If a task calls cpu_chill() and gets woken up by a regular or spurious
wakeup and has a signal pending, then it exits the sleep loop in
do_nanosleep() and sets up the restart block. If restart->nanosleep.type is
not TI_NONE then this results in accessing a stale user pointer from a
previously interrupted syscall and a copy to user based on the stale
pointer or a BUG() when 'type' is not supported in nanosleep_copyout().
Instead all this trouble, use schedule_hrtimeout().
Cc: stable-rt@xxxxxxxxxxxxxxx
Signed-off-by: Sebastian Andrzej Siewior <bigeasy@xxxxxxxxxxxxx>
---
kernel/time/hrtimer.c | 9 ++++-----
1 file changed, 4 insertions(+), 5 deletions(-)
diff --git a/kernel/time/hrtimer.c b/kernel/time/hrtimer.c
index 6c77643eaf02..c0efc22ba635 100644
--- a/kernel/time/hrtimer.c
+++ b/kernel/time/hrtimer.c
@@ -1873,14 +1873,13 @@ COMPAT_SYSCALL_DEFINE2(nanosleep, struct compat_timespec __user *, rqtp,
*/
void cpu_chill(void)
{
- struct timespec64 tu = {
- .tv_nsec = NSEC_PER_MSEC,
- };
+ ktime_t chill_time;
unsigned int freeze_flag = current->flags & PF_NOFREEZE;
+ chill_time = ktime_set(0, NSEC_PER_MSEC);
+ set_current_state(TASK_UNINTERRUPTIBLE);
current->flags |= PF_NOFREEZE;
- __hrtimer_nanosleep(&tu, HRTIMER_MODE_REL_HARD, CLOCK_MONOTONIC,
- TASK_UNINTERRUPTIBLE);
+ schedule_hrtimeout(&chill_time, HRTIMER_MODE_REL_HARD);
if (!freeze_flag)
current->flags &= ~PF_NOFREEZE;
}
--
2.16.2
--
To unsubscribe from this list: send the line "unsubscribe linux-rt-users" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
