From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-0.8 required=3.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_PASS,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8F6F0C433F5 for ; Tue, 4 Sep 2018 09:02:20 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 3DED620843 for ; Tue, 4 Sep 2018 09:02:20 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 3DED620843 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=suse.cz Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727330AbeIDN03 (ORCPT ); Tue, 4 Sep 2018 09:26:29 -0400 Received: from mail-wm0-f67.google.com ([74.125.82.67]:35216 "EHLO mail-wm0-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726061AbeIDN02 (ORCPT ); Tue, 4 Sep 2018 09:26:28 -0400 Received: by mail-wm0-f67.google.com with SMTP id o18-v6so3473750wmc.0; Tue, 04 Sep 2018 02:02:15 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:openpgp:autocrypt :message-id:date:user-agent:mime-version:in-reply-to :content-language:content-transfer-encoding; bh=jCgQyKUXmu/V37DRnSN9utX+3SuYkgRPdHgdFL0s3aE=; b=TkKq5kSBNK0sEi5aO9HS7rzUBYQRCjvWIQR+tOWW6iiTF78dL2912W7OEFg2Ypojbv N2WFsAyCh0IKPmBNpvnmCk/JQxRix5uxPC4KZaxhTdGPTU1PolMbxVY+ST6nwmFj+B3z X/62Rgbd/jsXAN/IBNPj3JlD7HW1YXsmImD6mhmdKq+DRxhuS09iUwIWM6YufVmPA1UH 8sAVr0mcTCR11thN1/jUsmj2GHauIZ3uu1lai4cTIImD0lr3NMADbhU6VDRvusCJvXIk 0tfNtUML9r8CEsY694VGuOw9kUq8vofNNqRxW4AFb35qDD/S6NixqRBo+IVi2ZFsv9vV dXcA== X-Gm-Message-State: APzg51DFJi4gAJYNVqQo+9GHjwHsZ6o7mI6dyZIRBHZCr6kESu6eIprN NQZh+f0bqff7mncP8lpyujUHgPMc2Hw= X-Google-Smtp-Source: ANB0VdagP5GK79Jg9hprUsZvUcuRxvKyQVAKXKLQEVfIxXAR+zX3xOy2FoiCXGontlIJX+69/61ebw== X-Received: by 2002:a1c:398b:: with SMTP id g133-v6mr1938210wma.5.1536051734922; Tue, 04 Sep 2018 02:02:14 -0700 (PDT) Received: from ?IPv6:2a01:4240:2e27:ad85:aaaa::70f? ([2a01:4240:2e27:ad85:aaaa::70f]) by smtp.gmail.com with ESMTPSA id 139-v6sm21958076wmp.4.2018.09.04.02.02.13 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 04 Sep 2018 02:02:14 -0700 (PDT) Subject: Re: [PATCHv2 2/4] tty: Hold tty_ldisc_lock() during tty_reopen() To: Dmitry Safonov , linux-kernel@vger.kernel.org Cc: Daniel Axtens , Dmitry Safonov <0x7f454c46@gmail.com>, Sergey Senozhatsky , Dmitry Vyukov , Nathan March , Tan Xiaojun , Peter Hurley , Tetsuo Handa , =?UTF-8?B?UGFzaSBLw6Rya2vDpGluZW4=?