Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S934191AbcKIQ11 (ORCPT ); Wed, 9 Nov 2016 11:27:27 -0500 Received: from smtp2.provo.novell.com ([137.65.250.81]:46121 "EHLO smtp2.provo.novell.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753199AbcKIQ1Y (ORCPT ); Wed, 9 Nov 2016 11:27:24 -0500 From: Davidlohr Bueso To: akpm@linux-foundation.org, manfred@colorfullife.com Cc: linux-kernel@vger.kernel.org, dave@stgolabs.net, Davidlohr Bueso Subject: [PATCH -next 2/2] ipc/sem: avoid idr tree lookup for interrupted semop Date: Wed, 9 Nov 2016 08:26:14 -0800 Message-Id: <1478708774-28826-3-git-send-email-dave@stgolabs.net> X-Mailer: git-send-email 2.6.6 In-Reply-To: <1478708774-28826-1-git-send-email-dave@stgolabs.net> References: <1478708774-28826-1-git-send-email-dave@stgolabs.net> Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 2419 Lines: 76 We can avoid the idr tree lookup (albeit possibly avoiding idr_find_fast()) when being awoken in EINTR, as the semid will not change in this context while blocked. Use the sma pointer directly and take the sem_lock, then re-check for RMID races. We continue to re-check the queue.status with the lock held such that we can detect situations where we where are dealing with a spurious wakeup but another task that holds the sem_lock updated the queue.status while we were spinning for it. Once we take the lock it obviously won't change again. Being the only caller, get rid of sem_obtain_lock() altogether. Signed-off-by: Davidlohr Bueso --- ipc/sem.c | 37 +++++-------------------------------- 1 file changed, 5 insertions(+), 32 deletions(-) diff --git a/ipc/sem.c b/ipc/sem.c index a5eaf517c8b4..11cdec301167 100644 --- a/ipc/sem.c +++ b/ipc/sem.c @@ -431,29 +431,6 @@ static inline void sem_unlock(struct sem_array *sma, int locknum) * * The caller holds the RCU read lock. */ -static inline struct sem_array *sem_obtain_lock(struct ipc_namespace *ns, - int id, struct sembuf *sops, int nsops, int *locknum) -{ - struct kern_ipc_perm *ipcp; - struct sem_array *sma; - - ipcp = ipc_obtain_object_idr(&sem_ids(ns), id); - if (IS_ERR(ipcp)) - return ERR_CAST(ipcp); - - sma = container_of(ipcp, struct sem_array, sem_perm); - *locknum = sem_lock(sma, sops, nsops); - - /* ipc_rmid() may have already freed the ID while sem_lock - * was spinning: verify that the structure is still valid - */ - if (ipc_valid_object(ipcp)) - return container_of(ipcp, struct sem_array, sem_perm); - - sem_unlock(sma, *locknum); - return ERR_PTR(-EINVAL); -} - static inline struct sem_array *sem_obtain_object(struct ipc_namespace *ns, int id) { struct kern_ipc_perm *ipcp = ipc_obtain_object_idr(&sem_ids(ns), id); @@ -2016,16 +1993,12 @@ SYSCALL_DEFINE4(semtimedop, int, semid, struct sembuf __user *, tsops, } rcu_read_lock(); - sma = sem_obtain_lock(ns, semid, sops, nsops, &locknum); - error = READ_ONCE(queue.status); + sem_lock(sma, sops, nsops); - /* - * Array removed? If yes, leave without sem_unlock(). - */ - if (IS_ERR(sma)) { - rcu_read_unlock(); - goto out_free; - } + if (!ipc_valid_object(&sma->sem_perm)) + goto out_unlock_free; + + error = READ_ONCE(queue.status); /* * If queue.status != -EINTR we are woken up by another process. -- 2.6.6