The following commit has been merged into the locking/urgent branch of tip:

Commit-ID: c9bd1568d5462f4108417518ce1af7b924acfb6f Gitweb: https://git.kernel.org/tip/c9bd1568d5462f4108417518ce1af7b924acfb6f Author: Peter Zijlstra peterz@infradead.org AuthorDate: Tue, 14 Nov 2023 21:36:13 +01:00 Committer: Ingo Molnar mingo@kernel.org CommitterDate: Wed, 15 Nov 2023 04:02:25 +01:00

futex: Fix hardcoded flags

Xi reported that commit 5694289ce183 ("futex: Flag conversion") broke glibc's robust futex tests.

This was narrowed down to the change of FLAGS_SHARED from 0x01 to 0x10, at which point Florian noted that handle_futex_death() has a hardcoded flags argument of 1.

Change this to: FLAGS_SIZE_32 | FLAGS_SHARED, matching how futex_to_flags() unconditionally sets FLAGS_SIZE_32 for all legacy futex ops.

Reported-by: Xi Ruoyao xry111@xry111.site Reported-by: Florian Weimer fweimer@redhat.com Signed-off-by: Peter Zijlstra (Intel) peterz@infradead.org Signed-off-by: Ingo Molnar mingo@kernel.org Link: https://lkml.kernel.org/r/20231114201402.GA25315@noisy.programming.kicks-ass... Fixes: 5694289ce183 ("futex: Flag conversion") Cc: stable@vger.kernel.org --- kernel/futex/core.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/kernel/futex/core.c b/kernel/futex/core.c index 52695c5..dad981a 100644 --- a/kernel/futex/core.c +++ b/kernel/futex/core.c @@ -700,7 +700,8 @@ retry: owner = uval & FUTEX_TID_MASK;

if (pending_op && !pi && !owner) { - futex_wake(uaddr, 1, 1, FUTEX_BITSET_MATCH_ANY); + futex_wake(uaddr, FLAGS_SIZE_32 | FLAGS_SHARED, 1, + FUTEX_BITSET_MATCH_ANY); return 0; }

@@ -752,8 +753,10 @@ retry: * Wake robust non-PI futexes here. The wakeup of * PI futexes happens in exit_pi_state(): */ - if (!pi && (uval & FUTEX_WAITERS)) - futex_wake(uaddr, 1, 1, FUTEX_BITSET_MATCH_ANY); + if (!pi && (uval & FUTEX_WAITERS)) { + futex_wake(uaddr, FLAGS_SIZE_32 | FLAGS_SHARED, 1, + FUTEX_BITSET_MATCH_ANY); + }

return 0; }