futex: Fix hardcoded flags

Xi reported that commit 5694289ce183 ("futex: Flag conversion") broke
glibc's robust futex tests.

This was narrowed down to the change of FLAGS_SHARED from 0x01 to
0x10, at which point Florian noted that handle_futex_death() has a
hardcoded flags argument of 1.

Change this to: FLAGS_SIZE_32 | FLAGS_SHARED, matching how
futex_to_flags() unconditionally sets FLAGS_SIZE_32 for all legacy
futex ops.

Reported-by: Xi Ruoyao <xry111@xry111.site>
Reported-by: Florian Weimer <fweimer@redhat.com>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Link: https://lkml.kernel.org/r/20231114201402.GA25315@noisy.programming.kicks-ass.net
Fixes: 5694289ce183 ("futex: Flag conversion")
Cc: <stable@vger.kernel.org>

diff --git a/kernel/futex/core.c b/kernel/futex/core.c
index 52695c59d04114350d29f1bf0403c19b873663d6..dad981a865b841c954deed1934674f514832ff7e 100644 (file)
--- a/kernel/futex/core.c
+++ b/kernel/futex/core.c
@@ -700,7 +700,8 @@ retry:
        owner = uval & FUTEX_TID_MASK;
 
        if (pending_op && !pi && !owner) {
-               futex_wake(uaddr, 1, 1, FUTEX_BITSET_MATCH_ANY);
+               futex_wake(uaddr, FLAGS_SIZE_32 | FLAGS_SHARED, 1,
+                          FUTEX_BITSET_MATCH_ANY);
                return 0;
        }
 
@@ -752,8 +753,10 @@ retry:
         * Wake robust non-PI futexes here. The wakeup of
         * PI futexes happens in exit_pi_state():
         */
-       if (!pi && (uval & FUTEX_WAITERS))
-               futex_wake(uaddr, 1, 1, FUTEX_BITSET_MATCH_ANY);
+       if (!pi && (uval & FUTEX_WAITERS)) {
+               futex_wake(uaddr, FLAGS_SIZE_32 | FLAGS_SHARED, 1,
+                          FUTEX_BITSET_MATCH_ANY);
+       }
 
        return 0;
 }