From 8d1c98b0b5c0148b519c6416e689ef6a89ffcea3 Mon Sep 17 00:00:00 2001 From: Davide Libenzi Date: Thu, 10 Apr 2008 21:29:19 -0700 Subject: [PATCH] eventfd/kaio integration fix Jeff Roberson discovered a race when using kaio eventfd based notifications. When it occurs it can lead tomissed wakeups and hung userspace. This patch fixes the race by moving the notification inside the spinlocked section of kaio. The operation is safe since eventfd spinlock and kaio one are unrelated. Signed-off-by: Davide Libenzi Cc: Zach Brown Cc: Jeff Roberson Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- fs/aio.c | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/fs/aio.c b/fs/aio.c index 60a4cd4d11376a..228368610dfa64 100644 --- a/fs/aio.c +++ b/fs/aio.c @@ -936,14 +936,6 @@ int aio_complete(struct kiocb *iocb, long res, long res2) return 1; } - /* - * Check if the user asked us to deliver the result through an - * eventfd. The eventfd_signal() function is safe to be called - * from IRQ context. - */ - if (!IS_ERR(iocb->ki_eventfd)) - eventfd_signal(iocb->ki_eventfd, 1); - info = &ctx->ring_info; /* add a completion event to the ring buffer. @@ -992,6 +984,15 @@ int aio_complete(struct kiocb *iocb, long res, long res2) kunmap_atomic(ring, KM_IRQ1); pr_debug("added to ring %p at [%lu]\n", iocb, tail); + + /* + * Check if the user asked us to deliver the result through an + * eventfd. The eventfd_signal() function is safe to be called + * from IRQ context. + */ + if (!IS_ERR(iocb->ki_eventfd)) + eventfd_signal(iocb->ki_eventfd, 1); + put_rq: /* everything turned out well, dispose of the aiocb. */ ret = __aio_put_req(ctx, iocb);