The following commit has been merged into the locking/core branch of tip: Commit-ID: d69cba5c719b0c551f6380ec5da4ed8c20a3815a Gitweb: https://git.kernel.org/tip/d69cba5c719b0c551f6380ec5da4ed8c20a3815a Author: Thomas Gleixner <tglx@xxxxxxxxxxxxx> AuthorDate: Sun, 15 Aug 2021 23:29:15 +02:00 Committer: Ingo Molnar <mingo@xxxxxxxxxx> CommitterDate: Tue, 17 Aug 2021 19:05:54 +02:00 futex: Reorder sanity checks in futex_requeue() No point in allocating memory when the input parameters are bogus. Validate all parameters before proceeding. Suggested-by: Davidlohr Bueso <dave@xxxxxxxxxxxx> Signed-off-by: Thomas Gleixner <tglx@xxxxxxxxxxxxx> Signed-off-by: Peter Zijlstra (Intel) <peterz@xxxxxxxxxxxxx> Signed-off-by: Ingo Molnar <mingo@xxxxxxxxxx> Link: https://lore.kernel.org/r/20210815211305.581789253@xxxxxxxxxxxxx --- kernel/futex.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/kernel/futex.c b/kernel/futex.c index 8d8bad5..a5232f6 100644 --- a/kernel/futex.c +++ b/kernel/futex.c @@ -1934,13 +1934,6 @@ static int futex_requeue(u32 __user *uaddr1, unsigned int flags, return -EINVAL; /* - * requeue_pi requires a pi_state, try to allocate it now - * without any locks in case it fails. - */ - if (refill_pi_state_cache()) - return -ENOMEM; - - /* * futex_requeue() allows the caller to define the number * of waiters to wake up via the @nr_wake argument. With * REQUEUE_PI, waking up more than one waiter is creating @@ -1963,6 +1956,13 @@ static int futex_requeue(u32 __user *uaddr1, unsigned int flags, */ if (nr_wake != 1) return -EINVAL; + + /* + * requeue_pi requires a pi_state, try to allocate it now + * without any locks in case it fails. + */ + if (refill_pi_state_cache()) + return -ENOMEM; } retry:
|