From 6e93c35ba7c5001e756d0c9d1a4f534384652a5a Mon Sep 17 00:00:00 2001 From: Eric Anholt Date: Wed, 15 Aug 2007 13:42:04 -0700 Subject: BSD: Return EINVAL if drm_unlock is called on an unheld or other-owner lock. --- bsd-core/drm_lock.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/bsd-core/drm_lock.c b/bsd-core/drm_lock.c index 326c083b..fb86fc68 100644 --- a/bsd-core/drm_lock.c +++ b/bsd-core/drm_lock.c @@ -173,6 +173,12 @@ int drm_unlock(drm_device_t *dev, void *data, struct drm_file *file_priv) DRM_CURRENTPID, lock->context); return EINVAL; } + /* Check that the context unlock being requested actually matches + * who currently holds the lock. + */ + if (!_DRM_LOCK_IS_HELD(dev->lock.hw_lock->lock) || + _DRM_LOCKING_CONTEXT(dev->lock.hw_lock->lock) != lock->context) + return EINVAL; atomic_inc(&dev->counts[_DRM_STAT_UNLOCKS]); -- cgit v1.2.3