9 KB |
| ipc_sysctl.c | -rw-r--r-- | 5.4 KB |
| mq_sysctl.c | -rw-r--r-- | 2.9 KB |
| mqueue.c | -rw-r--r-- | 35.3 KB |
| msg.c | -rw-r--r-- | 23.2 KB |
| msgutil.c | -rw-r--r-- | 3.6 KB |
| namespace.c | -rw-r--r-- | 4.0 KB |
| sem.c | -rw-r--r-- | 55.2 KB |
| shm.c | -rw-r--r-- | 32.5 KB |
| syscall.c | -rw-r--r-- | 2.3 KB |
| util.c | -rw-r--r-- | 21.1 KB |
| util.h | -rw-r--r-- | 6.4 KB |
Computing file changes ...