= , Greg Kroah-Hartman , Michael Neuling , Mikulas Patocka , syzbot+3aa9784721dfb90e984d@syzkaller.appspotmail.com, stable@vger.kernel.org References: <20180903165257.29227-1-dima@arista.com> <20180903165257.29227-3-dima@arista.com> From: Jiri Slaby Openpgp: preference=signencrypt Autocrypt: addr=jslaby@suse.cz; prefer-encrypt=mutual; keydata= xsFNBE6S54YBEACzzjLwDUbU5elY4GTg/NdotjA0jyyJtYI86wdKraekbNE0bC4zV+ryvH4j rrcDwGs6tFVrAHvdHeIdI07s1iIx5R/ndcHwt4fvI8CL5PzPmn5J+h0WERR5rFprRh6axhOk rSD5CwQl19fm4AJCS6A9GJtOoiLpWn2/IbogPc71jQVrupZYYx51rAaHZ0D2KYK/uhfc6neJ i0WqPlbtIlIrpvWxckucNu6ZwXjFY0f3qIRg3Vqh5QxPkojGsq9tXVFVLEkSVz6FoqCHrUTx wr+aw6qqQVgvT/McQtsI0S66uIkQjzPUrgAEtWUv76rM4ekqL9stHyvTGw0Fjsualwb0Gwdx ReTZzMgheAyoy/umIOKrSEpWouVoBt5FFSZUyjuDdlPPYyPav+hpI6ggmCTld3u2hyiHji2H cDpcLM2LMhlHBipu80s9anNeZhCANDhbC5E+NZmuwgzHBcan8WC7xsPXPaiZSIm7TKaVoOcL 9tE5aN3jQmIlrT7ZUX52Ff/hSdx/JKDP3YMNtt4B0cH6ejIjtqTd+Ge8sSttsnNM0CQUkXps w98jwz+Lxw/bKMr3NSnnFpUZaxwji3BC9vYyxKMAwNelBCHEgS/OAa3EJoTfuYOK6wT6nadm YqYjwYbZE5V/SwzMbpWu7Jwlvuwyfo5mh7w5iMfnZE+vHFwp/wARAQABzSBKaXJpIFNsYWJ5 IDxqaXJpc2xhYnlAZ21haWwuY29tPsLBewQTAQIAJQIbAwYLCQgHAwIGFQgCCQoLBBYCAwEC HgECF4AFAk6S6P4CGQEACgkQvSWxBAa0cEl1Sg//UMXp//d4lP57onXMC2y8gafT1ap/xuss IvXR+3jSdJCHRaUFTPY2hN0ahCAyBQq8puUa6zaXco5jIzsVjLGVfO/s9qmvBTKw9aP6eTU7 77RLssLlQYhRzh7vapRRp4xDBLvBGBv9uvWORx6dtRjh+e0J0nKKce8VEY+jiXv1NipWf+RV vg1gVbAjBnT+5RbJYtIDhogyuBFg14ECKgvy1Do6tg9Hr/kU4ta6ZBEUTh18Io7f0vr1Mlh4 yl2ytuUNymUlkA/ExBNtOhOJq/B087SmGwSLmCRoo5VcRIYK29dLeX6BzDnmBG+mRE63IrKD kf/ZCIwZ7cSbZaGo+gqoEpIqu5spIe3n3JLZQGnF45MR+TfdAUxNQ4F1TrjWyg5Fo30blYYU z6+5tQbaDoBbcSEV9bDt6UOhCx033TrdToMLpee6bUAKehsUctBlfYXZP2huZ5gJxjINRnlI gKTATBAXF+7vMhgyZ9h7eARG6LOdVRwhIFUMGbRCCMXrLLnQf6oAHyVnsZU1+JWANGFBjsyy fRP2+d8TrlhzN9FoIGYiKjATR9CpJZoELFuKLfKOBsc7DfEBpsdusLT0vlzR6JaGae78Od5+ ljzt88OGNyjCRIb6Vso0IqEavtGOcYG8R5gPhMV9n9/bCIVqM5KWJf/4mRaySZp7kcHyJSb0 O6nOwU0ETpLnhgEQAM+cDWLL+Wvc9cLhA2OXZ/gMmu7NbYKjfth1UyOuBd5emIO+d4RfFM02 XFTIt4MxwhAryhsKQQcA4iQNldkbyeviYrPKWjLTjRXT5cD2lpWzr+Jx7mX7InV5JOz1Qq+P +nJWYIBjUKhI03ux89p58CYil24Zpyn2F5cX7U+inY8lJIBwLPBnc9Z0An/DVnUOD+0wIcYV nZAKDiIXODkGqTg3fhZwbbi+KAhtHPFM2fGw2VTUf62IHzV+eBSnamzPOBc1XsJYKRo3FHNe LuS8f4wUe7bWb9O66PPFK/RkeqNX6akkFBf9VfrZ1rTEKAyJ2uqf1EI1olYnENk4+00IBa+B avGQ8UW9dGW3nbPrfuOV5UUvbnsSQwj67pSdrBQqilr5N/5H9z7VCDQ0dhuJNtvDSlTf2iUF Bqgk3smln31PUYiVPrMP0V4ja0i9qtO/TB01rTfTyXTRtqz53qO5dGsYiliJO5aUmh8swVpo tgK4/57h3zGsaXO9PGgnnAdqeKVITaFTLY1ISg+Ptb4KoliiOjrBMmQUSJVtkUXMrCMCeuPD