From: Eric W. Biederman <ebiederm@xmission.com>

This has been needed for a long time, but now with the advent of a
reference counted struct pid there are real consequences for getting this
wrong.

Someone I think it was Oleg Nesterov pointed out that this construct was
missing locking, when I introduced struct pid.  After taking time to review
the locking construct already present I figured out which lock needs to be
taken.  The other paths that access f_owner.pid take either the f_owner
read or the write lock.

Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Cc: Oleg Nesterov <oleg@tv-sign.ru>
Signed-off-by: Andrew Morton <akpm@osdl.org>
---

 fs/fcntl.c |    2 ++
 1 files changed, 2 insertions(+)

diff -puN fs/fcntl.c~file-add-locking-to-f_getown fs/fcntl.c
--- a/fs/fcntl.c~file-add-locking-to-f_getown
+++ a/fs/fcntl.c
@@ -305,9 +305,11 @@ void f_delown(struct file *filp)
 pid_t f_getown(struct file *filp)
 {
 	pid_t pid;
+	read_lock(&filp->f_owner.lock);
 	pid = pid_nr(filp->f_owner.pid);
 	if (filp->f_owner.pid_type == PIDTYPE_PGID)
 		pid = -pid;
+	read_unlock(&filp->f_owner.lock);
 	return pid;
 }
 
_