From: Wen Yang <wenyang.linux@xxxxxxxxxxx>
In eventfd_write(), when ucnt is 0 and ctx->count is also 0,
current->in_eventfd will be set to 1, which may affect eventfd_signal(),
and unnecessary wakeups will also be performed.
Fix this issue by ensuring that ctx->count is not zero.
Signed-off-by: Wen Yang <wenyang.linux@xxxxxxxxxxx>
Cc: Alexander Viro <viro@xxxxxxxxxxxxxxxxxx>
Cc: Jens Axboe <axboe@xxxxxxxxx>
Cc: Christian Brauner <brauner@xxxxxxxxxx>
Cc: Christoph Hellwig <hch@xxxxxx>
Cc: Dylan Yudaken <dylany@xxxxxx>
Cc: David Woodhouse <dwmw@xxxxxxxxxxxx>
Cc: Matthew Wilcox <willy@xxxxxxxxxxxxx>
Cc: linux-fsdevel@xxxxxxxxxxxxxxx
Cc: linux-kernel@xxxxxxxxxxxxxxx
---
fs/eventfd.c | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
diff --git a/fs/eventfd.c b/fs/eventfd.c
index 33a918f9566c..254b18ff0e00 100644
--- a/fs/eventfd.c
+++ b/fs/eventfd.c
@@ -281,10 +281,12 @@ static ssize_t eventfd_write(struct file *file, const char __user *buf, size_t c
}
if (likely(res > 0)) {
ctx->count += ucnt;
- current->in_eventfd = 1;
- if (waitqueue_active(&ctx->wqh))
- wake_up_locked_poll(&ctx->wqh, EPOLLIN);
- current->in_eventfd = 0;
+ if (ctx->count) {
+ current->in_eventfd = 1;
+ if (waitqueue_active(&ctx->wqh))
+ wake_up_locked_poll(&ctx->wqh, EPOLLIN);
+ current->in_eventfd = 0;
+ }
}
spin_unlock_irq(&ctx->wqh.lock);
--
2.25.1
