[patch 057/104] powerpc/spufs: Fix spinning in spufs_ps_fault onsignal

From: Greg KH
Date: Wed Dec 03 2008 - 15:12:54 EST

2.6.27-stable review patch. If anyone has any objections, please let us know.

From: Jeremy Kerr <jk@xxxxxxxxxx>

commit 606572634c3faa5b32a8fc430266e6e9d78d2179 upstream.

Currently, we can end up in an infinite loop if we get a signal
while the kernel has faulted in spufs_ps_fault. Eg:


write(fd, some_spu_psmap_register_address, 4);

- the write's copy_from_user will fault on the ps mapping, and
signal_pending will be non-zero. Because returning from the fault
handler will never clear TIF_SIGPENDING, so we'll just keep faulting,
resulting in an unkillable process using 100% of CPU.

This change returns VM_FAULT_SIGBUS if there's a fatal signal pending,
letting us escape the loop.

Signed-off-by: Jeremy Kerr <jk@xxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxx>

arch/powerpc/platforms/cell/spufs/file.c | 3 +++
1 file changed, 3 insertions(+)

--- a/arch/powerpc/platforms/cell/spufs/file.c
+++ b/arch/powerpc/platforms/cell/spufs/file.c
@@ -390,6 +390,9 @@ static int spufs_ps_fault(struct vm_area
if (offset >= ps_size)

+ if (fatal_signal_pending(current))
* Because we release the mmap_sem, the context may be destroyed while
* we're in spu_wait. Grab an extra reference so it isn't destroyed

