---

 25-akpm/kernel/sys.c  |    4 ++++
 25-akpm/kernel/user.c |   13 ++++++++++++-
 2 files changed, 16 insertions(+), 1 deletion(-)

diff -puN kernel/user.c~find_user-locking kernel/user.c
--- 25/kernel/user.c~find_user-locking	Wed Apr 28 14:17:00 2004
+++ 25-akpm/kernel/user.c	Wed Apr 28 14:17:00 2004
@@ -64,9 +64,20 @@ static inline struct user_struct *uid_ha
 	return NULL;
 }
 
+/*
+ * Locate the user_struct for the passed UID.  If found, take a ref on it.  The
+ * caller must undo that ref with free_uid().
+ *
+ * If the user_struct could not be found, return NULL.
+ */
 struct user_struct *find_user(uid_t uid)
 {
-	return uid_hash_find(uid, uidhashentry(uid));
+	struct user_struct *ret;
+
+	spin_lock(&uidhash_lock);
+	ret = uid_hash_find(uid, uidhashentry(uid));
+	spin_unlock(&uidhash_lock);
+	return ret;
 }
 
 void free_uid(struct user_struct *up)
diff -puN kernel/sys.c~find_user-locking kernel/sys.c
--- 25/kernel/sys.c~find_user-locking	Wed Apr 28 14:17:00 2004
+++ 25-akpm/kernel/sys.c	Wed Apr 28 14:17:00 2004
@@ -351,6 +351,8 @@ asmlinkage long sys_setpriority(int whic
 				if (p->uid == who)
 					error = set_one_prio(p, niceval, error);
 			while_each_thread(g, p);
+			if (who)
+				free_uid(user);		/* For find_user() */
 			break;
 	}
 out_unlock:
@@ -413,6 +415,8 @@ asmlinkage long sys_getpriority(int whic
 						retval = niceval;
 				}
 			while_each_thread(g, p);
+			if (who)
+				free_uid(user);		/* for find_user() */
 			break;
 	}
 out_unlock:

_