GHo739Xc75lcHlGuM3yEB//htKjyprbLeLf1y4xPyTeeF5zg/0ztRZNKZicgEmxyUNBHHnBK HQxz1j+mzH0HjZZtXjGu2KLJ18G07q0fpz2ZPk2D53Ww39VNI/J9ABEBAAHCwV8EGAECAAkF Ak6S54YCGwwACgkQvSWxBAa0cEk3tRAAgO+DFpbyIa4RlnfpcW17AfnpZi9VR5+zr496n2jH /1ldwRO/S+QNSA8qdABqMb9WI4BNaoANgcg0AS429Mq0taaWKkAjkkGAT7mD1Q5PiLr06Y/+ Kzdr90eUVneqM2TUQQbK+Kh7JwmGVrRGNqQrDk+gRNvKnGwFNeTkTKtJ0P8jYd7P1gZb9Fwj 9YLxjhn/sVIhNmEBLBoI7PL+9fbILqJPHgAwW35rpnq4f/EYTykbk1sa13Tav6btJ+4QOgbc ezWIwZ5w/JVfEJW9JXp3BFAVzRQ5nVrrLDAJZ8Y5ioWcm99JtSIIxXxt9FJaGc1Bgsi5K/+d yTKLwLMJgiBzbVx8G+fCJJ9YtlNOPWhbKPlrQ8+AY52Aagi9WNhe6XfJdh5g6ptiOILm330m kR4gW6nEgZVyIyTq3ekOuruftWL99qpP5zi+eNrMmLRQx9iecDNgFr342R9bTDlb1TLuRb+/ tJ98f/bIWIr0cqQmqQ33FgRhrG1+Xml6UXyJ2jExmlO8JljuOGeXYh6ZkIEyzqzffzBLXZCu jlYQDFXpyMNVJ2ZwPmX2mWEoYuaBU0JN7wM+/zWgOf2zRwhEuD3A2cO2PxoiIfyUEfB9SSmf faK/S4xXoB6wvGENZ85Hg37C7WDNdaAt6Xh2uQIly5grkgvWppkNy4ZHxE+jeNsU7tg= Message-ID: <6a2acb53-7dfc-9426-b277-4368a6d2a2e8@suse.cz> Date: Tue, 4 Sep 2018 11:02:12 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1 MIME-Version: 1.0 In-Reply-To: <20180903165257.29227-3-dima@arista.com> Content-Type: text/plain; charset=iso-8859-2 Content-Language: en-GB Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 09/03/2018, 06:52 PM, Dmitry Safonov wrote: > tty_ldisc_reinit() doesn't race with neither tty_ldisc_hangup() > nor set_ldisc() nor tty_ldisc_release() as they use tty lock. > But it races with anyone who expects line discipline to be the same > after hoding read semaphore in tty_ldisc_ref(). > > We've seen the following crash on v4.9.108 stable: > > BUG: unable to handle kernel paging request at 0000000000002260 > IP: [..] n_tty_receive_buf_common+0x5f/0x86d > Workqueue: events_unbound flush_to_ldisc > Call Trace: > [..] n_tty_receive_buf2 > [..] tty_ldisc_receive_buf > [..] flush_to_ldisc > [..] process_one_work > [..] worker_thread > [..] kthread > [..] ret_from_fork > > tty_ldisc_reinit() should be called with ldisc_sem hold for writing, > which will protect any reader against line discipline changes. > > Cc: Greg Kroah-Hartman > Cc: Jiri Slaby Reviewed-by: Jiri Slaby > Cc: stable@vger.kernel.org # depends on commit b027e2298bd5 ("tty: fix > data race between tty_init_dev and flush of buf") > Reported-by: syzbot+3aa9784721dfb90e984d@syzkaller.appspotmail.com > Tested-by: Tetsuo Handa > Signed-off-by: Dmitry Safonov thanks, -- js suse labs